While storing data in the cloud is undoubtedly convenient it also introduces risks and encryption is increasingly seen as a way of helping combat them.

Database-as-a-service company mLab is introducing encryption-at-rest as an opt-in data security measure for customers of its most popular plans, at no additional cost.

The mLab platform currently manages nearly 500,000 MongoDB deployments across Amazon Web Services, Google Cloud Platform, and Microsoft Azure. Encryption-at-rest will be available to mLab's Database-as-a-Service customers on Dedicated Standard and High Storage plans, covering deployments across both Amazon Web Services and Google Cloud Platform.

The company already offers customers in-transit encryption via SSL to secure data transmission over networks. Adding encryption-at-rest boosts mLabs commitment to enterprise security by encrypting data on disks and wherever backups are stored. The feature is designed so that there will be minimal performance impact on the database.

"As the cloud services industry matures, many customers, especially enterprises, are developing programs to perform due diligence on their portfolio of service providers," says Jared D Cottrell, CTO of mLab. "Whether an industry regulation or best practice, encryption-at-rest is one of the most commonly-requested security features. Encryption-at-rest provides a layer of protection against unauthorized access to sensitive data, especially attacks directed at the physical devices on which the data is stored. mLab's encryption-at-rest feature gives our customers greater peace of mind."

You can find out more on the mLab website.

Photo credit: faithie / Shutterstock

Continued here:
Database-as-a-service platform introduces encryption-at-rest - BetaNews

Slide: 1 / of 1. Caption: Caption: reuseok encrypt security abstract color code privacy fence google Katherine Lubar/Getty Images

Nearly three years have passed since Google announced it would offer an end-to-end encryption add-on for Gmail, a potentially massive shift in the privacy options of a piece of software used by more than a billion people. It still hasnt materialized. And while Google insists its encryptionplugin isnt vaporware, the companys latest move has left critics with the distinct impression that Gmails end-to-end encrypted future looks cloudy at bestif not altogether evaporated.

LastFriday, Google quietly announced that E2EMail, an extension for Chrome that would seamlessly encrypt and decrypt Gmail messages, was no longer a Google effort. Instead, the company has invited the outside developer community to adopt the projects open-source code. Google was careful to emphasize in a blog post describing the change that it hasnt given up work on its email encryption tool. But cryptographers and members of the privacy community see the move as confirmation that Google has officially backburnered a critical privacy and security initiative.

The real message is that theyre not actively developing this as a Google project anymore, says Matthew Green, a cryptographer and computer scientist at Johns Hopkin University who has closely studied tech firms messaging encryption products. Green notes that after close to three years, hes happy to see any code come out of Googles Gmail encryption work. But its hardly the finishedemail-encrypting plugin that Google had promised. Its definitely a bit of a disappointment, given how much hype Google generated around this project at one point, to see that theyre not pursuing this as a core feature of Gmail, Green says.

When Google first announced in June of 2014 that it would build an encryption tool for Gmailthen known as End-to-Endthe move was seen as part of Googles dramaticresponse to the NSA surveillance revealed by leaker Edward Snowden. But the projects failure to emerge from a research phaseeven as communications like Apples iMessage, Facebook Messenger, Facebook-owned WhatsApp, and even Viber offer end-to-end encryption to their hundreds of millions or billions of usershas disillusioned the privacy community. Commenters on the projects Github page have asked for more than a year if Google has abandoned the encryption extension.

Googles decision to hand E2Email over to open-source developers only cements that perception. If I had to place a bet, Id say its a telltale sign the project isnt going anywhere, says web security researcher Jeremiah Grossman, chief of security strategy at security firm Sentinel One. This is a way for them to get their work out there but to absolve themselves of future obligations.

Green, who has spoken to Google engineers about the project, says the End-to-End initiative never received the staffing necessary to push it forward. Today, he says, the total attention Google devotes to the project equates to a fraction of a single full-time staffer. The upshot is that Google wont be doing much more on end-to-end encryption, Green says.

