Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Encryption Without Magic, Risk Management Without Pain

Encryption Without Magic, Risk Management Without Pain

#security #crypto #databases #notmobile #trust #infrastructures #separation-of-duties #echelonization

1. What is attack surface, how cryptography helps to narrow it.
2. Simple crypto-systems, but significant downsides.
3. Middleware-side encryption: protecting data in web-based infrastructures.
4. Client-side encryption: trust to mobile apps and code execution. E2EE. ZKA. ZKP.
5. Echelonization, and traditional techniques.

--------------------------------------

If you can't tap on the link inside slides, please open as pdf (button on the right).

--------------------------------------

In-depth technical inquiry about cryptography in a wider context: how it helps to narrow more significant risks to controlled attack surfaces, enables managing the risk efficiently and elegantly, how tools and algorithms sit in a broader context of managing infrastructure-wide risks associated with handling sensitive data.

--------------------------------------

Links to follow:

12 and 1 ideas how to enhance backend data security
https://medium.com/@cossacklabs/12-and-1-ideas-how-to-enhance-backend-data-security-4b8ceb5ccb88

Explain Like I’m 5: Zero Knowledge Proof
https://hackernoon.com/eli5-zero-knowledge-proof-78a276db9eff

DevOps and security: from trenches to command centers
https://medium.com/@9gunpi/devops-and-security-from-trenches-to-command-centers-466dfb58fe5b

GDPR for engineers
https://www.cossacklabs.com/blog/gdpr-for-engineers.html

vixentael

March 04, 2018
Tweet

More Decks by vixentael

Other Decks in Programming

Transcript

  1. ENCRYPTION WITHOUT
    MAGIC,
    RISK MANAGEMENT
    WITHOUT PAIN
    @vixentael

    View Slide

  2. @vixentael Product Engineer
    Feel free to reach me with
    security questions.
    I do check my inbox :)

    View Slide

  3. View Slide

  4. CRYPTOGRAPHY?

    View Slide

  5. CRYPTOGRAPHY?
    AES
    DES
    3DES
    CBC
    CFB
    SEAL
    Salsa20
    RSA
    DSA
    OFB
    Blowfish
    SHARK
    RC4
    DSS
    ECB CTR
    Twofish
    Camelia
    SEED
    Rabbit
    ECDSA
    @vixentael

    View Slide

  6. MD5
    SHA1
    SHA256
    HASHING PASSWORDS?
    @vixentael

    View Slide

  7. MD5
    SHA1
    SHA256
    HASHING PASSWORDS?
    https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
    https://dusted.codes/sha-256-is-not-a-secure-password-hashing-algorithm
    HKDF
    bcrypt
    PBKDF2
    @vixentael

    View Slide

  8. algorithms
    elliptic curves
    key management
    public key validity
    storing secrets
    CRYPTOGRAPHY
    cool, but… @vixentael

    View Slide

  9. crypto is not a
    but a method to manage
    the attack surface
    @vixentael

    View Slide

  10. ATTACK SURFACE
    – all the possible places
    where sensitive data may be
    stolen by adversary
    https://www.owasp.org/index.php/Attack_Surface_Analysis_Cheat_Sheet @vixentael

    View Slide

  11. it’s easier to monitor
    the suspicious behavior
    in a small place
    @vixentael

    View Slide

  12. HANDLING SENSITIVE DATA
    WITH CARE
    avoid plaintext as possible
    manage keys properly
    decrease time of plaintext secrets in memory
    log, monitor and inspect
    @vixentael
    limit access to data

    View Slide

  13. – HOW TO MANAGE
    THE ATTACK SURFACE
    OF MY DATA?

