database data security through the lens of cryptographic
play

Database data security through the lens of cryptographic - PowerPoint PPT Presentation

Mar 08, 2024 •134 likes •717 views

Database data security through the lens of cryptographic engineering Eugene Pilyankevich, Chief Technical officer, Cossack Labs Data breaches, annually 1093 783 781 614 447 419 2011 2012 2013 2014 2015 2016 Airplane crashes,

  1. Database data security through the lens of cryptographic engineering Eugene Pilyankevich, Chief Technical officer, Cossack Labs

  2. Data breaches, annually 1093 783 781 614 447 419 2011 2012 2013 2014 2015 2016

  3. Airplane crashes, annually 46 33 33 29 23 21 2011 2012 2013 2014 2015 2016

  4. Airplane crashes? 1093 783 781 614 447 419 2011 2012 2013 2014 2015 2016

  5. Sensitive data 101 Any data, leakage or tampering of which can lead to damage to data owner, data holder or related third parties.

  6. Naïve security model

  7. Naïve security model Focused on Ops-driven components

  8. Naïve security model Few generic vectors Passive attacks Smash’n’grab

  9. Securing the naïve security model § encryption-at-rest § encryption-in-transit § access distribution & control § event monitoring

  10. Pragmatic security model

  11. Real attackers are : § Smart and resourceful … targeting an old § Multi-skilled vulnerability that § Many vectors of attack you forgot to patch.

  12. Pragmatic security model Poor perimeter

  13. Pragmatic security model Poor perimeter Active and/or persistent attacks

  14. Pragmatic security model Poor perimeter Active and/or persistent attacks Data-specific attacks

  15. Pragmatic security model Poor perimeter Active and/or persistent attacks Data-specific attacks Systematic approach

  16. … anything else?

  17. Idealistic security model

  18. Idealistic security model : Future is now Future is reliable Working as guinea pig is a great idea

  19. Idealistic security model : Less than 10 years in public Assumptions assumptions Not tested in production

  20. Database encryption

  21. What does encryption do? Encryption narrows attack surface from data to keys

  22. Database encryption Modern Classic

  23. Classic attacks § Smash ‘n’ grab § Snapshot attacker § Persistent passive attacker

  24. Сlassic encryption? Row/column/table Database files Full disk encryption

  25. Сlassic encryption? Row/column/table NO DIFFE IFFERENCE Database files Full disk encryption

  26. Сlassic encryption, defeated Leak keys: § Host compromise or snapshot § MiTM to leak from traffic Leak plaintext: § Host compromise § Passive/active MiTM § Source compromise

  27. Extended classic security Protect data Protect database host Protect transport

  28. Typical modern attacks § Flow alternation (SQL Injection) § VM image leak § Full compromise (temporary or persistent)

  30. Emerging DB attacks

  31. Emerging attacks Write inference : § Reconstruct transaction from logs § Time transactions via bin logs to infer data Read inference: § Buffer pool § Slow query log if no full log is present

  32. Emerging attacks SQL Injections to grab contents of diagnostic tables. information_schema.processlist, performance_schema.threads . See also: events_statements_current, events_statements_history

  33. Emerging attacks § Snapshot attacks to get memory contents of: § Adaptive hash index § Query cache § Process heap (surprisingly revealing)

  34. New sources of risk Access patterns Communication volume

  35. Practicalities

  36. Limit leakage § Limit key leakage : fetch keys from remote side, purge from memory before/after encryption § Limit data leakage : many keys, make one leak least problematic

  37. Offload § Encrypt/store keys on HSM . § Proxies! … not without drawbacks.

  38. Client-side encryption § Libraries § Various encryption schemes … not without drawbacks

  39. Encrypted databases Client-side trust • Novel crypto scheme enabling remote • operations on ciphertext Still a bit of a naïve model •

  40. Ideally we want… New ciphers?

  41. Constant failure so exciting! NEW ATTACKS! DISPUTES ON SECURITY! IMPROVED ATTACKS! PROPOSED FIXES! BETTER ATTACKS! EMERGENCY UPDATES! DIFFERENT ATTACKS! NEW PROTOCOLS!

  42. Constant failure so exciting!

  43. Ideally we want boring crypto Crypto that simply works, solidly resists attacks, never needs any upgrades. Daniel J. Bernstein, famous security/crypto scientist

  44. Realistically we need… New ciphers! Better crypto schemes

  45. Practical ideas Use great stuff § Use it correctly §

  46. Practical ideas § Use proven ciphers: ECC, AES, Salsa20 / ChaCha20. § Don’t roll your own crypto: just don’t. § Use good libraries.

  47. Don’t roll your own crypto § Simple AES-GCM, ways to fail

  48. Don’t roll your own crypto § Simple AES-GCM call, ways to fail § Signed symmetric encryption, ways to fail

  49. Don’t roll your own crypto § Simple AES-GCM call, ways to fail § Signed symmetric encryption, ways to fail § Key wrapped symmetric encryption, ways to fail

  50. Don’t roll your own crypto § Buffer breaks here and now, with a memory fault. § Crypto leaks anywhere at any point in time. Silently .

  51. Don’t roll your own crypto JUST DON’T

  52. Practical ideas • Enforce non-leaky model(s). • Configure with query inference in mind.

  53. Practical ideas • Rotate encryption keys timely. • Revoke keys (rotate on compromise)

  54. Practical ideas • Focus on active attacks: SQL injections & full compromise. • Focus on infrastructure around your DB. • Encrypt what is necessary.

  55. Practical ideas • Use native tools, if they’re well audited. • Use good frameworks : • Encryption: NaCl/Libsodium, Themis, KeyCzar, tink • Encrypted shared access: ZeroKit, Hermes, DocRaid

  57. Thank you! cossacklabs.com ivychapel.ink @9gunpi

  58. Links General interest: Why Your Encrypted Database Is Not Secure , https://eprint.iacr.org/2017/468.pdf Cryptographically protected database search , https://arxiv.org/abs/1703.02014 Generic Attacks on Secure Outsourced Databases , http://scholar.harvard.edu/files/gkellaris/files/genericattacks.pdf Recontructing queries, inference, sensitive data leakage and other indirect attacks: InnoDB Database Forensics series: http://ieeexplore.ieee.org/document/5474822, http://ieeexplore.ieee.org/document/6329240/ Breaking Web Applications Built On Top of Encrypted Data , https://eprint.iacr.org/2016/920 Inference attacks Inference Attacks on Property-Preserving Encrypted Databases, https://cs.brown.edu/~seny/pubs/edb.pdf Database encryption: Protecting sensitive information with database encryption , https://www.owasp.org/images/c/c1/Database_Encryption.ppt Cossack Labs blog, Backend security series, https://www.cossacklabs.com/backend- security-series End-to-end data turnover, my talk at UISGCON 12, https://medium.com/@9gunpi/end-to- end-data-turnover-slides-and-notes-144006269863

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

New cryptographic goals Data privacy is not the only important cryptographic goal CS 4803

New cryptographic goals Data privacy is not the only important cryptographic goal CS 4803

New cryptographic goals Data privacy is not the only important cryptographic goal CS 4803 It is also important that a receiver is assured Computer and Network Security that the data it receives has come from the sender and has not been

617 views • 5 slides
EGTDC Database Course 2004 Database Users And Security Backing-Up Data Tim Booth :

EGTDC Database Course 2004 Database Users And Security Backing-Up Data Tim Booth :

EGTDC Database Course 2004 Database Users And Security Backing-Up Data Tim Booth : tbooth@ceh.ac.uk Environmental Genomics Thematic Programme Data Centre http://envgen.nox.ac.uk Overview Areas covered: Controlling who can connect

344 views • 16 slides
This Lecture General Database Security Privileges Database Security Granting

This Lecture General Database Security Privileges Database Security Granting

This Lecture General Database Security Privileges Database Security Granting Revoking Views Database Systems SQL Insertion Attacks Michael Pound Further Reading The Manga Guide to Databases, Chapter 5 Database

285 views • 7 slides
NEBC Database Course 2008 Database Users And Security Backing-Up Data Tim Booth :

NEBC Database Course 2008 Database Users And Security Backing-Up Data Tim Booth :

NEBC Database Course 2008 Database Users And Security Backing-Up Data Tim Booth : tbooth@ceh.ac.uk Overview Areas covered: Controlling who can connect Table-level privileges Defining user groups Remote connections to

557 views • 17 slides
Security Control Methods for Statistical Database Li Xiong CS573 Data Privacy and Security

Security Control Methods for Statistical Database Li Xiong CS573 Data Privacy and Security