Googles own security engineers, meanwhile, say that theyve hardly abandoned their encryption push. But making email encryption easy, argues Google privacy and security product manager Stephan Somogyi, isfar harder than it might seem to the public. Unlike WhatsApp or Facebook Messenger, GmailsEnd-to-Endproject sought to bolt encryption onto email, an old protocol that still has to interoperate with billions of clients outside of Googles control. And Somogyipoints out that his engineers have also had to build and refine an entirely new library of crypto code in javascript, a necessary stepping stone for secure web-based encryption tools, and one widely believed to be unworkable a few years ago.

More recently, he says, the team has focused on the larger problem of key managementthe tricky task of securely distributing, tracking, and looking up the unique encryption keys that allow users to decrypt encrypted messages and prove their identities. That problem has for decades dogged PGP, the encryption scheme Google bases its Gmail encryption project on. Googles engineers are now working to solve it with a project called Key Transparency, along with researchers at Princeton, Yahoo, and Open Whisper Systems.

The magic needs to happen in key distribution and key discovery, and weve been quiet for so long because weve been working on that hard stuff, says Somogyi. But hemakes no promises that more rigorous approach will produce actual, working encryption tools for Gmail any time soon. Even once Key Transparency is out the door, theres other hard stuff to work on.

The decision to open-source the Gmail encryption plug-in project, Somogyi says, was a recognition that outside developers might want to put out a quicker fix rather than solve the underlying problems his engineers have focused on. Were very much playing the long game, Somogyi says. The reason we want to put this into the open source community is precisely because everyone cares about this so much. We dont want everyone waiting for Google to get something done.

Despite those efforts, however, Google hasnt kept up with its competitors onend-to-end encrypted messaging. Its only serious effort in the last year was to offer opt-in end-to-end encryption in its Allo messenger, a new service with an infinitesimal fraction of the user base of existing chat platforms like Google Hangouts and Gchat.

As Gmails long-awaited end-to-end encryption features have failed to appear, critics have speculated about Googles motives. Does it want to avoid the clashes with the US government that WhatsApp and Apple faced down when their encryption has stymied law enforcement? Or does a company so focused on big data analysis not want to relinquish its ability to mine emails in the service of highly targeted ads and services? The Allo voice assistant, for instance, doesnt function when users haveencryption enabled. The entire notion of end-to-end encryption, after all, is that no one but the people communicating can decrypt messages, noteventhe service hosting those communications.

Googles Somogyi argues that advertising doesnt figure into his teams encryption decisions. But he concedes that for services like Gmails spam and malware filtering, end-to-end encryption makes data mining far more difficult. He describes the balance Google seeks diplomatically: Where we can provide added value to the user by having machine-based systems look at the data, were absolutely going to do that, Somogyi said. At every opportunity that we have to protect users data from unauthorized access we absolutely, vigorously pursue that.

Ideally, the tradeoffs between services that mine someones communications and their privacy should be left to the users themselves, says Somogyi. Whats important ultimately is that the user has a choice, he says.

That choice, for Gmail users, has been a long time coming. Until the E2Email project comes to fruitionif it ever doesthe existing decision for users is starker: Share your secrets over Gmail, or send them over one of the many end-to-end encrypted messaging services thats far better engineeredto protect them.

Updated 2/28/2017 1:10pm EST to clarify that while Gmail does use some forms of encryption, it doesnt offer end-to-end encryption that ensures only the people communicating can decrypt messages.

Read the original here:
After 3 Years, Why Gmail's End-to-End Encryption Is Still Vapor - WIRED

I wrote yesterday about reports thatpeople in the White House are using encrypted communication apps more often, and why that might be. Today I want to follow up by talking about how the politics of encryption might affect government agencies choices about how to secure their information. Ill do this by telling the stories of the CIOs of three hypothetical Federal agencies.

Alice is CIO of Agency A. Her agencys leader has said in speechesthat encryption is a tool of criminals andterrorists, andthat encryption is used mostly to hide bad or embarrassing acts. Alice knows that if she adopts encryption for the agency, her boss could face criticism for hypocrisy, for using the very technology that he criticizes. Even if there is evidence thatencryption will make Agency Amore secure, there is a natural tendency for Alice tolook for other places to try to improve security instead.

