dm-crypt with LUKS encryption overview
thinkings about personal data security
A GNU/Linux quality assurance engineer. openSUSE member and FSF associate member. Contributing on several free and open source projects. Dedicate on the free software promotion.
Have attended the first and second openSUSE.Asia summit as a speaker.
dm-crypt is the function provided by kernel for disk device encryption purpose. To use it, you need "cryptsetup", which is a powerful user space command-line tool.
This presentation will introduce the basic concept of dm-crypt, LUKS and cryptsetup. Explain The relation between them. And then demonstrate how to use cryptsetup to encrypt the device in openSUSE (both YaST2 and command-line). A few historical attacks will be mentioned, as well as the method of mitigation. There are also some tips and tricks on the personal data security.
For easily understanding, audience should better know some basic Linux command line operations - especially the tools for the block devices management like fdisk, dd, mount, and mkfs. It is not a must, there will have a simple explanation in the demonstration on what these tools used for.
We hope through this presentation, people could learn how to manage their own important and secret data with a better way under GNU/Linux. There are a bunch of other security tools for data encryption purpose, dm-crypt/cryptsetup is just one of them. Use the right tool on the certain scenario is the key point. We should aware that security is not a point but a procedure. It can not depend on just one single tool to defend various attacks.
- 2017 October 21 14:45
- 30 min
- Room 2
- openSUSE.Asia Summit 2017
- FLOSS Security