| 1 | <?xml version='1.0' encoding='UTF-8'?>
|
|---|
| 2 | <!DOCTYPE topic PUBLIC "-//OASIS//DTD DITA Topic//EN" "topic.dtd">
|
|---|
| 3 | <topic xml:lang="en-us" id="diskencryption">
|
|---|
| 4 | <title>Encryption of Disk Images</title>
|
|---|
| 5 |
|
|---|
| 6 | <body>
|
|---|
| 7 | <p>
|
|---|
| 8 | Oracle VM VirtualBox enables you to transparently encrypt the data
|
|---|
| 9 | stored in hard disk images for the guest. It does not depend on a
|
|---|
| 10 | specific image format to be used. Images which have the data
|
|---|
| 11 | encrypted are not portable between Oracle VM VirtualBox and other
|
|---|
| 12 | virtualization software.
|
|---|
| 13 | </p>
|
|---|
| 14 | <p>
|
|---|
| 15 | Oracle VM VirtualBox uses the AES algorithm in XTS mode and supports
|
|---|
| 16 | 128-bit or 256-bit data encryption keys (DEK). The DEK is stored
|
|---|
| 17 | encrypted in the medium properties and is decrypted during VM
|
|---|
| 18 | startup by entering a password which was chosen when the image was
|
|---|
| 19 | encrypted.
|
|---|
| 20 | </p>
|
|---|
| 21 | <p>
|
|---|
| 22 | Since the DEK is stored as part of the VM configuration file, it
|
|---|
| 23 | is important that it is kept safe. Losing the DEK means that the
|
|---|
| 24 | data stored in the disk images is lost irrecoverably. Having
|
|---|
| 25 | complete and up to date backups of all data related to the VM is
|
|---|
| 26 | the responsibility of the user.
|
|---|
| 27 | </p>
|
|---|
| 28 | </body>
|
|---|
| 29 | </topic>
|
|---|