Bob is CIO of Agency B. His agencysleader has taken a more balanced view, painting encryption as a tool with broad value forhonest people, and which happens to be used by bad people as well. Bob willbe in a better position than Alice to adopt encryption if hethinks it will improve his agencys security. But he might hesitate a bit to do so if Agencies A and B need to work together on other issues, or if the two agency heads are friendsespecially if encryption seems more important to the head of Agency A than it does to the head of Bobs own agency.

Charlie is CIO of Agency C. His agencys leader hasnt taken a public position on encryption, but the leader is known to be impulsive, thin-skinned, and resistant to advice from domain experts. Charlie worries that if he starts deploying encryption in his agency, and then the leader impulsivelytakes a strong position against encryption without consulting his team, the resulting accusationsof hypocrisy could anger the leader. That might cost Charlie his job, or seriously undermine the authority he needsto properly manageagency IT. The safe thing for Charlie to do is to avoid deploying encryptionnot only to preserve his job but also to protect the rest of the agencys IT agenda. If Charlie doesnt change the agencys practice, then criticism of the practice can be deflected onto the previous leaderand of course well be upgradingto the better practicesoon. Here the uncertainty created by the leaders management style deters Charlie from changing encryption practice.

Lets recap. Alice, Bob, and Charlie are operating in different environments, but in all three cases, the politics of encryption are deterring them, at least a little, from deploying encryption. Their decision to deploy it or not will depend not only on their best judgment as to whether it will improve the agencys security, but also on political factors that raise the cost of adopting encryption. And so their agencies may not make enough use of encryption.

This is yet another reason we need a serious and specific discussion about encryption policy.

Link:
How the Politics of Encryption Affects Government Adoption - Freedom to Tinker

Enlarge / A figure from the patent that has been asserted against Intel, Google, and hundreds of other companies providing SSL and TLS on their websites.

Patent-holding company TQP Developmentmade millions claiming that itowned a breakthrough in Web encryption, even though most encryption experts had never heard of the companyuntil itstarted a massive campaign of lawsuits.Yesterday, thecompany's litigation campaign was brought to an end when a panel of appeals judges refused (PDF) togive TQP a second chance tocollect on a jury verdict against Newegg.

The TQPpatentwas invented by Michael Jones, whose company Telequip briefly sold a kind of encrypted modem. The companysold about 30 models before the modem business went bust. Famed patentenforcer Erich Spangenbergbought the TQP patent in 2008 and beganfiling lawsuits, saying that the Jones patent actually entitled him to royalties on a basic form of SSL Internet encryption. Spangenberg and Jonesultimately made more than $45 million from the patent.

TQP appealedits case, and oral arguments were heard at the US Court of Appeals for the Federal Circuit on February 8. Yesterday, thethree-judge panel found in Newegg's favor, issuing a short two-pageorder that did not explain its reasoning. While TQP could theoretically still appeal to the full Federal Circuit or to the Supreme Court, it's far from clear there's anylegal issue in the case that would compel either of those bodies to take the case.

Newegg and its former chief legal officer, Lee Cheng, have long taken an uncompromising view on the necessity offighting what they term "patent trolls" in court. The TQP Development trial, in which Cheng faced off against Spangenberg, may end up being Newegg's last high-profile patent trial. In October, Cheng left Newegg for Nashville-based guitar maker Gibson Brands.

The Newegg win did not invalidate theTQP patent, which expired in 2012. Nonew cases have been filed since2014.

After the trial against Newegg, the TQP patent was sold, according to former owner Spangenberg. The new entity's ownership is unclear, but it is still represented by the same lawyers from Los Angeles-based Russ, August and Kabat. TQP lead attorney Marc Fenster didn't respond to a request for comment on the appeals court ruling.

"Neweggs e-commerce encryption systems never infringed TQPs patent, which is directed to outdated modem technology from the 1980s," Newegg lawyer Dan Brean told Ars via e-mail. "The differences are clear and fundamental in terms of how and when data is encrypted and transmitted. That is why Judge Gilstrap entered judgment in Neweggs favor despite the jurys verdict, and the Federal Circuit has now affirmed that judgment."

