Via the Matasano Security blog, I learned about the recent theft at CI-Host’s Chicago facility. We used to host with them in Dallas up until recently.
In recent years, many IT administrators have found religion about installing security patches and deploying other measures such as intrusion prevention systems to keep criminals from accessing their systems and the data stored on them. The series of break-ins at C I Host is a reminder that safeguards must also extend to more mundane protections, including dead-bolt locks and steel cages.
We dont know who the suspects are, but let us consider the ramifications of an insider job in a datacenter.
Asset : Server running a e-commerce site. The server stores customer information (credit cards, addresses, phones) in an encrypted format in a database. The cost of the hardware itself is negligible compared to the value of the customer data. All transactions are via SSL (for example RSA 128 with RC4). Â
Is this secure enough against a burlary ?
No ! The burglar could arrange for packet capture for a day or two in advance. Remember he is an insider. This is quite easy using a simple optical splitter or network tap. After the burglary he can explore your webserver at leisure for key material. To minimize this risk :
1. Do not store unencrypted private keys. Enter the password when apache (with mod_ssl) starts up instead. This may be a pain when services are automatically restarted, such as after a crash. It is just too bad, you have to arrange for a human to attend to such events. Use a SMS notification service to be alerted after a crash at a data center.
2. Contact your certificate issuer immediately and revoke all certificates issued to you that were compromised. You may have to pay for new ones.
The long term solution is of course Perfect Forward SecrecyÂ
If available, always use the Ephemeral Diffie Hellman (DHE) key exchange. DHE offers perfect forward secrecy and is probably suitable for low to medium volume websites. Once DHE support is widespread among webservers, you can also setup your site to do your shopping carts using RSA, but renegotiate to DHE when transferring financial information. (See “How to renegotiate stronger ciiphers for a particular URL“)  This can reduce the load on your servers.
Unfortunately, DHE support does not appear to be ready in Firefox and IE (I could be wrong). Netscape Security Services (NSS 3.11) which is used by products such as Firefox 2.0, Mozilla, does not seem to support Ephemeral Diffie Hellman as a key exchange algorithm. The tables on the NSS website however claim that ciphers such as TLS-DHE-RSA-with-AES-256-CBC-SHA are supported on the client side only. Does this mean tools like Firefox which only require client-side functionality will support DHE shortly ? We have to wait and see.
In summary,
- Pay attention to the SSL/TLS infrastructure you have in place.
- Minimize impact of traffic capture that might have occured just prior to the physical theft. (Use PFS, do not remove passphrases from private keys, revoke certificates immediately)
- Do we need armed human security guards ? The banks have them.
Â