    View Slide

  14. one container one key
    @vixentael
    symmetric encryption
    with poor key
    management

    View Slide

  15. attack surface
    is arbitrary
    one container one key
    symmetric encryption
    with poor key
    management
    key leaked
    → data leaked
    @vixentael

    View Slide

  16. https://en.wikipedia.org/wiki/Cryptosystem @vixentael

    View Slide

  17. KEY AND TRUST
    MANAGEMENT SHOULD
    REFLECT YOUR SYSTEM
    @vixentael

    View Slide

  18. MESSAGING
    https://core.telegram.org/api/end-to-end
    @vixentael

    View Slide

  19. GOOD MESSAGING
    IS E2EE
    …but your infrastructures
    are not only for messaging @vixentael

    View Slide

  20. NAIVE DATABASE ENCRYPTION
    attack surface
    is almost everywhere
    @vixentael

    View Slide

  21. NARROWING ATTACK SURFACE
    middleware-side
    encryption
    client-side
    encryption
    @vixentael

    View Slide

  22. View Slide

  23. MIDDLEWARE-SIDE
    ENCRYPTION

    View Slide

  24. SQL injections
    code injections
    execution flow attacks
    reflection attacks
    XSS
    crypto-miners everywhere
    MitM
    REAL-WORLD WEB SERVER
    @vixentael

    View Slide

  25. ATTACK SURFACE IS
    EVERYWHERE :(
    monitor everything
    @vixentael
    REAL-WORLD WEB SERVER

    View Slide

  26. TRY SYMMETRIC ENCRYPTION?
    encrypt/decrypt data
    using sym key
    @vixentael

    View Slide

  27. encrypt/decrypt data
    using sym key
    easy to steal a key
    https://www.alibabacloud.com/
    help/faq-detail/37505.htm @vixentael
    TRY SYMMETRIC ENCRYPTION?

    View Slide

  28. “COMBINED” ENCRYPTION
    @vixentael
    what if no decryption key?

    View Slide

  29. “COMBINED” ENCRYPTION
    enc_data = Enc(data, Krand)
    container = (enc_data, PubKweb, enc_key)
    @vixentael
    enc_key = Enc(Krand, PrivKweb, PubKtds)

    View Slide

  30. PubKey of ‘trusted
    decryption service’
    @vixentael
    “COMBINED” ENCRYPTION

    View Slide

  31. TRUSTED DECRYPTION SERVICE
    decrypts data
    @vixentael
    encrypts data

    View Slide

  32. trusted element in
    infrastructure
    SEPARATION OF DUTIES
    no decryption
    keys
    monitor & log
    @vixentael

    View Slide

  33. TRUSTED DECRYPTION SERVICE
    @vixentael
    NARROWED ATTACK
    SURFACE

    View Slide

  34. monitor everything
    monitor decryption proxy
    @vixentael

    View Slide

  35. WHERE TO USE THIS
    TECHNIQUE?
    micro-services infrastructure
    @vixentael
    public-oriented interfaces
    non-trusted client side (browsers, IoT devices)
    hard to store keys securely

    View Slide

  36. HOW TO IMPLEMENT?
    ACRA
    https://github.com/cossacklabs/acra
    GREEN SQL
    https://github.com/larskanis/greensql-fw
    HEXATIER
    http://www.hexatier.com/
    ORACLE DATABASE
    FIREWALL / TDE
    http://www.oracle.com/
    @vixentael

    View Slide

  37. View Slide

  38. CLIENT-SIDE
    ENCRYPTION

    View Slide

  39. MOVE TRUST TO CLIENTS
    session hijacking
    unattended backups
    MitM
    replay attacks
    misconfigured ACL
    trusted element in
    infrastructure
    @vixentael

    View Slide

  40. P2P TRUST
    system doesn’t know
    anything about data
    encrypted
    containers
    user-generated
    keys
    @vixentael

    View Slide

  41. ZERO KNOWLEDGE
    ARCHITECTURES
    @vixentael

    View Slide

  42. ZKA is a design principle that
    enables software to provide services
    over protected client data without
    having an unencrypted access to it.
    @vixentael

    View Slide

  43. e2ee clients
    @vixentael
    ZKA INCLUDES:

    View Slide

  44. e2ee clients
    all operations are on encrypted data:
    – control access to data from different users
    – CRUD
    – search (in encrypted data)
    ZKA INCLUDES:
    @vixentael

    View Slide

  45. weak key management
    algorithm weakness
    user pocket
    attack surface
    RISKS FOR ZKA:
    @vixentael

