ZFS Gaining Native Encryption
grarpamp
grarpamp at gmail.com
Sun Nov 20 00:37:57 PST 2016
http://open-zfs.org/wiki/ZFS-Native_Encryption
https://youtu.be/frnLiXclAMo
https://drive.google.com/file/d/0B5hUzsxe4cdmU3ZTRXNxa2JIaDQ/view?usp=sharing
http://open-zfs.org/wiki/OpenZFS_Developer_Summit_2016
Tom Caputi of Datto will give a talk on ZFS-Native Encryption at the
OpenZFS Developer Summit 2016, covering the following:
A brief intro to how modern symmetric encryption algorithms work
(mostly so that people understand the parameters required for
encryption)
A brief explanation of the ICP and what work was required to make it
relatively portable
An explanation of what changes were made to ZFS, including
implementation details regarding:
The new DSL Keychain (in user memory, in kernel memory, and on disk)
The way the DSL keychain hooks into the existing DSL code (with
regards to create, clone, destroy and "owning" operations)
What data is encrypted and what is left in the clear
The changes made to the ZIO layer for data kept in the primary pool storage
Encrypted ZIL blocks
Encrypted L2ARC data
Future extensions and challenges
Encrypted send (with regards to the current compressed send work)
Support for more encryption algorithms
Support for more keysources / locations
More information about the cypherpunks
mailing list