Tim Waggett Befine Solutions AG - The Cryptshare Company

Tim Waggett
Befine Solutions AG - The Cryptshare Company
Building L27, London Road Campus, Reading University
Reading, Berkshire, RG1 5AQ
Tel.: +44 800 088 7225
Mobile: +44 7977 009 547
Skype: twaggett
E-Mail: Tim.Waggett@cryptshare.com
Internet: http://www.cryptshare.com
1
Communication solutions from all manufacturers are composed of the same building
blocks.
Available modules include: encryption algorithms and procedures for transport and
storage, transport protocols and authentication method.
The variety of possible combinations and the resulting bundles from each
manufacturer, are very similar and therefore very difficult to compare. Complexity,
scope of service, security level and price vary widely, depending on the manufacturer
and marketing messages often obscure the real value to users.
This presentation discusses the essential building blocks from which products are
assembled and highlights their advantages and disadvantages.
Thus it is a tool to identify the right solution for the right application or use case.
Note: there is no perfect product for a company, there are only suitable or unsuitable
solutions for specific uses.
2
3
So what would we consider are the key requirements of an ideal solution?
Intuitive operation: requirement for all secure communication and for all use cases.
People of all ages, professions and with different IT knowledge must be able to
operate a solution.
Availability: Regular E-Mail - available. Internet connection - available. Telephone available. Encrypted E-mail? Differentially available. The solution should be available
for sender and receiver or at least be easy and fast to make available.
Suitable for all content: E-mails and files. Files are becoming more frequent and
larger and often contain the actual confidential data. High-resolution images, videos,
CAD files, database extracts, support information, contracts and reports.
Inexpensive: For sender and receiver. Costs for the user especially with external
participants are a hurdle that hampers widespread use of technologies. For external
communication partners, the solution should be free.
Secure / Confidential: Content must be protected from eavesdropping, unwanted
scrutiny and modification on the go.
Authenticity: It must be ensured that the sender and receiver are genuine and the
message is not forged (spoofing, phishing etc.)
Control over content: Testing for malware, data leakage prevention, archiving in the
DMZ should be possible.
Communication is auditable: It should be possible to show who, when, what content
has been shipped and who, when this content was received and read, by whom, if
unauthorized persons gained access or have tried this. In addition it should be
retroactively possible to examine whether the received is the same content as was
sent (i.e. whether content has been changed in transit or afterwards).
If all conditions are met: user acceptance and compliance achieved - the ideal
solution!
4
Most commonly used: E-mail.
E-mail is an old and established standard. It is not from a single manufacturer, but a
standard protocol in the Internet. It works across the products of different
manufacturers (MS Exchange, IBM Notes, Gmail….)
Manufacturers of these e-mail solutions have extended the features of e-mail, e.g. by
search functions, resubmission, folder structures, highlight colour, office assistant,
etc., and created real value for users.
E-mail is available on PC, browser, smartphones, tablets, etc.. One can say that it is
universally available and accepted.
Result: excellent distribution in a business environment, excellent distribution in the
personal sphere.
Maximum user acceptance - full marks in this area. Users try to handle everything as
far as possible by e-mail, if they can.
5
But:
But e-mail comes from the university environment and was not designed for business
use.
E-mail applications have evolved considerably, but the standard itself is about 30
years old, and has not evolved much.
This results in three key problems in using e-mail for electronic business
communication:
No audit trail:
You can see when an email was sent, but from then on you are blind.
Your message runs an unpredictable way from A to B via a chain of e-mail servers that
can be distributed around the world.
It is not clear which way they went, ultimately, whether it was read, copied or
manipulated on the way.
Not suitable for big files:
The most obvious problem for users.
Size limits in your own e-mail system, at the provider or the recipient can prevent
6
delivery.
Shift to alternatives for transporting large files are often adventurous from the
perspective of security and cost time.
Potential consequences: loss of time, loss of data, loss of reputation, frustration
among users.
Not secure:
E-mail protocol provides no encryption of data in transit. Thus, there is no protection
against spying and manipulation.
Authenticity of e-mail senders and recipients cannot be verified.
6
Classical solution to make email more secure:
S / MIME and PGP.
Both solutions re quite old. The problem of lack of security was recognized early, but
not fully resolved yet and the distribution of S / MIME and PGP even after more than
20 years is rather low (availability aspect). Why? Cost, complexity and ad hoc use.
Asymmetric encryption algorithm, what is this?
