Encryption technology is the most commonly used means of security and confidentiality, using technical means to transform important data into garbled (encrypted) transmission, and then use the same or different means to restore (decrypt) after reaching the destination.
0. Basic concepts
Encryption includes two elements: algorithm and key. An encryption algorithm is the process of combining a message with a key (a string of numbers) to produce an incomprehensible ciphertext.
A key is a parameter used in conjunction with a cryptographic algorithm, and the entity that owns it can encrypt or recover data.
The key can be divided into symmetric key and asymmetric key.
Symmetric key: Encryption/decryption uses the same key. - AES and other algorithms
Asymmetric key: Two keys are required for encryption and decryption. (Public key and private key)-RSA and other algorithms
1. Key hierarchical management structure
Work Key (WK/WorkKey)
Key encryption key (KEK or MK/MasterKey)
Root Key (RK/RootKey)
Hierarchical key management should choose at least two layers for management: root key and working key.
2. Key Lifecycle
Security Management
Key life cycle Security issues that may be caused by poor design
Generation: The generation algorithm has poor randomness, resulting in the key being predictable, or the attacker can generate the key by himself.
Distribution: The key is distributed in plain text, leading to the risk of interception by an attacker.
Update: The key is never updated, which makes it easier for an attacker to obtain the key and thus can easily obtain the plaintext of sensitive data.
Storage: The plaintext of the key is stored in the database, making it easy for an attacker to read the key, so that the plaintext of sensitive data can be easily obtained.
Backup: If important keys are never backed up, once the keys are lost, the original encrypted data cannot be decrypted, which greatly reduces the system reliability.
Destroy: The key is only normally deleted, making it possible for an attacker to recover the key.
The establishment of the key includes the generation and distribution of the key.
2.1 Generate
Security-based random number generator
Derive function based on key
PBKDF2 is a password-based key derivation function, the calculation formula of the derived key:
DK = PBKDF2(HashAlg, Password, Salt, count, dkLen)
PBKDF2: key derivation function name
enter:
HashAlg: Hash algorithm (SHA256 is recommended)
Password: the password entered by the user or a string of strings read
Salt: Salt value, a secure random number, at least 8 bytes
count: the number of iterations, a positive integer
dkLen: The byte length of the derived key, a positive integer.
Output:
DK: The derived key, a string of dkLen bytes in length.
```
http://javadoc.iaik.tugraz.at/iaik_jce/current/iaik/pkcs/pkcs5/PBKDF2.html
3. Standards-based key agreement mechanism
4. Security-based key generation tools, etc.
2.2 Distribution
The distribution of the key is to transfer the key to an authorized entity in a secure manner, generally through a secure transmission protocol or the use of a digital envelope.
Digital envelope is a mixed application of symmetric cryptosystem and asymmetric cryptosystem, which not only solves the problem of the efficiency of encryption and decryption of asymmetric cryptosystem, but also properly solves the security problem of key transmission.
In the process of key distribution, the integrity and confidentiality of symmetric keys and asymmetric keys should be guaranteed;
It is recommended that product developers use secure encrypted transmission protocols (such as SSL, IPSec, SSH) to transmit these sensitive data.
When the application scenario of the product does not have the conditions to establish a secure transmission protocol, a digital envelope can also be used to complete the distribution of the key.
Digital envelope encryption and decryption interface
Interface iPSI OpenSSL
Encryption CRYPT_sealInit() EVP_SealInit()
Encryption CRYPT_sealUpdate() EVP_SealUpdate()
Encryption CRYPT_sealFinal() EVP_SealFinal()
Decrypt CRYPT_openInit() EVP_OpenInit()
Decrypt CRYPT_openUpdate() EVP_OpenUpdate()
Decrypt CRYPT_openFinal() EVP_OpenFinal()
For the public key of asymmetric key, its integrity and authenticity should be guaranteed.
2.3 Use
A key is only used for one purpose (such as encryption, authentication, random number generation, digital signature, etc.).
The private key of an asymmetric encryption algorithm can only be mastered by its owner.
2.4 Storage
The working key used for data encryption and decryption cannot be hard-coded in the code.
Symmetric keys, private keys, shared secrets, etc. are all sensitive data, and confidentiality protection must be provided when stored locally.
The secret protection of the upper key is provided by the lower key --> the security management of the root key.
When the root key is generated by the key component method, the key component needs to be stored separately. When the key component is stored in a file, the file name must be generalized.
2.5 update
When the key has reached its expiration date or the key has been cracked, the cryptographic system needs a key update mechanism to regenerate a new key
The key must be updatable, with a clear update cycle.
2.6 Backup
Loss of the key will cause the cipher text data to be unable to be decrypted, thus causing the loss of data.
Should be based on specific scenarios to evaluate whether it is necessary to provide a backup and recovery mechanism for the key
2.7 Destruction
Keys that are no longer used should be deleted immediately.
2.8 Auditable
Key management operations need to record detailed logs.
Key generation, use (for management purposes, such as encryption and decryption keys, derived keys must be logged, for business purposes, such as encryption and decryption business data is not required), update, and destruction operations are important management operations.
The log needs to record various management operations of the key in detail, including but not limited to the subject (person or equipment), time, purpose, result and other information that can be used for event traceability.