    View Slide

  46. WHEN TO USE ZKA?
    trusted client side (mobile, HSM/TPM)
    @vixentael

    View Slide

  47. ZKA is already solved for
    specific use-cases or
    in a naive ways
    @vixentael

    View Slide

  48. MESSAGING END-TO-END
    ENCRYPTION
    @vixentael

    View Slide

  49. AUTHENTICATION ZERO KNOWLEDGE
    PROOF
    https://www.cossacklabs.com/zero-
    knowledge-protocols-without-magic.html
    @vixentael

    View Slide

  50. COLLABORATING
    ON DATA
    – store encrypted
    – share with others
    – manage access to
    parties
    ???
    @vixentael

    View Slide

  51. naive approach
    – duplications
    – key management
    problems
    SHARING ENCRYPTED DATA
    @vixentael

    View Slide

  52. give access to
    certain blocks of
    data to exact users
    github.com/cossacklabs/
    hermes-core
    CRYPTOGRAPHIC ACL
    @vixentael

    View Slide

  53. – Key wrapping
    storage keys user keys
    blocks
    HOW TO BUILD IT?
    @vixentael

    View Slide

  54. – Key wrapping
    – Manage privileges
    @vixentael
    HOW TO BUILD IT?

    View Slide

  55. – Key wrapping
    – Manage privileges
    – Control requests
    @vixentael
    HOW TO BUILD IT?

    View Slide

  56. shared
    audit logs complex docs,
    spreadsheets
    config files
    file system
    document store
    protection
    MORE POSSIBLE USE-CASES
    @vixentael

    View Slide

  57. HERMES
    https://github.com/cossacklabs/hermes-core
    ZEROKIT
    https://tresorit.com/zerokit
    LAFS
    https://tahoe-lafs.org/trac/tahoe-lafs
    @vixentael
    IMPLEMENTATIONS

    View Slide

  58. monitor everything
    monitor client side
    @vixentael

    View Slide

  59. MORE GOODIES TO
    THINK ABOUT

    View Slide

  60. Cryptography is well implemented,
    if it allows to narrow attack surface,
    and increase control of data.
    @vixentael

    View Slide

  61. if the system has
    one perimeter,
    it will fail!
    ECHELONIZATION
    @vixentael

    View Slide

  62. #qconlondon @vixentael
    ..add more layers
    of defense
    ECHELONIZATION

    View Slide

  63. EXCEPT CRYPTO, YOU ALSO NEED
    log and monitor events
    credential management
    access control, access logging
    firewall, IDS, infrastructure management
    ...

    View Slide

  64. https://pdos.csail.mit.edu/papers/cryptobugs:apsys14.pdf
    269 CVEs
    from 2011-2014
    17%
    83%
    bugs inside crypto libs
    misuses of crypto libs
    by individual apps
    @vixentael

    View Slide

  65. 2
    RECAP

    View Slide

  66. THINGS TO REMEMBER
    1. cryptography aims to narrow the attack surface
    2. choose relevant encryption scheme
    3. combine cryptography and classic security
    techniques
    @vixentael
    4. echelonization, compartmentalization

    View Slide

  67. https://medium.freecodecamp.org/preventing-leaks-and-injections-in-your-database-
    be3743af7614
    How to prevent database leaks and injections
    https://medium.com/@cossacklabs/12-and-1-ideas-how-to-enhance-backend-data-
    security-4b8ceb5ccb88
    12 and 1 ideas how to enhance backend data security
    BACKEND SECURITY
    https://www.cossacklabs.com/blog/gdpr-for-engineers.html
    GDPR for engineers: technical requirements
    https://samnewman.io/talks/insecure-transit-microservice-security/
    Insecure Transit - Microservice Security

    View Slide

  68. CRYPTOGRAPHY
    https://hackernoon.com/eli5-zero-knowledge-proof-78a276db9eff
    Explain Like I’m 5: Zero Knowledge Proof
    https://www.owasp.org/index.php/Secure_Coding_Cheat_Sheet
    Secure Coding Cheat Sheet
    https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-
    _Quick_Reference_Guide
    Secure Coding Practices

    View Slide

  69. @vixentael
    cryptographic software,
    security consulting,
    developers training
    github.com/
    vixentael/my-talks

    View Slide

  70. IMAGE CREDITS
    www.flaticon.com
    freepik, linector, switficons, pixelperfect, smashicons, icon pond,
    dinosoftlabs
    Authors:

    View Slide