Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com
Full disk encryption of a VPS node?
New on LowEndTalk? Please Register and read our Community Rules.

Full disk encryption of a VPS node?

Do any providers do this? I guess the provider could still snoop VMs since they'd have the key but it may be an extra layer of security to prevent others who may have access to the physical server. I know disk read/write would take a hit but it's something I'm curious about.

Thanked by 1jagd

Comments

  • BotoXBotoX Member
    edited December 2020

    I run full disk encryption on my VMs via cryptsetup/LUKS or ZFS native encryption.
    However all it takes to break it is the host taking a snapshot of my VM while it's running and decrypted. The decryption key has to be in memory after all and can be read out easily from the snapshot/memory dump this way.
    The hypervisor can always read out anything you do in a virtual machine, so if you require more security: get a dedicated server.

    Even from dedicated servers the encryption keys can be read out (while it's running and decrypted) from the physical memory by cooling it down to very low temperatures and quickly transferring the DIMM to another board to read it out.
    Obviously this is way harder and involved. Could probably be detected by watching lm-sensors for too low temperatures and shutting down your server automatically, etc.

    Shitty ARM devices like a raspberry pi are resilient against this type of attack, since their memory is soldered. But there's probably way more that can be done to extract the key, like listening to noise and power draw of the CPU, etc.

  • The question is always what are you trying to prevent.

    Thanked by 1Rambler
  • It's more theoretical than anything. Anyone (as in a government agency) would probably have no problem finding what they needed if they suspected or knew something was there that they needed. Just additional security from lesser people, I guess. I don't believe anything is truly secure against the big wigs if they wanted something.

  • Full disk encryption on a VPS doesn't makes any sense to me.

    The whole point of full disk encryption is that whoever steals your disk can't see the content. But you outsource the management to a 3rd party, on wherever the datacenter is. Any adversary can dump the RAM or tap your server. Heck they can just mirror your whole disk and you won't notice a thing.

    That's not to mention the server can't restart until you're noticed and type the password.

    Thanked by 1yoursunny

    TODO: Put a witty signature

  • @ninja1337 said: Full disk encryption on a VPS doesn't makes any sense to me.

    I'm talking about at the hardware node level.

  • @Rambler said:
    It's more theoretical than anything. Anyone (as in a government agency) would probably have no problem finding what they needed if they suspected or knew something was there that they needed. Just additional security from lesser people, I guess. I don't believe anything is truly secure against the big wigs if they wanted something.

    It seems there is not a clear threat model. A solution to an undefined problem is elusive.
    Better to spend the time to clearly define what you want to protect against and then look for solutions.

  • @Rambler said:

    @ninja1337 said: Full disk encryption on a VPS doesn't makes any sense to me.

    I'm talking about at the hardware node level.

    And how is that different exactly ? Dedi or virtual, the point is that you yourself can't guard it, unlike a laptop, and you can't see if someone is touching it right ?

    TODO: Put a witty signature

  • @ninja1337 said: And how is that different exactly ? Dedi or virtual, the point is that you yourself can't guard it, unlike a laptop, and you can't see if someone is touching it right ?

    It's too noisy to sleep on the datacenter floor though.

  • Server providers don't do this because it could seriously damage the uptime. The customers need to give the password on every reboot. There are very few providers that rely on TPM and have a set-up where the host operating system can't access the VM disks in any way.

    all it takes to break it is the host taking a snapshot of my VM while it's running

    In OpenBSD the disk decryption key is never inside the memory in its entirety. And attacker would not be able to decrypt the whole disk with a single memory snapshot. I highly doubt the implementations would be different in the Linux ecosystem.

  • FDE on a VPS solves the disk scrubbing problem when you power it off for the last time, or more likely... Deadpool scenario (think about your typical LowEndBox featured offers lately)

    Thanked by 1skorous

    1TB Backup-KVM (US) €4.25/mo 2GB Ram!
    (affiliate for 🥰 ) https://clients.inceptionhosting.com/aff.php?aff=401&pid=194

  • @ninja1337 said: That's not to mention the server can't restart until you're noticed and type the password.

    So set up Clevis/Tang ... that's what I did.

    Thanked by 1notmagenta
  • @vimalware said:
    FDE on a VPS solves the disk scrubbing problem when you power it off for the last time, or more likely... Deadpool scenario (think about your typical LowEndBox featured offers lately)

    Yes. I put all my stuff in containers on an encrypted partition to counter this problem.