Each participant needs a pair of keys (public and private keys) that have a
mathematical dependence: Everything that has been encrypted with the public key
can be made readable again only with the associated private key. (So-called “trapdoor
function”: different keys must be used for encryption and decryption. Data encrypted
using the public key cannot be decrypted with the same key!)
The Issue:
All participants must obtain key pairs (self-generated in case of PGP or obtained from
a Certification Authority in case of S / MIME) which means effort and cost.
All participants must have their private keys integrated in their e-mail system (effort,
cost, know-how required) and these must protected their private key against spying
(permanent effort e.g. when changing PCs and risk: compromised private key allows
all communication secured with this key pair readable).
All participants will need to obtain the public keys of their communication partner
and place it in their e-mail program, so that they can encrypt/decrypt their emails
and digital transmissions.
All participants must provide their own public key to all their communication partners
7
The method can be used in two ways.
Option 1: End-to-End
In the press, this method treated as the solution to all problems since the Snowden
affair in 2013.
Approach: user personally have key pairs and manage them personally in their local
e-mail client software.
Advantage:
Secure communication between sender and receiver across all mail servers that may
forward the message. Inexpensive or even free to implement.
Disadvantages:
• Handling is up to the users personally and is too complex for the majority of users.
• Limited number of existing communication partners already using S/MIME or PGP.
• Encrypted communication goes via the company's mail server, but no checks can
be made for malicious code, no data leakage prevention, no storage, or archive
etc. It is problematic for individual users and hard in the business.
8
Business-ready version of S / MIME and PGP:
Site-to-end or site-to-site
• A gateway solution is used in the DMZ of the company.
• Employees do not have to work with keys, but Gateway solution takes over the
management of keys and encrypts and decrypts at the interface between the
company and the outside world.
Benefits:
• Secure transmission of messages (encryption and digital signature are possible).
• Content can be checked in the DMZ (malicious code, DLP, Archiving etc.)Solution is
completely transparent for end users (no know-how of IT security required, no
security perception).
Cons
• Relatively expensive to purchase and maintain (efforts and costs for key
management remain, but are shifted centrally on the administrator).
• No control over the ROI - the solution can be used only if both sides use S / MIME
or PGP, so the company has no control over whether and when the investment
creates value.
• Relatively rarely used (one can not assume that a new communication partner
uses S / MIME or PGP).
• Disadvantages of the transport medium E-mail will continue to apply, ie:
• Routing path via provider and a chain of mail servers (many potential points
of attack)
• No transport for large files (PGP encrypts according to the configuration file
9
so attachments are not encrypted), these often contain actually
confidential information.
• Meta-data is not encrypted  Subject of next slide.
9
Why is it a problem when meta-data is sent unencrypted with e-mail?
Unencrypted meta-data are: E-mail address sender, e-mail address Recipient, Subject
of the message
If an attacker scans the encrypted e-mail traffic between two communication
partners over a prolonged period, they may obtain information about the subject the
two partners communicate about. This information can be used for a social
engineering attack. The attacker uses the knowledge gained to create a fake trusted
identity (e.g., an employee of the communication partner) and tries to get more
information about the transaction in question. Also extortion using the information
obtained is a common scenario.
Employees who blindly trust that a technical solution somehow makes their
communications safe are far more susceptible than employees with an awareness of
Security and their own responsibility for this subject to such attacks.
10
Conclusion:
S/MIME and PGP are suitable if many messages are to be exchanged with relatively
few communication partners (e.g. with the a small number of core suppliers).
Not suitable for ad-hoc communications with changing contacts (e.g. end-users such
as customers or advisers).
Restrictions:
Interoperability (limited distribution, sometimes compatibility problems between
different S/MIME and PGP implementations)
Security (meta-data unencrypted, some PGP implementations do not encrypt file
attachments).
No security awareness among users, thus higher risk of social engineering.
No solution for large files but often make the actually relevant part of the
communication.
Next slide  What do companies do to exchange large files?
11
What do companies do for traditional exchange of large files? Set up an FTP server!
The image is deliberately chosen. (Anybody young enough to not know what this is?
An IBM PC)
• FTP is a veteran of the Internet.
• Similar age to email.
• No manufacturer, but standard protocol.
• Some manufacturers have supplemented FTP by a series of functions.
• There are many products and services built around FTP technologies.
Next slide  However there are some common criteria across all products using FTP.
12
Properties of FTP:
Positive:
• The server is in the DMZ and the sender and receiver must log on to the system
and communicate directly with the server.
