Encryption

From wiki.zmanda.com
Revision as of 03:21, 11 May 2006 by 1147314184 (talk | contribs)
Jump to navigation Jump to search

Need for encryption

Two types of encryption:
1) Transport encryption
Prevent eavesdropping on the network. Amanda solution: kerberos, ssh

2) Data encryption
Provide protection in case a tape is in the hand of the wrong party. Amanda solution: newly added encryption feature in 2.5.

Recent events when credit card company and hotel lost backup tape that's not encrypted. As a result, critical customer information is in danger. Reference: http://www.washingtonpost.com/wp-dyn/content/article/2005/12/27/AR2005122700959.html

*Recent amanda-user discussion on encryption*


What is needed to recover encrypted tapes

To properly retrieve any encrypted data, the following are needed:

  1. the key (the private key in the public-key encryption case)
  2. the passphrase
  3. the "crypt" program used. Amanda dump file header indicates what crypt program was used. For example:
AMANDA: FILE 20051215 boston.zmanda.com /usr/tmp/gpa2 lev 0 comp .gz program /bin/gtar crypt
enc client_encrypt /usr/local/sbin/amcrypt client_decrypt_option -d
To restore, position tape at start of file and run:
dd if=<tape> bs=32k skip=1 | /usr/local/sbin/amcrypt -d |   /usr/bin/gzip -dc |  /bin/gtar -f...
  • If the key or passphrase is lost or misplaced, the data cannot be recovered.
  • There is no back-door to the encryption algorithm.
  • Proper key management strategy should be in your plan before using data encryption for backup.

Server-side and client side encryption

  • a new dumptype option, encrypt is added.
  • specify either client or server side in the dumptype (not both):
    • encrypt client or encrypt server
  • specify client side encryption program:
    • client_encrypt "your encryption program"
      • a sample encryption/decryption program amcrypt is provided. amcrypt is a wrapper of aespipe.
      • aespipe supports AES128, AES192 and AES256 and it uses SHA-256, SHA-384 and SHA-512 respectively.
      • any encryption/decryption program can be used as long as it reads from stdin and writes to stdout.
    • client_decrypt_option "decrypt parameter" #default to -d
  • specify server side encryption program:
    • server_encrypt "your encryption program"
      • can use amcrypt as in the case of client encryption.
    • server_decrypt_option "decrypt parameter" #default to -d
  • The logic assumes compression then encryption during backup(thus decrypt then uncompress during restore). Specifying client-encryption and server-compression is not supported
  • dumptype sample:
define dumptype server-encrypt-fast {
      global
      program "GNUTAR"
      comment "dump with fast client compression and server symmetric encryption"
      compress client fast
      encrypt  server
      server_encrypt "/usr/local/sbin/amcrypt"
      server_decrypt_option "-d"
}

define dumptype client-encrypt-nocomp {
     global
     program "GNUTAR"
     comment "dump with no ompression and client symmetric encryption"
     compress none
     encrypt client
     client_encrypt "/usr/local/sbin/amcrypt"
     client_decrypt_option "-d"
}
  • To restore client encrypted tape. Do either:

1. take the physical tape to the client machine and do the restore on the client machine where it has the key( am_key.gpg) and passphrase(.am_passphrase).

or

2. take the key and passphrase to the server machine where the tape is located.


  • The code is partially based on Matthieu Lochegnies's custom compress patch and Stefan G. Weichinger's amgtar script.
  • Code has been commited to the sourceforge CVS, rpm can be downloaded from http://www.zmanda.com/downloads.html

Additional packages needed

Setup

  • Configure and compile aespipe:
tar -xjf aespipe-v2.3b.tar.bz2
cd aespipe-v2.3b
./configure
make
make install
  • Generate and store the gpg-key for the AMANDA-user:
# taken from the aespipe-README
head -c 2925 /dev/random | uuencode -m - | head -n 66 | tail -n 65 | \
gpg --symmetric -a > ~amanda/.gnupg/am_key.gpg
  • This will ask for a passphrase. Remember this passphrase as you will need it in the next step.

Store the passphrase inside the home-directory of the AMANDA-user and protect it with proper permissions: 

echo my_secret_passphrase > ~amanda/.am_passphrase
chown amanda:disk ~amanda/.am_passphrase
chmod 700 ~amanda/.am_passphrase
  • We need this file because we don't want to have to enter the passphrase manually everytime we run amdump. We have to patch bz2aespipe to read the passphrase from a file. I have called that file ~amanda/.am_passphrase.
  • Store the key and the passphrase in some other place as well, without these information you can't access any tapes that have been encrypted with it (this is exactly why we are doing all this, isn't it? ;) ).
  • create amcrypt(or it will available in sourceforge and the rpms) as below:
#!/bin/sh
#
# Original wrapper by Paul Bijnens
#
# adapted by Stefan G. Weichinger
# to enable gpg-encrypted dumps via aespipe
# also adapted by Matthieu Lochegnies for server-side encryption
prefix=/usr/local
exec_prefix=${prefix}
sbindir=${exec_prefix}/sbin
AMANDA_HOME=~amanda
AM_AESPIPE=${exec_prefix}/sbin/amaespipe
AM_PASSPHRASE=$AMANDA_HOME/.am_passphrase

$AM_AESPIPE "$@" 3< $AM_PASSPHRASE
rc=$?
exit $rc


  • create amaespipe(or it will available in sourceforge and the rpms) which is based on wrapper-script bz2aespipe, which comes with the aespipe-tarball:
#! /bin/sh

