Explore the latest advancements in Linux encryption performance in this informative conference talk. Gain insights into effective data protection strategies, recent improvements in the Linux cryptographic stack, and the evolution of encryption performance across various architectures and vendors. Learn about TLSv1.3, Elliptic Curve cryptography, and hardware-accelerated crypto support while discovering how to overcome common barriers to implementing comprehensive data encryption. Examine performance improvements in both asymmetric and symmetric cryptography, including TLS handshakes, data encryption, and dm-crypt. Understand the importance of encryption in combating data breaches and explore low-cost encryption marketing strategies. Delve into different levels of encryption in Linux, the shift from CBC to CCM mode in AES, and vendor-specific improvements. Investigate Android encryption, Intel's QuickAssist Technology, and future trends in encryption performance.
Linux Encryption Performance Improvements and Best Practices
Overview
Syllabus
Linux Encryption Performance is not an Excuse Anymore
Data breaches
Best practices
Why should we do it?
Why are we still not doing it?
Low-cost Encryption Marketing
Different levels of encryption in Linux
TLS v1.3
TLS symmetric data encryption AES moving from CBC to CCM mode - authenticated encryption
Vendors improve encryption performance
dm-crypt performance
Android encryption - Google Adiantum
Intel HW - Xeon Scalable example Intel® QuickAssist Technology
What the future holds
Taught by
Linux Foundation
