[cryptography] Questions about crypto in Oracle TDE

Kevin W. Wall kevin.w.wall at gmail.com
Sun Nov 11 15:40:45 EST 2012


On Sun, Nov 11, 2012 at 7:34 AM, Florian Weimer <fw at deneb.enyo.de> wrote:
> * Kevin W. Wall:
>
>> Oracle TDE is being looked at as oneoption because it is thought to be
>> more or less transparent to application itself and its JDBC code.
>
> If it's transparent, it's unlikely to help against relevant attacks,
> such as dumping the database over JDBC after the application server
> has been compromised.  Non-cryptographic approaches, such
> database-level access controls, seem better suited for this task
> (assuming that the database has been set up in a suitable fashion and
> is itself robust enough to withstand attacks over the client
> interface).

Of course; the threat model that Oracle TDE supposedly addresses
does nothing to address SQLi vulnerabilities. Even having the encryption
being done by the application does not necessarily mitigate that attack
vector in all situations. As usual, that is best handled by ensuring the
use of "prepared statements" (aka, parameterized queries).

At first I thought that the attack vector that Oracle TDE was intended
to address
was that of a rogue DBA with access to the database just dumping sensitive data
from the DB. I got that impression because of Oracle's documentation recommends
having a separate "security administrator". However, as I thought
about it, it seems
that this really right either. Anyone that has SELECT ability on the
table's encrypted
column can dump the encrypted sensitive data.  Even if a DBA for this database
didn't have SELECT privilege directly, it would seem that indirectly they could
create another DB user that *did* have the needed SELECT access and
smash & grab of the sensitive data that way.

So looking back at it, I'm not really sure what threat Oracle TDE is supposed
to prevent. Perhaps an OS administrator stealing the data? Possibly. More likely
it was there to satisfy some inept auditor's checklist mentality to
security. A lot
of security in the real world is of this CYA variety, so it wouldn't surprise
me in the least. That doesn't always mean that CYA security approaches
are always pointless though. In the event of lawsuits resulting from some
data breach, such approaches often are considered following best practice
and thus considered doing due diligence, thus keeping you from getting
sued for negligence and paying treble damages.

I'm leaning heavily towards making the application handle the encryption, but I
think it depends on how much they have left in the budget for this change
request.

-kevin
--
Blog: http://off-the-wall-security.blogspot.com/
"The most likely way for the world to be destroyed, most experts agree,
is by accident. That's where we come in; we're computer professionals.
We *cause* accidents."        -- Nathaniel Borenstein



More information about the cryptography mailing list