Transparent Data Encryption (TDE) – msdn.microsoft.com

Updated: November 23, 2015

Transparent Data Encryption (TDE) encrypts SQL Server and Azure SQL Database data files, known as encrypting data at rest. You can take several precautions to help secure the database such as designing a secure system, encrypting confidential assets, and building a firewall around the database servers. However, in a scenario where the physical media (such as drives or backup tapes) are stolen, a malicious party can just restore or attach the database and browse the data. One solution is to encrypt the sensitive data in the database and protect the keys that are used to encrypt the data with a certificate. This prevents anyone without the keys from using the data, but this kind of protection must be planned in advance.

TDE performs real-time I/O encryption and decryption of the data and log files. The encryption uses a database encryption key (DEK), which is stored in the database boot record for availability during recovery. The DEK is a symmetric key secured by using a certificate stored in the master database of the server or an asymmetric key protected by an EKM module. TDE protects data “at rest”, meaning the data and log files. It provides the ability to comply with many laws, regulations, and guidelines established in various industries. This enables software developers to encrypt data by using AES and 3DES encryption algorithms without changing existing applications.

Encryption of the database file is performed at the page level. The pages in an encrypted database are encrypted before they are written to disk and decrypted when read into memory. TDE does not increase the size of the encrypted database.

Information applicable to SQL Database

When using TDE with SQL Database V12 V12 (Preview in some regions) the server-level certificate stored in the master database is automatically created for you by SQL Database. To move a TDE database on SQL Database you must decrypt the database, move the database, and then re-enable TDE on the destination SQL Database. For step-by-step instructions for TDE on SQL Database, see Transparent Data Encryption with Azure SQL Database.

The preview of status of TDE applies even in the subset of geographic regions where version family V12 of SQL Database is announced as now being in general availability status. TDE for SQL Database is not intended for use in production databases until Microsoft announces that TDE is promoted from preview to GA. For more information about SQL Database V12, see What’s new in Azure SQL Database.

Information applicable to SQL Server

After it is secured, the database can be restored by using the correct certificate. For more information about certificates, see SQL Server Certificates and Asymmetric Keys.

When enabling TDE, you should immediately back up the certificate and the private key associated with the certificate. If the certificate ever becomes unavailable or if you must restore or attach the database on another server, you must have backups of both the certificate and the private key or you will not be able to open the database. The encrypting certificate should be retained even if TDE is no longer enabled on the database. Even though the database is not encrypted, parts of the transaction log may still remain protected, and the certificate may be needed for some operations until the full backup of the database is performed. A certificate that has exceeded its expiration date can still be used to encrypt and decrypt data with TDE.

Encryption Hierarchy

The following illustration shows the architecture of TDE encryption. Only the database level items (the database encryption key and ALTER DATABASE portions are user-configurable when using TDE on SQL Database.

To use TDE, follow these steps.

Create a master key

Create or obtain a certificate protected by the master key

Create a database encryption key and protect it by the certificate

Set the database to use encryption

The following example illustrates encrypting and decrypting the AdventureWorks2012 database using a certificate installed on the server named MyServerCert.

The encryption and decryption operations are scheduled on background threads by SQL Server. You can view the status of these operations using the catalog views and dynamic management views in the list that appears later in this topic.

Backup files of databases that have TDE enabled are also encrypted by using the database encryption key. As a result, when you restore these backups, the certificate protecting the database encryption key must be available. This means that in addition to backing up the database, you have to make sure that you maintain backups of the server certificates to prevent data loss. Data loss will result if the certificate is no longer available. For more information, see SQL Server Certificates and Asymmetric Keys.

The TDE certificates must be encrypted by the database master key to be accepted by the following statements. If they are encrypted by password only, the statements will reject them as encryptors.

Altering the certificates to be password-protected after they are used by TDE will cause the database to become inaccessible after a restart.

The following table provides links and explanations of TDE commands and functions.

The following table shows TDE catalog views and dynamic management views.

Each TDE feature and command has individual permission requirements, described in the tables shown earlier.

Viewing the metadata involved with TDE requires the VIEW DEFINITION permission on the certificate.

While a re-encryption scan for a database encryption operation is in progress, maintenance operations to the database are disabled. You can use the single user mode setting for the database to perform the maintenance operation. For more information, see Set a Database to Single-user Mode.

You can find the state of the database encryption using the sys.dm_database_encryption_keys dynamic management view. For more information, see the “Catalog Views and Dynamic Management Views”section earlier in this topic).

In TDE, all files and filegroups in the database are encrypted. If any filegroups in a database are marked READ ONLY, the database encryption operation will fail.

If a database is being used in database mirroring or log shipping, both databases will be encrypted. The log transactions will be encrypted when sent between them.

Any new full-text indexes will be encrypted when a database is set for encryption. Previously-created full-text indexes will be imported during upgrade and they will be in TDE after the data is loaded into SQL Server. Enabling a full-text index on a column can cause that column’s data to be written in plain text onto the disk during a full-text indexing scan. We recommend that you do not create a full-text index on sensitive encrypted data.

