Thursday, March 29, 2012

Encryption remains a core technology of the Internet


With the use of Cloud services, we mustn't skip the all-important securing of sensitive data. Many web services and the apps build from them process sensitive information -- we have the need to securely store and retrieve that data. One easy way to accomplish this (at least when using Amazon's cloud services) is to use a client-side Java app that automatically encypts data when it is uploaded to the cloud. In the case of AWS, your data is stored encrypted in Amazon S3 in such a manner that no one can decrypt it without your private encryption key. The developer controls the private encryption keys used for the enciphering, and those keys are never exposed outside the client-side application. Of course, it is up to you to protect your encryption keys just like any other security credentials. The AWS client is a handy way to easily protect information residing on the cloud. Implemented properly, a developer may call the encryption/decrypt routine without other code having to be aware that the encryption and decryption is happening automatically in the client.

This approach is very different from ones based on historical models -- such as ones based on the operations of the infamous Enigma machines. The technology, patented in 1919, has been utilized for almost 100 years. On a typical Enigma machine, letters are scrambled by a set of rotatable cogs each with 26 contacts on either side. Each contact on one side is wired to a contact on the other side in some random fashion. Some models have 3 such rotating wheels, but later models in the war, have 4 wheels. This type was used exclusively on German U-Boats. Each time a key is pressed, the right most wheel is rotated by one step, resulting in a different mapping of the internal wires. As a result, each new letter is encoded differently.

Check out this fellow's work on a spreadsheet version of a well-known WWII encryption technology. This solution was used for many years after the war (and after it was compromised) by other parties. You can read more about the Enigma machine.

If you want to implement your own encryption approach based on the Enigma, this online course will get you started.

No comments:

Post a Comment