Computerworld

Spy-proof enterprise encryption is possible, but daunting

Privacy concerns are top of mind in light of revelations about NSA data collection

Data encryption could help enterprises protect their sensitive information against mass surveillance by governments, as well as guard against unauthorized access by ill-intended third parties, but the correct implementation and use of data encryption technologies is not an easy task, according to security experts.

Encryption could limit the ability of law enforcement and intelligence agencies to access data without the knowledge of its owner as it travels over the public Internet or by forcing third-party service providers like hosting or cloud vendors to hand it over under a gag order. However, in order for this to work the data needs to be encrypted at all times, while in transit, while in use and while at rest on servers.

The recent media reports about the electronic surveillance programs run by the U.S. National Security Agency (NSA) have raised privacy concerns among Internet users, civil rights activists and politicians not only in the U.S., but also in Europe, Australia and elsewhere.

While there are still unanswered questions about the methods used by the NSA to collect data as part of its recently exposed Prism program, the information leaked to the media suggests that electronic communications have been gathered en masse for years from Microsoft, Yahoo, Google, AOL, Facebook, PalTalk, Skype, Apple and YouTube.

Some of these companies have already denied that the NSA has direct access to their servers or that they were even aware of this surveillance program before it was mentioned in the press. However, the possibility of the NSA having access, directly or indirectly, to the data stored on servers that belong to U.S. service providers is bound to raise data security concerns within organizations that moved or are considering moving their systems and applications into the cloud.

In general, encryption technologies can be used to limit the scope of data collection by government agencies, according to security experts. Even if governments do have the legal avenues to force companies to decrypt and provide access to their data by using national security orders, subpoenas or other methods, at the very least the use of encryption can allow companies to know when their data is being targeted, they said.

"While all reputable companies will want to comply with the laws of the states in which they do business, encryption can give them full visibility into what is being monitored so that they can be a willing and active partner in government investigations," said Mark Bower, vice president of product management at data protection vendor Voltage Security, via email. "Encryption can mean the difference between full visibility into lawful intercepts, and learning about their data being intercepted by the next big leak in the media."

Encryption is likely to be most effective against upstream data collection efforts, said Matthew Green, a cryptographer and research professor at the Johns Hopkins University Information Security Institute in Baltimore, via email.

The challenge is what kind of encryption to use, Green said. SSL is the most common way to protect data transmitted over the wire and the protocol is actually fairly strong, but SSL keys are relatively small and it's not outside the realm of possibility that an organization like the NSA could obtain these keys at some point, he said.

There is already evidence that the NSA is performing upstream traffic interception on the networks of high-level ISPs that operate Internet backbone infrastructure, as shown by the case of Room 641A, an NSA Internet traffic interception facility located in a AT&T building in San Francisco that was exposed in 2006.

"We have no idea what the NSA can do," Green said. "However it's reasonable to assume that even if they can break modern encryption schemes -- a pretty big assumption -- it's going to be pretty expensive for them to do so. That rules out massive non-targeted eavesdropping on encrypted connections."

The feasibility of breaking SSL encryption is also determined by the different configurations in which the protocol can be used. For example, the Diffie-Hellman -- DHE and ECDHE -- configurations of SSL are much more difficult to tap than the RSA configuration, Green said.

In order for encryption to completely prevent unwanted surveillance, the data must be encrypted throughout its life, said Dwayne Melancon, chief technology officer of IT security firm Tripwire, via email. "If it is in the clear at any point (at rest, in use, or in motion) it could potentially be accessed by others without credentials."

This means that data needs to remain encrypted not only as it travels across the global Internet and passes through routers and servers in different jurisdictions, but also while it's used in real time by applications, as well as when stored for backup purposes.

Ensuring that the private keys used to encrypt the data remain secret at all times is paramount. That's not easy to do when running live applications and hosting databases on cloud servers or when relying on other cloud services.

"If an organization relies on the cloud service provider [CSP] for encryption, the CSP holds the encryption keys," said Steve Weis, chief technology officer at PrivateCore, a company that develops technology for encrypting data during program execution, via email. "The organization has no knowledge or control when someone lawfully attempts to access encrypted data. The organization is blind."

Companies should adopt a "trust no one" model for the management of encryption keys, Melancon said. Private keys should not be shared with anyone else, especially third-party service providers, he said.

Even though there are technologies available that can enable the safe use of encryption when cloud servers are involved, getting everything right and ensuring that there are no errors in the overall implementation can require a lot of resources.

"It can be done, but it takes a lot of forethought, a lot of effort, and the use of true end-to-end encryption will increase your costs," Melancon said. "It may also require you to rewrite applications, or switch providers in order to handle all aspects of end-to-end encryption."

When considering that NSA's primary mission is the gathering of foreign intelligence, companies that are not based in the U.S. should probably be even more concerned about the recent revelations regarding the agency's surveillance efforts.

"If you're a European company dealing in sensitive corporate data, I think you'd be crazy to use a U.S. cloud service," Green said. However, that won't stop companies from doing it, he said.

"A big part of the political scandal in the USA right now is the fact that the NSA is spying on Americans," said Zooko Wilcox-O'Hearn, co-founder of the Tahoe-LAFS project, a distributed, fault-tolerant and encrypted cloud storage system. "However, absent evidence to the contrary, I would assume that the NSA is at least as effective at spying on data in European and other locales as in American locales."

That said, Wilcox-O'Hearn believes that companies should also be concerned about other actors spying on them. Those could include law enforcement, military and intelligence organizations from other countries, as well as organized crime gangs or corrupt employees of telecommunication companies and ISPs, he said.

Banks and other financial organizations, as well as companies from the telecommunications industry, that handle very sensitive data usually prefer to keep it on their servers, under their control, primarily because they need to meet regulatory compliance and can't perform security audits in the cloud, said Sergiu Zaharia, the chief operations officer at Romania-based security consultancy firm iSEC.

Such organizations use encryption to secure the traffic between their different branch offices or between customers and their publicly accessible services, but very few of them encrypt data as it travels through their internal networks, between their own servers, at least in Romania, he said.

Other companies, like small online retailers, that choose to use cloud servers to run applications and store customer data don't care too much about encryption or if they do encrypt the data, they don't care if the service provider has access to their encryption keys because they usually don't perform an advanced enough risk analysis, he said.

"All our customers have highlighted their concern with security issues, especially when it comes to services hosted in a third party location," said Dragos Manac, CEO of Appnor MSP, a provider of managed dedicated servers and cloud computing with infrastructure in both Europe and the U.S., via email. "The current Prism scandal is a major blow for governments, but it also hurts service providers."

As far as government surveillance is concerned, service providers are caught between a rock and a hard place, he said. "Not helping the authorities means you are violating the law. Helping them means you may be violating someone's rights."

There is no reason to believe that the NSA, or anyone else, can crack strong encryption algorithms that have been studied and vetted by scientists, Wilcox-O'Hearn said. "On the other hand, it is easy for a programmer or service provider to implement them incorrectly or for a user to use them incorrectly, in which case it would be possible for anyone who had access to the network traffic to read the data," he said.