From: Michael Halcrow <mhalcrow@google.com>
To: Sasha Levin <sasha.levin@oracle.com>
Cc: lsf-pc@lists.linux-foundation.org, linux-fsdevel@vger.kernel.org
Subject: Re: [Lsf-pc] [LSF/MM TOPIC] ext4 Encryption Update: Policies, File Names, and Integrity
Date: Thu, 15 Jan 2015 11:09:13 -0800 [thread overview]
Message-ID: <20150115190913.GB3353@google.com> (raw)
In-Reply-To: <54B80D6B.8040400@oracle.com>
On Thu, Jan 15, 2015 at 01:56:43PM -0500, Sasha Levin wrote:
> On 01/15/2015 01:43 PM, Michael Halcrow wrote:
> > I previously presented on ext4 encryption at the 2014 Linux Security
> > Summit:
> >
> > http://kernsec.org/wiki/index.php/Linux_Security_Summit_2014/Abstracts/Halcrow
> >
> > http://kernsec.org/files/lss2014/Halcrow_EXT4_Encryption.pdf
> >
> > Our first prototype implementation has been in Ted Ts'o's unstable git
> > branch since November 2014. My team has made significant progress in
> > the months since, developing encryption policy and file name
> > encryption capabilities. We have completed the first major phase of
> > development and are preparing a patchset to iterate on the prototype.
> >
> > I will present our approach at applying different encryption policies
> > to different segments of the file system via a policy inheritance
> > scheme. I will discuss how file-granular policies can sythesize
> > multiple keys to cryptographically protect files. For example, both
> > logon credentials and off-device keys can together preclude access.
> > This work represents efforts by Ildar Muslukhov.
> >
> > I will also present the challenges involved in file name encryption on
> > a multi-tenant system and will discuss novel solutions spearheaded by
> > Uday Savagaonkar. This approach involves treating the user domain,
> > HTree domain, and disk domains for the file names separately and
> > applying different transformations depending upon whether or not the
> > encryption keys for the file names are available.
> >
> > Finally, I will discuss what our future plans are with respect to
> > encryption with integrity, which will include leveraging ext4
> > transactions to enforce cryptographic consistency while managing
> > additional per-block authentication data.
>
> Are there any controversial topics that require a discussion here? It really
> sounds like just a presentation about ext4 encryption.
Yes, it's largely a presentation. I'd be very happy to see this topic
rejected on the grounds that there's too little controversy.
next prev parent reply other threads:[~2015-01-15 19:09 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-15 18:43 [LSF/MM TOPIC] ext4 Encryption Update: Policies, File Names, and Integrity Michael Halcrow
2015-01-15 18:56 ` [Lsf-pc] " Sasha Levin
2015-01-15 19:09 ` Michael Halcrow [this message]
2015-01-16 10:39 ` David Sterba
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150115190913.GB3353@google.com \
--to=mhalcrow@google.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=lsf-pc@lists.linux-foundation.org \
--cc=sasha.levin@oracle.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.