Intro to Data at Rest Encryption

Ae03eb47606f4e0125268d39f8aebfad?s=47 ymmt2005
December 07, 2019

Intro to Data at Rest Encryption



December 07, 2019


  1. 2.

    The three states of digital data • Data at rest

    • Inactive data stored in physical storage devices • Data in transit/motion • Inflight data that flows over (often untrusted) networks • Data in use • Data stored in non-persistent devices such as RAM
  2. 3.

    Motivation to protect data at rest • Theft • Physical

    devices may be stolen physically. • Lost • Physical devices may be lost by accidents. • Safety when sold • No secrets are left inside. Otherwise, devices need to be physically destroyed! • Multi-tenancy • The storage device may be reused by others.
  3. 4.

    Data encryption at rest • Encryption is commonly used to

    protect data at rest • At which level should data be encrypted? • Block device (Full-Disk-Encryption, FDE) • File (File-Based-Encryption, FBE) • Android once adopted FDE, but later changed to FBE • because FDE requires user-interaction before OS boot •
  4. 5.

    FDE: suitable for clouds • FDE ensures every single bit

    of data is encrypted • Safest and simple to use. • Public cloud vendors provides FDE by default • Azure Data Encryption-at-Rest • Encryption at Rest in Google Cloud Platform • dm-crypt, a Linux kernel module, is commonly used for FDE • Data are encrypted transparently in kernel. • Hardware acceleration (AES-NI) is used when available.
  5. 6.

    Cipher • dm-crypt has several cipher options • In Neco,

    we use AES-256-XTS-PLAIN64 • AES is the fastest block cipher thanks to AES-NI • XTS is safe enough as long as a data unit does not exceed 220 blocks, which is the case for dm-crypt. • Sat-san wrote a blog article analyzing performance: •
  6. 7.

    Protecting encryption keys • Keys must be protected safely as

    much as possible • Data-Encryption-Key (DEK) • AES key for dm-crypt • encrypted with KEK. • Key-Encryption-Key (KEK) • can be a one-time pad to encrypt DEKs. • stored securely in vaults or encrypted further with passwords.
  7. 8.

    Crypto-shredding • Encrypted data can be deleted instantly if the

    encryption key is wiped securely. • Deleting data this way is called crypto-shredding. • For example, KEK in TPM can be wiped securely.
  8. 9.

    Self-encrypting drives? • Several storage vendors sell special SSD/HDD that

    can store data with encryption. These are called Self-Encrypting Drives (SED). • However, SEDs often poorly implement encryptions: • Self-Encrypting SSDs Vulnerable to Attack, Microsoft Warns • Personally, I do not buy them. • Higher price, lower security.
  9. 10.

    Key takeaways • Reasons for data encryption at rest •

    security • disposability by crypto-shredding • Full-Disk-Encryption (FDE) is simple and secure • but sometimes File-Based-Encryption (FBE) wins. • Protect KEKs securely with TPM, (software) vaults, etc. • Do not buy Self-Encrypting Drives (SED)