Please some on help me to understand this \"Are you ready for this? With the two
ID: 656212 • Letter: P
Question
Please some on help me to understand this
"Are you ready for this? With the two-factor encryption model your data is protected two-fold. First, a unique key is generated, encrypted, and turned into a token, which is then stored. This token can only be accessed by the administrator or end user providing his credentials as the complementary part to decrypt the stored token; and second, the data is also encrypted. In order to access the encrypted data, both parts of the equation need to work together to recreate the key, which only exists in that unique session. Since only the administrator or end user has access to that token, anyone who wants the data would have to go to him to get the first piece of the puzzle. Effectively, no one can access the data without your knowledge."
Explanation / Answer
I can say this: Is isnt secure. Once someone authenticates and get the encryption key for the data, they have unlimited access to the data that is protected. The solution in your description, uses a 2-shared key, where the first factor (password) is generating key1. then the second factor, like a OTP athenticator, is used to authenticate at the administrator, and key2 (the token) is generated. Then the 2 keys are combined in a way, like key1 XOR key2, and gives key3. key3 gives access to data.
A adversiary that want to break the system, could ensure the real user authenticates successfully. After this, key1 and key2 is copied, and thus the two-factor authentication is bypassed.
For two-factor to be really two-factor, the physical second-factor must have a property, ensuring that the secret key cannot be extracted, rather disk data has to be fed through the second factor. In other Words, like a HSM. This ensures that the two-factor requirement is enforced at all times, and that you could even lend out the second factor to someone that needs temporary access, and once the access is revoked, the second factor is taken back and then the advesary is guranteed to no longer have acccess to the data.
A smart card is too slow, so you need some disk encrypting solution that uses some sort of high capacity HSM that is inside a Little key, that is inserted. For the "what you know" factor, a PIN can be used.
Using a Smart card or HSM, that stores a "master key" securely, but is used to decrypt a "disk key" that is later used to decrypt data, isnt secure either, since a adversary could just ask the smart card or HSM to decrypt the disk key for them and then they have full access, even when they lost access to the Smart card or HSM.