You do not have permission to edit this page, for the following reasons:
Please read before you start to fill in the form!
Please enter a basic description for the planned Self-Organized Session. For more information about Self-Organized Sessions head to Self-Organized Sessions.
Add times where you like to run your activities here by just pressing "Add another…". You can add multiple times if you like to split your event over multiple timeslots. A Self-Organized Session should have at least one timeslot though ;)
Enter a full description of the event here. The field allows using the full mediawiki syntax for text formating.
'''Find the slides here: https://code.greenhost.net/open/cryptops-presentations/blob/master/34C3/presentation.pdf'''
These days, data storage using the “cloud” or virtual private servers (VPSs) on the Internet is extremely flexible and easy to setup. Anyone can boot a new VPS within seconds and start storing information on it. However, the “cloud” is just someone else’s hard drive, which comes with certain security risks. Infrastructure providers can access “your” data stored on the cloud with extreme ease. But as managing your own infrastructure can be a nightmare for some, it comes with no surprise that virtual private servers have gained immense popularity over the last several years.
Is it possible to use virtual systems and still make sure that all your data is stored encrypted, so only the user has access to the data and not the service provider? Existing solutions often rely on encryption keys being managed by the service providers themselves or the data being encrypted at the application level.
CryptOps is a new, provider agnostic approach which makes full disk encryption at the Virtual Machine layer more accessible and secure for the average user. Users can encrypt their VPSs by logging into a Dropbear SSH shell that runs in the initrd. In this environment, the user is allowed to type commands into the “CryptOps Client”, which communicates with the local “CryptOps API” to encrypt and unlock disks. This open source tool currently supports encrypting and decrypting new and already existing VPSs. It also allows the user to manage their SSH and LUKS encryption keys. The CryptOps framework has been designed to be open & extensible, allowing it to support external client applications in the future.
Please read the security considerations to learn exactly what CryptOps does and doesn’t protect against.
Find the code at https://code.greenhost.net/open/cryptops and an example initrd at https://code.greenhost.net/open/cryptops-initrd
This is a minor edit
Watch this page