Encrypted data compresses significantly less than equivalent unencrypted data. If TDE is used to encrypt a database, backup compression will not be able to significantly compress the backup storage. Therefore, using TDE and backup compression together is not recommended.

The following operations are not allowed during initial database encryption, key change, or database decryption:

Dropping a file from a filegroup in the database

Dropping the database

Taking the database offline

Detaching a database

Transitioning a database or filegroup into a READ ONLY state

The following operations are not allowed during the CREATE DATABASE ENCRYPTION KEY, ALTER DATABASE ENCRYPTION KEY, DROP DATABASE ENCRYPTION KEY, or ALTER DATABASE…SET ENCRYPTION statements.

Dropping a file from a filegroup in the database.

Dropping the database.

Taking the database offline.

Detaching a database.

Transitioning a database or filegroup into a READ ONLY state.

Using an ALTER DATABASE command.

Starting a database or database file backup.

Starting a database or database file restore.

Creating a snapshot.

The following operations or conditions will prevent the CREATE DATABASE ENCRYPTION KEY, ALTER DATABASE ENCRYPTION KEY, DROP DATABASE ENCRYPTION KEY, or ALTER DATABASE…SET ENCRYPTION statements.

The database is read-only or has any read-only file groups.

An ALTER DATABASE command is executing.

Any data backup is running.

The database is in an offline or restore condition.

A snapshot is in progress.

Database maintenance tasks.

When creating database files, instant file initialization is not available when TDE is enabled.

In order to encrypt the database encryption key with an asymmetric key, the asymmetric key must reside on an extensible key management provider.

Enabling a database to use TDE has the effect of “zeroing out” the remaining part of the virtual transaction log to force the next virtual transaction log. This guarantees that no clear text is left in the transaction logs after the database is set for encryption. You can find the status of the log file encryption by viewing the encryption_state column in the sys.dm_database_encryption_keys view, as in this example:

For more information about the SQL Server log file architecture, see The Transaction Log (SQL Server).

All data written to the transaction log before a change in the database encryption key will be encrypted by using the previous database encryption key.

After a database encryption key has been modified twice, a log backup must be performed before the database encryption key can be modified again.

The tempdb system database will be encrypted if any other database on the instance of SQL Server is encrypted by using TDE. This might have a performance effect for unencrypted databases on the same instance of SQL Server. For more information about the tempdb system database, see tempdb Database.

Replication does not automatically replicate data from a TDE-enabled database in an encrypted form. You must separately enable TDE if you want to protect the distribution and subscriber databases. Snapshot replication, as well as the initial distribution of data for transactional and merge replication, can store data in unencrypted intermediate files; for example, the bcp files. During transactional or merge replication, encryption can be enabled to protect the communication channel. For more information, see Enable Encrypted Connections to the Database Engine (SQL Server Configuration Manager).

FILESTREAM data is not encrypted even when TDE is enabled.

Files related to buffer pool extension (BPE) are not encrypted when database is encrypted using TDE. You must use file system level encryption tools like Bitlocker or EFS for BPE related files.

TDE can be enabled on a database that has In-Memory OLTP objects. In-Memory OLTP log records are encrypted if TDE is enabled. Data in a MEMORY_OPTIMIZED_DATA filegroup is not encrypted if TDE is enabled.

Move a TDE Protected Database to Another SQL ServerEnable TDE Using EKMTransparent Data Encryption with Azure SQL DatabaseSQL Server EncryptionSQL Server and Database Encryption Keys (Database Engine)Security Center for SQL Server Database Engine and Azure SQL DatabaseFILESTREAM (SQL Server)

Original post:
Transparent Data Encryption (TDE) – msdn.microsoft.com

Energy-efficient encryption for the internet of things | MIT News

Most sensitive web transactions are protected by public-key cryptography, a type of encryption that lets computers share information securely without first agreeing on a secret encryption key.

Public-key encryption protocols are complicated, and in computer networks, theyre executed by software. But that wont work in the internet of things, an envisioned network that would connect many different sensors embedded in vehicles, appliances, civil structures, manufacturing equipment, and even livestock tags to online servers. Embedded sensors that need to maximize battery life cant afford the energy and memory space that software execution of encryption protocols would require.

MIT researchers have built a new chip, hardwired to perform public-key encryption, that consumes only 1/400 as much power as software execution of the same protocols would. It also uses about 1/10 as much memory and executes 500 times faster. The researchers describe the chip in a paper theyre presenting this week at the International Solid-State Circuits Conference.

Like most modern public-key encryption systems, the researchers chip uses a technique called elliptic-curve encryption. As its name suggests, elliptic-curve encryption relies on a type of mathematical function called an elliptic curve. In the past, researchers including the same MIT group that developed the new chip have built chips hardwired to handle specific elliptic curves or families of curves. What sets the new chip apart is that it is designed to handle any elliptic curve.

Cryptographers are coming up with curves with different properties, and they use different primes, says Utsav Banerjee, an MIT graduate student in electrical engineering and computer science and first author on the paper. There is a lot of debate regarding which curve is secure and which curve to use, and there are multiple governments with different standards coming up that talk about different curves. With this chip, we can support all of them, and hopefully, when new curves come along in the future, we can support them as well.

