Support Center

Operating Modes

Last Updated: May 29, 2018 10:57PM PDT
This article explains SSProtect data confidentiality and related options so you can provision system services to best suit your unique needs.

Overview
SSProtect was designed to manage and protect sensitive data, maintaining integrity and high availability (:Recover) while protecting against unauthorized access (:Access) and disclosure (:Confidential). Backed by fine-grained, secure auditing (:Assess) and monitoring (Honeypots) enhanced by event analysis (:Respond) and disaster recovery (:xRecovery), this unified set of scalable services reduces data breach impact and operational disruptions without reliance on existing or future IT applications and/ or infrastructure.

Symmetric and Asymmetric Cryptography
Proper/ secure key management presents one of the greater challenges associated with data protection. Encryption algorithms utilize encryption and decryption keys (among other inputs) for data confidentiality. Symmetric cryptography uses a single key for encryption and decryption, whereas asymmetric cryptography uses different keys, most often in the form of a public and private key pair.

SSProtect utilizes these primitives to isolate and distribute cryptographic materials, which can complicate attacker motives. When done properly, this can be a highly effective method for increasing protective posture, though it is only one aspect of a much more complex problem.


Encryption Modes
Encryption algorithms are plentiful and come in many forms, some using different operating modes - for example Cipher Block Chaining (CBC), Electronic Codebook (ECB), Galois/Counter Mode (GCM), to name a few (symmetric). Operating mode are designed for specific purposes, and present various tradeoffs - in some cases shortcomings that render practical use ineffective.

Traditional encryption was not specifically designed to combine host-based computing with cloud-based service offerings, and even still encryption alone is not sufficient for complete data protection. SSProtect delivers a platform of patented* methods that combine the power, flexibility, and effectiveness of distributed computing together with innovation in cryptographic primitives to maintain business continuity in the face of today's inevitable data breach dynamics.

Generic Composition
Generic Composition (as applied to Cryptography, not poetry) is a name given to the act of combining two or more individual cryptographic algorithms to achieve additive results. 
Though it may seem practical to link encryption, authentication, and/ or integrity protection in a serial fashion, one must take care to avoid violating essential assumptions and requirements lest end results suffer deficiencies not obvious outside the realms of cryptographic experts.

This has proven to be historically significant and problematic, and we've seen standards bodies suffer limitations as a direct result. SSL/ TLS, IPsec, and SSH have, for example, each suffered direct and specific limitations that have since been addressed with adjustments to the way these considerations are managed.


In-Place Encryption and Protection
SSProtect hides management details to simplify use and operation, allowing you to retain focus on your business rather than take on the daunting tasks associated with key management and/ or integrated cryptographic operation. Our patented* data security methods deliver application-independence and continuous protection while maintaining protective control over content while it's in-use. The foundation for these integrated services is referred to as In-Place Encryption and Protection.

Encryption alone is insufficient for protecting data, and though we often refer to this mechanism using the shorter form, In-Place Encryption, we are always making reference to the combined set of security services that together increase data protection while also removing end-use burdens associated with traditional endpoint encryption software.


AES-128/ 256
SSProtect encrypts end-user content using the Advanced Encryption Standard (AES), and by default uses a 128-bit key. Use the Licensing and Components interface to enable AES-256, when required, though note that AES-256 is only available when using :Recover (since it operates on the cloud-portion of the encryption method - more below).

AES-256 has been observed to take as much as 40% more overhead than AES-128, though with SSProtect it can be as little as 15% (depending on your environment and hardware). Research indicates that certain side-channel attacks on AES-256 can reduce its' effectiveness to that of AES-128 or even less. The theory behind this is interesting to some, boring to others, important for all, yet not particularly significant in most cases. Because of the way SSProtect manages cryptographic offloading (see below), AES-256 is most often chosen when required by standards.

Cipher Block Chaining
SSProtect uses AES in a modified cipher block chaining (CBC) mode. AES-CBC breaks source data into blocks and encrypts (or decrypts) each in succession. With AES-CBC, the output from one block operation provides an input for the next block operation, chaining them together. This creates a contiguous encrypted (or decrypted) result. AES-CBC uses a single Key and a unique Initialization Vector to encrypt and decrypt data.

Cryptographic Offloading
SSProtect offloads aspects of cryptographic operation to remote (cloud) servers. Servers operate in closely monitored and strictly maintained environments less exposed to intrusion than most business computing resources. Cryptographic offloading increases key management facilities and thus protection, else keys would be limited to host computing equipment where encrypted content is stored. In such a case, even if host keys are, "protected", attacker host compromise exposes host keys, providing access to, "protected" content.

Offloading not only isolates and protects sensitive decryption keys, but also serves as a central point of control in support of precise, accurate auditing, secure data sharing, secure data backup/ restore, disaster recovery, and disclosure analysis - features exposed by modular and scalable/ optional system components.

Double Encryption
To properly utilize remote servers (in the cloud), the software first encrypts source material at the host while storing the host encryption key locally. This insures that the cloud service layer never has access to plaintext material. There are many cloud encryption solutions on the market today, and not all of them (surprisingly few) encrypt data before transporting it to the cloud. SSL/TLS alone does not address this issue, since the receiving end acquires content in the same form supplied at the host. As such, content in plaintext form - if even briefly - becomes a point of opportunity for malicious insiders and attackers. This is a prevalent point of weakness addressed by first encrypting host content, then uploading.

As noted before, storing decryption keys with encrypted content offers little practical protection. SSProtect uploads the encrypted file to remote servers (in the cloud) then performs another encryption operation using an independent server key. This key is kept on the remote server (in the cloud) while the double-encrypted result is returned for storage on the host.

