How Log Encryption Works

Added in Iguana version 6.1 for Enterprise and Professional tiers only.

Introduction

Using encrypted logs greatly increases data security. Iguana Professional and Enterprise tiers use encrypted logs — encryption is mandatory and cannot be disabled.

You must enable Log encryption each time the Iguana Server starts. You can do this by entering (or scripting) a password or by using the Auto-Unlock option.

Tip: Using log encryption can help you to meet HIPAA compliance requirements.

Overview [top]

Iguana generates a log encryption key that is used to encrypt the log files. This key is stored securely in an encryption locker file. By default the locker file is stored in the Iguana working directory, but this location can be changed. Each time the Iguana Server starts up the encryption locker file must be unlocked to allow Iguana to use the encryption key. The locker file can only be unlocked with a password chosen by the user.

Warning: It is critical not to forget the encryption locker password!

If the locker password is lost then you will not be able to open the locker file — which means you will lose access to all historical (encrypted) logs. There is no alternative method to recover the logs.

We recommend storing the password securely in at least two places, for example: One encrypted copy on a different physical device from the Iguana Server, and a second hard copy in a safe.

Implementation [top]

These are the technical details of how we implemented the log encryption:

  • The log encryption key is generated by Iguana:

    Iguana generates a 32 byte AES key value using PKCS5 and SHA-256

  • The generated key is used to encrypt the log files:

    Iguana uses the generated 32 byte AES key to encrypt the log files using AES-256 and CBC block cipher mode

  • The key is stored an encryption locker file:

    Iguana stores the key in a proprietary format encryption locker file, that uses a .locker extension

  • By default the locker file is stored in the Iguana working directory:

    Iguana stores the locker file in its working directory by default, but the location can be changed at startup (if auto-unlock is not enabled). This method can be used to change the location of the locker file – you must copy your locker file to the new location before starting Iguana.
    Note: If you try to use a different locker file or create a new locker file you will get an error.

  • To use the encryption key the locker file must first be unlocked with a password chosen by the user:

    Each time the Iguana Server starts the encryption locker file must be unlocked to allow Iguana to access the encryption key. The password is needed each time the Iguana Server is started to enable access to the encryption key. It is important that a strong password is used for security (to prevent hacking). Also this password must be stored securely as it is the only way to read the log files — if the password is lost the log files cannot be recovered by other means.

More Information [top]