AWS Encryption

  • The data is plain to see and can be seen and understood by any recipient. There is no problem with that as long as the data is not sensitive in any way and doesn’t need to be restricted.
  • However, on the other hand, if you do have data that sensitive and you need to ensure the contents of this data are only viewable by a particular recipient or recipients. then you need to add a level of encryption to that data.

What is encryption?

  • Data encryption is a mechanism in which information is altered, rendering the plaintext data unreadable through the use of a mathematical algorithm and encryption keys.
  • When encrypted, the original plaintext data is now known as ciphertext which is unreadable. To decrypt the data, an encryption key is required to revert the ciphertext back into a readable format or plaintext.
  • A key is a string of characters; the longer the key, the more robust in the encryption
  • This encryption can be categorized as symmetric or asymmetric cryptography

Symmetric Cryptography

  • If the data was being read by a different person, that person would need to be issued the same key
  • If the key is intercepted during the transmission, any data associated cloud be easily decrypted
  • Some commonly used symmetric cryptography algorithms are AES (Advanced Encryption Standard), DES(Digital Encryption Standard), Triple DES (Triple Digital Encryption Standard), Blowfish

Asymmetric Cryptography

  • The private key should be kept by a single party and should never be shared
  • The public key can be shared with anyone without a secure transmission
  • Both keys are required to decrypt the data
  • Symmetric encryption is a lot faster from a performance perspective than asymmetric
  • Symmetric cryptography carries additional risk
  • Examples of asymmetric cryptography algorithms are RSA(Rivest-Shamir-Adleman), Diffie-Hellman, Digital Signature Algorithm

When should you use encryption?

  • When sensitive data is stored at rest should be encrypted
  • When your sensitive data is being moved, it should be done via a secure mechanism providing encryption in transit
  • If encryption in transit is not possible, the data should be encrypted prior to transmission
  • When you must adhere to specific compliance and legal controls to meet governing standards
Nadtakan Futhoem — Sr. Software Engineer

--

--

--

Founder of Nadtakan.com & Serverless Cloud developer. Follow me on Twitter https://twitter.com/nadtakanfuthoem

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Sigma Lockdrop Instructions + FAQ

Full Text — Testimony in support of HR 553 — Creating the House Study Committee on Cyberbullying

What Cities Need to Know about Chatbots and Data Security

Announcing the SWASH IDO Grand Giveaway!

Netgear TLS private key disclosure through device firmware images

Speculative Store Buffer Bypass, Rogue System Register Read

Smart Contracts and NFTs: Enabling smart communication for IoT Devices

Mommin’ It Mondays — Stream 17 — Crypto News

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Nadtakan Futhoem

Nadtakan Futhoem

Founder of Nadtakan.com & Serverless Cloud developer. Follow me on Twitter https://twitter.com/nadtakanfuthoem

More from Medium

AWS Honeypot

Running Containers on AWS using Amazon ECS and AWS Fargate

Working with AWS CloudFormation — Part 1

Building and Managing AWS VPC Infrastructure with Terraform.