P2P encryption: Pros and cons of point-to-point encryption
P2P encryption is an emerging technology; one that may be helpful for many companies, especially merchants. Mike Chapple dissects the pros and cons.
There’s been a lot of buzz in security circles recently about point-to-point encryption (P2PE) technology and the potential it has to minimize the exposure of sensitive information in high-risk environments. In this tip, we will examine the benefits that P2P encryption brings to enterprise security and point out some of the open issues that are slowing point-to-point encryption adoption.
How P2P encryption works
Point-to-point encryption allows enterprises to create secure communication links between devices or components within those devices that prevent intermediate devices from having exposure to sensitive information that is transiting the network. P2PE is most commonly deployed as a solution for compliance with the Payment Card Industry Data Security Standard (PCI DSS), but it may also be used for other sensitive data.
For example, consider a clothing chain that has many retail outlets located around the country, handling all financial transactions from a centrally located data center. It would be difficult for the retailer to ensure the physical security of the local area networks in each store, due to the sheer quantity of those networks and the public nature of retail locations. Furthermore, it is unlikely that trained security staff is present in each of the retail outlets to monitor the network.
By deploying P2P encryption, the retailer can limit the scope of exposure credit card numbers operate under within the merchandizing environment. For example, by deploying a point of sale (POS) system that uses encrypting card scanners and is supported by a back-end system in the home office that supports point-to-point encryption, the entire store network is taken out of the loop. Since the hardware card scanner encrypts the data before it reaches the POS terminal, there is no device on the store network that has the ability to decrypt the card number. This protects card numbers from a variety of attacks, including the eavesdropping of unauthorized devices and malware infections in the POS terminal. Devices such as those do not have access to the encryption key, so they would remain unable to access the card number.
Why use P2P encryption?
The main benefit of point-to-point encryption is its ability to reduce the scope of security efforts. In the retail scenario described above, if the merchant is able to assure the integrity of the hardware card scanners, it is only necessary to apply the most stringent security controls to the centralized back-end systems that are vulnerable to decryption. In highly regulated environments, this strategy can dramatically reduce the number of systems and networks that must meet onerous compliance and monitoring requirements.
Limitations of P2P encryption
While point-to-point encryption is a promising security technology option, it is still not widely deployed, mainly due to the small number of mature products on the market. Several organizations wanted to deploy it shortly after the PCI Security Standards Council adopted a simplified validation process for such products, but were unable to locate a product that met the PCI SSC's guidelines. In many cases, vendors reported they were beginning to field test offerings, but they were not yet commercially viable. These products are now beginning to find their way onto the market and are slowly coming online as merchants upgrade their systems.
This compliance delay leads to the second main limitation of P2P encryption; it often requires a sizeable financial investment in order to get up and running. This includes upgrades to POS hardware, software, and potential fee increases from vendors who are eager to capitalize on the sudden demand from businesses that are seeking to limit their compliance obligations.
Finally, it’s important to remember P2P encryption is not a panacea. While it can certainly reduce the need to secure remote networks, it does not eliminate the need for security controls. The most important example of this is the need to employ strong encryption key management practices. If an adversary is able to gain access to the decryption key, this solution is rendered useless. This means any device that is considered out of scope must not have access to the keys used to protect sensitive information.
In conclusion, point-to-point encryption is a promising technology that organizations are beginning to adopt in an effort to enhance data security and reduce the scope of compliance initiatives, especially in payment system environments. Currently, however, there are several significant limitations to the approach that security professionals looking to utilize this technology must consider, but continued improvement in commercial P2P products will likely lead to increased enterprise usage in the years ahead.
About the author:
Mike Chapple, Ph.D., CISA, CISSP, is an IT security professional with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Mike is a frequent contributor to SearchSecurity.com, a technical editor for Information Security magazine and the author of several information security titles, including the CISSP Prep Guide and Information Security Illuminated.