# FILE FORMAT
# 10 bytes: constant string 'bz2aespipe'
# 10 bytes: itercountk digits
# 1 byte: '0' = AES128, '1' = AES192, '2' = AES256
# 1 byte: '0' = SHA256, '1' = SHA384, '2' = SHA512, '3' = RMD160
# 24 bytes: random seed string
# remaining bytes are bzip2 compressed and aespipe encrypted
# These definitions are only used when encrypting.
# Decryption will autodetect these definitions from archive.
ENCRYPTION=AES256
HASHFUNC=SHA256
ITERCOUNTK=100
AMANDA_HOME=~amanda
WAITSECONDS=1
GPGKEY=""$AMANDA_HOME/.gnupg/am_key.gpg"
FDNUMBER=3
PATH=/usr/bin:/usr/local/bin
export PATH

if test x$1 = x-d ; then
   # decrypt
   n=`head -c 10 - | tr -d -c 0-9a-zA-Z`
   if test x${n} != xbz2aespipe ; then
       echo "bz2aespipe: wrong magic - aborted" >/dev/tty
       exit 1
   fi
   itercountk=`head -c 10 - | tr -d -c 0-9`
   if test x${itercountk} = x ; then itercountk=0; fi
   n=`head -c 1 - | tr -d -c 0-9`
   encryption=AES128
   if test x${n} = x1 ; then encryption=AES192; fi
   if test x${n} = x2 ; then encryption=AES256; fi
   n=`head -c 1 - | tr -d -c 0-9`
   hashfunc=SHA256
   if test x${n} = x1 ; then hashfunc=SHA384; fi
   if test x${n} = x2 ; then hashfunc=SHA512; fi
   if test x${n} = x3 ; then hashfunc=RMD160; fi
   seedstr=`head -c 24 - | tr -d -c 0-9a-zA-Z+/`
   aespipe -K ${GPGKEY} -p ${FDNUMBER} -e ${encryption} -H ${hashfunc} -S ${seedstr} -C ${itercountk} -d 
else
   # encrypt
   echo -n bz2aespipe
   echo ${ITERCOUNTK} | awk '{printf "%10u", $1;}'
   n=`echo ${ENCRYPTION} | tr -d -c 0-9`
   aesstr=0
   if test x${n} = x192 ; then aesstr=1; fi
   if test x${n} = x256 ; then aesstr=2; fi
   n=`echo ${HASHFUNC} | tr -d -c 0-9`
   hashstr=0
   if test x${n} = x384 ; then hashstr=1; fi
   if test x${n} = x512 ; then hashstr=2; fi
   if test x${n} = x160 ; then hashstr=3; fi
   seedstr=`head -c 18 /dev/urandom | uuencode -m - | head -n 2 | tail -n 1`
   echo -n ${aesstr}${hashstr}${seedstr}
   aespipe -K ${GPGKEY} -p ${FDNUMBER} -e ${ENCRYPTION} -H ${HASHFUNC} -S ${seedstr} -C ${ITERCOUNTK} -w ${WAITSECONDS}
fi
exit 0


Changes from bz2aespipe:

  • Decreased WAITSECONDS: No need to wait for 10 seconds to read the passphrase.
  • Removed bzip2 from the pipes: AMANDA triggers GNU-zip-compression by itself, no need to do this twice (slows down things, blows up size).
  • Added options -K and -p: This enables aespipe to use the generated gpg-key and tells it the number of the file-descriptor to read the passphrase from.

You may set various parameters inside bz2aespipe. You may also call bz2aespipe with various command-line-parameter to choose the encryption-algorithm, hash-function etc. . For a start I have chosen to call bz2aespipe without command-line-options.

Plans

There are several TODOs:

  • test to see if aespipe can be replaced by gpg.
  • test to see if public-key encryption works.










[We are delicate. We do not delete your content.] [l_sp1]

ringtone maker verizon ringtone US Cellular Ringtone bcbg shoes waterford crystal swarovski crystal bead mesothelioma lawsuits mesothelioma symptoms mesothelioma diagnosis Sexy Prom Dresses Naturalizer Shoes Aero Bed Free Sprint Ringtones Free Verizon Ringtones free nextel ringtones sexy prom dress Formal Prom Dresses cheap prom dresses Plus Size Prom Dresses tiffany prom dresses erotic games strip poker pokemon trading card game rom hoyle card games teen bra Bra Teen Cleavage Micro Bikini Teens Bra sexy bras bulma bra sheer bra auto loan calculator Federal Student Loan Consolidation private student loan consolidation acs student loans countrywide home loans refinance home loan st louis wacoal bras teen bra unsecured signature loan Countrywide Home Loans Formal Prom Dresses Sexy Prom Dress cocktail dresses TMobile water softener tankless water heater oscar dresses mother of the bride dresses bridesmaid dresses cocktail dresses formal dresses easter dresses evening dresses evening gowns ball gowns formal gowns plus size wedding gowns rockport shoes reverse osmosis water filter merrell shoes casino royale throat pokers free strip poker crazy game of poker poker chips texas holdem poker game online poker aide online poker assistant casino directory gambling online online pai gow poker hooters casino atlantic city casinos buy ativan online buy oxycontin online buy alprazolam online buy alprazolam cialis no prescription xanax xr ultram er buy ultram online generic fioricet buy fioricet online phentermine 37 5mg bontril sr cheap bontril ambien cr buy didrex online adipex without a prescription buy tamiflu buy clonazepam purchase tramadol without a prescription buy acyclovir buy codeine private poker tournament

Retrieved from ‘http://wiki.zmanda.com/index.php?title=Encryption&oldid=2737