Legacy Encryption at Rest
Data recon & identificationNo added protectionProtects
Only CryptoMove protects against data reconnaissance and identification with dynamic movement, mutation, fragmentation, distribution, and re-encryption. All encryption technology on the market today leaves stored encrypted data at rest. This fails.
Every attack begins with reconnaissance. Attackers initially map out data infrastructure, per the Lockheed killchain methodology. Adversaries take their time, review system topography, identify data, identify data owners (who to go after for privilege escalation and social engineering), and plan attacks. Static data infrastructure makes this easy. Attackers go over the walls, hide from the cameras, avoid traps, and there are not enough guards to keep up.
Active defense data protection flips the asymmetry. Takes away adversaries' #1 asymmetric advantage: time. Dynamically moving, mutating, fragmenting, distributing, and re-encrypting data makes it a nightmare for attackers to even start their attack. Recon and data identification is a pre-requisite to any attack on data.
- Time is now a disadvantage, because as time goes by the system entropy increases and attackers are back to square one.
- Protects against undetected attackers, because it increases their costs regardless of whether they are uncovered. Raises the bar and makes the playing field harder for attackers.
- Makes it more likely that attackers slip up and get caught by other security tools, and makes data react to threats. CryptoMove API can orchestrate with threat detection to dynamically move data in response to threats.
Many attack examples demonstrate that even when data is encrypted at rest, attackers take their time to study encryption systems. Over time, attackers identify vulnerabilities and points of weakness to attack data. ProjectSauron hid for 5 years, studying encryption key servers and exfiltration data at dozens of targets. Sophisticated ransomware maps out data infrastructure – searching for backups to ransom.
Moving target defense is an exploding and exciting field of academic and military security research today. Current applications focus on networks and application layers. CryptoMove is Active Defense data protection: dynamic data movement, mutation, distribution, and re-encryption.
Lateral movementNo added protectionProtects
Adversaries move laterally once they breach an infrastructure. Attackers typically get a toehold via phishing, unpatched vulnerabilities, or credential compromise. They then move laterally in an infrastructure, uncovering data locations and mapping out data. Static and unchanging data storage infrastructure makes this easy. Attackers enjoy the asymmetric advantage of time.
CryptoMove flips the asymmetric advantage of time in favor of defenders. With CryptoMove, as attackers move laterally through a data infrastructure, the data location, size, even encryption is changing continuously. Attackers are constantly back to square one.
Ciphertext exfiltrationNo added protectionProtects
Losing encrypted data is nothing to be proud of. CryptoMove protects against ciphertext exfiltration, by dynamically and continuously moving, mutating, fragmenting and re-encrypting data so it is never static in one place at one time. Identification of data is a pre-requisite to exfiltration. There is a pervasive assumption in the security industry today that if data is encrypted, it is OK if that data is stolen. This is a dangerous assumption. We should not congratulate ourselves because we were breached and stolen data was encrypted. That means we failed.
First, losing even encrypted data damages customer and partner relationships, reputation, and brand.
Second, once adversaries possess ciphertext, they are much closer to decryption.
- Adversaries locate encryption keys. They move laterally through a system, and locate keys. Keys are stored without dynamic movement, mutation, distribution, fragmentation, or re-encryption.
- Adversaries mount attacks on encryption keys (e.g. side-channel or MITM) as they move in and out of secured environments.
- Adversaries have the asymmetric advantage of time. Most adversaries are undetected for months, if not years.
Third, many encryption setups use weak algorithms or weak implementation, leaving the door open to cryptographic attacks, whether brute force or otherwise.
Fourth, the only guarantee with encryption algorithms is that they eventually deprecate. Usually sooner than we expect. Researchers, including in academia and NSA, are sounding the alarm that we must act now to prepare for a post-quantum world. Quantum computers threaten to crack much currently used encryption technology.
CryptoMove sidesteps all these concerns. By dynamically and continuously moving, mutating, distributing, and re-encrypting data, CryptoMove ensures attackers cannot find ciphertext to exfiltrate. If they do manage to get something, they have only encrypted fragments, not adding up to entire files. By the time adversaries move to grab the next handful of fragments, the data has moved, mutated, and gotten re-encrypted. There is nothing to uncover or brute force. Even a quantum computer cannot crack ciphertext if it cannot get its hands on it. And, CryptoMove is 100% agnostic to the encryption algorithm, so it can plug-and-play new post-quantum, homomorphic, or any other algorithms as they come online.
