Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only! Grab it Explore the critical aspects of data protection using Hardware Security Modules (HSMs) in this comprehensive conference talk by Reinhard Buendgen from IBM. Delve into various attack points for data-at-rest and learn effective strategies for safeguarding against offline attacks. Examine the concept of end-to-end data encryption and understand the Linux File System Stack with dm-crypt. Address the challenge of protecting encryption keys and discover methods for generating protected keys. Gain insights into kernel support for protected keys through the pkey and PAES modules. Learn about dm-crypt volume management with secure keys and the process of HSM Master Key change. Investigate the application of HSM master keys for dm-crypt volume keys and explore ideas for extending zkey functionality. This talk provides valuable knowledge for IT professionals and security experts looking to enhance their understanding of block device protection using HSMs.