Securing
Automated
Decryption
Nathaniel McCallum
Principal Engineer - Red Hat, Inc.
Booting...
Disk Password: █
Booting...
Disk Password: █
Booting...
Disk Password: █
Booting...
Disk Password: █
Booting...
Disk Password: █
Booting...
Disk Password: █
Booting...
Disk Password: █
Booting...
Disk Password: █
Booting...
Disk Password: █
Booting...
Disk Password: █
Booting...
Disk Password: █
Booting...
Disk Password: █
Booting...
Disk Password: █
Booting...
Disk Password: █
Standards (AES, PCI-DSS, etc.)
Yesterday
Automation
Today
Policy
Tomorrow
Standards (AES, PCI-DSS, etc.)
Yesterday
Automation
Today
Policy
Tomorrow


How do we automate?
Shh... I'm Secret!
Encryption Key
Shh... I'm Secret!
Key Encryption Key
Encryption Key
Shh... I'm Secret!
Key Encryption Key
Encryption Key
Shh... I'm Secret!
"correct battery horse staple"
Key Encryption Key
Encryption Key
Shh... I'm Secret!
"correct horse battery staple"
Standard Password Model
Key Encryption Key
Encryption Key
Shh... I'm Secret!
"d41d8cd9...ecf8427e"
Key Encryption Key
Encryption Key
Shh... I'm Secret!
"d41d8cd9...ecf8427e"
Escrow
Standard Escrow Model?
Key Encryption Key
Encryption Key
Shh... I'm Secret!
"d41d8cd9...ecf8427e"
Escrow
TLS / GSSAPI
Standard Escrow Model?
Key Encryption Key
Encryption Key
Shh... I'm Secret!
"d41d8cd9...ecf8427e"
Escrow
TLS / GSSAPI
Standard Escrow Model?
Key Encryption Key
Encryption Key
Shh... I'm Secret!
"d41d8cd9...ecf8427e"
Escrow
TLS / GSSAPI
Standard Escrow Model?
Key Encryption Key
Encryption Key
Shh... I'm Secret!
"d41d8cd9...ecf8427e"
Escrow
TLS / GSSAPI
Standard Escrow Model?
KDC/CA
Key Encryption Key
Encryption Key
Shh... I'm Secret!
"d41d8cd9...ecf8427e"
Escrow
TLS / GSSAPI
Standard Escrow Model
KDC/CA
Backups
Key Encryption Key
Encryption Key
Shh... I'm Secret!
"d41d8cd9...ecf8427e"
Escrow
TLS / GSSAPI
Standard Escrow Model
KDC/CA
Backups
HEARTBLEED
Lessons Learned
- Presuming TLS will protect key transfer is dangerous
- Complexity increases attack surface
- Escrows are difficult to deploy
- X.509 is hard to get right
asymmetric crypto?

(EC) Diffie-Hellman Key Exchange
Binding with ECDH (Insecure)
Provisioning
Recovery
Weaknesses:
- K is revealed to a passive attacker.
- With c, the passive attacker can get K.
- Server learns c and therefore K.
Resolved: c MUST be private
McCallum-Relyea Key Exchange
Provisioning
Recovery
To keep c private, e & E MUST be private.
Key Encryption Key
Encryption Key
Shh... I'm Secret!
Server
MR Exchange
Key Encryption Key
Encryption Key
Shh... I'm Secret!
Server
MR Exchange
Crypto HW
Property | Escrow | MR Exchange |
---|---|---|
Server presence during provisioning | Required | Optional |
Server presence during recovery | Required | Required |
Server knowledge of keys | Required | None |
Key transfer | Required | None |
Client authentication | Required | Optional |
Transport encryption | Required | Optional |
End-to-end Encryption | Difficult | Unneeded |
Tang
- https://github.com/latchset/tang
- Server-side daemon
- Simple: HTTP + JOSE
- Fast (>2k req/sec)
- Extremely small
- Minimal dependencies
- Fedora 26+, RHEL 7.4, Debian (soon)
$ sudo dnf install tang
$ sudo systemctl enable --now tangd.socket
Installing a Tang Server
On the client...
Clevis
- https://github.com/latchset/clevis/
- Decryption automation and policy framework
- Minimal dependencies
- Early boot integration
- GNOME integration
- Fedora 26+, RHEL 7.4, Debian (soon)
$ dnf install clevis
$ echo PT | clevis encrypt tang '{"url":"http://localhost"}' > mydata.jwe
The advertisement is signed with the following keys:
haD7Y-8VkAyJo6-vdZMrGQXCSfI
Do you wish to trust the advertisement? [yN] y
$ cat mydata.jwe
{"ciphertext":"-O59czAqybvxHdme2t3I5A", ...}
$ clevis decrypt < mydata.jwe
PT
$ sudo systemctl stop tangd.socket
$ clevis decrypt < mydata.jwe
$ echo $?
1
Basic Encryption with Tang
$ dnf install clevis
$ echo PT | clevis encrypt http '{"url":"http://localhost/key"}' > mydata.jwe
$ cat mydata.jwe
{"ciphertext":"-O59czAqybvxHdme2t3I5A", ...}
$ clevis decrypt < mydata.jwe
PT
Basic Encryption with an Escrow
$ sudo clevis bind luks -d /dev/sda1 tang '{"url":"http://tang.srv"}'
The advertisement is signed with the following keys:
haD7Y-8VkAyJo6-vdZMrGQXCSfI
Do you wish to trust the advertisement? [yN] y
Enter passphrase for /dev/sda1:
$ sudo luksmeta show -d /dev/sda1
0 active empty
1 active cb6e8904-81ff-40da-a84a-07ab9ab5715e
2 inactive empty
3 inactive empty
...
# For root volume unlocking at boot:
$ sudo dnf install clevis-dracut
$ sudo dracut -f
$ reboot
# For removable storage GNOME unlocking:
$ sudo dnf install clevis-udisks2
Disk Binding with Tang
From Automation to Policy
Standards (AES, PCI-DSS, etc.)
Yesterday
Automation
Today
Policy
Tomorrow


