[Box Backup] Certificates & Keys Question

Bjarne Carlsen boxbackup at fluffy.co.uk
Fri May 2 16:20:47 BST 2008 

fre, 02 05 2008 kl. 10:36 -0400, skrev Richard Hurt:
> I am trying to make sure my systems are secure and I would like to
> check my assumptions and perhaps update the Wiki with the final
> information.  Please let me know where my assumptions go wrong and if
> I'm missing something.
>=20
> Thanx!
>   Richard
>=20
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D  SNIP =
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D
>=20
> Box Backup uses SSL to communicate between the server and the client.
> It also uses AES to encrypt the data on the server.  These
> technologies rely on various files (aka Keys) some of which need to be
> protected more than others.
>=20
> <account number>-csr.pem
>   - Security Level: LOW
>     This is merely a certificate request file and is only used once.
> After getting your certificate this file can|should be deleted.
>=20
> <account number>-cert.pem
>   - Security Level: MEDIUM
>     This is the clients SSL certificate and it the client to securely
> communicate with the server.  This file is unique to each client and
> should be marginally protected.  If a bad guy had this file he could
> copy your encrypted data from the server but wouldn't be able to use
> it.

The bad guy would need =EF=BB=BF<account number>-key.pem as well in order t=
o do
this. Without key.pem, he would theoretically have a small chance to be
able to encrypt data on the SSL session, but he would not be able to
decrypt them. And without both files, the SSL session cannot be set up.
Security level for this file should be LOW, since it is public and can
be regenerated at the server.

>=20
> <account number>-key.pem
>   - Security Level: ???
>     I'm not quite sure what this file is used for.  Is it another SSL
> key or something to do with the AES encryption.  What happens if a bad
> guy gets a hold of this file?  What damage could he do?

This is the client's private key, as opposed to =EF=BB=BF<account
number>-cert.pem, which is the public part that is presented to the
other side when communicating. The private key is necessary to decrypt
incoming communications. A bad guy would be able to use it in
conjunction with the public =EF=BB=BF<account number>-cert.pem to decrypt t=
he
SSL session, but not the actual data, which are encrypted
using =EF=BB=BF<account number>-FileEncKeys.raw.
Security level should be MEDIUM to HIGH. This file is private and is
used to secure your communications, and establish identity.
>=20
> <account number>-FileEncKeys.raw
>   - Security Level: HIGHEST
>     This is the master AES key for your data and is used to encrypt
> your data before sending it to the server.  This file is unique to
> each client and should be protected at all costs and stored off-site
> in a secure location.  Without this file your data is useless.  If a
> bad guy gets this file all bets are off and you are sunk.  If you lose
> this file you are sunk.  Everything can be replaced, except this file.
>=20
> serverCA.pem
>   - Security Level: MEDIUM
>   This is the servers SSL certificate and it allows the client to
> security communicate with the server.  This file is common to all
> clients and should be marginally protected.  If a bad guy had this
> file he could run a Man-In-The-Middle attack and impersonate your Box
> Backup server thereby capturing your encrypted data.

The server's private key would also be needed - you cannot run a MITM
based on the certificate alone. As with the =EF=BB=BF<account number>-cert.=
pem,
this file is public. It is used, among other things, to establish the
server's identity. Security can be LOW, since this is a public file,
which the server can re-issue at will.

Disclaimer: This is based entirely on my own reading of the SSL/TLS
specifications. Others may well be more informed ;)

Bjarne

More information about the Boxbackup mailing list