Veeam Backup & Replication supported encryption standards and methods


Userlevel 7
Badge +5

One of my clients (public sector) has high security requirements for his IT environment – including backup and storage.

I found the following statement from VEEAM about the used encryption standards and methods in Veeam Backup and Replication:

“Veeam Backup & Replication supports the following encryption standards and methods:

Data Encryption

To encrypt data blocks in backup files and files archived to tape, Veeam Backup & Replication uses the 256-bit AES with a 256-bit key length in the CBC-mode. This is designed to support the FIPS 140-2 standard. More information around that standard can be found here.

As a part of Veeam Backup & Replication’s ability to generate a key based on a password, it uses the Password-Based Key Derivation Function, PKCS #5 version 2.0 as a part of NIST Publication 800-132. Veeam Backup & Replication uses 10,000 HMAC-SHA1 iterations and a 512-bit salt. More information can be found here.

Veeam Backup & Replication uses the following hashing algorithms:

For digital signature generation: SHA-1, SHA-256

For HMAC generation: HMAC_SHA1

For random number generation: SHA1

For Microsoft Windows-based repositories and software-based encryption for tapes, Veeam Backup & Replication uses the Windows Crypto API complying with the Federal Information Processing Standards (FIPS 140-2). More information can be found here.

Veeam Backup & Replication uses the following cryptographic service providers:

Microsoft Base Cryptographic Provider

Microsoft Enhanced RSA and AES Cryptographic Provider

Microsoft Enhanced Cryptographic Provider

For Linux-based repositories, Veeam Backup & Replication uses a statically linked OpenSSL encryption library, without the FIPS 140-2 support. More information can be found here.

Veeam Backup & Replication encrypts stored credentials using the Data Protection API (DPAPI) mechanisms. More information can be found here.”

Most of this is fine and compliant with German regulations - all but the usage of SHA-1 and HMAC-SHA1… These are non-collision resistant hash functions and it is possible to hack them (although it costs some time and effort). German regulations recommend not to use these methods...

 

Does someone have some information if there are changes in the usage of these methods on Veeam’s agenda for future product versions? E.g. the usage of SHA-2 or SHA-3?


15 comments

Userlevel 7
Badge +5

Additional question:
Was the usage of SHA-1 a topic / showstopper with public sector clients in other countries? There are strict requirements e.g. in the US, too. Has anyone experiences with this?

Do you use encryption methods additional to VEEAMs capabilities?

Userlevel 7
Badge +4

Is SHA1 in general insecure or does it depend on where and how you use it?

I couldn't find anything on this topic. Perhaps you could ask your question in the R&D Forums?

Userlevel 7
Badge +7

Good question, Joe! I know it is impolite to answer a question with a question, but do you have more information about die usage of these hashes SHA-1 algorithm creates? I ask because from my perspective hashes for checksums and random number generation is not really security relevant. 

Userlevel 7
Badge +5

Hi,
unfortunately I don't have further information.

I think, I will ask this in R&D Forum, too….

Thank you @regnor  and @vNote42 for your thoughts.

Userlevel 6
Badge +3

you need to ask the question in r&d. I think from r&d anyone can help you.

Userlevel 7
Badge +5

:grin:  I have asked this in R&D forums. Anton Gostev answered that there are no plans to switch to the other methods in the moment.

Just tried with the local sales rep to get an official statement from Veeam that the FIPS 140-2 standard is completely met by VBR.

We will see… :sunglasses:

Userlevel 6
Badge +3

:wink:

Any update to this? 

:grin:  I have asked this in R&D forums. Anton Gostev answered that there are no plans to switch to the other methods in the moment.

Just tried with the local sales rep to get an official statement from Veeam that the FIPS 140-2 standard is completely met by VBR.

We will see… :sunglasses:

 

Userlevel 7
Badge +5

Veeam's legal department is writing a statement. They are not finished up to now….

Bringing this back up.

@JMeixner, did you ever hear anything back from Veeam? I’m trying to figure out if it’s now fully FIPS validated, and this thread is at the top of the results.

 

I did search the NIST CMVP site and found that the Veeam Cryptographic Module was FIPS validated as of 3/30/17, and then re-validated 8/10/2021.

Further, VBR v11 has an “Enable FIPS-compliant operation mode” setting under General Options>Security.

 

I’ll be scheduling a call with sales soon and will update here if/when I figure out anything official.

Userlevel 7
Badge +5

My actual status from last month is that VBR V11 is still in examination.

You say the cryptographic module was revalidated in October 2021. Did not hear about this up to now. But it is a good opportunity to ask once again. 😎👍🏼

Sorry, US date format. August 10, 2021.

 

https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2872

Userlevel 7
Badge +5

Argh, I have used the wrong date format… 😎

I will ask tomorrow and post the result as soon as I get one.

Userlevel 7
Badge +6

You know how sometimes you have a conversation and you remember something really useful you saw? Today was this post!

 

I had a customer filling out some forms and wanted to confirm the encryption standards used by Veeam, and immediately I thought “Aha, @JMeixner did an awesome post on this”. And straight over here I ran!

 

Just wanted to say thanks for posting!

Userlevel 7
Badge +5

:sunglasses:  glad I could help you.

And to complete this topic: Yes, VBR V11 is now FIPS140-2 certified.

Comment