Encryption: Choosing the Right Tool for the Job Presented by Harry Smith Instructor Information & Communications Technology University of Denver Email:

Encryption: Choosing the Right Tool for the Job

Presented by

Harry Smith InstructorInformation & Communications TechnologyUniversity of DenverEmail: [email protected]

Yogi Berra

“In theory, there is no difference between theory and practice. In practice there is.”

HIPAA Breach Notification

What is Encryption?

Encryption is a process that transforms ordinary “plaintext” representations of information into secure “ciphertext” representations.

plaintext ciphertext

Three Cryptographic Primitives

• symmetric ciphers (“secret-key” cryptography)• hashes (message digests)• asymmetric ciphers (“public-key” cryptography)

Symmetric CiphersSymmetric ciphers translate “plaintext” into “ciphertext.” The recipient of the ciphertext must have the secret “key” in order to translate the ciphertext back to its original plaintext form. Symmetric ciphers are useful for keeping secrets.

Symmetric Cipher

“plaintext”

“ciphertext”

Bob AliceSymmetric

Cipher

“ciphertext”

“plaintext”

Hashes

A “hash” is a fixed-length representation of a message. It is useful for detecting message tampering. Hashes are also known as “message digests.”

Hash Function

“message”

“message digest”

Bob Alice

Hash Function

“message”

“message digest”

Asymmetric Ciphers

Asymmetric ciphers encrypt data with a “public key.” Only the owner of the corresponding “private key” can decrypt the ciphertext. Asymmetric ciphers are useful for key agreement and for message authentication.

Asymmetric Cipher

“secret key”

“ciphertext”

Bob AliceAsymmetric

Cipher

“ciphertext”

“secret key”Alice’s public

key

Alice’s private key

Combining Primitives

Cryptographic primitives are the elements of which compound cryptographic services are constructed.

Hash Function

“My kitty is five years old.”

“a137f5719e2b3cb7”

Symmetric Encryption Function

PHI

Secured PHI

Cryptographic Services

The three cryptographic primitives are the “elements” that combine to produce various cryptographic services.

digital signatureskey agreement schemesvirtual private networkingweb site authentication“signed” codemessage integrity codeschallenge-response protocolsdata confidentialitynon-repudiation

and many more …

Encryption Products

Commercial vendors offer a number of hardware and software products that each contain some combination of cryptographic services.

SecureDiscCrypto CompleteCenturionMailTrueCryptOpenSSLPGPNetMeetingIPSec/9000HushMail

and many more …

Choosing the Right Tool for the Job

To navigate your way through a bewildering array of claims and counter-claims by rival vendors, you must adopt a systematic approach:

1. What, exactly, is the job?2. Which cryptographic algorithms are used?3. Which configuration options should I choose?4. How are the keys protected?5. What will it cost?6. Has the product been certified?

Six PHI Exposures

• email• web sites• remote system access• backup media• laptops• databases

eMailThere are several approaches to encrypting email. The two most popular are “S/MIME” and “PGP.” S/MIME support is built into many popular client email programs such as Microsoft Outlook. PGP support is provided by the “Pretty Good Privacy” vendor product and by its open source equivalents.

Popular Email Security Products

secure emailsearch the web

Microsoft Outlook (http://office.microsoft.com/en-us/outlook/)

Built-in support for S/MIME encryption and digital signatures. Users must obtain their own digital ids from a public certificate authority such as Verisign.

PGP (http://www.pgp.com/)

Encryption and authentication built on “ring of trust” concept. Good for small, informal groups.

HushMail (http://www.hushmail.com/)

Free, web-based secure email solution. Integrates with most popular email client software.

Web Sites

The technology used to protect data that is transmitted over the world wide web is known as “Secure Sockets Layer (SSL).” A more advanced version of SSL is “Transport Layer Security (TLS).” SSL/TLS support is built into most popular browsers and web server products.

Popular Web Security Products

secure web hostingsearch the web

Yahoo Small Business (http://smallbusiness.yahoo.com/webhosting/)

Web hosting service plus design tools including SSL protection.

JustHost (http://www.justhost.com/)

Extremely cost-effective web hosting choice with bundled SSL support.

iPage (http://www.ipage.com/ipage/index.html)

Web hosting offering founded by industry veterans. Includes no-cost full suite of security tools.

Remote System Access

“Road warriors,” who access data on home office servers, are protected by “virtual private network (VPN)” technology. Several commercial products provide support for VPNs.

Popular VPN Products

virtual private networksearch the web

OpenVPN (http://openvpn.net/)

Open source (i.e. “free”) VPN client and server downloads.

Cisco (http://www.cisco.com/en/US/products/hw/vpndevc/index.html)

Hardware VPN solutions from the de facto leader in router technology.

Netopia (http://www.netopia.com/index_en.jsp)

Full assortment of VPN routers and hardware acceleration devices.

Backup Media

Standalone encryption programs can be used to encrypt backup tapes and disks that are transported to a recovery site. Some backup programs incorporate an encryption step into the backup process.

Popular Secure Backup Products

secure backupsearch the web

Tivoli Storage Manager (http://www-01.ibm.com/software/tivoli/products/storage-mgr/)

Tape backup solution from IBM. More appropriate for large organizations.

Carbonite (http://www.carbonite.com/en-us/default.aspx?re=1)

Online encrypted backup suitable for small organizations.

EVault (http://www.i365.com/)

Family of software encrypted backup solutions designed for multiple environments.

Laptops(… and other portable devices)

Information stored on a laptop is vulnerable, even if it is protected by strong passwords. An attacker can remove the hard drive from a stolen laptop and mount it on a system that he or she controls. “Encrypting file systems” and “full disk encryption” products can be used to protect laptop data.

Popular Laptop Encryption Products

secure laptopsearch the web

TrueCrypt (http://www.truecrypt.org/)

Open source (free) encryption solution for Windows, Mac and Linux. Encrypts whole disk, selected files, jump drives, etc.

EFS (http://technet.microsoft.com/en-us/library/cc700811.aspx)

“Encrypting File System” standard component of Microsoft Windows XP systems. Very easy to use.

BitLocker (http://www.microsoft.com/windows/windows-7/features/bitlocker.aspx)

Full disk encryption feature built into Microsoft Windows 7 systems. Superior to EFS.

DatabasesAn attacker who hacks into a database server may be able to bypass database access controls and view data on the hard drive. Encryption features that are built into most popular database management systems can be used to preclude this possibility.

application database

encrypted data

keys

Popular Database Encryption Products

database encryptionsearch the web

SQL Server (http://technet.microsoft.com/en-us/library/cc278098(SQL.100).aspx)

Microsoft’s “transparent data encryption” feature offers an extremely granular and programmer-friendly approach to database encryption.

Oracle (http://www.oracle.com/index.html)

Multiple built-in encryption technologies more oriented toward the database administrator.

BSAFE (http://www.rsa.com/products/bsafe/whitepapers/DDES_WP_0702.pdf)

Serious approach to database encryption strategies from the company that invented asymmetric ciphers.

Choosing the Right Tool for the Job

To navigate your way through a bewildering array of claims and counter-claims by rival vendors, you must adopt a systematic approach:

1. What, exactly, is the job?2. Which cryptographic algorithms are used?3. Which configuration options should I choose?4. How are the keys protected?5. What will it cost?6. Has the product been certified?

Cryptographic Algorithms

Cryptographic algorithms are the recipes used to implement the cryptographic primitives. The standards have been subject to the most exhaustive testing. Never use a proprietary algorithm.

Symmetric ciphers – Advanced Encryption Standard (AES) Triple-DES

Hashing – Secure Hash Algorithm (SHA)

Asymmetric Ciphers – “Rivest-Shamir-Adleman” (RSA) Diffie-Hellman (DH) Elliptic Curve Cryptography (ECC) El Gamal

Choosing the Right Tool for the Job

To navigate your way through a bewildering array of claims and counter-claims by rival vendors, you must adopt a systematic approach:

1. What, exactly, is the job?2. Which cryptographic algorithms are used?3. Which configuration options should I choose?4. How are the keys protected?5. What will it cost?6. Has the product been certified?

Configuration Options

The types of configuration options that you must select depend on the cryptographic services that you need.

key size: symmetric ciphers – 128 bits hashes – 160 bits asymmetric ciphers -2300 bits

algorithms – stay with the standards

key storage – external

Follow the guidance! (Federal Register Vol. 74 No. 79, April 27, 2009)

Breach Notification Guidance

PHI may be rendered “… unusable, unreadable, or indecipherable to unauthorized individuals for the purposes of the breach notification requirements …” if it is encrypted according to the specifications listed in the following publications:

FIPS PUB 140-2 Security Requirements for Cryptographic Modules

(Note: All FIPS PUBs can be downloaded free of charge at http://www.itl.nist.gov/fipspubs/)

NIST SP 800-111 Guide to Storage Encryption Technologies for End User Devices

(Note: All NIST Special Publications can be downloaded free of charge at http://csrc.nist.gov/publications/PubsSPs.html)

Breach Notification Guidance (cont)

NIST SP 800-52 Guidelines for the Selection and Use of Transport Layer Security (TLS) Implementations

NIST SP 800-77 Guide to IPsec VPNs NIST SP 800-113 Guide to SSL VPNs

NIST SP 800-66 An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountablilty Act (HIPAA) Security Rule (Note: All NIST Special Publications can be downloaded free of charge at http://csrc.nist.gov/publications/PubsSPs.html)

Choosing the Right Tool for the Job

To navigate your way through a bewildering array of claims and counter-claims by rival vendors, you must adopt a systematic approach:

1. What, exactly, is the job?2. Which cryptographic algorithms are used?3. Which configuration options should I choose?4. How are the keys protected?5. What will it cost?6. Has the product been certified?

Key Management

Key management deals with the generation, distribution and storage of encryption keys.

Generation – Is the process truly random?

Distribution – The access control problem shifts from the PHI to the encryption key.

Storage – The cryptosystem is no stronger than the security used to protect the keys.

Choosing the Right Tool for the Job

To navigate your way through a bewildering array of claims and counter-claims by rival vendors, you must adopt a systematic approach:

1. What, exactly, is the job?2. Which cryptographic algorithms are used?3. Which configuration options should I choose?4. How are the keys protected?5. What will it cost?6. Has the product been certified?

Encryption Cost Factors

There is more to the price of encryption than the cost of the products.

hardware and software costssupport issuesconsulting coststraining costsloss of response time or throughputloss of functionalityadditional personnel

Choosing the Right Tool for the Job

To navigate your way through a bewildering array of claims and counter-claims by rival vendors, you must adopt a systematic approach:

1. What, exactly, is the job?2. Which cryptographic algorithms are used?3. Which configuration options should I choose?4. How are the keys protected?5. What will it cost?6. Has the product been certified?

Product CertificationSeveral organizations test the strength and reliability of information security products, but only the labs designated by the National Institute of Science and Technology (NIST) are qualified to evaluate the validity of cryptographic implementations.

Cryptographic Module Validation Program (CMVP) (http://csrc.nist.gov/groups/STM/cmvp/index.html)

Checks the validity of hardware implementations of cryptographic primitives.

Cryptographic Algorithm Validation Program (CAVP) (http://csrc.nist.gov/groups/STM/cavp/index.html)

Checks the validity of software implementations of cryptographic algorithms.

Questions?