Information Security Baskoro Adi Pratomo Informatics Department Institut Teknologi Sepuluh Nopember Surabaya, Indonesia 2021 Encryption algorithm usage • Which algorithm should we use for the following cases? • • • • • Encrypting AES key Encrypting password Encrypting searchable content (e.g., address or name) Encrypting a PDF document Encrypting chat messages Best Practice in Cryptography and Key Management Source: https://cheatsheetseries.owasp.org/cheatsheets/Key_M anagement_Cheat_Sheet.html https://cheatsheetseries.owasp.org/cheatsheets/Crypto graphic_Storage_Cheat_Sheet.html Where to perform encryption • • • • At the application level. At the database level (e.g, SQL Server TDE) At the filesystem level (e.g, BitLocker or LUKS) At the hardware level (e.g, encrypted RAID cards or SSDs) Which algorithm to use? • Symmetric • AES-128 (min) or AES-256 (recommended) • Asymmetric • Curve 25519 • RSA (min 2048 bits) Which algorithm to use? • Other factors to consider: • • • • Key size. Known attacks and weaknesses of the algorithm. Maturity of the algorithm. Approval by third parties such as NIST's algorithmic validation program. • Performance (both for encryption and decryption). • Quality of the libraries available. • Portability of the algorithm (i.e, how widely supported is it). Avalanche Effect • Avalanche Effect: • A tiny change in the plaintext causes a massive difference in the ciphertext This Photo by Unknown Author is licensed under CC BY-SA Using custom algorithms? • DON’T DO THIS Which mode of operation to use? • • • • GCM (Galois Counter Mode) CCM CTR CBC Which random number generator to use? Key Generation • Do: • Generated using a cryptographically secure function • Don’t: • Based on common words/phrases • Generated by mashing the keyboards Lifetime and Key Rotation (When to replace a key) • If the previous key is known (or suspected) to have been compromised. • This could also be caused by someone who had access to the key leaving the organisation. • After a specified period has elapsed. (See section 5.3 of NIST SP 800-57 for further guidance.) • After the key has been used to encrypt a specific amount of data. • This would typically be 2^35 bytes (~34GB) for 64-bit keys and 2^68 bytes (~295 exabytes) for 128-bit block size. • If there is a significant change to the security provided by the algorithm • such as a new attack being announced Lifetime and Key Rotation (Handling old encrypted data) • (Preferred) Decrypting it and re-encrypting it with the new key. • Marking each item with the ID of the key that was used to encrypt it, and storing multiple keys to allow the old data to be decrypted. Key Storage • Ideally, we store keys in: • • • • A physical Hardware Security Module (HSM). A virtual HSM. Key vaults such as Amazon KMS or Azure Key Vault. An external secrets management service such as Conjur or HashiCorp Vault. • Secure storage APIs provided by the ProtectedData class in the .NET framework. But, life is never ideal • Requirements for alternative key storage: • Central management of keys, especially in containerised environments. • Easy key rotation and replacement. • Secure key generation. • Simplifying compliance with regulatory standards such as FIPS 140 or PCI DSS. • Making it harder for an attacker to export or steal keys. Four sins of key storage • Hard-coding keys into the application source code. • Checking keys into version control systems. • Not protecting the configuration files containing the keys with restrictive permissions. • Storing keys in environment variables • Keys can be accidentally exposed through functions such as phpinfo() or through the /proc/self/environ file. Assignment 2: Key Management • Continuing from the previous assignment, add the following features to your web app: • A user can request to see the private data of other users (including the images and documents) • The requested user generates a symmetric key to share the data to the requesting user • The symmetric key will be distributed to the requesting user by other means (e.g., email, WA, etc), but it needs to be encrypted by using asymmetric encryption • The symmetric keys must be stored securely in the system