Key Management and Protection in a Connected World: Analysis of Available Technologies White Paper www.unboundtech.com Copyright 2018, Unbound Tech Inc. 1 Introduction As corporate IT becomes more digital and dispersed, security CONTENTS: functions that leverage cryptography - data encryption, digital signing, and authentication, for example - have come to play an increasingly 1. Impact of Digital vital role in organizations’ cybersecurity strategies and regulatory Transformation on Key compliance initiatives. Management and Protection » The digital transformation has not only impacted the use of 2. Key Management Security cryptography as part of IT security, but also the underlying methods Principles » for the critical task of protecting and controlling cryptographic keys. Enterprise key management solutions are evolving to address 3. Assessment of Key Protection organizations’ changing needs as they migrate to distributed IT and Methods » hybrid cloud environments, addressing both lifecycle management of • Dedicated Hardware » keys and their protection from unauthorized use or theft. Endpoint • Software Tokens and Vaults » security solutions leveraging cryptography are also advancing in the wake of the internet of things, BYOD and consumer-oriented mobile • Trusted Execution services and apps, with security requirements often weighed against Environments » user experience, deployment and support considerations. • Multi-Party Computation » This document provides in-depth analysis of traditional as well as 4. Conclusion » emerging cryptographic key management and protection technologies available today. We cover both security and usability considerations, to help IT security professionals assess the extent to which each technology fits their current and future business needs. Copyright 2018, Unbound Tech Inc. 2 1. Impact of Digital Transformation on Key Management and Protection As businesses transform their IT, key management methods must evolve in tow, supporting agility, scalability and usage requirements. At the same time, the highest standards of key protection must be maintained—otherwise the very foundation of security provided by cryptography is compromised. For years, organizations have been using EXPLOSION OF DATA AND cryptography to encrypt, sign, authenticate and CONNECTIVITY validate the integrity of corporate digital assets and With a constant influx of people and things joining users. With the rise of digital and cloud computing, the digitization trend globally, vast amounts of data as organizations rely on open, externally managed are being created, stored, processed and and shared infrastructure, they are exposed to communicated, raising security and privacy increasingly sophisticated cyber-attacks with concerns. At the same time, IT infrastructure is potentially devastating ramifications. In addition, increasingly open and connected, making data more they are required to comply with increasingly accessible and thus vulnerable to theft. stringent security and privacy regulations. In this changing landscape, cryptography is becoming ever Cryptography is one of the foundational tools that more important as a means for organizations to organizations can use to protect sensitive data protect and grow their business. wherever it resides. To address increasing data security requirements, organizations need to step up One of the pillars of cryptography implementation is their key management capabilities accordingly. Not the secure storage and management of the keys only is scalability in terms of volume of keys and key used to perform cryptographic operations. Strong operations critical, but also the flexibility to address protection of cryptographic keys is critical because in a bigger range of use cases with increasing levels of case of undesired exposure or use, organizations risk sophistication, such as application-level data completely undermining the security of the assets encryption, database encryption, and strong that their cryptography schemes were designed to authentication. protect, much like exposing the key to a safe. If they get into the wrong hands, keys can be used for mass theft of sensitive data, online fraud, or distribution of malware in the name of a legitimate organization, Volume of Data Created Globally to name just a few examples. 180 Following is a brief overview of some of the main 160 facets of digital transformation and how they impact 140 key management and protection requirements. 120 100 Zettabytes 80 60 40 20 0 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 2025 Source: IDC’s Data Age 2025 study, sponsored by Seagate, April 2017 Copyright 2018, Unbound Tech Inc. 3 IT WITHOUT PERIMETERS DevSecOps Hybrid cloud and data center infrastructures are the Sec new norm for many businesses. According to the Create Plan Release Configure Detect Thales 2018 Global Threat Report, 84% of organizations globally are using more than one IaaS vendor and 34% use over 50 SaaS applications. In Dev Ops addition, a plethora of endpoint devices are Monitoring Monitoring & & connecting to corporate networks, with increasing Analytics Analytics adoption of BYOD and the internet of things. As companies diversify their infrastructure, new security challenges arise around protecting sensitive Verify Preproduction Adapt Predict Respond keys in an open and uncontrolled environment, which must be addressed. Source: Gartner (September 2016) Further, faced with different key protection requirements and constraints across different Cryptography implementations must adapt to new platforms, organizations may end up with key application development practices, not only to serve protection silos that are complex to manage and these applications in performing security functions difficult to conform with corporate security policies. such as encryption and digital signing, but also to Platform-agnostic solutions will likely provide an enable application security techniques such as code advantage to organizations with highly distributed signing in an agile environment, and to address new infrastructures. security needs such as identifying, authenticating and protecting individual containers. CHANGING APPLICATION From a technology standpoint, to be practical for DEVELOPMENT AND DELIVERY agile and cloud-scale applications, the cryptographic New software development practices and tools such key management and protection mechanisms as DevOps, continuous integration and delivery, themselves need to be agile, elastic, and automated. containers and microservices are increasingly being adopted for business applications, to enable faster NEW CRYPTO-BASED DIGITAL SERVICES and more frequent release cycles. The integration of The digital transformation is enabling new crypto security into these new practices, termed services and applications that were not possible in DevSecOps, requires significant change in security the past, such as cryptocurrency wallets and mindset and technology. exchanges. Companies that wish to leverage these services as a core or ancillary part of their business must be able to support advanced cryptography schemes and have robust key protection by design. Copyright 2018, Unbound Tech Inc. 4 2. Key Management Security Principles We know that strong key protection is paramount to the effective use of cryptography, but how can we judge the level of security provided by a key management solution? It comes down to a few criteria that guide the design of key protection mechanisms and determine their security strength. A number of key management and protection • Physical access attacks are possible when the technologies are available today. Some have been in attacker can obtain physical proximity to the use for many years, while others are emerging in hardware on which the keys reside. The most response to the transforming IT environment. prevalent physical threat today is hardware- Key management solutions need to fulfill a core based side-channel attacks. In such attacks, the tenet of cryptography: they must protect keys from aversary deduces secret data located inside the exposure and unauthorized use. So, before we machine by measuring hardware characteristics, review the available solutions, let’s first take a closer such as power usage or noise levels, which vary look at the security principles that determine the based on data processing activities inside the effectiveness of a key protection scheme. machine. These characteristics are called side channels because they reveal additional NON-EXTRACTABILITY information besides the regular data inputs and outputs. Like a safe, the primary role of key protection schemes is to prevent extraction of cryptographic • Software side-channel attacks are possible when key material by people or machines, to prevent their an attacker can exploit logical access to the theft and unauthorized use. machine where keys are protected to extract key material via software-based side-channel The theft of cryptographic keys is disastrous because information. Attackers can achieve this by attackers can use the keys freely for all intended running a separate software application co- purposes (i.e. sign transactions, authenticate to located on the machine, crafted to extract key business-critical applications, decrypt sensitive material from shared resources such as the CPU content). or cache. In virtualized environments, such co- Because the keys remain intact in their original location attacks are possible even from a location, detection of such attacks