SNIA Developer Conference September 15-17, 2025 | Santa Clara, CA
Abstract
Setting up a system to store sensitive data is the easy part. Protecting that data from prying eyes is much harder. Warranty repair? Retiring old disks? Sure, you can store your data on encrypted disks. But now you get to manage all the disk encryption keys, creating a high-risk target for active attackers.
In this talk we will introduce Deo, an open source project which implements a new technique for binding encryption keys to a network. This technique provides secure decentralized storage and management of decryption keys so that disk encryption can become entirely transparent and automatic.
Learning Objectives
Outline a disk's full life-cycle
Identify data vulnerability points
Demonstrate how to use encryption to protect data-at-rest
Survey encryption key management
Use asymmetric cryptography to reduce management complexities Objective5