Post on 14-Jun-2015
description
transcript
How to protect data
Terence SpiesCTO
Voltage Security
© 2014 Voltage Security, Inc.
The Big Data Security Paradox
More analysis value
More data
More attacker value
© 2014 Voltage Security, Inc.
How to resolve?
© 2014 Voltage Security, Inc.
© 2014 Voltage Security, Inc.
Big Data Reference Monitors
© 2014 Voltage Security, Inc.
Assumptions
© 2014 Voltage Security, Inc.
In reality….
© 2014 Voltage Security, Inc.
Cryptography
• Assume the reference monitor fails
• Make some careful mathematical assumptions
• So why isn’t every security problem solved?
© 2014 Voltage Security, Inc.
© 2014 Voltage Security, Inc.
-rJ BobI \ c f y: ]
A l ice Q u a n mKey Key
111,o Eve -
C.:E(M,.JQ .' Alice Bob
e,.
-' ·Ciphertext = Encrypt (Ptaintext, Key)Plaintext =Oec1yp1(Ciphe11ext. Key)Ir/!! o•=.,- .
r,..."*-0
-·· AliceCltfp!IO'l"-tloft
. l -
mess,&.ge to Bob 1?
,
Alice
Bob
1...A
cipher text
1{a •channel
9 1 ' n truder
receiver1der
·rpri\oillit kfY
OIAlic&
fpublic key
o1Alice
, 1 ......mes.sage
445 x 444 - unlvers&-revl. .
r·-····-·-·-·-·-·-····,,.._. .._..,_..,_,,_,,_,,_ l
! =- =:.. !+ ,...... l o l!ok' !
' * - " ',.,...luillal(rjft"' . ...._.- *-,,,.,...--,.....
, !
(.;\,
lx0Ak3 . . . ,o$2R
hel10Alice
tAl.JC'£
L \ t.
ftOR
X' ,.
'"ll•tmt t
r
--
Alice Bob
[r
© 2014 Voltage Security, Inc.
© 2014 Voltage Security, Inc.
Data Protection on Model
© 2014 Voltage Security, Inc.
What’s different?
• Keys work differently
– They might not be shared at all
– Key changes might be more expensive
– Transitory data, key rotation = rollover
• Data works differently
– In communication, channel is a wire
– In storage, might want to release properties
• We need to consider the stack…
© 2014 Voltage Security, Inc.
The Stack
© 2014 Voltage Security, Inc.
The Encryption Stack
© 2014 Voltage Security, Inc.
Current Hadoop Efforts
© 2014 Voltage Security, Inc.
• JIRA-6134, JIRA-10150• Per-directory file level encryption
- Enable per-user access control files- Easy to use, good start at protection
Distributed Big Data
• The stack becomes a matrix
– Layers per machine
– How do we protect across?
• The answer is de-identification of data
– Replace the data with a “good enough” substitute
– Minimal value to attackers
– Retain analytic value
© 2014 Voltage Security, Inc.
1:1 De-identification
Name SS# Credit Card # Street Address Zip
Kwfdv Cqvzgk 161-‐82-‐1292 5421 98BT QIRP 6981 2890 Ykzbpoi Clpppn 34984
Veks Iounrfo 200-‐79-‐7127 5587 08MG KYUP 0139 406 Cmxto Osfalu 23495
Pdnme Wntob 095-‐52-‐8683 5348 92VK DEPD 2829 1498 Zejojtbbx Pqkag 93483
Eskfw Gzhqlv 178-‐17-‐8353 4929 43KF PPED 4379 8261 Saicbmeayqw Yotv 02489
Jsm Tbluhm 525-‐25-‐2125 4556 25ZX LKRT 1830 8412 Wbbhalhs Ueyzg 94388
Name SS# Credit Card # Street Address Zip
James Po9er 385-‐12-‐1199 5421 9852 8235 6981 1279 Farland Avenue 77901
Ryan Johnson 857-‐64-‐4190 5587 0806 2212 0139 111 Grant Street 75090
Carrie Young 761-‐58-‐6733 5348 9261 0695 2829 4513 Cambridge Court 72801
Brent Warner 604-‐41-‐6687 4929 4358 7398 4379 1984 Middleville Road 91706
Anna Berman 416-‐03-‐4226 4556 2525 1285 1830 2893 Hamilton Drive 21842
© 2014 Voltage Security, Inc.
De-identification Taxonomy
© 2014 Voltage Security, Inc.
© 2014 Voltage Security, Inc.
Cautions
• Even de-identified data can be re-identifiedin some cases
• Allows correlation, but typically not datarecovery
• Some regs (HIPAA, etc.) containre-identification on guidelines
© 2014 Voltage Security, Inc.
De-identification Methods
• Create a 1:1 map in a database
– Simple in theory
– Problematic in many implementations
• Replication
• Encryption of database (search)
• Hash function
– Almost guaranteed to fail
– “One-way function” != you think it means
© 2014 Voltage Security, Inc.
One idea from 1997…
“Ciphertext (data in encrypted form) bears roughly the same resemblance to plaintext(data in its original form) as a hamburger does to a T-bone steak.”
© 2014 Voltage Security, Inc.
The FPE problem
128 bits
AES
128 bits
CCN (49 bits)
© 2014 Voltage Security, Inc.
One solution….
© 2014 Voltage Security, Inc.
In 2002, a new tool…
© 2014 Voltage Security, Inc.
Basic idea: Luby / Rackoff
• Split the plaintext into a Left and Right half
• Run a series of rounds like so:
Leu ’ = Right
Right’ = Leu + F(Right)
• This Feistel network is almost magic– Probably secure (with the right F)
– Reversible
© 2014 Voltage Security, Inc.
FPE network
© 2014 Voltage Security, Inc.
Standards
• Payment space
– PCI-DSS Tokenization guidelines
– X9.119 part 1 and 2
• Health care
– HIPAA and relatives
• FPE methods
– NIST SP800-38G
– X9.124
© 2014 Voltage Security, Inc.