1

Our website has some personal data that needs to be visible to both the user it belongs to and the administrators. It also needs to be encrypted.

As we want to maintain a simple system, just username and password logins, we felt the best method to do this was to encrypt and store it twice, once using the user's password (AES or similar symmetric system) and once using PGP with a public key we are already using in the system for other data.

Does storing this data encrypted in multiple ways pose a significant security risk? Does it make the data easier to recover by an attacker? Is there a better manner of achieving this while maintaining the transparency of the encryption to the end user?

Nathan
  • 11
  • 1
  • 2
    Have a look at http://security.stackexchange.com/questions/71911/pattern-to-allow-multiple-persons-to-decrypt-a-document-without-sharing-the-enc - it covers quite a few of these points, even though it's a distinct question. – Matthew May 27 '16 at 14:07
  • 1
    It would be more efficient to store the data once, encrypted with a single key, and then store the encrypted data-encryption-key twice. Once with a key generated by the user's password, and once encrypted with your administrative public key. – Xander May 27 '16 at 15:43

2 Answers2

1

An attacker now has the advantage to be able to choose which crypto system he wants to break. It's enough to find a weakness or implementation error in either one. As for you this adds the responsibility for keeping two systems equally safe.

If we assume that you do that correctly, I can't see any significant advantage for an attacker...

Thomas
  • 498
  • 2
  • 6
0

The answer to your questions depends a bit on your theat model, requirements and possible attackers.

  1. Assume the data are stored in cleartext on your server. So internal users (administrators as well as other people) have easy access to the data and can read it. An attacker need to find a way into your system and retrieve the data through some means. If this happens the attacker needs no more effort. The data are in clear text.
  2. Now assume the data is stored by using some symmetric algorithm (AES etc.) and the key is the user password. Internal users still have access to the data, but now they can't easily read it anymore. Also the bar for an attacker raises. After this person has managed to break in to your system and gets access to the data, it is not possible to simply read it. Instead internal users as well as the attacker needs to guess the key. As the key is the user password it might be easy to guess it. Because many users will choose easy guessable passwords. So probably it is quite easy to get access to most of the content.
  3. Now encrypt the data additionally with an PGP-based system for internal users. Internal users will also be able to access the data, but they will need to guess the private key. It is the same with external attackers. However both people might be able to look for the private key once they have access to the system as a whole. If they can find it, they can easily decrypt the data.

So in general to increase the security of your system you should think about the following issues:

  • password security: You can require strong passwords from your users. This way it will be harder to guess the password and decrypt the data for an attacker.
  • use derived keys to encrypt data: Don't just use the plain password as a key for decryption. Instead it might be worthwile to use a key derivation algorithm and take the result as key for decryption. This raises the bar for an attacker to guess the password, even it is weaker.
  • Store the second set of data elsewhere: Don't store it on the same server. Take the data to another location and limit the number of people who have access to those data.
  • Harden your systems: Take special measures to secure your system. Monitor break-in attempts.

This are quite general recommendations. If you can disclose more about your architecture an more specific answer would be possible.

qbi
  • 1,601
  • 2
  • 14
  • 27
  • All our encrypted data is stored on a second server, seperate from the web server. At present we only store encrypted files there, which are decrypted by passing in the private key. We don't store the private key on either server, but on physical USB sticks. To extend our security we want to encrypt and store additional user information on the second server. Frankly, if an attacker retrieves the private key then we're stuffed as the files are by far the most important to keep secure. Is this the kind of information you are looking for? Many thanks for the thorough answer. – Nathan May 27 '16 at 15:51