How to encrypt data on the server?

Question

I have some data on the server (running Linux) which needs to be encrypted (company policy). This data is being served by an application running on this machine. Now I consider a few possibilities:

1) Encrypt only the partition on which the data resides (by the OS).
2) Encrypt only the data in question (some 3rd party software) but not the whole partition.
3) Encrypt everything.

Which option would you recommend? The thing I am most concerned about is performance as this data is heavily utilized. Currently we don't have a possibility of using encrypted SAN disks. The above seem to be the only options. Could you please tell me which option is the best and what software/tools would you recommend to implement it?

An Intel Core i3 550 3.2Ghz CPU can handle AES256 at [392 MB/s](http://www.sisoftware.net/?d=qa&f=cpu_vs_gpu_crypto&l=en&a=), which is probably faster than your disks can read/write data so you likely don't have to worry too much about performance unless your CPU's are busy doing other things while reading/writing data from disk. An Intel Core i5 661 with hardware AES acceleration can do AES256 at over 4GB/second. — Johnny, May 07 '13 at 23:13
On that machine we have 2 x Intel Xeon Processor X5675 (12M Cache, 3.06 GHz, 6.40 GT/s Intel QPI) but the CPU is already heavily used withour encryption during the read/write. — Janek, May 08 '13 at 11:28

score 22 · Accepted Answer · answered May 07 '13 at 10:07

There are a number of defenses you can use to help prevent and recover from theft.

The first thing you should look into is full-disk encryption, e.g. LUKS, TrueCrypt, or PGP. This will prevent an attacker from reading any data on the disk, even if they steal the hardware. You will need to enter the password at boot, though, so for unattended remote hardware this might be problematic unless you have access to lights-out management (e.g. HP iLO or Dell DRAC).

On top of this, you should ensure several other mechanisms are in place:

Strong physical security in your data center (e.g. locks, biometrics, CCTV, alarms)
Security procedures should be put in place at the data center. All people entering should be made to sign in, and all hardware access / changes should be logged and signed for.
Good server racks come with appropriate fixtures for padlocking servers in place. If available, this feature should be used. Select a strong padlock that is resistant to bolt croppers and shivs.
BIOS administrative password set, to prevent the boot order being changed.
BIOS boot password set, if possible (may require physical attendance at boot)
Application credentials can be stored in a dedicated HSM to help prevent recovery of data in the event of theft.
Epoxy resin can be used to disable physical ports, to prevent unauthorised devices from being plugged into the system.
Asset IDs should be properly set in the BIOS or server management console, and should be logged in an assets registry.
UV ink should be used to tag all devices. You can buy UV security pens very cheaply, and they're very useful for property identification in the case of theft. It is often worth marking individual hard disks as well as the server chassis.
Tamper-evident mechanisms, e.g. security tape, can be used to ensure that the hardware has not been tampered with. A quick and easy way to use it is to tape up the server and sign the tape with a marker pen. If the server is opened later, the seal will be broken. New tape applied over the top will not carry the same signature.

Each of the above recommendations on their own can, in various ways, be defeated by a determined attacker. However if combined, they would provide quite an adequate defense against all but the most determined of attackers. — NULLZ, May 07 '13 at 12:14
My point exactly. Disk crypto alone is no use if someone can get into the BIOS and perform a boot-loader attack, then get you to type the password in. The trick is to provide layers of security. — Polynomial, May 07 '13 at 12:21
What is the value of UV ink? I will assume that if my HD is stolen, it is gone forever; if it is recovered it has been tampered with. — emory, May 07 '13 at 12:59
@emory Tagging of any kind is obviously useless if the device is not recovered, but if it is, it can be used as one piece of evidence to prove ownership. — user, May 07 '13 at 13:34
@MichaelKjörling I will use redundancy (RAID, etc) so the theft of a single device does not mean I have lost the data. I will encrypt hard drives so (hopefully) others can not read my secret data. When I recover the stolen HD, I won't have any use of it. I will assume that the thieves tampered with it. It can go into the rubbish bin. If I decide to destroy the HD in a special way, that would mean I don't have confidence in my disk encryption. If I don't have confidence in my disk encryption, then I would assume the thieves already have my secret data. — emory, May 07 '13 at 13:51
@MichaelKjörling I guess I can see if the devices are tagged, it would be easier to prove theft, which should discourage potential thieves from stealing your stuff. Is that the advantage? — emory, May 07 '13 at 13:58
Tagging devices is incredibly useful for law enforcement if the property is later discovered in a raid. It means you get to have your part in nailing the assholes that stole your gear, and the cops have one less open case file to deal with. You might even get your assets back, though I wouldn't try using them after they've been compromised. — Polynomial, May 07 '13 at 14:34

score 7 · Answer 2 · answered May 07 '13 at 09:14

7

Going by your threat model which is theft of the server, I would choose to go with full disk encryption in the form of LUKS or similar.

For that threat model though, encryption shouldn't be your focus. Instead, make sure your datacentre has appropriate physical security in the form of access control, surveillance and the likes.

answered May 07 '13 at 09:14

+1 for thinking outside the box ("encryption shouldn't be your focus") – May 07 '13 at 09:38

How to encrypt data on the server?

2 Answers2