"Im glad that this is finally over," added Newegg lawyer Kent Baldauf. "We have lived with this a long time as it was filed in 2011. This patent troll case was particularly troubling as it not only involved an antiquated technology that has never been used by modern Internet retailers such as Newegg, but it was also asserted to cover the foundational developments of luminaries in the field of encryption such as Ron Rivest and Whit Diffie.We are thankful that Newegg once again stood up to a patent troll and refused to settle based upon a patent that it did not infringe."

Read the rest here:
Encryption patent that roiled Newegg is dead on appeal | Ars Technica - Ars Technica

A group of researchers from Austin, NYU and Cornell universities have developed a scheme for genuine end-to-end email encryption though that term might need to be redefined in the context of their project.

Traditional end-to-end email encryption only provides security in transit between mail servers once on the servers themselves, the emails are processed as plain text, facilitating processes such as spam filters.

The group proposes a system called Pretzel, which develops a cryptographic algorithm that permits two parties to blindly contribute to encryption, and extends the concept to email.

However the researchers admit that providers will need to furnish additional computing resources in order to handle the encryption process.

The benefit of the scheme is the near-impossibility of interception/decryption from emails captured in transit. Gaining control of network nodes is a widespread practice on both sides of the law, with headlines in recent years going to official and malfeasant actors taking control of Tor exit nodes with a view to de-anonymising information.

In practice genuine end-to-end encryption has been available via PGP since the early 1990s, and the functionality is offered by certain of the larger providers notably those who are party to the decrypted emails at the client end, at which point the information can be monetised by targeted advertising.

But the researchers note that the limited availability of PGP has more commercial than governmental imperatives behind it:

A crucial reasonat least the one that is often citedis that encryption appears to be incompatible with value-added functions (such as spam filtering, email search, and predictive personal assistanceand with the functions by which free webmail providers monetize user data (for example, topic extraction)These functions are proprietary; for example, the provider might have invested in training a spam filtering model, and does not want to publicize it (even if a dedicated party can infer itSo it follows that the functions must execute on providers servers with access to plaintext emails.

Pretzels innovation is in following up email decryption (usually provided by public/private keys as in PGP) with a second protocol which operates between the email provider and each mail recipient, called secure two-party computation (2PC). 2PC schemes can process any function in a manner hidden from one or more of the concerned parties.

However the processing needs of full-scale 2PC systems would not be realistic as a transport mechanism, and so the researchers have produced a slimmed-down and more linear throughput, with certain algorithm functionality baked into the procedure.

At the moment the teams implementation of Pretzel permits core commercial operations such as email scanning (i.e. for advertising or spam-identification purposes), and a limited subset of other usual mail server functions. The researchers hope to add the ability to accommodate predictive personal assistance services and virus scanning in the future, as well as the ability to hide metadata some of the most fiercely-sought information among security services and hackers alike.

Ultimately, our goal is just to demonstrate an alternative. We dont claim that Pretzel is an optimal point in the three-way tradeoff among functionality, performance, and privacywe dont yet know what such an optimum would be. We simply claim that it is different from the status quo (which combines rich functionality, superb performance, but no encryption by default) and that it is potentially plausible.

Here is the original post:
Research proposes 'full-journey' email encryption - The Stack

Organizations are adopting encryption at a rapid and increasingly urgent pace. Why? Because encryption helps organizations support dynamic industry regulations while also protecting sensitive data thats placed in the cloud.

The trend of adopting public cloud solutions continues to grow, but protecting critical data in the cloud is still a major concern. Its critical to protect data against external breaches and unauthorized access by cloud service providers. Collectively, organizations are diligently working with consultants and suppliers to implement solutions to keep their data safe.

In many specific instances, companies want to prevent their data from being accessible to cloud service providers (CSPs). However, organizations are now facing a new dilemma: What are they supposed to do when they want to permanently delete their data in the cloud?

