Multi-Layered Security Architecture
A Defense-in-Depth Approach
OmniSafe utilizes a robust, multi-layered key hierarchy and encryption strategy to protect your digital assets. This approach ensures that even if one layer of security is compromised, subsequent layers remain in place, significantly increasing the difficulty for any attacker.
The key components of this architecture are:
- Master Key (MK): The Root of Trust.
- Key Encryption Key (KEK): Encrypting the DEKs.
- Data Encryption Key (DEK): Encrypting Your Data.
Master Key (MK): Securing the Hierarchy’s Foundation
The Master Key is the foundation of OmniSafe’s cryptographic security. It’s a root key used to protect the Key Encryption Keys (KEKs). It is the most sensitive key and never directly encrypts user data.
- Generation: Generated using a Hardware Security Module (HSM) for robust entropy and tamper resistance.
- Shamir’s Secret Sharing (SSS): The generated Master Key is then split into multiple shares using Shamir’s Secret Sharing.
- Distribution: These shares are distributed among trusted custodians. A threshold number of shares are required for any operation.
- Never Materialized: The Master Key itself is only materialized in memory within a secure environment during specific operations.
Purpose:
- Provides the highest level of security: Ensures that the KEKs are protected by a key that is extremely difficult to compromise.
- Distributes trust: The SSS scheme ensures no single entity holds the entire Master Key.
Key Encryption Key (KEK): Protecting Access to Data Encryption Keys
The Key Encryption Key (KEK) is responsible for encrypting Data Encryption Keys (DEKs). This approach adds a robust layer of security, ensuring that even if a DEK is compromised, access to your data is still protected by the KEK.
- Generation: Generated using a cryptographically secure random number generator (CSRNG). The KEK has to be rotated regularly.
- Encryption: The Key Encryption Key is itself encrypted by the Master Key.
- Storage: Stored securely in a distributed and encrypted manner within the OmniSafe KMS.
Purpose:
- Adds a Level of Indirection: Protects data by adding another layer that must be breached to access the underlying DEKs.
- Enables Key Rotation: Allows for the rotation of DEKs, increasing overall security.
Data Encryption Key (DEK): Securing Your Sensitive Data
The Data Encryption Key (DEK) is used to directly encrypt and decrypt your sensitive data. Each piece of sensitive data has its own unique DEK, enhancing security.
- Generation: The DEK is generated uniquely per data set using a secure random number generator.
- Encryption: Your sensitive data is encrypted with the DEK using a strong symmetric encryption algorithm (e.g., AES-256).
- Protection: The DEK is encrypted using the Key Encryption Key (KEK) and the encrypted DEK is stored with the encrypted data.
Purpose:
- Data Confidentiality: Even if the underlying storage is compromised, the data remains unreadable without the DEK.
- Granular Protection: Each piece of data is protected with its own key, limiting the scope of a potential compromise.