Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Intro to Data at Rest Encryption

December 07, 2019

Intro to Data at Rest Encryption


December 07, 2019

More Decks by ymmt2005

Other Decks in Technology


  1. The three states of digital data • Data at rest

    • Inactive data stored in physical storage devices • Data in transit/motion • Inflight data that flows over (often untrusted) networks • Data in use • Data stored in non-persistent devices such as RAM
  2. Motivation to protect data at rest • Theft • Physical

    devices may be stolen physically. • Lost • Physical devices may be lost by accidents. • Safety when sold • No secrets are left inside. Otherwise, devices need to be physically destroyed! • Multi-tenancy • The storage device may be reused by others.
  3. Data encryption at rest • Encryption is commonly used to

    protect data at rest • At which level should data be encrypted? • Block device (Full-Disk-Encryption, FDE) • File (File-Based-Encryption, FBE) • Android once adopted FDE, but later changed to FBE • because FDE requires user-interaction before OS boot • https://source.android.com/security/encryption
  4. FDE: suitable for clouds • FDE ensures every single bit

    of data is encrypted • Safest and simple to use. • Public cloud vendors provides FDE by default • Azure Data Encryption-at-Rest • Encryption at Rest in Google Cloud Platform • dm-crypt, a Linux kernel module, is commonly used for FDE • Data are encrypted transparently in kernel. • Hardware acceleration (AES-NI) is used when available.
  5. Cipher • dm-crypt has several cipher options • In Neco,

    we use AES-256-XTS-PLAIN64 • AES is the fastest block cipher thanks to AES-NI • XTS is safe enough as long as a data unit does not exceed 220 blocks, which is the case for dm-crypt. • Sat-san wrote a blog article analyzing performance: • https://blog.cybozu.io/entry/2019/03/08/170000
  6. Protecting encryption keys • Keys must be protected safely as

    much as possible • Data-Encryption-Key (DEK) • AES key for dm-crypt • encrypted with KEK. • Key-Encryption-Key (KEK) • can be a one-time pad to encrypt DEKs. • stored securely in vaults or encrypted further with passwords.
  7. Crypto-shredding • Encrypted data can be deleted instantly if the

    encryption key is wiped securely. • Deleting data this way is called crypto-shredding. • For example, KEK in TPM can be wiped securely.
  8. Self-encrypting drives? • Several storage vendors sell special SSD/HDD that

    can store data with encryption. These are called Self-Encrypting Drives (SED). • However, SEDs often poorly implement encryptions: • Self-Encrypting SSDs Vulnerable to Attack, Microsoft Warns • Personally, I do not buy them. • Higher price, lower security.
  9. Key takeaways • Reasons for data encryption at rest •

    security • disposability by crypto-shredding • Full-Disk-Encryption (FDE) is simple and secure • but sometimes File-Based-Encryption (FBE) wins. • Protect KEKs securely with TPM, (software) vaults, etc. • Do not buy Self-Encrypting Drives (SED)