Brussels / 3 & 4 February 2018


Data integrity protection with cryptsetup tools

what is the Linux dm-integrity module and why we extended dm-crypt to use authenticated encryption

The talk describes the architecture of data integrity protection with cryptsetup on Linux systems and the following steps that need to be achieved to have encrypted block-level authenticated storage.

The full disk encryption is a well-known way to achieve confidentiality of data. Unfortunately, it usually does not provide any integrity protection of data because of its length-preserving nature (plaintext is the same size as ciphertext; there is no space for data integrity tags). Since Linux kernel 4.12 and cryptsetup2 we can configure new Linux kernel dm-integrity and dm-crypt devices that support data integrity protection over block devices (by emulating sector data integrity extensions over standard disks). We will explain the architecture of such integrity-protected block devices (with the support of new integritysetup tool) and also a possibility to use cryptographically sound data integrity protection (authenticated encryption) in combination with disk encryption. We will also shortly introduce new LUKS2 on-disk format that is designed to integrate these features into existing Linux disk encryption toolset easily.


Milan Broz