Joining Banerjee on the paper are his thesis advisor, Anantha Chandrakasan, dean of MITs School of Engineering and the Vannevar Bush Professor of Electrical Engineering and Computer Science; Arvind, the Johnson Professor in Computer Science Engineering; and Andrew Wright and Chiraag Juvekar, both graduate students in electrical engineering and computer science.

Modular reasoning

To create their general-purpose elliptic-curve chip, the researchers decomposed the cryptographic computation into its constituent parts. Elliptic-curve cryptography relies on modular arithmetic, meaning that the values of the numbers that figure into the computation are assigned a limit. If the result of some calculation exceeds that limit, its divided by the limit, and only the remainder is preserved. The secrecy of the limit helps ensure cryptographic security.

One of the computations to which the MIT chip devotes a special-purpose circuit is thus modular multiplication. But because elliptic-curve cryptography deals with large numbers, the chips modular multiplier is massive. Typically, a modular multiplier might be able to handle numbers with 16 or maybe 32 binary digits, or bits. For larger computations, the results of discrete 16- or 32-bit multiplications would be integrated by additional logic circuits.

The MIT chips modular multiplier can handle 256-bit numbers, however. Eliminating the extra circuitry for integrating smaller computations both reduces the chips energy consumption and increases its speed.

Another key operation in elliptic-curve cryptography is called inversion. Inversion is the calculation of a number that, when multiplied by a given number, will yield a modular product of 1. In previous chips dedicated to elliptic-curve cryptography, inversions were performed by the same circuits that did the modular multiplications, saving chip space. But the MIT researchers instead equipped their chip with a special-purpose inverter circuit. This increases the chips surface area by 10 percent, but it cuts the power consumption in half.

The most common encryption protocol to use elliptic-curve cryptography is called the datagram transport layer security protocol, which governs not only the elliptic-curve computations themselves but also the formatting, transmission, and handling of the encrypted data. In fact, the entire protocol is hardwired into the MIT researchers chip, which dramatically reduces the amount of memory required for its execution.

The chip also features a general-purpose processor that can be used in conjunction with the dedicated circuitry to execute other elliptic-curve-based security protocols. But it can be powered down when not in use, so it doesnt compromise the chips energy efficiency.

They move a certain amount of functionality that used to be in software into hardware, says Xiaolin Lu, director of the internet of things (IOT) lab at Texas Instruments. That has advantages that include power and cost. But from an industrial IOT perspective, its also a more user-friendly implementation. For whoever writes the software, its much simpler.

View original post here:
Energy-efficient encryption for the internet of things | MIT News

Encryption Software Market – Global Forecast to 2022

The encryption software market size is expected to grow from USD 3.87 Billion in 2017 to USD 12.96 Billion by 2022, at a Compound Annual Growth Rate (CAGR) of 27.4%.

The demand for encryption software is likely to be driven by various factors, such as proliferation in the number of cyber-attacks and the stringent government regulations and compliances that mandate the adoption of encryption among various verticals.

The encryption software market has been segmented on the basis of components (solution and services), applications, deployment types, organization sizes, verticals, and regions. The services segment is expected to grow at the highest CAGR during the forecast period and the solution segment is estimated to have the largest market size in 2017 in the market.

Professional services have been widely adopted by organizations, as these services involve expert consulting, support and maintenance, and optimization and training for cybersecurity. However, the managed services segment is expected to grow at the highest CAGR during the forecast period, as managed security vendors provide extensive reporting capabilities for validating the regulatory compliance with internal security policies for the users.

The disk encryption application is estimated to hold the largest market share in 2017. The importance of encrypting a disk is that, if the encrypted disk is lost or stolen, the encrypted state of the drive remains unchanged, and only an authorized user will be able to access its contents. The cloud encryption application is expected to grow at the fastest rate during the forecast period.

Encryption solutions and services have been deployed across various verticals, including Banking, Financial Services, and Insurance (BFSI); aerospace and defense; government and public utilities; healthcare; telecom and IT; retail; and others (manufacturing, education, and media and entertainment). The telecom and IT vertical is expected to grow at the highest CAGR during the forecast period. However, the BFSI vertical is estimated to have the largest market size in 2017.

The global encryption software market has been segmented on the basis of regions into North America, Europe, Asia Pacific (APAC), Middle East and Africa (MEA), and Latin America, to provide a region-specific analysis in the report.

