Steven M. Bellovin is a professor in the computer science department at Columbia University. This post was originally published on his blog. This essay quickly generated a vigorous debate among security experts on Twitter. <\/p>\n
Another day, another data breach, and another round of calls for companies to encrypt their databases. Cryptography is a powerful tool, but in cases like this, it's not going to help. If your OS is secure, you don't need the crypto; if it's not, the crypto won't protect your data. <\/p>\n
In a case like the Anthem breach, the really sensitive databases are always in use. This means that they're effectively decrypted: the database management systems (DBMS) are operating on cleartext, which means that the decryption key is present in RAM somewhere. It may be in the OS, it may be in the DBMS, or it may even be in the application itself (though that's less likely if a large relational database is in use, which it probably is). What's to stop an attacker from obtaining that key, or perhaps from just making database queries? <\/p>\n
The answer, in theory, is other forms of access control. Perhaps the DBMS requires authentication, or operating system permissions will prevent the attacker from getting at the keys. Unfortunatelyand as these many data breaches showthese defenses are not configured properly or aren't doing the job. If that's the case, though, adding encryption isn't going to help; the attacker will just go around the crypto. There's a very simple rule of thumb here:Encryption is most useful when OS protections cannot work. <\/p>\n
What do I mean by that? The most obvious situation is where the attacker has physical access to the device. Laptop disks should always be encrypted; ditto flash drives, backup media, etc. Using full disk encryption on your servers' drives isn't a bad idea, since it protects your data when you discard the media, but you then have to worry about where the key comes from if the server crashes and reboots. <\/p>\n
Cloud storage is a good place for encryption, since you don't control the machine room and you don't control the hypervisor. Again, your own operating system isn't blocking a line of attack. (Note: I'm not saying that the cloud is a bad idea; if nothing else, most cloud sysadmins are better at securing their systems than are folks at average small companies.) E-mail is another good use for encryption, unless you control your own mail servers. Why? Because the data is yours, but you're storing it on someone else's computer. <\/p>\n
Encryption is a useful tool (and a fun research area), but like all tools, it's only useful if properly employed. If used in inappropriate situations, it won't provide protection and will create operational headaches and perhaps data loss from mismanaged keys. <\/p>\n
Protecting large databases like Anthem's is a challenge. We need better software security, and we need better structural tools to isolate the really sensitive data from average, poorly protected machines. There may even be a role for encryption, but simply encrypting the social security numbers isn't going to do much. <\/p>\n
<\/p>\n