End-to-end data turnover: slides and notes
At Cossack Labs, one of the main things we’re interested in is building data protection tooling, which is resistant to infrastructure breaches. Previously, I’ve outlined our vision in a talk Everything will be broken, given at Security BSides 2016: it is only a question of time, when your infrastructure is going to let intruders in.
But what should we do about it?
We can do quite a lot, after painful realization that real trust model is that there is no “secure trusted infrastructure”, only strength of disparate components and their links.
Such trust model gives ground for ‘zero knowledge software’:
Zero knowledge software is software, that operates with client data without having unencrypted access to it.
This talk reviews common ZKS strategies in three domains — data in motion, data in process and data at rest. ZKS itself is not a hard goal to achieve — yet, achieving decent level of usability and functionality on top of zero-knowledge data turnover is a challenge that is yet only starting to interest people around data security.
Our contribution to this global effort is Hermes, our framework for managing database-stored chunks of data with rights managed cryptographically. Imagine that you can map your traditional CRUD grant rights to every user represented by cryptographic key, and add up various backend and frontend-specific use-cases on top. Cryptographically, with proven encryption methodology and extremely paranoid threat model.
Hermes is one of core building blocks of zero knowledge software solutions we’re working on at Cossack Labs. This talk explains core methodology (it’s extremely simple) and some use-case considerations.
For the audience of UISGCon 12 I’ve provided a link to subscribe for the first closed round of alpha testers of Hermes, which is due pretty soon. Readers of this blog are highly encourageв to do the same, as we’re about to unfold the early PoC version with methodological paper.
Seems like the future? So are today’s threats
I believe ZKS is a next step in evolving security systems, where data owners retain control on everything. Maintenance, compaction, and other ‘system functionality’ in all use cases is achievable in ZKS threat model, so it should be pursued: no other threat model stands against today’s risk.
Don’t want to be pwned? Stay tuned and watch how modern techniques evolve. We’re living in exciting times.
Wanna learn more about what we do? There’s a lot more in Cossack Labs Blog.