What you need to know about encryption key management
If encryption isn't in your shop yet, it will be soon. Learn how to manage it before it's too late.
Three years ago, storage encryption generated more head scratching than interest. Storage was assumed to be a technology layer hidden behind well-protected server hardware and OSes. Encryption was a topic for intelligence agencies, math gurus and networking professionals, but not the storage team.
That mindset seems quaint today. When it comes to storage encryption, we now know the following:
Users get it. Between February 2005 and July 2006, there were 17 publicly disclosed data breaches, according to the Privacy Rights Clearinghouse. More than 9 million Americans had their personal information exposed in these breaches. Given the potential cost and damage of a publicly disclosed data breach, storage professionals are evaluating and purchasing tape encryption solutions in record numbers.
Vendors are responding. Last year, Network Appliance bought Decru, while NeoScale Systems signed on as a partner with all of the storage leaders. And backup software vendors such as Asigra, Atempo and CA enhanced their own cryptographic capabilities.
Encryption is moving from appliances to devices. In this more recent trend, device vendors are adding cryptographic capabilities within their systems. Nexsan added encryption to its Assureon secure storage appliance; Maxxan's CipherMax places encryption in a Fibre Channel switch; and a bevy of vendors like IBM, Quantum, Spectra Logic and Sun Microsystems added encryption to tape drives and arrays.
The new storage encryption mantra is key management. Decru and NeoScale each introduced key management products this year, while EMC scooped up security veteran RSA Security, noting that key management was a major reason for the acquisition.
Most of these trends are progressing as expected. User demand inevitably leads to vendor action, so the onslaught of new encryption offerings is no surprise. But key management technology doesn't fit into this natural economic cycle. To many storage professionals, key management is a new concept that's neither intuitive nor well understood.
ESG recently asked 227 North American-based security professionals from organizations with more than 1,000 employees, "How interested do you believe your organization would be in centralized key management?" Almost 20% said their firm had deployed a centralized key management solution, while more than 50% were either extremely or somewhat interested in centralizing key management.
Unfortunately, security folks seem to be keeping key management a well-guarded secret. As encryption becomes more integrated into all layers of IT, the rest of the technology team needs to understand key management to some degree.
Merriam-Webster Dictionary defines encryption as "the manipulation of data to prevent accurate interpretation by all but those for whom the data is intended." Fine, but exactly how is this data manipulated in the first place?
In its simplest form, encryption is a mathematical operation. Human-readable documents (cleartext) are mathematically combined with an encryption algorithm and returned in an enciphered format, or ciphertext.
An encryption key allows transforming between cleartext and ciphertext. Remember high-school algebra when you had to figure out what X represented in an equation? You can think of an encryption key as the same type of value.
There are two types of encryption keys: symmetric and asymmetric. With symmetric keying, a single key is used by the algorithm for encryption and decryption. An asymmetric key algorithm uses a pair of cryptographic keys to encrypt and decrypt. A message encrypted by the algorithm using one key can be decrypted by the same algorithm using the other. In a sense, one key locks (encrypts), but a different key is required to unlock (decrypt). Storage encryption operations tend to use symmetric keying.
Protecting data through encryption depends on:
The strength of the encryption algorithm. Commonly used encryption algorithms are published so that the world's best math heads and crackers can have a go. None of today's standard algorithms has been broken.
The size (i.e., number of bits) of an encryption key. An encryption key length determines the number of possible key permutations. The old cipher workhorse was the Data Encryption Standard (DES), a 56-bit algorithm approved as a U.S. government standard in 1976. With DES, there are 72 quadrillion possible keys. This is tough for an individual to crack, but not for today's computing power. In fact, cryptanalysts broke DES using a program called "DES Cracker" in the late 1990s. Current encryption algorithms tend to use 128-bit algorithms that can generate 340,282,366,920,938,000,000,000,000,000,000,000,000 possible keys.
Protecting the encryption keys. If a bad guy gets the encryption keys, he can read whatever he wants. Given the number of possible keys, it's easier to steal keys than guess them.
Key management basics
Managing and protecting encryption keys from would-be intruders is important, but key management systems do more than just that. The total process is often called key lifecycle management, which includes:
Key generation. The key management system creates a unique 128-bit key for everything that gets encrypted. The important concept here is randomness. No key can be associated with those generated before or after it.
Key deletion. Deleting keys when they've expired or are no longer needed is important in preventing security breaches.
Key distribution. A single key management system can create keys as a service for multiple encryption engines.
Key protection. Facilities for key storage, backup and recovery, and key management server clustering for availability.
Key administration. Key management systems have to provide for day-to-day operations. Generally, this is done by following the security principle of separation of duties, where responsibilities are divided so no one person has the "keys" to the kingdom.
Key auditing. Key management must include logging information on the keying and administrative processes used by credentialed personnel for reporting and auditing.
Why all the fuss?
Key management might seem like any other administrative function that accompanies a new IT technology. But encryption is evolving from an esoteric technology used by government agencies to a mainstream computing reality. By 2008, encryption is likely to be standard fare on every enterprise tape drive. In a few years, when encryption technology is all over the storage infrastructure, key management will become a very big deal because of the following:
Key management will become a major burden. Enterprises migrated from DAS to SANs largely because managing dozens of individual disk subsystems was an operational challenge. The same pattern will happen if CIOs bring in encryption technologies willy-nilly.
The encryption key security chain is only as strong as its weakest link. One unprotected key management system can unlock confidential data. The more key management systems there are, the more likely it is that this will happen.
Disaster recovery could be a nightmare. It's hard enough to restore multitiered business apps; imagine the added encumbrance of having to restore numerous key management servers before any data is available. What's more, disaster recovery could come to a screeching halt if one key management server is corrupted or its keys are lost.
Added security and encryption is a must-have, and key management woes can't slow down progress or place the business at risk. This is where centralized key management services come into play, and there are already a few vendors with product offerings. Given the critical function of key management, expect lots of other vendors to jump into the pool within the next 12 to 18 months.
No one expects storage professionals to become instant security gurus or cryptologists, but it's no longer acceptable to ignore the issue. Moving forward, encryption basics are an absolutely essential skill for storage professionals. In this pursuit of knowledge, avoid the mathematical details and focus on the critical topic of key management.