Regulatory compliance and cloud data protection are two driving reasons for establishing encryption and encryption key management strategies. Furthermore, in the new world of cloud data security, the old concept of a castle has become ineffective; the concept of a curated museum is much more applicable to cloud data security. In this new world, organizations want to share data appropriately with many users and platforms without running the risk that it will be taken, changed, hijacked, destroyed or accessed by unauthorized users.

Learn more about Multi-Cloud Data Encryption

To complicate matters, the value of data can change quickly. As we know, information such as quarterly financial data has high value prior to its disclosure, but the necessity to keep it private significantly declines once the announcement of financial performance is released to the market. However, other data, such as pharmaceutical trial data, HR information from divested organizations and historical notes on litigation proceedings, can quickly become a liability if it is unintentionally disclosed to the wrong party after the collective work on these efforts has been completed.

When you combine the need for privacy, the desire to collaborate using shared data and the trend of leveraging cloud applications and storage, you can see the need to not only protect cloud-based data, but also to manage it throughout its entire life cycle, from creation to destruction. Furthermore, in the case of cloud deployments, this process needs to be managed and controlled in an environment that is not physically under your control. This last requirement raises the following questions:

Encryption has historically been used to protect data against unauthorized use. However, encryption can effectively erase data as well. This is called cryptographic erasure.

The National Institute of Science and Technology (NIST) released Special Publication 800-88, Revision 1: Guidelines for Media Sanitization, which detailed how encryption is part of media and data sanitation.

If strong cryptography is used, the publication stated, sanitization of the target data is reduced to sanitization of the encryption key(s) used to encrypt the target data. In laymens terms, this means that if the data is encrypted and you destroy the keys, the data is erased.

Of course, there are some qualifiers to claiming sanitization by cryptographic erasure. First, you must ensure that you have encrypted the data from the moment it was originally stored. Next, verify that you have exclusive access to all data encryption keys and ensure that all keys are wrapped under one or more wrapping keys. Finally, delete the wrapping keys to render the data encryption keys and data itself unrecoverable. Fortunately, these steps are not difficult to follow if you have the right tools.

For example, if you have a petabyte of data that has been encrypted from the moment it was placed in the cloud and control over the wrapping keys that protect the data encryption keys, then when you delete the wrapping keys, you render data encryption keys and the petabyte of data useless. This happens regardless of where the data is stored or whether you can even access the storage environment. In other words, you can effectively erase a petabyte of data by deleting just a few kilobytes of keys. Thats cryptographic erasure, and its powerful.

Naturally, you may want to recover the petabytes of bits associated with your now-useless data. Why pay to store petabytes of random bits? However, that is secondary to the erasure of the data itself.

The logistics of implementing cryptographic erasure fundamentally requires the system that stores and encrypts the data to be separate from that of encryption key management. Leveraging key life cycle management software packages helps maintain separation of these duties and functions.

Keeping your encryption engine separate from the encryption keys, as well as keeping the keys well-managed, is not just a best practice, but also keeps you on the right side of regulations and helps protect your most precious assets your encryption keys and encrypted data from threat actors. Remember that storage is inexpensive, but data is becoming infinitely more valuable, both as an asset and a liability. Control your data, protect it and ensure that it has a clear life cycle that you control.

The future architecture of data protection is clearly modular. We need to:

Following these practices ensures that your data, protected through encryption, will provide value through its lifetime and can be securely deleted when no longer valuable.

To protect data in a multicloud environment, organizations should still focus on implementing centralized policy management as well as centralized key management.

Guardium for Multi-Cloud Data Encryption offers the ability to encrypt cloud data across multiple clouds. It also integrates with IBM Security Key Lifecycle Manager. This combination of local but highly redundant key management, and the ability to concurrently manage tens of thousands of encrypted file systems or volumes in multiple clouds, gives organization the tools they need to protect and manage the entire life cycle of data regardless of where it resides.

Learn more about Multi-Cloud Data Encryption

Visit link:
How Encryption Makes Your Sensitive Cloud-Based Data an Asset, Not a Liability - Security Intelligence (blog)

The new VM Encryption tool in vSphere 6.5 goes beyond standard VM-level security by performing the encryption at...

Enjoy this article as well as all of our content, including E-Guides, news, tips and more.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

the hypervisor level.

