Encryption Pitfalls and Workarounds

GORUCO 2018: Encryption Pitfalls and Workarounds by Melissa Wahnish

GoRuCo 2018

00:00:14.299 Thank you so much for having me here. I'm very excited to be here. My name is Melissa Wahnish, and I'm the founder of Ruby Thursday, a tutorial site for junior Rails developers. Yes, that includes mostly weekly tutorials.

00:00:25.019 Today, I'm going to be talking about encryption pitfalls and workarounds. So, just a little bit about me: I am an actor turned developer, and it has been fun putting the two together for the tutorial. I'm also the mother of a wonderful 13-month-old little girl named Julia.

00:00:38.190 So what are we discussing today? We're going to cover how encryption works. I'll provide a little definition, discuss some considerations when you're looking to encrypt your data, and share current tools that you might want to use.

00:00:47.969 I will narrow it down to two open-source gems and talk about those. Finally, we will address some challenges and workarounds for encryption at scale. I will also share a story with you about how I deployed it for a client.

00:01:09.500 First, let's talk about how encryption works. Encryption is a modern form of cryptography that allows users to hide information from others. Historically, encryption involved taking symbols or letters and replacing them to conceal the information. Now, we have powerful computers that create complex algorithms. These convert plaintext into ciphertext, which requires a special key to decrypt.

00:01:31.079 You can enhance this key's strength by adding a salt, similar to a password. This creates a password on top of another password. Alternatively, you could use an initialization vector (IV) or nonce, which is a number used once, for individual records. For example, you could have a unique key just for unlocking a first name.

00:01:52.660 Let’s walk through a bit of an example using Ruby and Rails modules. You can use the SecureRandom module to create a secure key and salt, which is usually about 32 characters long. ActiveSupport also has a key generator to help incorporate that salt into your key. You can then utilize this to encrypt your sensitive data.

00:02:20.310 When storing encrypted data in your database, you will save the ciphertext rather than the original information you wanted to hide. However, there are many considerations to keep in mind when implementing this.

00:02:40.430 It's important to determine what personal information needs to be encrypted and understand the impact on search functionality and data uniqueness. Encryption adds complexity, so be prepared for increased storage and speed requirements.

00:03:02.270 First, let’s consider what to encrypt. Most of you are probably aware of GDPR. You may have received numerous emails recently about changes to Terms of Service. According to GDPR, personal data is defined as information relating to identified or identifiable individuals, including their online identifiers, such as email addresses.

00:03:34.000 If we think of an email address as a personal identifier, it's crucial to secure that data through encryption. However, email addresses are generally used for logging in, which presents a unique challenge.

00:03:56.590 One potential solution is using a single key for the entire application. However, this presents a security risk: if someone obtains that single key, they could unlock everything in your database. Alternatively, you could implement unique keys for each record, which is the most secure way to encrypt your data.

00:04:25.290 It's essential to conduct a risk assessment. Consider what you are trying to protect and the nature of the data in question. For example, is it a sensitive bank account number that requires high security, or is it a more flexible piece of information like an email address, which may have lower encryption needs?

00:04:56.349 Remember, speed and storage requirements will increase when implementing encryption. It will demand more resources, as it takes time to encrypt and decrypt data, which adds additional processing to your workload.

00:05:11.260 Now, let's focus on two encryption tools that I recommend today. You can explore other options on rubygems.org, but for today's discussion, I will touch on AttrEncrypted and Cryptkeeper.

00:05:38.940 AttrEncrypted is considered the gold standard, widely used with many options available—perhaps even more than you might need. If you seek a strong security stamp of approval, especially for applications like banking apps, AttrEncrypted is highly recommended.

00:06:05.290 For my client’s case, which I'll elaborate on shortly, we chose to use Cryptkeeper. The advantages of Cryptkeeper include simpler integration and a built-in search feature, although this feature might not work perfectly right out of the box. It's well-maintained but relies on a single key for the entire app, posing a potential security issue.

00:06:18.560 In my experience with Cryptkeeper, the client required encryption for personal data—primarily first names, last names, and email addresses. Initially, I employed the search by plaintext feature, which performed magnificently in staging.

00:06:45.930 However, when I deployed it to the app with about 15,000 users, it led to performance issues that caused everything to come to a standstill during login attempts. I decided to revert this change, as throwing more resources at the issue didn't seem like a sustainable solution.

00:07:07.650 Cryptkeeper does provide an option for scoping, but it doesn't apply well during login, so I contacted the maintainer for assistance.

00:07:28.160 In response, they shared an unsanctioned workaround that effectively created a unique hash to facilitate user searches. This allowed us to find users by their email addresses and smoothly log them in, combining security with usability.

00:07:51.390 The process requires a balancing act between managing risks and ensuring user protection. I hope I haven't deterred you from exploring encryption; instead, I encourage you to delve into this ongoing journey of cybersecurity.

00:08:13.290 Thank you all very much for your time! If you have any questions or want to connect, I can be reached at my email: [email protected]. Thank you!