Re: 3des key lengths and key management - Mailing list pgsql-general

From Steve Atkins
Subject Re: 3des key lengths and key management
Date
Msg-id B62EDCE7-698D-4886-A8F0-42A17179CF40@blighty.com
Whole thread Raw
In response to 3des key lengths and key management  (bulk <bulk@bohlman.org>)
Responses Re: 3des key lengths and key management
Re: 3des key lengths and key management
List pgsql-general
On Jul 23, 2009, at 10:11 AM, bulk wrote:

> I am working for a small company that is going through a PCI DSS
> audit.

securitymetrics.com? (They seem to be the low bidder, with everything
that implies. They asked me to open up my firewall to them, pointing
at a fake server, just so they'd have something to audit, after
failing our audit "because we only allowed access to the application
from inside our firewall.".)

>   The auditor wants to know how long the key lengths are for the
> fields that we have encrypted with pgcrypto 3des.   I am by no means
> an expert in cryptology, so I am struggling with what to tell
> him?    I've done a day or so of googling and the best I can tell is
> the 3des uses 3x56bit keys and encrypts the date 3 times with each
> of the keys.

If he really said that 3des can use 2048 bit keys, tell him he's an
idiot.

>
> He did not seem to like that answer.   He seems to believe that 3des
> can use 2048 bit keys and that is the minimal acceptable standard of
> PCI DSS?   What I know is that we simply added the contrib pgcrypto
> stuff into the database and started using 3des and it seemed to work.
>
> So my questions are:
>
> 1)   What are the default 3des key lengths when you load postgresql
> enterprise db on a redhat ES x86_64 box?

Dunno. 3des is usually a 112 bit key, though, IIRC. 168 at most. It's
rather an old cipher by this point, but still secure enough for most
things.

> 2)   If possible how can you change the keys?  and replace them with
> keys with lengths to 2048 bit or above?

> 3)  If 2 is not possible then what other encryption type can we use
> that will meet his 2048 bit key length requirement?

Long key lengths, thousands of bits,  are something you tend to talk
about when you're looking at an asymmetric cipher. RSA, DSA stuff like
that.

Symmetric ciphers (aka secret-key), like 3des, tend to use much
shorter key lengths.

A symmetric cipher uses the same key to encrypt and decrypt a message.
An asymmetric cipher (aka public-key) uses one key to encrypt the
message and needs a different key to decrypt it.

> 4) Is is possible to compile C or Java code that will allow me to be
> the only one whom knows the pass-key but allow other users to
> encrypt/decrypt data?
>

Yes, that's asymmetric cryptography, using something like DSA.

For a web application capturing credit cards, say, doing that you
might use something like pgp to handle all the encryption and
decryption. You'd use PGP in your webapp using a public key to encode
the credit card numbers you were given before storing them in the
database. Any time you need to access that you'd pull it out of the
database, and use PGP with the associated private key to recover the
credit card number, probably on a separate secure system. That's
reengineering your entire system architecture and business process,
though, rather than just dropping in a new encryption algorithm.

As I understand the PCI DSS requirements (which is only a little) you
don't need to use asymmetric crypto to comply with them, and that as
long as you have decent key management and access control, 3des would
be fine. https://www.pcisecuritystandards.org/ has a bunch of the docs
if you're interested.

Cheers,
   Steve



pgsql-general by date:

Previous
From: Emanuel Calvo Franco
Date:
Subject: uuid contrib don't compile in OpenSolaris
Next
From: Steve Atkins
Date:
Subject: Re: 3des key lengths and key management