- http://www.ssrc.ucsc.edu/Papers/storer-usenix07.pdf("an adversary who can compromise an archive need only wait for cryptanalysis techniques to catch up to the encryption algorithm used at the time of the compromise in order to obtain 'secure' data”)
- https://arxiv.org/pdf/1512.02951.pdf("Hardening data protection using multiple methods rather than ‘just’ encryption is of paramount importance when considering continuous and powerful attacks to spy or even destroy private and confidential information")
Data destructionNo added protectionProtects
Encrypting stored data at rest offers zero protection from data destruction. Many attacks do not care about stealing data – they just destroy it. This damages systems, harms availability and up-time, and leads to manual restore processes. Modern AI, IoT, and other systems produce so much data that not all of it can even be backed up. Making data harder to destroy is paramount.
CryptoMove protects against data destruction. By dynamically moving, fragmenting, distributing, and replicating data fragments, CryptoMove ensures that if certain data fragments are destroyed, data can still be recovered. CryptoMove increases the hurdle for any data destruction attack, because it has to first identify the data. With CryptoMove data identification for adversaries is a nightmare.
Further, CryptoMove can create more copies on the fly—in real-time—and also is a versioning system that can restore data to prior states. This allows real-time recovery to data destruction attacks.
RansomwareNo added protectionProtects
Ransomware is the #1 emerging threat to data. A billion dollar+ business for cybercriminals in 2016. Encryption at rest offers absolutely zero protection. CryptoMove does. Existing approaches fall into the trap of tired static erimeter thinking -- trying to stop or detect ransomware at endpoints. CryptoMove offers true data-centric ransomware protection.
- CryptoMove evades ransomware because data is always moving, mutating, fragmenting, distributing, and generating copies. This means that ransomware cannot find the data to over-encrypt and ransom. Often ransomware hides in a system, moves laterally, and searches for backups. With CryptoMove that search will lead nowhere.
- CryptoMove is resilient to ransomware. And if a ransomware attack begins, it will only over-encrypt some fragments of data. CryptoMove will create new copies, move data away, and data will still be available.
- CryptoMove can respond to ransomware in real-time. CryptoMove cryptographically verifies the integrity of each data fragment when it moves. So CryptoMove can tell if a fragment has been over-encrypted. This means ransomware attacks cannot move from storage layer to storage layer, because as it does, CryptoMove knows something is wrong, declares a breach, creates more copies, and moves data away.
Data corruption / integrityNo added protectionProtects
Encryption at rest is vulnerable to attacks that corrupt data integrity. CryptoMove ensures data integrity and protects against attack that seek to corrupt or replace data with false values.
Modern data powers physical machines, devices, and trains artificial intelligence and machine learning models. It is important that data maintains its integrity, and is what we think it is. CryptoMove’s integrity assurance technology, which can cryptographically verify integrity of each file fragment as it moves, mitigates against corruption and integrity attacks in real-time.
Cryptographic attackNo added protectionProtects
Encryption at rest is vulnerable to cryptographic attacks. Encryption threat models include side-channel, brute force, key attack, quantum computers, and others
CryptoMove sidesteps these concerns. By dynamically and continuously moving, mutating, distributing, and re-encrypting data, CryptoMove ensures attackers cannot begin to mount a cryptographic attack. If they do manage to get something, they have only encrypted fragments, not adding up to entire files even were they brute forced. By the time adversaries move to grab the next handful of fragments, data has moved, mutated, and gotten re-encrypted. There is nothing to uncover or brute force. Even a quantum computer cannot crack ciphertext if it cannot get its hands on it.
Further, CryptoMove is 100% agnostic to the encryption algorithm. This means CryptoMove supports plug-and play of alternative algorithms, such as secret-sharing, multi-party computation, homomorphic encryption, post-quantum algorithms, or any other algorithms that come online and are desired.
Key theftNo added protectionProtects
Encryption at rest systems shift vulnerability to keys. Keys are stored statically and do not move, mutate, fragment, distribute, or re-encrypt. Many examples show that attackers hide in a system, map out the data infrastructure, study encryption key locations, and mount their attack.
