Introduction to Self Encryption Disk (SED)

openSUSE.Asia Summit

IB201

08/11 15:30 - 15:45

English

Beginner / 入門

A brief introduction to Self Encryption Disk (SED), a hardware based full disk encryption (FDE), which is implemented by hard disk vendors confining to the OPAL storage specification developed by the Trusted Computing Group (TCG).

The SED is not rare or expensive, in contrast, it is relatively easy to find on the market of Solid State Drive (SSD) and is also inexpensive. The feature comes with almost no extra cost (money for real), so why not jump on the boat of encrypting your data through most fancy technology. The talk will let you know about how to identify it.

Second, since it is about Security, the talk will cover the security concerns, and also comparison with Software based encryption on Linux (LUKS).

Third, the majority of the talk is to give you an idea how to set it up in openSUSE, centered around the tool sedutil and will provide you the information of how to use it to accomplish most common tasks (80/20).

Last, it has always been tricky to boot from encrypted device, as we are not only facing trypical chicken-and-egg situation but also different firmware could impose different constraints. We will talk about the solution provided by SED/OPAL spec and also how to use tools in openSUSE to craft that.


Collaborative notes on HackMD

Michael Chang

Software Engineer at SUSE

Titanium Sponsor

Co-Host Sponsor

Diamond Sponsor

Gold Sponsor

Silver Sponsor

Bronze Sponsor

Partner

Co-Organizer

Special Thanks