minio/docs
1
0
Fork 0
mirror of https://github.com/minio/docs.git synced 2025-04-21 08:05:59 +03:00
Code
docs/source/security/server-side-encryption/minio-server-side-encryption.rst
ravindk89 955cd1b03e DOCS-311: Complete cleanup of SSE docs 
Fixups per Andreas

More CR fixes

Apply suggestions from code review

Co-authored-by: Andreas Auernhammer <hi@aead.dev>

Final pass
2021-10-21 12:50:37 -04:00

199 lines
7.4 KiB
ReStructuredText
Raw Permalink Blame History

.. _minio-sse:
=================================
Server-Side Encryption of Objects
=================================
.. default-domain:: minio
.. contents:: Table of Contents
:local:
:depth: 1
.. |EK| replace:: :abbr:`EK (External Key)`
.. |SSE| replace:: :abbr:`SSE (Server-Side Encryption)`
.. |KMS| replace:: :abbr:`KMS (Key Management System)`
MinIO Server-Side Encryption (SSE) protects objects as part of write operations,
allowing clients to take advantage of server processing power to secure objects
at the storage layer (encryption-at-rest). SSE also provides key functionality
to regulatory and compliance requirements around secure locking and erasure.
MinIO SSE uses the :minio-git:`MinIO Key Encryption Service (KES) <kes>` and an
external Key Management Service (KMS) for performing secured cryptographic
operations at scale. MinIO also supports client-managed key management, where
the application takes full responsibility for creating and managing encryption
keys for use with MinIO SSE.
MinIO SSE is feature and API compatible with
:s3-docs:`AWS Server-Side Encryption <server-side-encryption.html>` and
supports the following encryption strategies:
.. tab-set::
.. tab-item:: SSE-KMS *Recommended*
:sync: sse-kms
MinIO supports enabling automatic SSE-KMS encryption of all objects
written to a bucket using a specific External Key (EK) stored on the
external |KMS|. Clients can override the bucket-default |EK| by specifying
an explicit key as part of the write operation.
For buckets without automatic SSE-KMS encryption, clients can specify
an |EK| as part of the write operation instead.
SSE-KMS provides more granular and customizable encryption compared to
SSE-S3 and SSE-C and is recommended over the other supported encryption
methods.
For a tutorial on enabling SSE-KMS in a local (non-production) MinIO
Deployment, see :ref:`minio-encryption-sse-kms-quickstart`. For
production MinIO deployments, use one of the following guides:
- :ref:`AWS SecretsManager <minio-sse-aws>`
- :ref:`Google Cloud SecretManager <minio-sse-gcp>`
- :ref:`Azure Key Vault <minio-sse-azure>`
- :ref:`Hashicorp KeyVault <minio-sse-vault>`
.. tab-item:: SSE-S3
:sync: sse-s3
MinIO supports enabling automatic SSE-S3 encryption of all objects
written to a bucket using an |EK| stored on the external |KMS|. MinIO
SSE-S3 supports *one* |EK| for the entire deployment.
For buckets without automatic SSE-S3 encryption, clients can request
SSE encryption as part of the write operation instead.
For a tutorial on enabling SSE-s3 in a local (non-production) MinIO
Deployment, see :ref:`minio-encryption-sse-s3-quickstart`. For
production MinIO deployments, use one of the following guides:
- :ref:`AWS SecretsManager <minio-sse-aws>`
- :ref:`Google Cloud SecretManager <minio-sse-gcp>`
- :ref:`Azure Key Vault <minio-sse-azure>`
- :ref:`Hashicorp KeyVault <minio-sse-vault>`
.. tab-item:: SSE-C
:sync: sse-c
Clients specify an |EK| as part of the write operation for an object.
MinIO uses the specified |EK| to perform SSE-S3.
SSE-C does not support bucket-default encryption settings and requires
clients perform all key management operations.
MinIO SSE requires enabling :ref:`minio-tls`.
.. _minio-encryption-sse-secure-erasure-locking:
Secure Erasure and Locking
--------------------------
MinIO requires access to the Encryption Key (EK) *and* external Key Management
