Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Intro to Data at Rest Encryption

ymmt2005
December 07, 2019

Intro to Data at Rest Encryption

ymmt2005

December 07, 2019
Tweet

More Decks by ymmt2005

Other Decks in Technology

Transcript

  1. Data at rest encryption
    ymmt
    2019-10-22

    View full-size slide

  2. The three states of digital data
    • Data at rest
    • Inactive data stored in physical storage devices
    • Data in transit/motion
    • Inflight data that flows over (often untrusted) networks
    • Data in use
    • Data stored in non-persistent devices such as RAM

    View full-size slide

  3. Motivation to protect data at rest
    • Theft
    • Physical devices may be stolen physically.
    • Lost
    • Physical devices may be lost by accidents.
    • Safety when sold
    • No secrets are left inside.
    Otherwise, devices need to be physically destroyed!
    • Multi-tenancy
    • The storage device may be reused by others.

    View full-size slide

  4. Data encryption at rest
    • Encryption is commonly used to protect data at rest
    • At which level should data be encrypted?
    • Block device (Full-Disk-Encryption, FDE)
    • File (File-Based-Encryption, FBE)
    • Android once adopted FDE, but later changed to FBE
    • because FDE requires user-interaction before OS boot
    • https://source.android.com/security/encryption

    View full-size slide

  5. FDE: suitable for clouds
    • FDE ensures every single bit of data is encrypted
    • Safest and simple to use.
    • Public cloud vendors provides FDE by default
    • Azure Data Encryption-at-Rest
    • Encryption at Rest in Google Cloud Platform
    • dm-crypt, a Linux kernel module, is commonly used for FDE
    • Data are encrypted transparently in kernel.
    • Hardware acceleration (AES-NI) is used when available.

    View full-size slide

  6. Cipher
    • dm-crypt has several cipher options
    • In Neco, we use AES-256-XTS-PLAIN64
    • AES is the fastest block cipher thanks to AES-NI
    • XTS is safe enough as long as a data unit does not exceed 220
    blocks, which is the case for dm-crypt.
    • Sat-san wrote a blog article analyzing performance:
    • https://blog.cybozu.io/entry/2019/03/08/170000

    View full-size slide

  7. Protecting encryption keys
    • Keys must be protected safely as much as possible
    • Data-Encryption-Key (DEK)
    • AES key for dm-crypt
    • encrypted with KEK.
    • Key-Encryption-Key (KEK)
    • can be a one-time pad to encrypt DEKs.
    • stored securely in vaults or encrypted further with passwords.

    View full-size slide

  8. Crypto-shredding
    • Encrypted data can be deleted instantly if the encryption key
    is wiped securely.
    • Deleting data this way is called crypto-shredding.
    • For example, KEK in TPM can be wiped securely.

    View full-size slide

  9. Self-encrypting drives?
    • Several storage vendors sell special SSD/HDD that can store
    data with encryption. These are called Self-Encrypting
    Drives (SED).
    • However, SEDs often poorly implement encryptions:
    • Self-Encrypting SSDs Vulnerable to Attack, Microsoft Warns
    • Personally, I do not buy them.
    • Higher price, lower security.

    View full-size slide

  10. Key takeaways
    • Reasons for data encryption at rest
    • security
    • disposability by crypto-shredding
    • Full-Disk-Encryption (FDE) is simple and secure
    • but sometimes File-Based-Encryption (FBE) wins.
    • Protect KEKs securely with TPM, (software) vaults, etc.
    • Do not buy Self-Encrypting Drives (SED)

    View full-size slide