Key Topics Covered:

1. Introduction

2. Research Methodology

3. Executive Summary

4. Premium Insights 4.1 Attractive Opportunities In Encryption Software Market, 2017-2022 4.2 Encryption Software Market, Share Of Top 3 Applications And Regions, 2017 4.3 Encryption Software Market, By Service, 2017-2022 4.4 Encryption Software Market, By Professional Services, 2017 4.5 Encryption Software Market, By Deployment Type, 2017-2022 4.6 Encryption Software Market, By Organization Size, 2017-2022 4.7 Market Investment Scenario, 2017-2022

5. Market Overview 5.1 Introduction 5.2 Market Dynamics 5.2.1 Drivers 5.2.1.1 Growing Concern Over Critical Data Loss In On-Premises Environment 5.2.1.2 Exploitation Of Big Data Analytics Poses Risk To Cloud Environment 5.2.1.3 Regulations To Increase Adoption Of Encryption Solutions 5.2.2 Restraints 5.2.2.1 Lack Of Budget For Adopting Best-In-Class Encryption Solutions 5.2.2.2 Lack Of Awareness About Encryption And Performance Concerns Among Enterprises 5.2.3 Opportunities 5.2.3.1 Surge In Demand For Integrated, Cloud-Based Encryption Solutions Among Smes 5.2.3.2 Large-Scale Adoption Of Encryption Solutions In Bfsi Vertical 5.2.4 Challenges 5.2.4.1 Complexities In Management Of Encryption Keys 5.2.4.2 Lack Of Skilled Workforce Among Enterprises 5.3 Regulatory Implications 5.3.1 Payment Card Industry Data Security Standard 5.3.2 Health Insurance Portability And Accountability Act 5.3.3 Federal Information Security Management Act 5.3.4 Sarbanes-Oxley Act 5.3.5 Gramm-Leach-Bliley Act 5.3.6 Federal Information Processing Standards 5.3.7 General Data Protection Regulation 5.4 Innovation Spotlight 5.5 Use Cases 5.5.1 Large-Scale Adoption Of Email Encryption By Financial Organizations In The Uk 5.5.2 Adoption Of Encryption Solution By A Clinical Research Company 5.5.3 Reliance Of Small And Medium Financial Companies On Data Encryption 5.5.4 Large-Scale Adoption Of Encryption By It And Telecom Company 5.5.5 Need For Best-In-Class Encryption Solutions For Government Sector In Canada 5.5.6 Healthcare Vertical Relying On Cloud-Based Encryption Solutions 5.6 Type Of Encryption Algorithms 5.6.1 Data Encryption Standard 5.6.2 Advanced Encryption Standard 5.6.3 Triple-Des 5.6.4 Blowfish Algorithm 5.6.5 Homomorphic Encryption 5.6.6 Rsa 5.6.7 Diffie-Hellman Key Exchange 5.6.8 Quantum Cryptography 5.6.9 Post Quantum Cryptography

6. Encryption Software Market Analysis, By Component 6.1 Introduction 6.2 Solution 6.2.1 Types Of Data Encrypted 6.2.1.1 Data At Rest 6.2.1.2 Data In Transit 6.2.1.3 Data In Use 6.2.2 Types Of Encryption 6.2.2.1 Symmetric Encryption 6.2.2.2 Asymmetric Encryption 6.2.3 Key Management 6.3 Services 6.3.1 Professional Services 6.3.1.1 Support And Maintenance 6.3.1.2 Training And Education 6.3.1.3 Planning And Consulting 6.3.2 Managed Services

7. Encryption Software Market Analysis, By Application 7.1 Introduction 7.2 Disk Encryption 7.3 File/Folder Encryption 7.4 Database Encryption 7.4.1 Application-Level Encryption 7.4.2 Database-Level Encryption 7.5 Communication Encryption 7.5.1 Voice Encryption 7.5.2 Email Encryption 7.5.3 Instant Messaging Encryption 7.6 Cloud Encryption

8. Encryption Software Market Analysis, By Deployment Type 8.1 Introduction 8.2 On-Premises 8.3 Cloud

9. Encryption Software Market Analysis, By Organization Size 9.1 Introduction 9.2 Large Enterprises 9.3 Small And Medium-Sized Enterprises

10. Encryption Software Market Analysis, By Vertical 10.1 Introduction 10.2 Banking, Financial Services, And Insurance 10.3 Aerospace And Defense 10.4 Healthcare 10.5 Government And Public Utilities 10.6 Telecom And It 10.7 Retail 10.8 Others

11. Geographic Analysis

12. Competitive Landscape

13. Company Profiles

For more information about this report visit https://www.researchandmarkets.com/research/ggnh82/encryption?w=5

Media Contact:

Laura Wood, Senior Manager press@researchandmarkets.com

For E.S.T Office Hours Call +1-917-300-0470 For U.S./CAN Toll Free Call +1-800-526-8630 For GMT Office Hours Call +353-1-416-8900

U.S. Fax: 646-607-1907 Fax (outside U.S.): +353-1-481-1716

View original content:http://www.prnewswire.com/news-releases/encryption-software-market—global-forecast-to-2022-300618670.html

SOURCE Research and Markets

http://www.researchandmarkets.com

See more here:
Encryption Software Market – Global Forecast to 2022

The Best Encryption Software – TopTenReviews

Key Features to Look for When Buying Encryption Software?

PerformanceIf your encryption software is difficult to use, you may not use it at all. The programs we reviewed are simple and intuitive, particularly Folder Lock and Secure IT they both guide you through the encryption and decryption processes step by step. Secure IT integrates with Windows, so all you have to do is right-click on a file and choose to encrypt it in the menu.

