If I use a database encryption package for oracle like dbms_crypto, would this be vulnerable to any attacks? I know that it uses algorithms like 3DES, AES, etc. These are all thigns that you can use while using this package, and there are attacks against 3DES, and AES but they are relatively secure. Other than a system being compromised, and having keys stored on the system, and a malicious Database Admin, are there any other attacks that a DB that is encrypted using a package would be vulnerable to?
-
1Encryption protects **Dead Systems** from theft of content. A running system, database or otherwise, is effectively decrypted in order to run. A running system is subject to all the same attacks, regardless of whether the underlying storage was originally encrypted or not. *Homomorphic encryption* is mostly a side entertainment. – user10216038 Apr 21 '20 at 17:48
3 Answers
An encrypted database protects the database against attacks on the filesystem or storage. If someone manages to get a shell on the server, or gets the credentials to the SAN storage, they cannot make a copy of the database and run with its data.
On the other hand, the applications need access to the database, so they must have the credentials and the encryption keys for it. If an application can access the data, so can an attacker.
If the application is vulnerable to SQL Injection, an attacker can extract data from the database even if the database itself is encrypted.
- 50,648
- 13
- 127
- 142
There are many different attacks possible. For instance there are different attacks related to privilege escalation via indexes. Attacks via TNS listener. Attacks via web interface isqlplus. DoS attacks (running complex queries, filling shared tablespaces). Etc.
When you encrypt data, you do only that, encrypt. It protects only in this single case, when somebody gets access to database files. All other possible attacks do not depend on encryption. That's why it is not correct to expect that the database is secure otherwise.
- 8,536
- 4
- 26
- 41
No, they are not secure against attacks, especially in multi-user case.
For example, the CryptDB of MIT is shown to be attackable in various ways
On the Difficulty of Securing Web Applications using CryptDB
- privilege escalation is possible if there is no integrity and authentication
- The difference of two-time snapshot of the encrypted database can leak information with the help of frequency attacks.
- Inference Attacks on Property-Preserving Encrypted Databases
Inference attacks and Frequency attacks are still applicable to Encrypted DB's if one uses ECB mode of operation. for the equality queries.
The real problem is the protection of the encryption keys. As one said if you encrypt the database and perform queries over the encrypted data then all of the application servers need the key. Therefore, one distributes the protection of one key ( Oracle's raw encryption) into protection of the key in multiple places like having 20-25 application servers that need the key to perform queries.
One solution is using an HSM module for storing the key and executing some encryption with the help of them as en encryption oracle. They may have limited capabilities and can have unnoticed failures.
Conclusion: Encryption is essential, however, one still need consider new sophisticated attacks.
- NSA: "Attacks always get better; they never get worse.
- 5,409
- 4
- 24
- 47