Distributed Key Protection and Making Encryption Accessible
advertisement
Distributed Key Protection and Making Encryption Accessible PROTECT THE KEYS TO EVERYTHING | PROTECT THE KEYS TO EVERYTHING MULTIPARTY COMPUTATION (MPC) TECHNOLOGY DSM splits secret keys between 2 different servers Cryptographic operations take place without ever bringing the key together in memory or disk RSA, ECDH (ECIES), ECDSA, AES, HMAC, Password verification THE KEY IS NEVER IN ANY SINGLE PLACE TO BE STOLEN | PROTECT THE KEYS TO EVERYTHING 2 DISTRIBUTED KEY PROTECTION (DSM) Random key split refresh: Attacker must obtain both parts simultaneously | PROTECT THE KEYS TO EVERYTHING 3 HIGH SECURITY WITH DYADIC Different admins on each server (mitigate insider threat and targeted credential theft) Different operating systems (mitigate malware and zero days) Different physical location (mitigate physical theft) Viruses | PROTECT THE KEYS TO EVERYTHING 4 HSM vs DSM HSMs 1. Expensive to deploy and maintain 2. Difficult to upgrade to support new algorithms 3. Not elastic; hard to scale up or scale down 4. Support only limited range of use-cases 5. Essential where regulator-mandated Dyadic DSM – A virtual HSM 1. Easy to deploy and maintain 2. Easy to update and upgrade 3. Elastic and sacalable 4. Supports wider range of use cases (e.g., cloud, endpoint) 5. Preferable where regulator doesn’t require HSM | PROTECT THE KEYS TO EVERYTHING 5 Deployment Application server Database server DEPLOYMENT PROCEDURE • • • • • Identify keys and credentials for protection Decide on DSM deployment configuration (admins, OSs, location, topology) Allocate DSM servers and install DSM software Install and configure DSM agents on relevant servers Import and/or generate keys DSM Agent DSM Agent Web server DSM Agent DSM | PROTECT THE KEYS TO EVERYTHING 6 Integrations • Core Distributed Crypto Pack o RSA decryption and signing o Elliptic Curve Cryptography o Innovative password protection solution • Supported API’s o PKCS#11 – Fully integrated with PKCS#11 Applications (e.g., Tomcat, Oracle Database TDE) o Microsoft CNG – Fully integrated with Microsoft products using KSP (e.g., Microsoft CA, IIS TLS/SSL, IPsec) o OpenSSL engine – Fully integrated with Linux products using OpenSSL (e.g., TLS/SSL, SSH) o DSM SDK for .NET, Java, Python and PHP. • Easy Deployment and Maintenance o Up and running in under 30 minutes o Comprehensive secured management system (disaster recovery, backup, import, elasticity) | PROTECT THE KEYS TO EVERYTHING 7 Online Attacks Protection • • If an application server is hacked, the attacker can impersonate a legit application and use the DSM to decrypt. HOWEVER: o This is an online attack (versus offline attack) and thus the attacker has less time and a much greater risk of getting caught o The password protection and combined password/encryption solutions are immune o Password – DSM only answers YES/NO o Combined – Attacker must know correct password to decrypt (like application) o Decrypting a large DB this way takes a long time, which an attacker usually doesn’t have o All DSM access is audited; all decrypted records will be known, reducing attack impact o Built-in anomaly detection module which will block these kinds of attacks | PROTECT THE KEYS TO EVERYTHING 8 Auditing and Monitoring • DSM suite includes a web console for monitoring the DSM activity • All activity management and usage is audited to a variety of configurable audit targets: DB, file, syslog, event-log, etc. • DSM has a local audit log on each server and a combined audit log to allow tamper proof auditing • DSM audit can be easily integrated with standard monitoring tools such as Splunk, logstash, etc. | PROTECT THE KEYS TO EVERYTHING 9 PERFORMANCE | PROTECT THE KEYS TO EVERYTHING 10 Dyadic DSM SSL Performance • DSM is constructed from sets of independent pairs • Performance of a single pair suffices for most enterprise applications • Both scale up and scale out will have linear effect on performance System Small CPU count per machine 1 X 2.1 Ghz Password validation/sec 200 Decryption/sec (RSA 2048) 320 Medium 2 X 2.1 Ghz 400 650 Large 4 X 2.1 Ghz 800 1250 Extra large 8 X 2.1 Ghz 1860 3000 | PROTECT THE KEYS TO EVERYTHING 11 SOFTWARE DEFINED ENCRYPTION | PROTECT THE KEYS TO EVERYTHING 12 SDE Workflow Load database schema 1 Choose fields to encrypt 2 | PROTECT THE KEYS TO EVERYTHING Provide information on chosen fields 3 Get wrapper code to use in applications 13 SDE Workflow – Setup Phase | PROTECT THE KEYS TO EVERYTHING 14 SDE Workflow – Usage | PROTECT THE KEYS TO EVERYTHING 15 SDE - Providing Information on Chosen Fields | PROTECT THE KEYS TO EVERYTHING 16 SDE - Code Generation After setting the required encryption, Dyadic generates wrapper code for easy integration. Use the generated code to call the encrypt/decrypt API before & after the SQL statements. | PROTECT THE KEYS TO EVERYTHING 17 SDE – Security Levels (Making Customers Fully Aware) Standard encryption is strong, semantically secure | PROTECT THE KEYS TO EVERYTHING 18 SDE – Security Levels (Making Customers Fully Aware) To enable search by EQUALS, deterministic encryption is used; the key is different for each column | PROTECT THE KEYS TO EVERYTHING 19 SDE – Security Levels (Making Customers Fully Aware) To enable search by EQUALS with JOIN, deterministic encryption is used with the same key throughout (weaker) | PROTECT THE KEYS TO EVERYTHING 20 SDE – Security Levels (Making Customers Fully Aware) When items are unique, deterministic encryption is “fully secure” (so Very Strong again) | PROTECT THE KEYS TO EVERYTHING 21 SDE – Security Levels (Making Customers Fully Aware) Passwords are hashed and then encrypted under a strong key. They are verified (via MPC) without every decrypting | PROTECT THE KEYS TO EVERYTHING 22 SDE – Security Levels (Making Customers Fully Aware) Order-preserving encryption is very weak; this is made explicit (with a full explanation) | PROTECT THE KEYS TO EVERYTHING 23 SDE – Security Levels (Making Customers Fully Aware) To enable JOIN with order-preserving encryption, the same key is used throughout (ultra weak) | PROTECT THE KEYS TO EVERYTHING 24 SDE – Summary • Many customers do not encrypt due to difficulty • SDE makes encryption easy • No expertise at all necessary • SDE automatically generates best encryption method based on functional requirements • All keys are protected by the DSM • The result: • • • • No encryption knowledge needed No headache about where to store the key Minimal changes to database (types do not change) No one has a reason not to encrypt databases anymore | PROTECT THE KEYS TO EVERYTHING 25 STRONG MOBILE AUTHENTICATION | PROTECT THE KEYS TO EVERYTHING 26 THE PAYMENT SECURITY CHALLENGE Online transactions require strong authentication to prevent malicious activities Users are reluctant to use mechanisms that force them to change the way they work Cumbersome security mechanisms lead to missed business opportunities ELIMINATE THE SECURITY VS. BUSINESS NEEDS CONFLICT | PROTECT THE KEYS TO EVERYTHING 27 DISTRIBUTED MOBILE AUTHENTICATION Authentication and transaction signing by using a private key distributed between the mobile device and server(s) on premise Based on digital certificate, optional two factor authentication (device + PIN code) No single point of compromise Built in non-repudiation – server alone cannot perform operations Strong security, transparent to the user | PROTECT THE KEYS TO EVERYTHING 28 Transaction Signing 1 Transaction Request 3 Signed Transaction User A – Key Part a 2 User A Key Part b User B Key Part b Server User C Key Part b User D Key Part b User E Key Part b User N Key Part b Dyadic | PROTECT THE KEYS TO EVERYTHING 29 Transaction Signing - Push 1 Transaction Request User A Key Part b 2 Laptop User B Key Part b Server 4 User C Key Part b User D Key Part b 3 Distributed Signing User E Key Part b User N Key Part b User A – Key Part a Dyadic | PROTECT THE KEYS TO EVERYTHING 30 MOBILE AUTHENTICATION - SECURITY Protection from device loss, theft and counterfeiting/replication Secure mobile-based transaction approval Does not disrupt existing user flows Immediate signing key revocation upon a security incident No need for physical tokens/smartcards | PROTECT THE KEYS TO EVERYTHING 31 MOBILE-BASED OTP Secure one-time-password (OTP) generation PKI-based, OTP is generated on mobile and signed jointly by mobile and by the Dyadic server Signing private-key is distributed between mobile device and a server on premise, eliminating single points of breach PKI-based means server breach does not lead to full compromise | PROTECT THE KEYS TO EVERYTHING 32 Enhancing Existing OTP Using MPC 3 4 2 OTP Verify OTP User A Key Part b User A – Key Part a 1 User B Key Part b Existing Auth. Server Application Server User C Key Part b User D Key Part b User E Key Part b User N Key Part b Dyadic | PROTECT THE KEYS TO EVERYTHING Dyadic Aux 33 STRONG SECURITY Stolen device – o Server-side revocation immediately renders stolen-device useless o Optional PIN-code for two-factor authentication Malware on device – all transactions pass through Dyadic server, enabling auditing and anomaly detection Device cloning – key distribution is constantly refreshed. Refresh requests from different sources leads to immediate revocation | PROTECT THE KEYS TO EVERYTHING 34 SUMMARY | PROTECT THE KEYS TO EVERYTHING 35 THE DYADIC SOLUTION STRONG SECURITY Secrets are transparently operational for all legitimate uses, but are inexistent for attackers ENCRYPTION MADE EASY Platform agnostic, used through configuration or through a simple API EXTENSIVE PROTECTION Single installation protects multiple use-cases PROVIDES EASY AND STRONG SECURITY IN VIRTUAL ONLY ENVIRONMENT | PROTECT THE KEYS TO EVERYTHING 36 THANK YOU | PROTECT THE KEYS TO EVERYTHING
