What's the point of the Wildfly vault (JCEKS) when securing the https keystore?

Question

I feel like I'm completely missing the point of the new JCEKS keystore format in Wildfly. Maybe you can set me straight.

The way that we have Wildfly configured (and much of the internet instructs us to, for example):

• We put the standard keystore entries in a standard Java Key Store ("keystore.jks") file with a password ("jks_pw")
• We then create a JCEKS keystore ("keystore.jceks") with a password, salt, and round-count ("jceks_s_n").
• We then put "pks_pw" into "keystore.jceks"
• We then add the JCEKS password/etc ("jceks_s_n") into our jboss config (standalone.xml) as plain text, defining a entry
• We then add a reference to the vault-stored JKS password to our jboss https connector (standalone.xml), as "password="${VAULT::jks::jks::1}".

What the heck did all of that accomplish???

If we just used a JKS file and a password embedded in standalone.xml, the system is susceptible to:

• An attacker getting a copy of standalone.xml and the JKS file, in which case all secrets are known.
• An attacker getting a copy of the JKS file, in which case an attacker can use brute-force or lookup table attacks.

If we use a JCEKS container in the way described, the system is susceptible to:

• (SAME) An attacker getting a copy of standalone.xml, the JKS/JCEKS files, in which case all secrets are known.
• (SAME) An attacker getting a copy of the JKS file, in which case an attacker can use brute-force or lookup table attacks.

This would sort of make sense if we put the actual certs inside of the JCEKS file, in which case brute-force and lookup table attacks would be harder in the second case of attack, but so far I haven't found a way to use a JCEKS-formatted keystore directly with an https connector.

Really, the only reason I care too much about this is that we apparently have a security requirement to use the "vault", but it seems pointless.

UPDATE: It is worth noting that by using the vault you're using a "masked" password to the vault in your jboss config file, but I can't figure out what this means. Apparently your masked-password + salt + rounds can unlock the JCEKS keystore (source), so I'm not sure what exactly masking accomplishes. It just seems like a third level of redirection. I've got to be missing something...

Answer 1

JBoss states that the security mechanism behind "vault" is security by obscurity (https://developer.jboss.org/wiki/JBossAS7SecuringPasswords)

How secure is this?

• The default implementation of the vault utlizes a Java KeyStore. Its configuration uses Password Based Encryption, which is security by obscurity. This is not 100% security. It only gets away from the problem of clear text passwords in configuration files. There is always a weak link. (As mentallurg suggests in the comments, the keystore password is the weakest link).
• Ideally, 3rd party ISV robust implementations of Vaults should provide the necessary security.

Vault uses an unknown password and algorithm perform a symmetric encryption of the keystore password. Without a HSM, you will always face the problem of "where store the, e.g., datasource password". So normally you'd define a property file with an Access-Control-List and store the encoded password there.

The vault just increases the effort of getting the secured password, leaving the attacker to either read the pw in-memory or reverse-engineer the vault encryption algorithm + key.

Answer 2

It is important to to know that the security mechanism behind "vault" is security by obscurity, which means you are just masking your sensetive data. It means if an attacker have access to your standalone.xml and the keystore, he can easily read all your data. vault "increases the effort" -> the attacker cannot see them directly but with some (little bit) effort.