Doing the encryption at the hypervisor level instead of in the virtual machine makes encryption agnostic, as well as policy-driven -- VMware VM Encryption is managed via storage policy. While the main purpose of the tool is to enhance security, it means encryption is no longer an all-or-nothing proposal; encryption of the storage area network or underlying storage are no longer the only options.

There is a small overhead for VM Encryption, though this is to be expected in any encryption system. For what it's worth, I hardly noticed the overhead during my experimentation with ESXi encryption.

Implementing VM Encryption is quite simple. You can easily set up a basic proof of concept (POC) implementation for the encryption infrastructure, as VMware has designed the underlying cryptographic system to use third-party plugins. VMware's current list of approved vendors includes RSA and Symantec, as well as several others. There is currently no VMware implementation.

Before implementing the encryption system, it's important to understand how VM Encryption works. Put simply, the encryption is handed from the encryption VM to its client, the vCenter.

Setting up the cryptographic back end is straightforward. Most vendors will ship a VM appliance that can be installed, powered on and configured. Since configuring the cryptography for each of the vendor plugins is beyond the scope of this guide, I simply used the modified POC encryption manager that VMware released to beta testers.

This test version only keeps encryption keys for the duration of the machine's uptime. This is just a demonstration system and the encryption key will be lost upon reboot, so don't encrypt any machines you actually use. The best way to avoid running into trouble is to create a couple of test VMs.

Before implementing the encryption system, it's important to understand how VM Encryption works. Put simply, the encryption is handed from the encryption VM to its client, the vCenter. The vCenter then provides keys as needed to the ESXi hosts. These are stored in a secure manner to enable you to unlock the VM. The keys are never written to the disk on the ESXi host. However, the intermediate keys for locking and unlocking the VMs are stored in a secure encryption enclave.

To set up the encryption server, you need to set up a Linux host with Docker. Once you've done this, pull down the Docker image and run the instance with the following command:

sudo docker pull lamw/vmwkmip

sudo docker run --rm -it -p 5696:5696 lamw/vmwkmip

At this point the Docker image should be running on port 5696.

Now that we've covered how encryption is applied, let's look at how to set up the infrastructure. First, add the Key Management Service (KMS) server to the vCenter by going to the top level of the vCenter configuration menu and selecting Key Management Servers from the hyperlink on the left.

This will bring up a dialog box that allows you to enter KMS server details. The exact details will vary, and some KMS server configurations may require a username and password. We don't need to use one in this instance. The server address should be that of the Ubuntu server. The port used for this example is 5696.

Once you've submitted the KMS details, you'll be prompted to accept a certificate; accept this, and KMS will be set to the default.

At this point, the cryptographic configuration is complete. However, a single KMS is a single point of failure, therefore, I recommend configuring a minimum of two. Do not encrypt the vCenter or it will prevent vCenter from booting. You need to avoid this because vCenter is a key component of the cryptographic infrastructure.

The next step is to create an encryption storage policy. If you navigate to VM Storage Policies, you'll see a new storage policy titled VM Encryption Policy. There are several options that you can modify if necessary.

At this point, you can encrypt the VM. It's best practice to only encrypt the disks; it's possible to encrypt other items, but it's unadvisable unless you have an overriding reason to do so.

From here on out, encrypting the VM is clear-cut. Before encrypting a device, you must first power it off. Navigate to the VM you plan on encrypting and right-click to edit its setting and expand the disks to encrypt. Select the VM Encryption Policy from the VM storage policy drop-down menu.

Disabling VM Encryption is as easy as changing the policy to the default data store policy. Again, you must power off the VM to perform the necessary actions.

There are a few caveats to using VM Encryption. For one, it does not support exporting encrypted VMs to open virtualization format. The use of cryptography on a per VM basis is dependent on the business and security requirements of the company in question. Exercise caution when implementing the encryption and make sure you fully understand and recognize the ramifications and functionality of encryption.

NSX leads the pack for VMware security

Explore ESXi hypervisor security features

What's next in the world of cryptography?

Read this article:
Set up VMware VM Encryption for hypervisor-level security - TechTarget