We found that programs typically compress files as they encrypt them, though only to a small degree for example, from 128MB down to 124MB. It can make a difference when you encrypt large data files, so programs that protect and compress are preferable.SecurityEncryption software uses different types of ciphers to scramble your data, and each has its own benefits. Advanced Encryption Standard, or 256-bit key AES, is used by the U.S. government, including the National Security Agency (NSA), and is one of the strongest ciphers available. Blowfish and Twofish, the latter being a newer version of the former, are encryption algorithms that use block ciphers they scramble blocks of text or several bits of information at once, rather than one bit at a time.

The main differences between these algorithms are performance and speed, and the average user wont notice those disparities. Although any of these ciphers could be broken given enough time and computing power, they are considered practically unbreakable. AES has long been recognized as the superior algorithm, so we preferred programs that use it.Version CompatibilityIf your computer runs an older version of Windows, such as Vista or XP, make sure the encryption program supports your operating system. On the flip side, you need to make sure you choose software that has changed with the times and supports the latest versions of Windows, like 7, 8 and 10.

While all the programs we tested are compatible with every version of Windows, we feel that SensiGuard is a good choice for older computers because it only has the most essential tools and wont bog down your PC. Plus, it is easy to move to a new computer if you choose to upgrade. However, it takes a while to encrypt and decrypt files.

If you have a Mac computer, you need a program that is designed specifically for that operating system none of the programs we tested are compatible with both Windows and Mac machines. We believe Concealer is the best option for Macs, but Espionage 3 is also a good choice.

Mac encryption software doesnt have as many extra security features as Windows programs. They typically lack virtual keyboards, self-extracting file creators and password recovery tools. Mac programs also take a lot more time to secure files compared to Windows software.

Continued here:
The Best Encryption Software – TopTenReviews

File-Based Encryption | Android Open Source Project

Android 7.0 and later supports file-based encryption (FBE). File-basedencryption allows different files to be encrypted with different keys that canbe unlocked independently.

This article describes how to enable file-based encryption on new devicesand how system applications can be updated to take full advantage of the newDirect Boot APIs and offer users the best, most secure experience possible.

Warning: File-based encryption cannotcurrently be used together with adoptable storage. On devices usingfile-based encryption, new storage media (such as an SD card) must be used astraditional storage.

File-based encryption enables a new feature introduced in Android 7.0 called DirectBoot. Direct Boot allows encrypted devices to boot straight to the lockscreen. Previously, on encrypted devices using full-diskencryption (FDE), users needed to provide credentials before any data couldbe accessed, preventing the phone from performing all but the most basic ofoperations. For example, alarms could not operate, accessibility services wereunavailable, and phones could not receive calls but were limited to only basicemergency dialer operations.

With the introduction of file-based encryption (FBE) and new APIs to makeapplications aware of encryption, it is possible for these apps to operatewithin a limited context. This can happen before users have provided theircredentials while still protecting private user information.

On an FBE-enabled device, each user of the device has two storage locationsavailable to applications:

This separation makes work profiles more secure because it allows more than oneuser to be protected at a time as the encryption is no longer based solely on aboot time password.

The Direct Boot API allows encryption-aware applications to access each of theseareas. There are changes to the application lifecycle to accommodate the need tonotify applications when a users CE storage is unlocked in response tofirst entering credentials at the lock screen, or in the case of work profileproviding aworkchallenge. Devices running Android 7.0 must support these new APIs andlifecycles regardless of whether or not they implement FBE. Although, withoutFBE, DE and CE storage will always be in the unlocked state.

A complete implementation of file-based encryption on an Ext4 file system isprovided in the Android Open Source Project (AOSP) and needs only be enabled ondevices that meet the requirements. Manufacturers electing to use FBE may wishto explore ways of optimizing the feature based on the system on chip (SoC)used.

All the necessary packages in AOSP have been updated to be direct-boot aware.However, where device manufacturers use customized versions of these apps, theywill want to ensure at a minimum there are direct-boot aware packages providingthe following services:

Android provides a reference implementation of file-based encryption, in whichvold (system/vold)provides the functionality for managing storage devices andvolumes on Android. The addition of FBE provides vold with several new commandsto support key management for the CE and DE keys of multiple users. In additionto the core changes to use the ext4 Encryptioncapabilities in kernel many system packages including the lockscreen and theSystemUI have been modified to support the FBE and Direct Boot features. Theseinclude:

* System applications that use the defaultToDeviceProtectedStoragemanifest attribute

More examples of applications and services that are encryption aware can befound by running the command mangrep directBootAware in theframeworks or packages directory of the AOSPsource tree.

To use the AOSP implementation of FBE securely, a device needs to meet thefollowing dependencies:

Note: Storage policies are applied to a folder and all of itssubfolders. Manufacturers should limit the contents that go unencrypted to theOTA folder and the folder that holds the key that decrypts the system. Mostcontents should reside in credential-encrypted storage rather thandevice-encrypted storage.

First and foremost, apps such as alarm clocks, phone, accessibility featuresshould be made android:directBootAware according to DirectBoot developer documentation.

