diff --git a/include/ImagePool.h b/include/ImagePool.h
index abb45455ff..7d4899c9a1 100644
--- a/include/ImagePool.h
+++ b/include/ImagePool.h
@@ -41,7 +41,8 @@ public:
             const std::string&                    __default_dev_prefix,
             const std::string&                    __default_cdrom_dev_prefix,
             std::vector<const SingleAttribute *>& restricted_attrs,
-            const std::vector<const SingleAttribute *>& _inherit_image_attrs);
+            std::vector<const SingleAttribute *>& encrypted_attrs,
+            const std::vector<const SingleAttribute *>& inherit_attrs);
 
     ~ImagePool(){};
 
diff --git a/include/ImageTemplate.h b/include/ImageTemplate.h
index 618019b4b0..252198ad9c 100644
--- a/include/ImageTemplate.h
+++ b/include/ImageTemplate.h
@@ -63,11 +63,34 @@ public:
         Template::parse_restricted(ra, restricted);
     }
 
+    // -------------------------------------------------------------------------
+    // Encrypted attributes interface implementation
+    // -------------------------------------------------------------------------
+    virtual void encrypt(const std::string& one_key)
+    {
+        Template::encrypt(one_key, encrypted);
+    }
+
+    virtual void decrypt(const std::string& one_key)
+    {
+        Template::decrypt(one_key, encrypted);
+    }
+
+    static void parse_encrypted(std::vector<const SingleAttribute *>& ea)
+    {
+        Template::parse_encrypted(ea, encrypted);
+    }
+
 private:
     /**
      *  Restricted attribute list for ImageTemplates
      */
     static std::map<std::string, std::set<std::string> > restricted;
+
+    /**
+     *  Encrypted attribute list for ImageTemplates
+     */
+    static std::map<std::string, std::set<std::string> > encrypted;
 };
 
 /* -------------------------------------------------------------------------- */
diff --git a/share/etc/oned.conf b/share/etc/oned.conf
index 81ede92a35..dbb9f1062d 100644
--- a/share/etc/oned.conf
+++ b/share/etc/oned.conf
@@ -947,6 +947,8 @@ HOST_ENCRYPTED_ATTR = "ONE_PASSWORD"
 # VM_ENCRYPTED_ATTR = "PROVISION/PACKET_TOKEN
 VM_ENCRYPTED_ATTR = "CONTEXT/PASSWORD"
 
+IMAGE_ENCRYPTED_ATTR = "LUKS_PASSWORD"
+
 # VNET_ENCRYPTED_ATTR = "PROVISION/PACKET_TOKEN
 # VNET_ENCRYPTED_ATTR = "PROVISION/PACKET_TOKEN
 # VNET_ENCRYPTED_ATTR = "PROVISION/PACKET_TOKEN
diff --git a/src/cli/oneimage b/src/cli/oneimage
index de9ceedee3..5dcec63019 100755
--- a/src/cli/oneimage
+++ b/src/cli/oneimage
@@ -408,7 +408,8 @@ CommandParser::CmdParser.new(ARGV) do
         Shows information for the given Image
     EOT
 
-    command :show, show_desc, :imageid, :options => OpenNebulaHelper::FORMAT do
+    command :show, show_desc, :imageid,
+            :options => [OpenNebulaHelper::FORMAT, OpenNebulaHelper::DECRYPT] do
         helper.show_resource(args[0], options)
     end
 
diff --git a/src/image/ImagePool.cc b/src/image/ImagePool.cc
index 21d7ea7602..6a8bebeb49 100644
--- a/src/image/ImagePool.cc
+++ b/src/image/ImagePool.cc
@@ -46,6 +46,7 @@ ImagePool::ImagePool(
         const string&                    __default_dev_prefix,
         const string&                    __default_cdrom_dev_prefix,
         vector<const SingleAttribute *>& restricted_attrs,
+        vector<const SingleAttribute *>& encrypted_attrs,
         const vector<const SingleAttribute *>& _inherit_attrs)
     : PoolSQL(db, one_db::image_table)
 {
@@ -71,6 +72,8 @@ ImagePool::ImagePool(
     }
 
     ImageTemplate::parse_restricted(restricted_attrs);
+
+    ImageTemplate::parse_encrypted(encrypted_attrs);
 }
 
 /* -------------------------------------------------------------------------- */
diff --git a/src/image/ImageTemplate.cc b/src/image/ImageTemplate.cc
index 3d5910ae80..44b54464f0 100644
--- a/src/image/ImageTemplate.cc
+++ b/src/image/ImageTemplate.cc
@@ -21,5 +21,6 @@
 
 std::map<std::string, std::set<std::string> > ImageTemplate::restricted;
 
-/* -------------------------------------------------------------------------- */
-/* -------------------------------------------------------------------------- */
+
+std::map<std::string, std::set<std::string> > ImageTemplate::encrypted;
+
diff --git a/src/nebula/Nebula.cc b/src/nebula/Nebula.cc
index 12484fd8fa..6ac5f986f7 100644
--- a/src/nebula/Nebula.cc
+++ b/src/nebula/Nebula.cc
@@ -750,9 +750,12 @@ void Nebula::start(bool bootstrap_only)
         string  cd_dev_prefix;
 
         vector<const SingleAttribute *> img_restricted_attrs;
-        vector<const SingleAttribute *> inherit_image_attrs;
-        vector<const SingleAttribute *> inherit_ds_attrs;
+
+        vector<const SingleAttribute *> img_inherit_attrs;
+        vector<const SingleAttribute *> ds_inherit_attrs;
+
         vector<const SingleAttribute *> ds_encrypted_attrs;
+        vector<const SingleAttribute *> img_encrypted_attrs;
 
         nebula_configuration->get("DEFAULT_IMAGE_TYPE", image_type);
         nebula_configuration->get("DEFAULT_DEVICE_PREFIX", device_prefix);
@@ -760,16 +763,16 @@ void Nebula::start(bool bootstrap_only)
 
         nebula_configuration->get("IMAGE_RESTRICTED_ATTR", img_restricted_attrs);
 
-        nebula_configuration->get("INHERIT_IMAGE_ATTR", inherit_image_attrs);
-
-        ipool = new ImagePool(logdb, image_type, device_prefix, cd_dev_prefix,
-            img_restricted_attrs, inherit_image_attrs);
-
-        nebula_configuration->get("INHERIT_DATASTORE_ATTR", inherit_ds_attrs);
+        nebula_configuration->get("INHERIT_IMAGE_ATTR", img_inherit_attrs);
+        nebula_configuration->get("INHERIT_DATASTORE_ATTR", ds_inherit_attrs);
 
         nebula_configuration->get("DATASTORE_ENCRYPTED_ATTR", ds_encrypted_attrs);
+        nebula_configuration->get("IMAGE_ENCRYPTED_ATTR", img_encrypted_attrs);
 
-        dspool = new DatastorePool(logdb, inherit_ds_attrs, ds_encrypted_attrs);
+        ipool = new ImagePool(logdb, image_type, device_prefix, cd_dev_prefix,
+            img_restricted_attrs, img_encrypted_attrs, img_inherit_attrs);
+
+        dspool = new DatastorePool(logdb, ds_inherit_attrs, ds_encrypted_attrs);
 
         /* ----- Document, Zone, VDC, VMTemplate, SG and Makerket Pools ----- */
         vector<const SingleAttribute *> doc_encrypted_attrs;
diff --git a/src/oca/ruby/opennebula/image.rb b/src/oca/ruby/opennebula/image.rb
index 83a2c22d9a..5c367764ab 100644
--- a/src/oca/ruby/opennebula/image.rb
+++ b/src/oca/ruby/opennebula/image.rb
@@ -103,8 +103,8 @@ module OpenNebula
         #######################################################################
 
         # Retrieves the information of the given Image.
-        def info()
-            super(IMAGE_METHODS[:info], 'IMAGE')
+        def info(decrypt = false)
+            super(IMAGE_METHODS[:info], 'IMAGE', decrypt)
         end
 
         alias_method :info!, :info