  • BotoXBotoX Member
    edited December 2020

    @notmagenta said:

    all it takes to break it is the host taking a snapshot of my VM while it's running

    In OpenBSD the disk decryption key is never inside the memory in its entirety. And attacker would not be able to decrypt the whole disk with a single memory snapshot. I highly doubt the implementations would be different in the Linux ecosystem.

    I seriously doubt that. For symmetric encryption (AES) you always need the entire key for decryption and encryption. I'd be happy if you could prove me wrong though.

    Here's a blog post successfully testing the attack: https://blog.appsecco.com/breaking-full-disk-encryption-from-a-memory-dump-5a868c4fc81e

    Also it's definitely not 100% pointless, you still get data security in some scenarios.
    Any case where the attacker only has access to the storage but not to the memory of your virtual machine.
    Like when the host (or you) shuts the VM down and then the police or whoever ask for a copy of the disk.
    And with AES-NI encryption is essentially free nowadays, except for really high I/O on shit CPUs maybe.

    Edit: Modern CPUs might have a solution for this:
    https://en.wikichip.org/wiki/x86/sme

  • @skorous said:

    @ninja1337 said: That's not to mention the server can't restart until you're noticed and type the password.

    So set up Clevis/Tang ... that's what I did.

    Sounds interesting, I haven't heard about them before. How would you store the keyfile then ? Hardcoded in initramfs, PXE-related or entirely different ?

    TODO: Put a witty signature

  • NeoonNeoon Member
    edited December 2020

    Well, if its that serious, you can split the data lets say on 3 machines.
    Each machine keeps a SLICE of data, if one machine is getting pulled down, it makes all data inaccessible.

    Its like Raid 0 but within Raid, like RAID ZEPTION.
    Software like glusterfs can do that.

    If you want to go even deeper => https://tahoe-lafs.org/trac/tahoe-lafs
    Allows replica via tor network + encryption of files + gateways & storage nodes.

    So, the gateway is lets say your notebook, which builds up access to the nodes to pull or put files. If one VM gets dumped, they get shit, they would need to dump all 3 VM's and steal your notebook.

    Right, but you could encrypt its disk too, what a bummer.

  • This is useless if you want to protect yourself from the VPS provider for the reasons already explained above but good if you want to protect yourself from server being stolen by bad guys.

  • ALWAYS encrypt your KVM VPS or Dedicated server. The purpose of doing this is merely to assure yourself that if a disk gets discarded in a wrong way, nobody can actually read your data. In the case of a VPS provider, when you cancel or destroy your VM this makes sure that in case your disk doesn't gets scrubbed/scratched or destroyed properly, at least nobody can read your data.

    Don't trust the cowboys here that like to run without protection, do yourself a favor and research (research not equal LET). That's like having sex with a stranger without protection because you trust luck.

    Thanked by 1Rambler
  • @ninja1337 said: Sounds interesting, I haven't heard about them before. How would you store the keyfile then ? Hardcoded in initramfs, PXE-related or entirely different ?

    In short, it contacts a server over http to request an encrypted key and that unlocks the volume. I think this was the article I read that described it pretty well: https://wiki.inf.ed.ac.uk/DICE/MPUTangAndClevisTrial

    Thanked by 1ninja1337
  • I always do full disk encryption with KVM VPS, while using dropbear in initramfs to avoid clear text VNC when entering decryption password.

  • edited December 2020

    @Hxxx said:
    ALWAYS encrypt your KVM VPS or Dedicated server. The purpose of doing this is merely to assure yourself that if a disk gets discarded in a wrong way, nobody can actually read your data. In the case of a VPS provider, when you cancel or destroy your VM this makes sure that in case your disk doesn't gets scrubbed/scratched or destroyed properly, at least nobody can read your data.

    Don't trust the cowboys here that like to run without protection, do yourself a favor and research (research not equal LET). That's like having sex with a stranger without protection because you trust luck.

    It is true for HDD. Does it still apply to SSD? I have an impression that data stored in SSD is like at random location, isn't it? So, if the VPS is deleted. Shouldn't SSD data wouldn't be recovered?

    Unless the provider does not delete the VM and gives it to someone else.

  • @BotoX said: For symmetric encryption (AES) you always need the entire key

    To add two numbers, you don't need to memorize the two numbers.
    You can do the calculation step-by-step, just like you learned to add infinely large numbers in primary school line-by-line.
    Like this: 17+18 = (10+18) + (7+18) - 18
    You don't load the full 17 in the memory, you load 10 (1 with position) then 7.

Sign In or Register to comment.