0cb24301f8f0e4c6e9afb7677e7d787d

by Michael Chang
from SUSE

Software Engineer at SUSE.

No video of the event yet, sorry!

A brief introduction to Self Encryption Disk (SED), a hardware based full disk encryption (FDE), which is implemented by hard disk vendors confining to the OPAL storage specification developed by the Trusted Computing Group (TCG).

The SED is not rare or expensive, in contrast, it is relatively easy to find on the market of Solid State Drive (SSD) and is also inexpensive. The feature comes with almost no extra cost (money for real), so why not jump on the boat of encrypting your data through most fancy technology. The talk will let you know about how to identify it.

Second, since it is about Security, the talk will cover the security concerns, and also comparison with Software based encryption on Linux (LUKS).

Third, the majority of the talk is to give you an idea how to set it up in openSUSE, centered around the tool sedutil and will provide you the information of how to use it to accomplish most common tasks (80/20).

Last, it has always been tricky to boot from encrypted device, as we are not only facing trypical chicken-and-egg situation but also different firmware could impose different constraints. We will talk about the solution provided by SED/OPAL spec and also how to use tools in openSUSE to craft that.

Date:
2018 August 11 15:30
Duration:
15 min
Room:
Conference Room #201
Conference:
openSUSE.Asia Summit 2018
Language:
Track:
Difficulty:
Easy