When data is later accessed, :Access manages the request using 2-factor authentication before providing decryption keys to the host. This inhibits impersonation (i.e. an attacker pretending to be an authorized user with use of a stolen password, for example).

NOTE: Hybrid Conversion is now the preferred method for :Recover operation, though both Modes are available and supported. See below for more.

Ineffectiveness of Login Gates
Though 2FA is offered by some providers, SSProtect applies 2FA to every privileged request rather than unlocking a sensitive archive of data with a single 2FA-enabled Login operation. This latter approach only serves to open an archive for long-term access, which exposes content to attackers lying in wait. For a real-world example, with an attacker statement on this very reality, see our review of The Hacking Team breach.

Optimized Offloading
SSProtect
 provides an alternative mode of operation - Optimized Offloading - to increase performance when :Recover is not being used. This approach utilizes a modified Cipher Block Chaining mode of AES to encrypt blocks on the host while at the same time partially offloading block encryption to remote servers. The first block is always double server(cloud)-encrypted, and from there individual blocks can also be offloaded to the cloud to provide a random distribution of host/ server participation. This minimizes the amount of data transfer and also reduces the need for complete redundant encryption while retaining the advantage of server-isolated keys (with respect to the host where encrypted content is stored).

Why not upload the file and encrypt once? We do not permit service provider access to your plaintext material, since no amount of procedural control or sandboxing will stop a malicious insider at all times. The only suitable path is to make sure your plaintext data isn't available in the cloud, which remains a fundamental and ongoing requirement for managed data.

Hybrid Conversion
Starting with v7.2, Hybrid Conversion replaces Double Encryption as the preferred method for Conversion. Details are proprietary, and nearly double the performance of Double Encryption while achieving nearly constant isolation independent from all system dynamics - including the authorization (and revocation) of Third Party Trusts, Organization peer membership, and global secondary indexing associated with KODiAC Provider Server Set connectivity.
 

Integrity Protection
SSProtect
utilizes encryption as part of its' protective proposition. Because protected content retains flexible use, it will be exposed to malice and corruption. AES Decryption, alone, can detect some data modification, but not all. As such, with ordinary AES encryption/ decryption, it's quite possible to open a corrupted file and never know it. In fact, corruption in these terms is not always observable.

SSProtect integrates HMAC-SHA512 into the core mechanism used for data protection, providing assurances that data integrity has been retained. This is a configurable setting that can be adjusted in the License and Components interface, available when using :Recover. When enabled, if you attempt to access a protected file that has been corrupted or modified, the operation fails, protecting you against malice and/ or corruption.

Overriding Integrity Protection for Troubleshooting
You can override Integrity Protection failures to access plaintext content by enabling the override in the Account Configuration dialog (Individual Accounts) or Administer Users display (Organization Accounts). Override only applies when performing a Release Protection operation, and always requires that you choose whether to proceed or abort (by responding to a prompt so you have absolute insight that corruption has been found).

Integrity Override changes for Individual Accounts are temporary, valid only for the duration of a single SSProtect Login Session. Overrides for Organization Users are configured for each specific Account, however remain in effect until disabled.

NOTE: Use this feature with caution, and never continue forward with content accessed after an Integrity Check failure, since it will be corrupted even if not observable. Contact a DefiniSec Representative for details.


Performance and Flexibility
Optimized Offloading is by far the better performing mechanism. You can in fact configure the system to dynamically switch from Double Encryption to Optimized Offloading when target files transcend a certain size threshold. Configure these options using the Account Configuration display accessible from the notification icon's context menu. There you can set the threshold and choose to automatically switch from Double Encryption to Optimized Offloading, deny the dynamic switch altogether, or ask to be prompted to decide on the fly. When this mechanism is disabled, you can also set a high-limit threshold for encryption operation, failing when target file sizes exceed the limit you configure. This can help when managing :Recover Quota limits.

IMPORTANT: Don't forget that Optimized Offloading will NOT keep a backup copy of your protected content, thus you will not be able to utilize :Recover to retrieve any file instance you choose to protect with Optimized Offloading. This may be OK for certain circumstances, which is when the Prompt option for dynamic switching may be more suitable.

Shared Conversion
When sharing content between two Accounts, Conversion Modes may not be the same. Starting with v7.2 of the software, all shared, managed re-encryption utilizes Optimized Offloading. This will be adjusted in the (near) future to utilize the Conversion Mode of the original content owner.

As such, when using :Recover, shared content is not available for Restore. However, upon receipt of managed/ modified data, the original owner only needs to execute a managed open/ close operation, at which point the modified data will be server-retained for future Restoration.

These states can be enumerated using the :Confidential Files Version display: Line items (which represent individual Versions) will have a non-zero size when they are stored in the server (cloud) Archive. Restoration is available when the Restore button is enabled.


Summary
Effective use of encryption together with access control can provide a suitable barrier against challenging attack dynamics. Isolated encryption is not enough, and when cryptographic offloading is introduced to an already effective integrated solution, capability rises to levels suitable for the most advanced threats known today. SSProtect offers these capabilities with options - Double Encryption for those that want the convenience of backup and restore, Optimized Offloading for those who have more stringent performance requirements, and the ability to switch between the two on-demand while incorporating Data Integrity validation.

*Intellectual Property Disclosure
In-Place Encryption and Protection, cryptographic offloading techniques, and other critical aspects of SSProtect, KODiAC, and its' components are protected by U.S. Patent No. 9,961,048: A system and associated software for providing advanced data protections in a defense-in-depth system by integrating multi-factor authentication with cryptographic offloading.

 

This article was updated w/ v7.2 of the :Foundation Client

Contact Us

ed5301d112e75fde24d469c55568f50b@definisec.desk-mail.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete