[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] QCOW2 cryptography and secure key handling

From: Benoît Canet
Subject: Re: [Qemu-devel] QCOW2 cryptography and secure key handling
Date: Tue, 23 Jul 2013 16:40:34 +0200
User-agent: Mutt/1.5.21 (2010-09-15)

> More generally, QCow2's current encryption support is woefully inadequate
> from a design POV. If we wanted better encryption built-in to QEMU it is
> best to just deprecate the current encryption support and define a new
> qcow2 extension based around something like the LUKS data format. Using
> the LUKS data format precisely would be good from a data portability
> POV, since then you can easily switch your images between LUKS encrypted
> block device & qcow2-with-luks image file, without needing to re-encrypt
> the data.

I read the LUKS specification and undestood enough part of it to understand the
potentials benefits (stronger encryption key, multiple user keys, possibility to
change users keys).

Kevin & Stefan: What do you think about implementing LUKS in QCOW2 ?

Best regards


reply via email to

[Prev in Thread] Current Thread [Next in Thread]