SNIA Developer Conference September 15-17, 2025 | Santa Clara, CA
Abstract
File-system and full-disk encryption are important software technologies to implement data at rest encryption solution. There are many approaches we can choose in different software layer, and each has its own pros and cons. In this talk we will introduce the theory of data encryption in file-system and block-layer, including Ext4, NTFS, ecryptfs, bitlocker, and LUKS/dm-crypt, etc., we will discuss the data encryption cost with different algorithms, and present the performance benchmark, security analysis and optimization methods. We will also introduce a HSM based solution to boost the data encryption performance and strengthen the secure key protection.