Support for authenticated encryption in Linux dm-crypt disk encryption

BROŽ, Milan; Mikuláš PATOČKA and Václav MATYÁŠ. Support for authenticated encryption in Linux dm-crypt disk encryption. 2017.

Basic information

Original name

Support for authenticated encryption in Linux dm-crypt disk encryption

Authors

BROŽ, Milan (203 Czech Republic, guarantor, belonging to the institution); Mikuláš PATOČKA (203 Czech Republic) and Václav MATYÁŠ ORCID (203 Czech Republic, belonging to the institution)

Edition

2017

---

Other information

Language

English

Type of outcome

Software

Field of Study

10200 1.2 Computer and information sciences

Country of publisher

Czech Republic

Confidentiality degree

is not subject to a state or trade secret

References:

https://arxiv.org/abs/1807.00309

RIV identification code

RIV/00216224:14330/17:00103799

Organization unit

Faculty of Informatics

Keywords in English

authenticated encryption; disk encryption; dm-crypt; Linux

Technical parameters

Patch in mainline Linux kernel developed as part of Milan Brož PhD thesis

Tags

International impact, Reviewed

---

Abstract

V originále

Full Disk Encryption (FDE) has become a widely used security feature. Although FDE can provide confidentiality, it generally does not provide cryptographic data integrity protection. We introduce an algorithm-agnostic solution that provides both data integrity and confidentiality protection at the disk sector layer. Our open-source solution is intended for drives without any special hardware extensions and is based on per-sector metadata fields implemented in software. Our implementation has been included in the Linux kernel since the version 4.12.