System (KMS) used as part of SSE operations to decrypt an object. You can use
this dependency to securely erase and lock objects from access by disabling
access to the EK or KMS used for encryption.
General strategies include, but are not limited to:
- Seal the |KMS| such that it cannot be accessed by MinIO server anymore. This
locks all SSE-KMS or SSE-S3 encrypted objects protected by any |EK| stored on
the KMS. The encrypted objects remain unreadable as long as the KMS remains
sealed.
- Seal/Unmount an |EK|. This locks all SSE-KMS or SSE-S3 encrypted objects
protected by that EK. The encrypted objects remain unreadable as long
as the CMK(s) remains sealed.
- Delete an |EK|. This renders all SSE-KMS or SSE-S3 encrypted objects protected
by that EK as permanently unreadable. The combination of deleting an EK and
deleting the data may fulfill regulatory requirements around secure deletion
of data.
Deleting an |EK| is typically irreversible. Exercise extreme caution
before intentionally deleting a master key.
For more information, see:
- :ref:`SSE-KMS Secure Erasure and Locking
<minio-encryption-sse-kms-erasure-locking>`
- :ref:`SSE-S3 Secure Erasure and Locking
<minio-encryption-sse-s3-erasure-locking>`
- :ref:`SSE-C Secure Erasure and Locking
<minio-encryption-sse-c-erasure-locking>`
Encryption Internals
--------------------
.. note::
The following section describes MinIO internal logic and functionality.
This information is purely educational and is not necessary for
configuring or implementing any MinIO feature.
.. _minio-encryption-sse-content-encryption:
Content Encryption
~~~~~~~~~~~~~~~~~~
The MinIO server uses an authenticated encryption scheme
(:ref:`AEAD <minio-encryption-sse-primitives>`) to en/decrypt and authenticate
the object content. The AEAD is combined with some state to build a
**Secure Channel**. A Secure Channel is a cryptographic construction that
ensures confidentiality and integrity of the processed data. In particular, the
Secure Channel splits the plaintext content into fixed size chunks and
en/decrypts each chunk separately using an unique key-nonce combination.
The following text diagram illustrates Secure Channel Construction of an
encrypted object:
The Secure Channel splits the object content into chunks of a fixed size of
``65536`` bytes. The last chunk may be smaller to avoid adding additional
overhead and is treated specially to prevent truncation attacks. The nonce
value is ``96`` bits long and generated randomly per object / multi-part part.
The Secure Channel supports plaintexts up to ``65536 * 2^32 = 256 TiB``.
For S3 multi-part operations, each object part is en/decrypted with the Secure
Channel Construction scheme shown above. For each part, MinIO generates a secret
key derived from the Object Encryption Key (OEK) and the part number using a
pseudo-random function (:ref:`PRF <minio-encryption-sse-primitives>`), such that
``key = PRF(OEK, part_id)``.
.. _minio-encryption-sse-primitives:
Cryptographic Primitives
~~~~~~~~~~~~~~~~~~~~~~~~
The MinIO server uses the following cryptographic primitive implementations:
.. list-table::
:header-rows: 1
:widths: 40 60
:width: 100%
* -
- Primitives
* - Pseudo-Random Functions (PRF)
- HMAC-SHA-256
* - :ref:`AEAD <minio-encryption-sse-content-encryption>`
- ``ChaCha20Poly-1305`` by default.
``AES-256-GCM`` for x86-64 CPUs with the AES-NI extension.
.. toctree::
:titlesonly:
:hidden:
/security/server-side-encryption/configure-minio-kes-hashicorp
/security/server-side-encryption/configure-minio-kes-aws
/security/server-side-encryption/configure-minio-kes-gcp
/security/server-side-encryption/configure-minio-kes-azure
/security/server-side-encryption/server-side-encryption-sse-kms
/security/server-side-encryption/server-side-encryption-sse-s3
/security/server-side-encryption/server-side-encryption-sse-c
View Git Blame Copy Permalink