CryptoMove guards keys with active defense: dynamic movement, mutation, and distribution—the same protection it applies to data. CryptoMove can create separate keys for each data user, each server, each database, or each application, and can dynamically rotate keys.
CryptoMove can manage keys any way a customer wants:
- Manage keys internally in a separate CryptoMove cluster segregated from the data
- Integrate with external key management systems from third parties
- Integrate with third-party authorization systems like Okta and Auth0
Clear-text exfiltrationOnly thing it's good forProtects
Encryption at rest guards against clear-text exfiltration. About the only thing it’s good for.
CryptoMove does too, and does it better. CryptoMove makes cleartext a nightmare to find and exfiltrate. Data in the CryptoMove data store is constantly and dynamically moving, mutating, distributing, fragmenting, and re-encrypting.
Database/storage IT insiderNo added protectionProtects
Encryption at rest on disk or in a database does nothing against IT insiders that have access to the underlying storage or database infrastructure. IT insiders can review data locations, plan their attacks, and exfiltrate data.
CryptoMove protects against malicious or negligent IT insiders. Those insiders do not know where sensitive data is located after it is tokenized from a database (transparently) or put into the CryptoMove data store. Even root breach on a CryptoMove server itself does not reveal the data store, because CryptoMove distributes its data store across servers and data is encrypted with separate keys. Even root breach on multiple CryptoMove servers does not help, because in the time that the attacker moves laterally from one server to the next, the CryptoMove data store has dynamically changed, moving, mutating, fragmenting, and distributing data.
Root on database/storage infrastructureNo added protectionProtects
Disk and transparent database encryption allows root access on the database server or storage infrastructure full access to data.
CryptoMove integrates with databases and external storage systems and protects data at the file or object-level. This means root on the underlying database and storage infrastructure reveals only encrypted fragments of data, constantly and dynamically moving, mutating, fragmenting, re-encrypting.
Root on CryptoMove serverNo added protectionProtects
For static encryption at rest systems, root on the encryption server is game over.
With CryptoMove, root on a CryptoMove server does not compromise the data store.
- CryptoMove servers are distributed and de-centralized, they are not managed by a central map. Root on the server does not reveal where data fragments will be traveling next.
- CryptoMove protects data with keys separate from servers. This means that root on any CryptoMove server only shows encrypted fragments of data. Further, these fragments may just be passing through, there is no way to know where the rest of the fragments are for that data, or where they will be going next, because they are tied to separate data keys.
- CryptoMove’s data store constantly changes, moving, mutating, fragmenting, and distributing data. This means that even if an attacker gets root on multiple servers, by the time they move laterally from one to the other, the data store has changed its composition and attackers are back to square one.
DDoSNo added protectionProtects
Static encryption at rest systems are vulnerable to denial of service attacks that seek to take encryption servers offline. This paralyzes applications that need data to be available to do their job.
CryptoMove servers are resilient to DDOS. CryptoMove architecture is de-centralized. Nodes can fail, be shut down, or destroyed, and the data store will still persist. CryptoMove has high-availability clustering ensuring that multiple copies of fragments travel through the data store in separate clusters. This builds in resiliency and redundancy in the data store. CryptoMove is thus self-healing.
Quantum ComputerNo added protectionProtects
Quantum computers cracking today’s encryption at rest algorithms is a matter of when, not if. The NSA is sounding the alarm that we must act now to secure data for the post-quantum era. Researchers are barreling ahead on post-quantum encryption algorithms. But we are still likely years away from consensus on the best post-quantum encryption algorithm. Historically, encryption algorithms deprecate much faster than expected, and computing power moves at surprisingly rapid pace.
- CryptoMove sidesteps the entire quantum computing issue. CryptoMove protects data from identification by constantly and dynamically moving, mutating, fragmenting, distributing, and re-encrypting it. This precludes an adversary—even one possessing a quantum computer—from identifying the data of interest. Thus CryptoMove blocks the pre-requisite step to mounting a cryptographic attack with a quantum computer.
- CryptoMove is algorithm agnostic. CryptoMove is architected to plug-and-play different encryption algorithms. The default is AES-256, but as post-quantum algorithms come online, CryptoMove can incorporate them into its data store.
Consequently, CryptoMove is the best approach to securing data for a post-quantum world.