• Good traceability (all read and write accesses can be logged with date, IP and
username).
• Content can be archived, scanned for viruses and other contents.
• Full control over the data (can be deleted at any time, change, etc.).
Neutral:
• User experience is not exemplary. It is similar to a file explorer. Users can find their
way around, because the logic is similar, but the user experience is not up to date.
The visibility of folders created curiosity (click to external folder).
• FTP uses its own protocol and its own port which is by default is not necessarily
opened by default in the firewalls of most companies so availability is not
guaranteed.
Negative:
• FTP only transfers files, no messages (not a solution to all content).
13
• Security low is low (see slides).
13
Risk of a data graveyard:
• FTP servers quickly create a large pool of information that are stored unencrypted.
• Sender and receiver of files often do not know whether files are still needed or can
be deleted or even forget that information is still available on the FTP server.
• Access rights and responsibilities with respect to the data are not obvious.
• The result often is a "data graveyard", which is a cherished target for attackers.
Next slide  So how do you make FTP more secure? Using S-FTP
14
There are ways to make secure FTP: S-FTP
Similar to S/MIME certificates are used, thereby additional to the benefits of FTP:
• Encryption for the transport of files is added.
• Secure user authentication using certificates becomes possible.
However, features are comparable to S/MIME or PGP, therefore
• Requires pre-assigned credentials so ad hoc use is limited
• High implementation complexity
Restrictions:
• S-FTP secures only the transport of data, not storage
• S-FTP can move large files, but no messages, so is not a solution for all content. In
order to transmit confidential messages with business partners and large files, a
combination of S/MIME + S-FTP would be needed.
15
Well suited for machine-machine communication.
• Example: retail chain develops central products master data such as part numbers
and prices which are fixed or variable and need to automatically distribute to all
markets. Here the cost of the one-time implementation is justifiable. Users are not
confronted with the user interface of the system. It can automatically and safely
transfer data, calculate checksums, and the data can be deleted automatically from
the server after processing.
But unsuitable for human users because:
• Risk data Cemetery as with FTP
• Requires user credentials are created and managed for access.
• Inadequate security for data that stay longer on the system.
• Poor user experience.
Next slide  So how can users exchange large files?
16
These solutions are easily adopted by individuals, but they fall outside good corporate
governance and security unless chosen by policy which is rare as the costs become
vey high very fast. There are many cloud based solutions to choose from, some
known (Dropbox, Box, iCloud, G-Cloud) others less so.
Security level varies depending on the manufacturer:
• Customer has no technical control over the data. The cloud provider can read,
copy, distribute or modify data without the customer being able to prevent this
technically. There are only legal agreements to prevent this.
• The encryption level varies. For the transport usually an HTTPS connection is used.
The security level of the https implementation varies.
• Encryption quality of stored data varies varies. Some providers store the keys
together with the data, which creates a backdoor for government authorities,
employees and successful attackers.
(Edward Snowden is the best example of an employee who acted against his
employer (an NSA subcontractor) abusing data and information gained from NSA IT
systems.
• Some services require the storage of personal data (name, e-mail address,
telephone number) in the cloud, which is problematic according to the privacy
rights of some countries. In Germany, for example the customer would then be
required to audit the cloud provider regarding compliance with German data
protection law.
• Many cloud services use user accounts with name and password.
Next slide: Why can user accounts using name and password be a security risk?
17
What is wrong user accounts with username and password:
A hacker needs two pieces of information for a successful attack: username and
password. If the Username is the email address, the username is very easy to obtain
or guess and the first hurdle is quickly overcome.
Users are often lazy in terms of security and use the same password for many
accounts - Amazon, Facebook, cloud service. If the password of one of these services
is compromised, an attacker could try to use it elsewhere. If also the login name is
identical to the email address, the attack is easy.
Even if different passwords are used for different accounts, password reset functions
may pose a risk. The examples here show that e-mail accounts are often cracked and
are a popular entry point for attacks. A hacker that has hacked an e-mail account
could attempt to log in to a cloud service, requesting a reset of the password. A new
password (or reset link) would be sent to the hacked email account that he has
access to. Thus he can gain access to all the data in the user account on the cloud
service.
Therefore a two-factor authentication is recommended, e.g. by means of a code
generator such an iPhone app that allows each device from which the user account
should be used to be authorized once. Apple, Google, Facebook and Co. do this
already and set a good example, even if this is only optional.