Shamir Secret Sharing
threshold = ?
Shamir Secret Sharing
threshold = ?
threshold = ?
Simple Laptop
unlock?
Admin Password
User Password
threshold = 1
Automated Laptop
unlock?
Admin Password
User Password
threshold = 1
Tang
High Security System
unlock?
User Password
User Password
threshold = 2
User Password
Sophisticated Laptop Policy
unlock?
QR Code
thresh. = 1
SSS
TPM
thresh. = 2
SSS
thresh. = 2
Password
Yubikey
Tang
Bluetooth
$ echo PT | clevis encrypt sss \
'{"pins": {"tang": [{"url": "http://a.tang.srv"}, {"url": "http://b.tang.srv"}]}, "t": 1}' \
> out.jwe
The advertisement is signed with the following keys:
haD7Y-8VkAyJo6-vdZMrGQXCSfI
Do you wish to trust the advertisement? [yN] y
The advertisement is signed with the following keys:
Edp-ESShUx4_95kGt-DTsCBbPag
Do you wish to trust the advertisement? [yN] y
$ clevis decrypt < out.jwe
PT
# Bring Down Tang Server A
$ clevis decrypt < out.jwe
PT
# Bring Down Tang Server B
$ clevis decrypt < out.jwe
$ echo $?
1
Basic Shamir's with Tang
Exploring the ecosystem
Dependency: José
- https://github.com/latchset/jose
- JSON Object Signing and Encryption
- C Library & Command Line Utility
- Bottom Line: User-Friendly, Standards Compliant Crypto
$ jose jwk gen -i '{"alg": "A128GCM"}' -o oct.jwk
$ jose jwk gen -i '{"alg": "RSA1_5"}' -o rsa.jwk
$ jose jwk gen -i '{"alg": "ES256"}' -o ec.jwk
$ echo hi | jose jwe enc -i- -k rsa.pub.jwk -o msg.jwe
$ jose jwe dec -i msg.jwe -k rsa.jwk
hi
$ jose jwe dec -i msg.jwe -k oct.jwk
Decryption failed!
$ echo hi | jose jws sig -i- -k ec.jwk -o msg.jws
$ jose jws ver -i msg.jws -k ec.pub.jwk
hi
$ jose jws ver -i msg.jws -k oct.jwk
No signatures validated!
Dependency: LUKSMeta
- https://github.com/latchset/luksmeta
- Store metadata in LUKSv1 header gap
- C library & Command Line Utility
$ echo hi | luksmeta save -d /dev/sdc1 -s 2 -u EC998562-B60D-47F0-A579-DCA8C12F5BF6
$ luksmeta load -d /dev/sdc1 -s 2 -u EC998562-B60D-47F0-A579-DCA8C12F5BF6
hi
$ luksmeta load -d /dev/sdc1 -s 2 -u 12618962-A1E5-48F1-B327-D7C60E20FC02
Slot contains different UUID
the Near Future
José
- PKCS#11 Support
- Python Bindings
- Additional crypto backends
- Additional algorithms
Clevis
- Support for non-root, non-removable volumes
- TPM v2.0 Support (PR#17)
- Password Pin
- PKCS#11 Pin
- Ext4 encryption support
Tang
- Binding IDs (Optional; sacrifices anonymity)
- Revocation (requires Binding IDs)
Patches Welcome!
Questions?

Securing Automated Decryption
By Nathaniel McCallum