| I've written a whitepaper about our encryption at rest at work, which includes a bit of considerations about the threats considered. The first important part is: Encryption at rest protects higher levels of the stack from access by lower levels of the stack. If your attack is working at an application level - e.g. you have a database connection - encryption at rest is no tool to deal with this. Encryption at rest is more about protecting the database from an attacker with physical access. The second consideration is: There will always be a tradeoff between availability and security when dealing with encryption at rest. Manually decrypting a system is very secure, but if that system goes offline at 3am, it'll be offline until the device is decrypted. Automatically decrypting a system using Clevis/Tang, TPM, Bitlocker and such gives you more availability but could make it possible for an attacker to access your data if they have sufficient control. And that's the third consideration: If an attacker has sufficient control, they can defeat automated decryption of encryption at rest, and they may have ways to start attacking manual decryption of encryption at rest as well. Like, you might be able to start looking at memory contents, disk writes and start doing some differential cryptoanalysis to attack encrypted data and such. But with all of these three together, you arrive at the goal and security level we have formulated for our encryption at rest: Our encryption at rest is supposed to defend us against employees of our hosters getting access to one or two of our virtual or physical storage devices. If they have access to one or two storage devices, they must not be able to access customer data on the devices. Naturally, the question is: But what happens if they have more drives? Well, the simple answer from the whitepaper is: That's a problem for the lawyers. Handling 1-2 of our drives is entirely arguable as daily business. Swapping drives via remote hands or dismissing dedicated servers with 2 drives at a specific hoster happens a lot and then they handle 1-2 drives, and our goal ensures they cannot gain access to customer data then. However, if a datacenter tech starts pulling 3 or more drives and starts analyzing data on them together, that's outside of normal operational procedures and we can start considering that an attack and start sueing them. Or they are being directed by law enforcement. Both are issues for the legal teams though. At least that's our view. Encryption at rest works in a very different set of circumstances and mindset than other security topics in a software stack. |