Abstract : Full Disk Encryption (FDE) has become a widely used security feature. Although FDE can provide confidentiality, it generally does not provide cryptographic data integrity protection. We introduce an algorithm-agnostic solution that provides both data integrity and confidentiality protection at the disk sector layer. Our open-source solution is intended for drives without any special hardware extensions and is based on per-sector metadata fields implemented in software. Our implementation has been included in the Linux kernel since the version 4.12.
https://hal.inria.fr/hal-02023745 Contributor : Hal IfipConnect in order to contact the contributor Submitted on : Thursday, February 21, 2019 - 5:01:12 PM Last modification on : Wednesday, November 18, 2020 - 6:32:04 PM Long-term archiving on: : Wednesday, May 22, 2019 - 7:07:38 PM
Milan Brož, Mikuláš Patočka, Vashek Matyáš. Practical Cryptographic Data Integrity Protection with Full Disk Encryption. 33th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), Sep 2018, Poznan, Poland. pp.79-93, ⟨10.1007/978-3-319-99828-2_6⟩. ⟨hal-02023745⟩