Abstract
Encryption is the bread-and-butter of cryptography, with well-established notions of security and a large variety of schemes to meet these notions. So what is left for researchers in cryptography to look at when it comes to encrypting storage? In this talk I will cover cryptography issues that arise when introducing encryption to real-world storage systems, with some examples drawn from the work of the IEEE 1619 standard committee that deals with standardizing aspects of storage encryption. The issues that I plan to touch upon include:
Encryption Schemes and Modes-of-Operation: The use of “authenticated” vs. “transparent” encryption, “wide block” vs. “narrow block” transparent encryption modes, and other considerations.
Issues with Key-Management and IV-Management: How to avoid nonce collision when your nonces are only 96-bit long, why you may want to use deterministic encryption for key-wrapping, what is the difference between key-wrapping and KEM/DEM, and related questions.
Self-Encryption of Keys: Can an encryption scheme remain secure when used to encrypt its own secret key? It turns out that this requirement sometimes comes up when encrypting storage. I will talk about several aspects of this problem, including the not-so-bad, the bad, and the ugly.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsAuthor information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Halevi, S. (2008). Storage Encryption: A Cryptographer’s View. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds) Security and Cryptography for Networks. SCN 2008. Lecture Notes in Computer Science, vol 5229. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-85855-3_1
Download citation
DOI: https://doi.org/10.1007/978-3-540-85855-3_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-85854-6
Online ISBN: 978-3-540-85855-3
eBook Packages: Computer ScienceComputer Science (R0)