[cryptography] Keyspace: client-side encryption for key/value stores

ianG iang at iang.org
Thu Mar 21 04:12:06 EDT 2013


On 21/03/13 10:07 AM, Jeffrey Walton wrote:
> On Thu, Mar 21, 2013 at 2:52 AM, Tony Arcieri <tony.arcieri at gmail.com> wrote:
>> https://github.com/livingsocial/keyspace
>>
>> tl;dr: Keyspace provides "least authority" client-side encryption for
>> key/value stores using NaCl's crypto_secretbox (XSalsa20 + Poly1305) and
>> Ed25519 as part of a capability-based security model.
>>
>> One problem I've dealt with quite frequently when deploying web applications
>> is how to keep sensitive configuration files (e.g. database credentials)
>> secret. I've longed for a system that provides end-to-end confidentiality
>> and data integrity. I think a reasonable goal is to never store secrets on
>> disk in plaintext form, and try to isolate all secret management to the heap
>> of the process in question. It's not perfect, and an attacker could still
>> get keys out of RAM, but it's certainly better than plaintext on disk
>> guarded by file permissions alone, which is the status quo as far as I can
>> tell.
> On Windows and Apple platforms, one usually defers to the OS.


To play the devil's advocate, this is only a partial solution, and I 
wonder why so many developers 'defer' so easily?  Using the OS secrets 
store has a number of drawbacks:

1. what happens when you lose the laptop?
2. what happens when the OS store gets updated and a bug loses your data?
3. what happens when you need to use two platforms?  A phone and a 
laptop?  Or, any combination where there is incompatibility, impedance 
or absence?
4. what happens when your enemy has insiders inside the OS provider?
5. what happens when your app wants to store something that the OS store 
can't handle?

As an application provider, you may find that it is easy enough to use 
the OS store, if you can afford to support all the platforms.  But if 
something goes wrong, you're still on the hook.  No customer of your 
application really cares what the excuse is, they want their data back.

Now, for my money, any application that has already developed a great 
crypto security set can probably more easily do the primary secret 
storing itself better and more cost-effectively (measured in code time) 
than by using the OS store.  And, in the process, it can provide the 
user's backup context...


> Linux has not warmed up to the fact that userland needs help in
> storing secrets from the OS.


:)  A singular observation.



iang





More information about the cryptography mailing list