Authenticated and Encrypted Storage on Embedded Linux
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore authenticated and encrypted storage solutions for embedded Linux systems in this 34-minute conference talk. Gain insights into various kernel-provided building blocks, including dm-crypt, dm-verity, dm-integrity, fscrypt, ecryptfs, IMA/EMV, fsverity, and UBIFS authentication. Understand the trade-offs and limitations of cryptographic tools to select the most appropriate combination for your project. Discover how storage design impacts performance, security, and development ease, and learn to make informed decisions early in the project lifecycle. Delve into mature and recently implemented mechanisms, focusing on their suitability for specific embedded use cases. Cover topics such as the Linux storage stack, transparent authentication and encryption, crypto refresher, master key storage, recovery options, and field return mode. Receive practical recommendations to optimize your embedded Linux storage implementation.
Syllabus
Intro
Linux Storage Stack
Transparent Authentication and Encryption
Quick Crypto Refresher
Overview
dm-verity (since 2012, v3.4)
dm-integrity (since 2017, v4.12)
dm-crypt with authentication
fsverity (since 2019, v5.4)
UBIFS Authentication (since 2018, v4.20)
Master Key Storage
Recovery: Split RO and RW?
Field Return Mode
Recommendations
Taught by
Linux Foundation
Tags
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube