thales effective key management data in motion sb

4
www.thales-esecurity.com Effective Key Management for Encryption of Data In Motion Concern over the protection of data in motion given today’s environment of increased cloud computing adoption and converged voice/video/data traffic has significantly contributed to the growth of the data encryption market. Strong, certified encryption is available from many solution providers, and over the years the technology has evolved from niche and difficult to implement, to mainstream and relatively straightforward to implement. Encryption algorithms and key lengths are an important aspect of a solution to ensure proper protection based on data sensitivity, but there is arguably an even more important aspect that is often overlooked or not given enough scrutiny: the key management system. Protection of data in motion is much like protecting an automobile. A sophisticated car alarm can be implemented complete with audible alarms, electronic notifications, GPS tracking functions, and even engine shutdown capabilities. But the security solution is rendered useless if the keys to the car are easy to duplicate or easily accessible. Similarly, the encryption of data in motion is only as strong as the physical and logical lifecycle management of the keys used to lock and unlock the data. Lifecycle key management refers to the many additional aspects to managing keys that surround the functions of encryption and decryption and are critical to maintaining the security of keys. These include key generation, distribution, storage (including backup and recovery), rotation, revocation and eventual destruction. Only through ensuring sound and effective lifecycle key management can an encryption solution be effective in protecting data against the multitude of threats that can be encountered as it travels through physical and virtual pathways to its final destination. Comprehensive key lifecycle management ensures confidentiality and integrity for data in motion Tamper-resistant hardware and dedicated administration for security functions provide high assurance protection from internal and external threats Efficient key distribution methods optimize overall network performance and scalability

Upload: franz-liszt

Post on 18-Sep-2015

215 views

Category:

Documents


1 download

DESCRIPTION

Effective

TRANSCRIPT

  • www.thales-esecurity.com

    Effective Key Management for Encryption of Data In Motion

    Concern over the protection of data in motion given todays environment of increased cloud computing adoption and converged voice/video/data traffic has significantly contributed to the growth of the data encryption market. Strong, certified encryption is available from many solution providers, and over the years the technology has evolved from niche and difficult to implement, to mainstream and relatively straightforward to implement. Encryption algorithms and key lengths are an important aspect of a solution to ensure proper protection based on data sensitivity, but there is arguably an even more important aspect that is often overlooked or not given enough scrutiny: the key management system. Protection of data in motion is much like protecting an automobile. A sophisticated car alarm can be implemented complete with audible alarms, electronic notifications, GPS tracking functions, and even engine shutdown capabilities. But the security solution is rendered useless if the keys to the car are easy to duplicate or easily accessible. Similarly, the encryption of data in motion is only as strong as the physical and logical lifecycle management of the keys used to lock and unlock the data. Lifecycle key management refers to the many additional aspects to managing keys that surround the functions of encryption and decryption and are critical to maintaining the security of keys. These include key generation, distribution, storage (including backup and recovery), rotation, revocation and eventual destruction. Only through ensuring sound and effective lifecycle key management can an encryption solution be effective in protecting data against the multitude of threats that can be encountered as it travels through physical and virtual pathways to its final destination.

    Comprehensive key lifecycle management ensures confidentiality and integrity for data in motion

    Tamper-resistant hardware and dedicated administration for security functions provide high assurance protection from internal and external threats

    Efficient key distribution methods optimize overall network performance and scalability

  • >> Effective Key Management for Encryption of Data In Motion

    2

    Advantages of Dedicated Hardware Encryption for Key Generation and Storage

    The fundamental security in the key generation process stems from the ability to create completely unpredictable or random keys. If the process used to generate keys is not truly random, new keys can be predicted from knowledge of previous keys or information about the key generation process itself. Embedded (software-based) encryption techniques utilize deterministic software algorithms to generate pseudo-random numbers in the key generation process. As the name implies, pseudo-random numbers are not truly random numbers and represent a fundamental security flaw in this approach. Another fundamental flaw of the embedded encryption concerns the storage of keys. Dedicated hardware encryption devices store keys within a FIPS-certified hardware boundary that, when tampered with, can revoke and/or destroy the keys automatically. Since embedded encryption solutions do not have the physical protection methods that hardware solutions offer, they are unable to provide the level of protection for key storage and for key destruction that hardware security solutions can provide. Another advantage of dedicated hardware solutions involves secure administration. Network devices are often managed by multiple network administrators using common administrative credentials. With embedded encryption solutions, security functions are integrated into the management system for the network and access to critical key material is available to anyone who is issued these shared credentials. Shared credentials are often rarely changed and remain active over periods where administrators change job functions or leave an organization. Further, private key material is sometimes written down and stored for convenience as opposed to security. Using the car security analogy, this is similar to announcing that the keys to your car are stored in a small metal container under the front fender. Another consideration of embedded software encryption techniques is performance. Firewalls, switches, and other networking devices were designed with their respective single purpose functions in mind. Adding software encryption and associated key management functionality to these devices constrain their ability to perform their original functions as they are burdened by the processor-intensive functions required to encrypt and decrypt each and every packet of data. And, in addition to the limited performance capabilities of embedded encryption, requiring network administrators as opposed to security personnel to handle sensitive functions including key generation, storage, and revocation functions violates the separation of duties commonly required as an information security best practice. In summary, these networking-oriented devices offer bolt-on encryption functions that can never match the performance, key management, and overall system security that dedicated hardware cryptographic solutions deliver.

    Layer 2 Key Distribution Methods Layer 2 hardware encryption devices distribute/deploy keys using a variety of methodologies. In point-to-point implementations, key distribution is fairly straightforward simply because it requires an exchange between two devices on a physical or virtually segmented link. In multipoint mode however, architectures are diverse and certain key distribution methods have greater benefits than others based on these diverse architectures. The key distribution method that Thales Datacryptors employ utilizes a single group key deployment, equally effective for both small point-to-point networks as well as a large-scale, widely dispersed, multipoint mesh architectures. Redundancy and failover to assure high availability are other important aspects to a layer 2 data in motion security solution and the Datacryptors single group key implementation accommodates a wide latitude of deployments, taking into account architectures that include large-scale multipoint networks operating as a single flat entity or segmented by physical groups or virtual groups. Because Thales Datacryptors employ a single group key methodology, supporting multipoint to multipoint architectures has minimal memory and processing impact and is most advantageous for scaling, configuration, and management of the network (see Figure 1). Some alternative solutions instead distribute key pairs for every two communicating devices (Figure 2). Although every device has connectivity with each other, there is a requirement to deploy and provide lifecycle management for multiple sets of keys. This method imposes memory and processing requirements on each device within the multipoint network because each device must retain a table that maps each key pair with each device on the network. The larger the multipoint network, the larger the mapping tables, the greater the constraints on memory and processing, and the greater increase in key material-related traffic. All of these factors can combine to cause a significantly negative impact on the ability to rekey

  • >> Effective Key Management for Encryption of Data In Motion each and every encryption device on a multipoint network. Thales Datacryptors use a single group key within a multipoint to multipoint deployment (Figure 1), offering the cleanest, most efficient, and most easily scalable method for key distribution.

    Figure 1 Figure 2 Multipoint network using Multipoint network using the group key method. the key pair method.

    Since Datacryptors have the ability to handle multiple keys and segmentation of networks by VLAN, logical segmentation of a large multipoint to multipoint network (Figure 3) is possible. This is important for customers who have multiple sites and might want to virtually separate them. Additionally, this technique can be used to separate different types of data (e.g., voice, video, and other data) and use different keys for each. Logical segmentation using different keys provides significant flexibility by enabling multiple sites to be connected on a single network yet logically segmented from each other based on VLAN and encryption keys. Using multiple keys and VLANs, a backup server can be employed to ensure all logical segments of the network have an automatic failover backup key server. Although an example of two VLANs is depicted in Figure 3, Datacryptors can support numerous simultaneous VLANs. In addition to logical network segmentation, large-scale deployments will benefit architecturally from a combination of both physical and logical separation of networks. Because Thales employs the group key method for key distribution, there is minimal impact on the Datacryptor processor because only one key is used for each group and there is no need to maintain tables that map large numbers of key pairs to end devices. There is also less impact on network performance since only a minimal amount of key-related traffic is generated. Group keys do not require multiple key sets as can be seen in Figure 4 when using the key pair method. As illustrated in Figure 4, which depicts only a single network segment, paired keys impose greater processing requirements and generate more traffic on the network to handle multiple key exchanges. With regards to scaling, the complexity grows exponentially with extremely large networks and some solutions require an external hardware device just to satisfy the key functions. Encryption solutions that require additional hardware to satisfy the inefficiencies of their key management solutions introduce additional cost, additional points of failure, and additional maintenance. Thales Datacryptors use group keys to reduce hardware, reduce traffic, reduce complexity, and enhance scalability.

    Key #1

    Figure 3 Multipoint to Multipoint Single Group Key

    Encryptor andKey Server Function

    Key #1

    Key #1

    Key #1

    Key #1

    Key #1

    Key Pairs(1,2) (1,3) (1,4)

    (1,5) (1,6)

    Key Pairs(1,2) (1,3) (1,4)

    (1,5) (1,6)

    Key Pairs(1,2) (1,3) (1,4)

    (1,5) (1,6) Key Pairs(1,2) (1,3) (1,4)

    (1,5) (1,6)

    Key Pairs(1,2) (1,3) (1,4)

    (1,5) (1,6)

    Key Pairs(1,2) (1,3) (1,4)

    (1,5) (1,6)

    Figure 4 Multipoint to Multipoint using Key Pairs

    Encryptor andKey Server Function

  • >> Effective Key Management for Encryption of Data In Motion

    T

    hale

    s e-

    Secu

    rity.

    Sep

    tem

    ber 2

    012

    Figure 3 Figure 4 Virtual segmentation of a multipoint network Virtual segmentation of a multipoint network using the group key method. using the key pair method.

    Thales Datacryptors Dedicated Hardware Encryption with Enhanced Key Management Datacryptors are standalone hardware devices designed solely for the purpose of effective key management together with the encryption of data at the highest levels of performance. Starting at the beginning of the key lifecycle, Thales Datacryptors provide for the generation of truly random numbers in certified, tamper-resistant hardware. Unlike pseudo-random numbers generated by embedded solutions, Datacryptors utilize FIPS 140-2 Level 3 hardware for truly random number generation, ensuring that key material cannot be predicted or cracked using knowledge of the generation techniques. Datacryptors use key rotation techniques that are programmable based on the unique security requirements of a user organization. Programmable key rotation provides additional security, allowing administrators to specify how often new key material is generated and distributed. And, since Datacryptors are standalone encryption devices, there is no need to allow network administrators access to the devices, which provides for complete separation of duties between security and network administration functions and assists in optimizing security audits. In addition to the separation of functions, the equipment can be physically segmented from non-security related networking equipment, providing for further physical protection. Should the equipment be physically compromised, Datacryptors automatically eliminate/destroy key material ensuring that data is neither transmitted nor received in the event of such an attack. Although there are many solutions on the market that are able to provide easy-to-implement encryption algorithms, key management can be the single most vulnerable component to your data in motion encryption solution. Security is serious business and requires an attention to detail that only single-purpose, hardware security solutions like Datacryptor can offer. Key generation, distribution, storage, backup, recovery, rotation, revocation and destruction functionality requires careful consideration when selecting an encryption solution. With comprehensive security at the highest levels of performance, Thales Datacryptors meet the requirements for a best in class encryption and key management data in motion security solution that todays networks require.

    About Thales e-Security Thales e-Security is a leading global provider of data protection solutions. With a 40-year track record of protecting the most sensitive corporate and government information, Thales encryption and key management solutions are an essential component of any critical IT infrastructure. Thales makes it easy to enhance the security of software-based business applications and reduce the cost and complexity associated with the use of cryptography across the enterprise and out to the cloud. In addition to the Datacryptor products described in this brief, Thales e-Security offers a broad range of data protection products including general purpose hardware security modules (HSMs), payment HSMs and high assurance key management. To learn more, please visit http://www.thales-esecurity.com

    Key #1, VLAN 1Key #2, VLAN 2

    Figure 5 Multipoint to Multipoint Logical Separation with Backup Key Server

    Encryptor andKey Server Function

    Encryptor andBackup Key Srvr

    Key #1, VLAN 1Key #2, VLAN 2

    Key #1, VLAN 1

    Key #2, VLAN 2

    Key #2, VLAN 2

    Key #1, VLAN 1

    Figure 6 Multipoint to Multipoint Logical Separation with Paired Keys

    Encryptor andKey Server Function

    VLAN 1 Key Pairs(1,2) (1,3) (1,4) VLAN 2 Key Pairs

    (1,5) (1,6)

    VLAN 1 Key Pairs(2,1) (2,3) (2,4)

    VLAN 2 Key Pairs(6,1) (6,5)

    VLAN 2 Key Pairs(5,1) (5,6)

    VLAN 1 Key Pairs(3,1) (3,2) (3,4)

    VLAN 1 Key Pairs(4,1) (4,2) (4,3)

    Thales e-Security

    Americas: 2200 North Commerce Parkway, Suite 200, Weston, Florida 33326 Tel: +1 888 744 4976 or +1 954 888 6200 Fax: +1 954 888 6211 E-mail: [email protected] Asia Pacif ic: Unit 4101, 41/F, 248 Queens Road East, Wanchai, Hong Kong Tel: +852 2815 8633 Fax: +852 2815 8141 E-mail: [email protected] Europe, Middle East, Africa: Meadow View House, Long Crendon, Aylesbury, Buckinghamshire HP18 9EQ Tel: +44 (0)1844 201800 Fax: +44 (0)1844 208550 E-mail: [email protected]