Security Control Methods for Statistical Database Li Xiong CS573 Data Privacy and Security Statistical Database A statistical database is a database which provides statistics on subsets of records OLAP vs. OLTP Statistics may be

397 views • 37 slides
CS419 Spring 2010 Computer Security Vinod Ganapathy Lecture 15 Chapter 5: Database security

CS419 Spring 2010 Computer Security Vinod Ganapathy Lecture 15 Chapter 5: Database security

CS419 Spring 2010 Computer Security Vinod Ganapathy Lecture 15 Chapter 5: Database security Database Security Relational Databases constructed from tables of data each column holds a particular type of data each row contains a

935 views • 24 slides
Database Security Enforced Database security - only authorized users can perform authorized

Database Security Enforced Database security - only authorized users can perform authorized

IT360: Applied Database Systems Database Security Kroenke: Ch 9, pg 309-314 PHP and MySQL: Ch 9, pg 217-227 1 Rights Database Security Enforced Database security - only authorized users can perform authorized activities Responsibilities

317 views • 9 slides
CS 356 Lecture 2 Cryptographic Tools Spring 2013 Chapter 2 Cryptographic Tools

CS 356 Lecture 2 Cryptographic Tools Spring 2013 Chapter 2 Cryptographic Tools

CS 356 Lecture 2 Cryptographic Tools Spring 2013 Chapter 2 Cryptographic Tools Cryptographic Tools Cryptographic algorithms important element in security services Review various types of elements symmetric encryption secure

1.27k views • 23 slides
Cryptographic protocols Cryptographic protocols small programs designed to secure Introduction

Cryptographic protocols Cryptographic protocols small programs designed to secure Introduction

Cryptographic protocols Cryptographic protocols small programs designed to secure Introduction to cryptographic protocols communication (various security goals) Bruno Blanchet use cryptographic primitives (e.g. encryption, hash function,

451 views • 14 slides
The Intersection of Application and Security Architecture Through the lens of distributed

The Intersection of Application and Security Architecture Through the lens of distributed

The Intersection of Application and Security Architecture Through the lens of distributed systems Walt Williams Who is this bloke? Author of Security for Service Oriented Architecture, CRC press 2014 Director of Information Security,

1.12k views • 55 slides
Course Content Database Management Systems Introduction Database Design Theory

Course Content Database Management Systems Introduction Database Design Theory

Course Content Database Management Systems Introduction Database Design Theory Query Processing and Optimisation Winter 2003 Concurrency Control Data Base Recovery and Security CMPUT 391: Database Recovery and Security

274 views • 12 slides
On the Bit Security of Cryptographic Primitives M E T R A S 7 . 7 M Daniele Micciancio

On the Bit Security of Cryptographic Primitives M E T R A S 7 . 7 M Daniele Micciancio

On the Bit Security of Cryptographic Primitives M E T R A S 7 . 7 M Daniele Micciancio Michael Walter UCSD IST Austria eprint.iacr.org/2018/077 Security Security Adversary Game 1 Security Security Adversary Game

883 views • 40 slides
Database of Long-Lived Symmetric Cryptographic Keys

Database of Long-Lived Symmetric Cryptographic Keys

Database of Long-Lived Symmetric Cryptographic Keys dra%-ie)-karp-crypto-key-table-03 R. Housley T. Polk S. Hartman D. Zhang Updates on

321 views • 9 slides
Chapter7. Security 7.1 Introduction 7.2 Overview of security techniques 7.3 Cryptographic

Chapter7. Security 7.1 Introduction 7.2 Overview of security techniques 7.3 Cryptographic

Chapter7. Security 7.1 Introduction 7.2 Overview of security techniques 7.3 Cryptographic algorithms 7.4 Digital signatures 7.5 Cryptography pragmatics 7.1. Introduction Why need security mechanisms in DS? Share of resources

364 views • 24 slides
Outline Cryptographic Algorithm Engineering and Provable Security Crypto refresher

Outline Cryptographic Algorithm Engineering and Provable Security Crypto refresher

Bart Preneel September 2007 Cryptographic Algorithm Engineering and Provable Security Outline Cryptographic Algorithm Engineering and Provable Security Crypto refresher Basic concepts Foundations of Security Analysis and

958 views • 31 slides
How to prevent cryptographic pitfalls by design February 3, 2019 How to prevent cryptographic

How to prevent cryptographic pitfalls by design February 3, 2019 How to prevent cryptographic

Department of Informatics Security and Privacy Maximilian Blochberger How to prevent cryptographic pitfalls by design February 3, 2019 How to prevent cryptographic pitfalls by design Goal Raise awareness of cryptographic misuse Disclaimer

910 views • 29 slides
Cryptography on the Blockchain Vassilis Zikas RPI IACR Summer School on Blockchain Techs

Cryptography on the Blockchain Vassilis Zikas RPI IACR Summer School on Blockchain Techs

Cryptography on the Blockchain Vassilis Zikas RPI IACR Summer School on Blockchain Techs Aggelos Kiayias, Hong-Shen Zhou, and Vassilis Zikas, Fair and Robust Multi-Party Computation using a Global Transaction Ledger, EUROCRYPT 2016. Bitcoin

1.8k views • 176 slides
High-Assurance and High-Speed Cryptographic Implementations Using the Jasmin Language J.B.

High-Assurance and High-Speed Cryptographic Implementations Using the Jasmin Language J.B.

High-Assurance and High-Speed Cryptographic Implementations Using the Jasmin Language J.B. Almeida, M. Barbosa, G. Barthe, B. Grgoire, A. Koutsos , V. La- porte, T. Oliveira, P-Y. Strub Octobre 9th, 2019 1 Context 2 Context Cryptographic

985 views • 57 slides
Sage & Algebraic Techniques for the Lazy Symmetric Cryptographer Martin R. Albrecht

Sage & Algebraic Techniques for the Lazy Symmetric Cryptographer Martin R. Albrecht

Sage & Algebraic Techniques for the Lazy Symmetric Cryptographer Martin R. Albrecht @martinralbrecht Crypto Group, DTU Compute, Denmark IceBreak, Reykjavik, Iceland # icebreak Outline Sage Introduction Highlevel Features Fields &

1.04k views • 93 slides
Blockchain and secure computation Vassilis Zikas RPI Winter School on Cryptocurrency and

Blockchain and secure computation Vassilis Zikas RPI Winter School on Cryptocurrency and

Blockchain and secure computation Vassilis Zikas RPI Winter School on Cryptocurrency and Blockchain Technologies Shanghai Jiao Tong University 2017 Bitcoin Bitcoin What is bitcoin and how does it work? Bitcoin What is bitcoin and how

2.08k views • 178 slides
EOS An Introduction Iang block.one Financial cryptographer Cayman Islands corporation

EOS An Introduction Iang block.one Financial cryptographer Cayman Islands corporation

EOS An Introduction Iang block.one Financial cryptographer Cayman Islands corporation Inventor of Ricardian contracts Investors from finance & blockchain co-Inventor of triple entry accounting Fully funded Identity Building the EOS.IO

507 views • 16 slides
White-Box Cryptography Matthieu Rivain CARDIS 2017 How to protect a cryptographic key? How to

White-Box Cryptography Matthieu Rivain CARDIS 2017 How to protect a cryptographic key? How to

White-Box Cryptography Matthieu Rivain CARDIS 2017 How to protect a cryptographic key? How to protect a cryptographic key? Well, put it in a smartcard of course! ... or any piece of secure hardware But... Secure hardware is expensive

1.6k views • 98 slides
Arrangements Cryptography Lecture Course in Autumn Term 2013 Will have two lectures (Tue 2pm,

Arrangements Cryptography Lecture Course in Autumn Term 2013 Will have two lectures (Tue 2pm,

Organisation Organisation Overview Overview Historic Ciphers Historic Ciphers Symmetric Ciphers Symmetric Ciphers Arrangements Cryptography Lecture Course in Autumn Term 2013 Will have two lectures (Tue 2pm, Fri 11am and one exercise

239 views • 12 slides
White-box Cryptomania Pascal Paillier CryptoExperts ECRYPT NET Workshop on Crypto for the Cloud

White-box Cryptomania Pascal Paillier CryptoExperts ECRYPT NET Workshop on Crypto for the Cloud

White-box Cryptomania Pascal Paillier CryptoExperts ECRYPT NET Workshop on Crypto for the Cloud & Implementation Paris, June 27-28 2017 Overview 1 What is white-box crypto? 2 White-box compilers for signatures 3 White-box

543 views • 29 slides

More recommend