Why “End to End Encryption” (E2EE) ?
Most web or native applications transfer data over the internet within SSL/TLS channels, solely relying on the security of this transport-level encryption layer to guarantee confidentiality and integrity of the information being transmitted. The confidentiality of an SSL tunnel isn't always guaranteed:
- In this day and age end-users working in corporate environments are subject to a number of security related technologies capable of intercepting legitimate communication within an SSL channel. Some highly confidential information like a password might be exposed which might then be susceptible to misuse.
- Additionally end-users can be easily be convinced to install on the client-side malware than diminishes the intended protection of an SSL tunnel, for example by installing forged SSL certificates that compromise the security of SSL channels and can be used to execute man-in-the middle style attacks.
E2EE implements an additional encryption layer around sensitive data elements that guarantees confidentiality and data integrity even in scenarios where the external SSL tunnel has been legitimately or not breached.
E2EE can also be used to solve confidentiality and integrity requirements on the server side of things. In many scenarios, for performance reasons, SSL channels are terminated before the data reaches the target application server, theoretically leaving un-encrypted data exposed in-transit. Aside from security implications, this might also have compliance related flow-on effects in some jurisdictions.
In a nutshell, E2EE technology ensures that sensitive data is protected all the way from the end user’s device (point of entry) to the consuming application server.
SSL only vs “End to end encryption”
This diagram illustrates the advantages from a confidentiality point of view after of implementing E2EE.
Our E2EE solution
Safe Area Pty Ltd has partnered with Sunnic Pte Ltd, a Singapore based company founded in 2005 that focuses on providing data protection and authentication solutions.Sunnic's solutions have been deployed for a number of finance, government and enterprise industries, mainly in south east Asia.
The two key products from Sunnic that implement E2EE are:
- E-Trust Guard - End to end password/PIN encryption
- E-Trust Guard Plus – End to end encryption for arbitrary data elements
E-Trust Guard is specifically design to protect with end to end encryption PINs and Passwords. Confidentiality and integrity is secured from point of entry till (client device) point of destination. The protection extends to both in-transit and at-rest passwords.
Amongst others, E-Trust Guard can assist in mitigating the following attack types:
- Man in the middle attacks: Traditional SSL/TLS transport level encryption can be defeated by malicious SW installing fake certificates on customer’s devices.
- Replay attacks. Even if an intruder manages to extract the encrypted password from the SSL channel, it can’t be reused thanks to replay prevention technology.
- Insider attacks. Administrators will not be able to “brute replace” passwords within storage databases. Additionally passwords are encrypted up to the “point of verification” (application or HSM device).
From an high-level point of view, this diagram summarizes the typical flow for password authentication enhanced with end to end encryption:;
E-Trust Guard Demonstration
Below you'll find a J2EE portlet written for the Liferay portal that demonstrates the end to end encryption capabilities. This demonstrative application encrypts the password entered in the "Password" field using E-Trust Guard.
Feel free to test this demo application from desktop or mobile devices, it should work with most browsers.
E-Trust Guard Plus
E-Trust Guard Plus is an incremental evolution from E-Trust Guard product, allowing to protect with End to End Encryption any data element. Confidentiality is secured from point of entry (end user’s device) till point of destination.
Encryption can be applied to both in-transit data as well as data at rest, for example before persisting sensitive data into a shared or cloud based DB.
Optionally all keying material used by the encryption process can be stored on an HSM.
From an high-level point of view, this diagram summarizes the typical flow for password authentication enhanced with end to end encryption:
E-Trust Guard Plus demonstration
The demonstration applet below illustrates the encryption capabilities of the E-Trust Guard Plus solution. It allows to encrypt and decrypt data (server side) and optionally publish the encrypted data to AWS SQS. You can then see the raw SQS message by clicking on the dedicated link within 2 minutes from publishing to SQS.
E-Trust Guard System Requirements
The E-Trust Guard solution is supported on the most popular platforms and is delivered as a series of SDK and related documentations.
Client side libraries are available for:
Server side libraries:
- J2EE 1.4 or newer
Supported HSM devices (optional):
- Thales nShield
Our Consulting ServicesSafe Area Pty Ltd can assist your organization with all aspects of a project that involves integration and deployment of E-Trust Guard within your applications.
Typically a project involves the following phases:
DesignDuring this phase we’ll gather and document the functional and non-functional requirements.
Documentation is then produced to detail the architecture of the solution, the relevant use cases and the changes required to your application.