[cryptography] Questions about crypto in Oracle TDE
Jeffrey I Schiller
jis at qyv.net
Sun Nov 11 16:19:46 EST 2012
This all sounds like another variation on "encrypting data at rest." It
protects against threats related to acquisition (legally or not) of the
media that the data is stored on.
For example Google Compute Engine's (GCE) disks are encrypted below the
level of the operating system. What this means is that the contents of
the disks are encrypted, but you cannot tell that from the virtual
machine. The disks look like regular disks. You (the operator of the VM)
have no access to nor knowledge of the key.
At first I thought all of this of limited value. However upon closer
thought, it actually provides some real value. In particular it makes
the destruction of the data much simpler. Destroy the key and the data
is effectively gone, without having to erase the actual media. So when I
"delete" a virtual disk on GCE, all Google has to do is erase the
corresponding encryption key to ensure that my data is really
unrecoverable. Simlarly, newer versions of the iPhone encrypt the
phone's flash. The Wipe function now only has to wipe the key for the
wipe to have effect. Prior to having this level of encryption, the whole
flash had to be wiped, which takes time, time in which the thief can
remove the battery to thwart the wipe.
Although I am not familiar with this Oracle product. I suspect it offers
the same feature. As long as the encryption keys are on separate media
from the sensitive data, it can help avoid the compromise of the data
via decommissioned disks or just disks being shipped to off-site storage
(as disks do get lost in shipment).
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4881 bytes
Desc: S/MIME Cryptographic Signature
More information about the cryptography