Recent AWS Customer Success Stories & Videos

More AWS Customer Success Stories...

« Amazon EC2 Cluster Instances Available on Spot Market | Main | Four New AWS Case Studies: ESA, PBS, Ericsson, Bioproximity »


TrackBack URL for this entry:

Listed below are links to weblogs that reference Client-Side Data Encryption for Amazon S3 Using the AWS SDK for Java:


Feed You can follow this conversation by subscribing to the comment feed for this post.


The post says "The envelope key is used to encrypt the master key and the data before it leaves the client." I think you mean that the envelope key is used to encrypt the data, and the master key is used to encrypt the envelope key, which is how this usually works. Alas, if you encrypt everything with the envelope key, then throw it away, you're hosed when it's time to decrypt.

Adrian Petrescu

This is an awesome feature whose applicability I can instantly see (though, of course, I'm sure many people were doing this manually before too). I hope the team adds this for a few other services as well, particularly SimpleDB. Since IAM only has Domain-level granularity there, encrypting each row with a particular set of IAM-account-specific credentials is the only safe way to allow a bunch of IAM'ed accounts to share the same Domain. I know at least two people who are encrypting/decrypting rows in SDB manually, and it's always better when this sort of critical thing can be done once in the SDK layer.


Hey, what kind of encryption algorithm is used inside the SDK?

Arshad Noor

I believe AWS is doing a good thing by: i) enabling cryptography primitives in the SDK; ii) making sure AWS does NOT have access to any cryptographic keys (unless they are encrypted); and iii) educating its user-community about protecting keys. However, I also believe that AWS does not go far enough to explain the complexities of Key Management.

If anyone is encrypting data, the MOST important item you must demonstrate (if you are doing this for compliance to a regulation such as PCI-DSS/HIPAA/etc.) is control of the key(s). If those controls are weak, non-existent and/or inadequate, all that effort in programming would be useless.

I've personally spent 12 years doing nothing but key-management, and I can unequivocally state that the most difficult part of this exercise (key-management) is barely touched upon in this blog or the accompanying article. I would strongly recommend reading more on that topic before diving in - its always difficult to see rocks lurking under placid waters. TJX and HPS paid almost a quarter-billion dollars in fines, for their complacency.

The comments to this entry are closed.

Featured Events

The AWS Report

Brought to You By

Jeff Barr (@jeffbarr):

Jinesh Varia (@jinman):

Email Subscription

Enter your email address:

Delivered by FeedBurner

April 2014

Sun Mon Tue Wed Thu Fri Sat
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30