Since cloud services carry the risk of becoming a "data graveyard", there is also a risk,
18
of a large amount of confidential data falling into the hands of a successful attacker.
18
Systematic misuse.
Form:
http://export.gov/build/groups/public/@eg_main/@advocacy/documents/webconte
nt/eg_main_065991.pdf
Video: https://www.youtube.com/watch?v=KmSnMW1pgoM
The US Advocacy Center provides industrial espionage on request (using the form
shown above) for US companies. The following links show the activities of the US
Secret Service. The NSA is mentioned exemplary.
Placing confidential data on servers that are subject to the jurisdiction and the access
of countries that use this approach is highly negligent?
It is not just the bad guys changing the game. If we have things of value in our
economy then there are those who aim to tilt the game away from us.
These links represent US policy, others are less public.
19
• Cloud Services achieve a very high user acceptance with good usability.
• They represent a very simple solution for sharing large files. However, at present
no cloud service transmits e-mails, so again a solution that does not transport all
content.
Restrictions:
It is necessary to consider what data you store on cloud services. Your data should be
classified and a policy should existing defining which classes of data may go into the
cloud and which may no.
E.g.: There should be no problem to transfer image data for a newspaper but In
research or design data from product innovations, however, would be at risk.
The effective protection of the data depends on the technical protection measures of
the provider AND the terms and conditions of the provider AND the privacy rights in
the country in which the data is stored. So it is very difficult to determine how high
the effective risk is.
There is no technical control over the data once they are stored on a cloud service.
The provider can do with it whatever he wants and cover their tracks as desired.
There is, if at all, only a legal recourse. Basically, there is a risk of a "data cemetery",
i.e. a large memory of potentially confidential data outside the sovereignty of the
20
company.
20
Ad-hoc solutions combine many advantages of the methods discussed. They can be
used with any communication partners. Ad-hoc means without installing any
software, without prior procurement and installation of encryption certificates,
without special training and sometimes even without creation of user accounts.
The server is operated in the enterprise DMZ. similar to FTP / S-FTP resulting in some
advantages:
• Control over the data, since it is not stored outside the company.
• The ability to check content for malware and unwanted content and to archive.
• Control of the security level, e.g. the actuality of SSL security settings, password
requirements etc.
• Other than e-mail, the data is not routed via a number of servers that are not
under your control reducing the number of potential points of attack to a
minimum.
• Direct connection of all users to the server allows logging of all upload and
download operations with names, IP addresses and times.
• Some ad-hoc services handle not only files but also e-mail messages and are
suitable for all content.
• The user experience is usually at the same level as that of cloud services. There
are modern, attractive web frontends used but can also be adapted to the
company's own corporate design.
• By using https transport protocol, a very high interoperability is achieved. Almost
every business is able to conduct https uploads and downloads, all browsers and
devices can handle it adding to mobility.
• Some manufacturers allow the use directly from the email workflow, either by
integration in the e-mail client (MS Outlook or IBM Notes) or by involving as e-mail
gateway solution. Many S/MIME PGP gateways have an additional ad-hoc module,
which is always used when attachments are too large to send by e-mail or the
21
The security level of the solutions varies by manufacturer:
• The transportation is generally encrypted via https, however, an https connection
to a corporate server requires periodic security checks and a good vulnerability
management.
• The encryption level of data storage on the server varies depending on the
manufacturer. Some manufacturers do not encrypt, some with a key per volume or
per user, some use individual keys for each transfer operation.
• Some solutions use classical user accounts (name and password) for
authentication - here the statements made above apply with respect to security.
Some use X.509 certificates or one-time keys per transfer process that are not
technically saved, but separately exchanged between the users.
Disadvantage of ad hoc solutions:
• The responsibility for the operation and safety lies with the company operating.
Here the relevant know-how must be purchased or built up.
• Therefore the solution should be efficient in terms of the efforts and expenses for
installation and maintenance. easy to install and operate ensure that the solution
is interpreted in terms of the resulting installation and operating expenses
22
efficiently.
22
For regular/mass exchange of data with few contacts (eg. 500 e-mails a day with two
different partners) ad hoc solutions are not suitable.
23
User acceptance is not due to usability alone. A solution that is easy to use, but does
not offer added value to the user, is still in danger of being ignored by users. Only if
additional added value for the user is achieved (e.g., the ability to send large files via
email or to have more control over the communication) significantly increases user
acceptance. E-mail programs have already achieved a lot here. It make sense to build
on that.
