Network-Based LUKS Volume Decryption with Tang
Offered By: USENIX via YouTube
Course Description
Overview
Explore network-based LUKS volume decryption using Tang in this LISA16 conference talk. Learn how to securely unlock encrypted server volumes at boot without admin interaction, addressing the challenges of managing encrypted systems at scale. Discover a solution that maintains data security while allowing automated decryption in secured environments. Gain insights into Tang API, LUKS volume encryption and layout, Clevis automated encryption framework, and the step-by-step process of setting up and implementing this system. Understand the differences between server and laptop encryption use-cases, and how this approach can protect data even when disks are accessed by third parties or in cloud environments.
Syllabus
Intro
USE CASE
BUT... DATA CENTERS ARE COMPLEX BEASTS
WHAT I DON'T WANT
ENVIRONMENT DEPENDENT DECRYPTION
TANG AND CLEVIS
TANG API
LUKS VOLUME ENCRYPTION
LUKS VOLUME LAYOUT
CLEVIS AUTOMATED ENCRYPTION FRAMEWORK
CLEVIS LUKS SETUP CLEVIS LUKS-BINO COMMAND BREAKDOWN
CLEVIS LUKS-BIND CLEVIS ENCRYPT
KEY RECOVERY
TANG SERVER INSTALL
TANG SERVER KEYS
CLEVIS SETUP INSTALLATION
SETUP AND TRUST
CLEVIS INITIALIZE LUKS METADATA
CLEVIS ADD LUKS KEY
FINAL STEP
Taught by
USENIX
Related Courses
Managing Devices using Enterprise Mobility SuiteMicrosoft via edX Firebase Essentials For Android
Google via Udacity Research Data Management and Sharing
The University of North Carolina at Chapel Hill via Coursera SAP HANA CLOUD PLATFORM の重要事項
SAP Learning Windows 10 pour l'entreprise
Microsoft Virtual Academy via OpenClassrooms