-1

In April 2017, Jacob Henning asked "What are the chances that AES-256 encryption is cracked?" and part of his question was how best the transmitted data, now in his web database, a.k.a. "data at rest" might be protected.

Hence my question:

What is the best way to protect data on a server after it has been "safely" transmitted over a communication line?

Robin Maybury
  • 1
  • 1
  • One method I've read a little about is tokenization. Could tokenization work? Ref: https://en.wikipedia.org/wiki/Tokenization_(data_security) – Robin Maybury Jun 19 '18 at 18:58
  • 1
    Tokenization is sort of the zen of protection: you protect the confidentiality of data by not having confidential data to store. It isn't about keeping data confidential, it's about defending against misuse of an asset. What do you mean by “protect data on a server”, anyway? What threats are you concerned about? – Gilles 'SO- stop being evil' Jun 20 '18 at 06:09
  • Thanks Gilles, If we think about the recent thefts of Credit Card data or the data stolen from Equifax, as I understand it, that data was "in the clear" = once you have the data, you don't need anything to decrypt it. Thus, what I'm driving at is how Jacob Henning might have protected his website data once it was on his server.
    One method I believe could work for that is tokenization.     – Robin Maybury Jun 21 '18 at 22:20

1 Answers1

0
  1. Why are you using AES-256 at all? You encrypt information to protect it. Does it make sense to use a particular algo, it if you think it is cracked?
  2. If you are not sure about particular algo, pick up another one you trust to, ChaCha, ThreeFish, etc.
  3. Once you transmit anything via network, you should expect that an attacker has a copy of it. Does it make any sense to protect it after transmitting?
  4. Token can be used as a reference to the data. But to get the data, you have to decrypt the encrypted data completely. Suppose you have an encrypted 100 MB file and want that your partner reads this document. Token will not help. Your partner will have to download this encrypted 100 MB file and decrypt it.
mentallurg
  • 2,611
  • 1
  • 16
  • 22
  • I'm not restricting my data encryption to just the AES-256 algo. It could be another better algo. I agree. I wouldn't use an algo I don't trust.
  • Agreed.
  • If the data in motion, that transmitted, is encrypted and only I and the intended recipient have the private key, the attacker cannot unlock the data - can they?
  • Suppose I keep the original data behind my firewall. I tokenize it, then transmit, using a strong algo to the receiving server and push that result behind the remote firewall and then, and only then, de-tokenize it...surely the tokenized data is only of value to me?
    • – Robin Maybury Jun 21 '18 at 22:29
  • What you mean by "private key"? There is no public, no private key. There is just a single key. 4. What you mean by "I tokenize it"? Token is just a unique identifier that refers your data. The simplest tokenization can mean that you just generate a UUID. transmit, using a strong algo - you don't need any algo to transmit it. Token is not secret. * de-tokenize it* - what you mean? Token is just an identifier, it is not encrypted message. E.g. for the data set of 100MB you may have a token of 5 letters. What will you "de-tokenize" from these 5 letters?
    • – mentallurg Jun 22 '18 at 07:05
  • Back to your original question: How can I protect AES-256 encrypted data? Either you trust it or not. If you trust, you don't need any "protection". Just use an algo you trust to, and you don't need any "protection". – mentallurg Jun 22 '18 at 08:27
  • Thanks @mentallurg. Do you have any understanding then of why these guys, [comforte] (https://www.comforte.com/enterprise-data-protection/), are promoting tokenization as part of their data protection strategy? – Robin Maybury Sep 12 '18 at 20:30
  • I suppose you don't understand what tokenization is and you don't understand my answers above. It is not a secret solution. It has been used since 20 year or more. An HTTP session ID is an example of a tokenization. An ID in many single-sign-on solutions is an example of tokenization. In some solutions even file name can be a token. The guys you mention are not promoting tokenization. They are promoting their software that is using tokenization. – mentallurg Sep 13 '18 at 06:55
  • You wrote "I tokenize it, then transmit, using a strong algo" - token is NOT secret. Token is intended to be DISPLAYED to everyone. "... then, de-tokenize it" - token contains NO information. Normally it is a RANDOM string. You cannot extract any information from the token. It is like file name. When you send a token which is a file name Q12W34E56.txt from server A to server B, server B does NOT know what token Q12W34E56.txt means, because the content of this file is available on server A only. Server B cannot "de-tokenize it". You don't understand what tokenization is. – mentallurg Sep 13 '18 at 07:04