The AOSP implementation of file-based encryption uses the ext4 encryptionfeatures in the Linux 4.4 kernel. The recommended solution is to use a kernelbased on 4.4 or later. Ext4 encryption has also been backported to a 3.10 kernelin the Android common repositories and for the supported Nexus kernels.

The android-3.10.y branch in the AOSP kernel/common git repository mayprovide a good starting point for device manufacturers that want to import thiscapability into their own device kernels. However, it is necessary to applythe most recent patches from the latest stable Linux kernel (currently linux-4.6)of the ext4 and jbd2 projects. The Nexus device kernels already include many ofthese patches.

Note that each of these kernels uses a backport to 3.10. The ext4and jbd2 drivers from linux 3.18 were transplanted into existing kernels basedon 3.10. Due to interdependencies between parts of the kernel, this backportbreaks support for a number of features that are not used by Nexus devices.These include:

In addition to functional support for ext4 encryption, device manufacturers mayalso consider implementing cryptographic acceleration to speed up file-basedencryption and improve the user experience.

FBE is enabled by adding the flagfileencryption=contents_encryption_mode[:filenames_encryption_mode]to the fstab line in the final column for the userdatapartition. contents_encryption_mode parameter defines whichcryptographic algorithm is used for the encryption of file contents andfilenames_encryption_mode for the encryption of filenames.contents_encryption_mode can be only aes-256-xts.filenames_encryption_mode has two possible values: aes-256-ctsand aes-256-heh. If filenames_encryption_mode is not specifiedthen aes-256-cts value is used.

Whilst testing the FBE implementation on a device, it is possible to specify thefollowing flag:forcefdeorfbe=”

This sets the device up with FDE but allows conversion to FBE for developers. Bydefault, this behaves like forceencrypt, putting the device intoFDE mode. However, it will expose a debug option allowing a device to be putinto FBE mode as is the case in the developer preview. It is also possible toenable FBE from fastboot using this command:

This is intended solely for development purposes as a platform for demonstratingthe feature before actual FBE devices are released. This flag may be deprecatedin the future.

The generation of keys and management of the kernel keyring is handled byvold. The AOSP implementation of FBE requires that the devicesupport Keymaster HAL version 1.0 or later. There is no support for earlierversions of the Keymaster HAL.

On first boot, user 0s keys are generated and installed early in the bootprocess. By the time the on-post-fs phase of initcompletes, the Keymaster must be ready to handle requests. On Nexus devices,this is handled by having a script block:

Note: All encryption is based on AES-256 inXTS mode. Due to the way XTS is defined, it needs two 256-bit keys; so ineffect, both CE and DE keys are 512-bit keys.

Ext4 encryption applies the encryption policy at the directory level. When adevices userdata partition is first created, the basic structuresand policies are applied by the init scripts. These scripts willtrigger the creation of the first users (user 0s) CE and DE keys as well asdefine which directories are to be encrypted with these keys. When additionalusers and profiles are created, the necessary additional keys are generated andstored in the keystore; their credential and devices storage locations arecreated and the encryption policy links these keys to those directories.

In the current AOSP implementation, the encryption policy is hardcoded into thislocation:

It is possible to add exceptions in this file to prevent certain directoriesfrom being encrypted at all, by adding to the directories_to_excludelist. If modifications of this sort are made then the devicemanufacturer should include SELinux policies that only grant access to theapplications that need to use the unencrypted directory. This should exclude alluntrusted applications.

The only known acceptable use case for this is in support of legacy OTAcapabilities.

To facilitate rapid migration of system apps, there are two new attributes thatcan be set at the application level. ThedefaultToDeviceProtectedStorage attribute is available only tosystem apps. The directBootAware attribute is available to all.

The directBootAware attribute at the application level is shorthand for markingall components in the app as being encryption aware.

The defaultToDeviceProtectedStorage attribute redirects the defaultapp storage location to point at DE storage instead of pointing at CE storage.System apps using this flag must carefully audit all data stored in the defaultlocation, and change the paths of sensitive data to use CE storage. Devicemanufactures using this option should carefully inspect the data that they arestoring to ensure that it contains no personal information.

When running in this mode, the following System APIs areavailable to explicitly manage a Context backed by CE storage when needed, whichare equivalent to their Device Protected counterparts.

Each user in a multi-user environment gets a separate encryption key. Every usergets two keys: a DE and a CE key. User 0 must log into the device first as it isa special user. This is pertinent for DeviceAdministration uses.

Crypto-aware applications interact across users in this manner:INTERACT_ACROSS_USERS and INTERACT_ACROSS_USERS_FULLallow an application to act across all the users on the device. However, thoseapps will be able to access only CE-encrypted directories for users that arealready unlocked.

An application may be able to interact freely across the DE areas, but one userunlocked does not mean that all the users on the device are unlocked. Theapplication should check this status before trying to access these areas.

Each work profile user ID also gets two keys: DE and CE. When the work challengeis met, the profile user is unlocked and the Keymaster (in TEE) can provide theprofiles TEE key.