Education of employees is important. Technical solutions alone do not achieve any
security, if employees do not understand the meaning and risks. A solution should
provide a safety control mechanism without additional effort for the user to remain
safe.
24
Some advantages of Cryptshare:
• Highly secure.
• Controlled routing of files and emails.
• Perfect forward secrecy.
• All content scanned for malware.
• Strong password system with protection at all stages.
• No user accounts so no stolen private keys.
• All transfers deleted after a specified time. So there is no "data graveyard“.
• All activities are logged on the server Cryptshare, incl. the IP addresses used.
• Sender will be informed about the successful delivery of their transfers, non
delivery and the attempted attacks with an incorrect password.
25
The Outlook plugin provides a simple button and intuitive process to initiate a secure
email and/or file transfer.
26
The browser can you be used by your staff but is also the customer facing page where
emails and files will be retrieved.
The recipient does not need to be pre-registered, they do not require a user names
and login and they do not have to install any software.
Your recipients can also send you information through this page without the need for
a license so Cryptshare is truly adhoc and bi-directional.
27
Usability and User Experience:
E-mail is the communication solution with the highest user acceptance. Cryptshare
integrates into existing email clients (Outlook, IBM Notes) and works explicitly on a
button or rule-based, in the background.
Cryptshare can transmit encrypted e-mails and attachments of any size (inbound and
outbound). All transfers are logged comprehensible for the user and the
administrator and documented status messages. The high degree of user acceptance
of e-mail is maintained and even increased.
Availability:
To use Cryptshare, only an internet connection and an email address is needed. No
software to install, no certificates, no user accounts, no special know-how. The
solution uses a self-explanatory web interface and guides the user in simple steps
through the encrypted communication process.
For users who regularly work with Cryptshare, optional is an MS Outlook or IBM
Notes integration. The e-mail integration can be installed with a few mouse clicks no
extra cost to external communication partner. The configuration is done centrally via
policies on your Cryptshare server.
Inexpensive:
For companies, the acquisition of Cryptshare is inexpensive. Installation of the system
can be done in one working day. The management requires a minimum of fuss. There
is no user management. Files are automatically cleaned up. The Cryptshare server is
supplied as an appliance that is centrally managed.
Security/Confidentiality:
28
• Data is exchanged via server owned and operated by the company. Thus, no
routing path over a number of other systems exists and the number of attack
points is reduced to a minimum.
• The traffic between users and the Cryptshare server is secured via https.
Cryptshare allows the use of perfect forward secrecy, the highest safety standard
in establishing https connections.
• On the server Cryptshare all contents are checked for malicious code before being
stored encrypted. An archiving interface is on the roadmap for 2015.
• To encrypt the transfer, a password is manually assigned or automatically
generated by the sender. Administrators can set preferences for password quality.
In combination with a random factor, which is stored on the system, a transferspecific 256bit long key is generated and used to store the data encrypted. The
password itself is not stored by the system, but must be exchanged between the
sender and the recipient on a separate channel. This ensures that each transfer is
secured with an individual key. Since passwords are not stored electronically on
the system, they cannot be spied out on the system and used for other purposes.
Data stored encrypted can only be made accessible to people who know the
transfer password.
Since Cryptshare works without any user accounts, there is no risk that spied
accounts from other sources grant access to large amounts of confidential data on
a Cryptshare server.
Likewise, there is no risk that spied-out user accounts from a Cryptshare Server
grant access to data on other systems.
• All transfers are deleted after a specified time. So there is no risk of growing a
"data graveyard" in the DMZ.
Authenticity of the communication partner:
Senders must verify their email addresses, i.e. a verification code is sent to the
specified email address code. The reception of the code must be confirmed by
feedback of the code. This avoids spam and verifies the authenticity of the address.
Sender and receiver must exchange the password on a separate path, ideally through
personal contact. The verification of the authenticity of the communication partners
takes place on a personal level, not only on a technical level (Phone number required
or personal contact).
All activities are logged on the server Cryptshare, incl. the IP addresses used.
Control of content:
All contents are checked for malware before they are encrypted on the Cryptshare
server.
28
Archiving interface on the roadmap for the 2015th
Audit trail:
All activities are logged on the Cryptshare server including the (verified) e-mail
addresses, timestamps, and IP addresses.
Senders will be informed about the successful delivery of their transfers, about nondelivery and excessive download attempts with an incorrect password.
28
Any questions? Contact Tim Waggett on 0800 088 7225 or email at
tim.waggett@cryptshare.com
29