ADSM-L

Re: don´t aynone know anything about Encryption in TSM.

2002-04-08 02:29:47
Subject: Re: don´t aynone know anything about Encryption in TSM.
From: Zlatko Krastev <acit AT ATTGLOBAL DOT NET>
Date: Mon, 8 Apr 2002 09:27:28 +0300
---> Kyle Sparger: Basically, what I'm saying is, TSM's encryption is better 
r 
than nothing,
and is suitable for many purposes, but your original statement,

As I have read this somewhere (I did not invented this wheel too) "weak 
security is worse than no security at all. It gives fake feel for 
security".

---> Justin Derrick: Actually, it was EFF.org that built the DES cracker ...
To be more precise, the distributed.net won the first two contests (DES-I 
To be more precise, the distributed.net won the first two contests (DES-I 
& DESII-1), EFF's specially designed box won the semifinal and they teamed 
together for the last contest because RSA set a deadline (24 hours). EFF's 
box was just a more powerful node of distributed.net's approach. Details 
can be found on http://www.distributed.net/des
Actually on the fourth round d.net got the answer from EFF's box but the 
box itself checked less than 40% of the keyspace. Total result was over 
88% of the keyspace exhausted in 22 hours (when the key was found AND 
confirmed). So the rest was done by the millions anonymous computers over 
the Net (few of them were mine so I am familiar). 
However we have to take into account technology change since then - first 
DES contest was in 1997, second and third in 1998 and the last in 1999. 
EFF's machine was built for the third contest (DES-II-2) and used 
practically unchanged in the fourth. At that time Intel was delivering 
Pentium II, IBM has PowerPC@332MHz and was just started selling 
RS64@125/200 MHz, HP has PA-8200/8500@200/440 MHz, etc.
If EFF methodology is used with current processors/memory the performance 
would be better 3-4 times, i.e. instead of approx. 4 days for whole DES 
keyspace (actual EFF's box performance) it would happen in a day. And 
prices for components are little bit lower than the same class (be it 
entry or top performer) in 1997-99. So it may cost $200-220k for less than 
a day.

---> Paul Seay: In the DoD arena we prescribe to a security called FIPS-140.  
Basically, 
.  Basically, 
it
requires encryption of all the network and a closed environment and
extending beyond that is all the issues of vault certification and 
physical
plant protection.

At the time when DES was designed in 1970's and 80's there were different 
security levels defined by US DoD (Paul is talking about them, not about 
afgans or albanians ;-). But the levels were not only for software but for 
whole site AFAIK (to best of my knowledge level A demanded that data 
cannot leave the protected area in any way other than peoples memory). And 
software can achieve certain level of security only if properly tuned. 
Unfortunately I am not familiar with FIPS 140 beyond the fact that 
encryption/decryption devices and software modules can be certified 
according levels 1,2,3 and 4. So it probably is not a replacement to the 
old division but additional criteria on particular topic - encryption.
For commersial grade level C2 was thought enough so at least the products 
I know advertize that can achieve this level (AIX 3.2 & 4.x, Windows NT 4, 
NetWare 4, Domino/Notes 4.x) and say nothing about higher levels. Level C2 
systems was not protected from eavesdropping nor encrypted the data.

And some my own remarks on the topic:
Petur for sure does not know at least some of the demanded security 
details. There might be familiar with other details he cannot tell to a 
public forum like this one. And at the end we ought to be specialists the 
backup/restore arena. So neither Petur nor we can resolve the security 
issue at the backup level if it is not solved as a whole. We can only help 
him to explain the security features/limitations of TSM. I would guess 
that this company's main concern is their investment this genealogigal 
records to be entered, verified and indexed into a database not to fall 
into their competitors' hands. Another issue is what Petur pointed - 
people's concern about their privacy data.
So lets deal as we do with other TSM uncommon things on this list - focus 
not to a tree but to look the whole forest. This is security problem not 
TSM problem at all. So if security is a *real* problem for that company 
they MUST have a IT security officer (or whatever they call him/her). So 
that person has to decide how to protect the data. If they do not have 
such a person either security is not a big concern to them or security is 
an excuse not to purchase TSM Petur tries to offer them. In the latter 
case even if solves the issue someone would find another excuse.
About the key length - neither DES nor RC4-128 or 3DES are good enough. 
This research probably is not going to finish in a year or two and also I 
expect that concern for this data is not for short term protection. On the 
other hand this data would not change too much and usage of private/public 
key encryption scheme might be usable. So GnuPG or other file encryption 
tool might be much more suitable than internal TSM encryption.

My 0.02 BGN


Zlatko Krastev
IT Consultant

P.S. Petur, you can contact me if you want. This is more security than 
TSM-related, so please do it outside the list.

Zlatko





Please respond to "ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU>
Sent by:        "ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU>
To:     ADSM-L AT VM.MARIST DOT EDU
cc: 

Subject:        don´t aynone know anything about Encryption in TSM.

Hi i have posted this 2 times before here but havent receved a reply yet.
thus led me to belive that knowlegde on this is wery limited.

I have a big custemer who is considerating TSM for there backup system.
However, they will be needing to take some of there backup offsite.
They have extremly valible data witch may not get in the wrong hands.

I have been reading up on Encryption in TSM and found it to be only 
desingd
to protect the data on the way
to the TSM server. I found no info on werther the data would be Encrypted 
in
the storage pools.

My question.

Is it possible to make Backupset, and be sure no-one can use it if it gets
in the wrong hands (Encrypt it somehow.
How can a administrator be sure that no-one can restore his
copy-storage-pools. is it posible to encrypt the data somehow.
Is it possible to password protect the TSM Database, so that you can´t
restore it without a password.


what way can they take offsite backup and be sure that there data is safe,
even if the bad guys get the tapes.

Thanks in advance for any help.

Kvedja/Regards
Petur Eythorsson
Taeknimadur/Technician
IBM Certified Specialist - AIX
Tivoli Storage Manager Certified Professional
Microsoft Certified System Engineer

peddi AT itn DOT is

 Nyherji Hf              Simi TEL: +354-569-7700
 Borgartun 37            105 Iceland
 URL:                    http://www.nyherji.is