Encryption for Cloud Services Security: Problem or / CTO /

Size: px

Start display at page:

Download "Encryption for Cloud Services Security: Problem or Panacea? @Zulfikar_Ramzan / CTO / www.elastica.net"

Matthew Lamb
8 years ago
Views:

1 Encryption for Cloud Services Security: Problem or / CTO /

2 Tectonic Shift in the Market SaaS On-Premise Many pieces to Buy, Assemble & Operate No visibility / control 2

3 NOT SURE WHY PEOPLE THINK SAAS SECURITY IS HARD! WE LL JUST ENCRYPT OUR DATA! PROBLEM SOLVED!

4 TENOR OF THIS TALK ACADEMIC PERSPECTIVE BROADLY ACCESSIBLE NOT AN ACADEMIC TALK

5 OUTLINE WHAT IS ENCRYPTION AND HOW MIGHT IT BE USED TO SECURE SAAS APPLICATIONS? CHALLENGES, WORKAROUNDS, LIMITATIONS TO WORKAROUNDS MARKETING MYTHBUSTERS BROADER PERSPECTIVES ON SAAS SECURITY

ciphertext Transformation should look random to any computationally bounded adversary

6 WHAT IS ENCRYPTION? PLAINTEXT CIPHERTEXT PLAINTEXT Keyed transformation that converts plaintext to ciphertext Transformation should look random to any computationally bounded adversary with extensive black-box access to encryption / decryption routines Security predicated on secrecy of the key (and not on secrecy of algorithm) Kerchoff s Principle

7 ENCRYPTION FOR SaaS SaaS Attempt to encrypt data en-route to SaaS Provider (e.g., via forward proxy, reverse proxy, etc.). Decrypt traffic en-route from SaaS provider back to user.

8 Key SaaS Encryption Hurdles SaaS is not just storage! Need search, sort, analytics! Preserve Format? Manage Keys

9 Approaches HOMOMORPHIC ENCRYPTION SEARCHABLE ENCRPYPTION ORDER- PRESERVING ENCRPYPTION FORMAT- PRESERVING ENCRYPTION SELECTIVE TOKENIZATION

10 Fully Homomorphic Encryption [Gentry et al.] Allows arbitrary computation on encrypted data Permits search, sort, SQL queries, etc., on cloud encrypted data Still very impractical Have to relax security (being able to manipulate encrypted data can be a big deal) Newer (and less well studied) assumptions

11 Searchable Symmetric Encryption aardvark bobcat camel camel camel dingo Permits keyword search on encrypted data Much faster than fully homomorphic encryption Works by having a separate encrypted index Only permits very basic keyword search Information leaks (deterministic encryption) Scale issues as index gets bigger

12 Order-Preserving Symmetric Encryption Alice A0FD41. Bob C373BA2 Carol Dave D6FF132 FF12A28 Encrypts data, while retaining sorted order Much faster than fully homomorphic encryption Still significant performance overhead Weaker security since information leaks

Format-Preserving Encryption DE19AFBCC2.

13 Format-Preserving Encryption DE19AFBCC VS Able to preserve format needed by SaaS application Fairly efficient (practical) Weak security especially if final format must be short General security of schemes not as well vetted

Tokenization 123-456-7890 931-38-7622 Look-up Table... 123-456-7890 <-> 931-38-7622.

14 Tokenization Look-up Table <-> SaaS Elegant way to handle format preservation Fairly efficient (practical) Provides compliance boundary Only selective protection (fewer use cases) Might inhibit analytics New burden of maintaining look-up table Have to worry about scale

15 Mythbusters (SaaS Encryption Edition!) We use AES for encryption therefore we are secure! AES isn t a security panacea. It s a tool. Perfectly good tools can be used in completely bad ways.

16 Mythbusters (SaaS Encryption Edition!) We use are FIPS 140-x certified therefore we are secure! FIPS Certification is usually limited to one aspect of system security. Different types of certification have different implications (algorithm vs. library) May have perfectly valid algorithm, but used in an insecure way.

17 Mythbusters (SaaS Encryption Edition!) We use proprietary, home-grown methods Cryptographic algorithms and protocols should only be designed by people who really know what they are doing Even experts get it wrong sometimes, so you need extensive peer review

The SaaS Security Landscape SINGLE SIGN ON CONTINUOUS MONITORING CLOUD IDS/IPS MALWARE DETECTION ENCRYPTION SHADOW IT DISCOVERY SAAS AUDIT / RISK ASSESSMENT

18 The SaaS Security Landscape SINGLE SIGN ON CONTINUOUS MONITORING CLOUD IDS/IPS MALWARE DETECTION ENCRYPTION SHADOW IT DISCOVERY SAAS AUDIT / RISK ASSESSMENT CLOUD DLP POLICY ENFORCEMENT For each security capability needed in the context of on-premises applications, analogous functionality is needed for SaaS applications

SaaS is more than storage (search, sort, analytics) Promising research,

19 Revisiting Original Question Is good encryption / tokenization a panacea for SaaS Security? SaaS is more than storage (search, sort, analytics) Promising research, but fundamental limitations Important to avoid getting caught up in the hype Encryption: just one piece of security stack

20 Further Info: Search: {Elastica} + (SOC Thank you

GLOBAL CLOUD DATA SECURITY REPORT Q2 2015: THE AUTHORITY ON HOW FINANCIAL SERVICES FIRMS ARE PROTECTING THEIR DATA IN THE CLOUD

GLOBAL CLOUD DATA SECURITY REPORT Q2 2015: THE AUTHORITY ON HOW FINANCIAL SERVICES FIRMS ARE PROTECTING THEIR DATA IN THE CLOUD TABLE OF CONTENTS Executive Summary 03 Data Taxonomy 04 Encryption vs. Tokenization