The recovery partition is unable to access the DE-protected storage on theuserdata partition. Devices implementing FBE are strongly recommended to supportOTA using A/B system updates. Asthe OTA can be applied during normal operation there is no need for recovery toaccess data on the encrypted drive.

When using a legacy OTA solution, which requires recovery to access the OTA fileon the userdata partition:

To ensure the implemented version of the feature works as intended, employ themany CTS encryption tests.

Once the kernel builds for your board, also build for x86 and run under QEMU inorder to test with xfstest by using:

In addition, device manufacturers may perform these manual tests. On a devicewith FBE enabled:

Additionally, testers can boot a userdebug instance with a lockscreen set on theprimary user. Then adb shell into the device and usesu to become root. Make sure /data/data containsencrypted filenames; if it does not, something is wrong.

This section provides details on the AOSP implementation and describes howfile-based encryption works. It should not be necessary for device manufacturersto make any changes here to use FBE and Direct Boot on their devices.

The AOSP implementation uses ext4 encryption in kernel and is configured to:

Disk encryption keys, which are 512-bit AES-XTS keys, are stored encryptedby another key (a 256-bit AES-GCM key) held in the TEE. To use this TEE key,three requirements must be met:

The auth token is a cryptographically authenticated token generated byGatekeeperwhen a user successfully logs in. The TEE will refuse to use the key unless thecorrect auth token is supplied. If the user has no credential, then no authtoken is used nor needed.

The stretched credential is the user credential after salting andstretching with the scrypt algorithm. The credential is actuallyhashed once in the lock settings service before being passed tovold for passing to scrypt. This is cryptographicallybound to the key in the TEE with all the guarantees that apply toKM_TAG_APPLICATION_ID. If the user has no credential, then nostretched credential is used nor needed.

The secdiscardable hash is a 512-bit hash of a random 16 KB filestored alongside other information used to reconstruct the key, such as theseed. This file is securely deleted when the key is deleted, or it is encryptedin a new way; this added protection ensures an attacker must recover every bitof this securely deleted file to recover the key. This is cryptographicallybound to the key in the TEE with all the guarantees that apply toKM_TAG_APPLICATION_ID. See the KeystoreImplementer’s Reference.

Continued here:
File-Based Encryption | Android Open Source Project

Encryption – 2018 News, Articles and Trends – Tom’s IT Pro

Refine Also By Tag: , Article Type: , Author: ,

Tag:

Article Type:

Author:

March 1, 2016 in News

Echoworx, primarily known for its OneWorld email encryption platform, announced today that it will bring the OneWorld platform to the AWS cloud. Read More

July 15, 2015 in News

Although security has been top of mind for Salesforce for years, the company is stepping up its game with the introduction of Salesforce Shield, a new set of security and compliance features that support the Salesforce1 Platform. Read More

April 30, 2015 in Feature

While many organizations are looking to take advantage of the cloud, data security remains a top concern. However, effective data protection and strong encryption in the cloud is possible and available through a number of cloud solutions. Read More

April 23, 2015 in Feature

While mobile devices, such as laptops, notebooks and portable drives, offer unique benefits to both employees and employers, there are some security risks to consider. Here’s how hard disk encryption solutions for these mobile devices can help. Read More

March 17, 2015 in Feature

Public Key Infrastructure (PKI) is a popular encryption and authentication approach used by both small businesses and large enterprises. Here’s how PKI is used today and how you can implement it in your organization. Read More

February 11, 2015 in News

As intelligence services worldwide debate the value of consumer- and enterprise-controlled encryption that do not contain backdoors for the spies, vendors are introducing a plethora of encryption offerings designed to pique corporate interests. Read More

January 21, 2015 in Feature

Encryption key management is a necessary component of effective data protection. Let’s examine some challenges and considerations when it comes to selecting the right key management solution as well as some options available today. Read More

November 26, 2014 in Feature

Today’s enterprises utilizing wireless networking are adopting WiFi with WPA2 and Protected Management Fames to keep their organizations secure. Here are the deployment options for implementing WPA2-Enterprise. Read More

See original here:
Encryption – 2018 News, Articles and Trends – Tom’s IT Pro

Beyond Encryption | Secure Enterprise email using existing …

Secure recorded delivery and response

Mailock employs a unique process allowing you to authenticate the identity of your intended recipient before granting them access; only when they have proven their identity to you is access permitted to any of the message content.

We call this ‘Identity Assured Communication’.

But being able to read your secure emails is only half of the story; with Mailock, your customers are also able to reply securely, thus ensuring that conversations containing sensitive details remain protected, secure and private.

We know that it is important to reach your audience so Mailock has been designed to allow just that. Whether your customer reads your secure email in a web browser, on a mobile device or from within their existing desktop email system, we have all the bases covered.

Using a unique light touch registration and challenge process, Mailock allows your customers to authenticate their identity and read your secure email within seconds of receiving it.

Mobile Apps for iPhone and Android and plug-ins for email programs such as Microsoft Outlook and Apple Mail are all freely available for download from the App Stores and our website to create a truly easy to use and integrated user experience.

The storage location and control of confidential customer data is crucial to organisations seeking to meet regulatory requirements. With Mailock, your encrypted email data may be held in data stores owned and managed by you and our unique challenge process allows you to control when this data is released and to whom.

The Mailock system is free to all recipients and consumers of the service are encouraged to link their Mailock identity to both business and personal email addresses. Through return data, this provides a ground-breaking opportunity to assist in the maintenance of your important contact data meaning that you need never lose the ability to stay in touch with your customers again.

At Mailock, we know that regulatory compliance is of paramount importance to your business and its customers and we have designed the system so that it may be readily integrated with your incumbent systems.

Contact us for further details of how this may be achieved with your existing tools and processes.

We all have a duty to reduce our carbon footprint and Mailock offers an unprecedented opportunity to cut cost whilst improving operating efficiencies and reducing emissions.

Every secure Mailock message delivered provides you, the business user, with a targeted marketing message opportunity. Contact us for further details of how Mailock can spread the word for your business and enhance your promotional activities.

Visit link:
Beyond Encryption | Secure Enterprise email using existing …

Azure Search enterprise security: Data encryption and user …

Enterprise security requires a comprehensive approach for defense in depth. Effective immediately, Azure Search now supports encryption at rest for all incoming data indexed on or after January 24, 2018, in all regions and SKUs including shared (free) services. With this announcement, encryption now extends throughout the entire indexing pipeline from connection, through transmission, and down to indexed data stored in Azure Search.

At query time, you can implement user-identity access controls that trim search results of documents that the requestor is not authorized to see. Enhancements to filters enable integration with third-party authentication providers, as well as integration with Azure Active Directory.

All indexing includes encryption on the backend automatically with no measurable impact on indexing workloads or size. This applies to newly indexed documents only. For existing content, you have to re-index to gain encryption. Encryption status of any given index is not visible in the portal, nor available through the API. However, if you indexed after January 24, 2018, data is already encrypted.

In the context of Azure Search, all aspects of encryption, decryption, and key management are internal. You cannot turn it on or off, manage or substitute your own keys, or view encryption settings in the portal or programmatically. Internally, encryption is based on Azure Storage Service Encryption, using 256-bit AES encryption, one of the strongest block ciphers available.

Go here to read the rest:
Azure Search enterprise security: Data encryption and user …

Skype finally getting end-to-end encryption | Ars Technica

Since its inception, Skype has been notable for its secretive, proprietary algorithm. It’s also long had a complicated relationship with encryption: encryption is used by the Skype protocol, but the service has never been clear exactly how that encryption was implemented or exactly which privacy and security features it offers.

That changes today in a big way. The newest Skype preview now supports the Signal protocol: the end-to-end encrypted protocol already used by WhatsApp, Facebook Messenger, Google Allo, and, of course, Signal. Skype Private Conversations will support text, audio calls, and file transfers, with end-to-end encryption that Microsoft, Signal, and, it’s believed, law enforcement agencies cannot eavesdrop on.

Presently, Private Conversations are only available in the Insider builds of Skype. Naturally, the Universal Windows Platform version of the appthe preferred version on Windows 10isn’t yet supported. In contrast, the desktop version of the app, along with the iOS, Android, Linux, and macOS clients, all have compatible Insider builds. Private Conversations aren’t the default and don’t appear to yet support video calling. The latter limitation shouldn’t be insurmountable (Signal’s own app offers secure video calling). We hope to see the former change once updated clients are stable and widely deployed.

We’ve criticized Skype’s failure to provide this kind of security in the past. Skype still has valuable features, such as its interoperability with traditional phone networks and additional tools for TV and radio broadcasters. But its tardiness at adopting this kind of technology left Skype behind its peers. The adoption of end-to-end security is very welcome, and the decision to do so using the Signal protocol, rather than yet another proprietary Skype protocol, marks a change from the product’s history.

Although Skype remains widely used, mobile-oriented upstarts like WhatsApp and Facebook Messenger rapidly surpassed it. Becoming secure and trustworthy is a necessary development, but whether or not it’s going to be sufficient to reinvigorate the application is far from clear.

Read more here:
Skype finally getting end-to-end encryption | Ars Technica

FBI chief says phone encryption is a ‘major public safety issue’

Wray urged the private sector to work with the government in finding “a way forward quickly,” insisting that the FBI isn’t interested in peeking into ordinary citizens’ devices. The bureau just wants access to the ones owned by suspects. That pretty much echoes Comey’s position during his time — if you’ll recall the FBI asked tech titans to create a backdoor into their software and phones in order to give authorities a way to open them during investigations. Apple chief Tim Cook said the request had “chilling” and “dangerous” implications, warning that companies wouldn’t be able to control how that backdoor is used.

Wray told the audience at the event that authorities face an increasing number of cases that rely on electronic evidence. He doesn’t buy companies claims that it’s impossible to find a way for encryption to be more law enforcement-friendly, so to speak. Not that the FBI can’t do anything if it absolutely has to: when Apple refused to cooperate with authorities to unlock the San Bernardino shooter’s iPhone, the agency paid a third party almost a million to get the job done.

Read more:
FBI chief says phone encryption is a ‘major public safety issue’