If you are going deep into cloud security you may have seen the term “Envelope encryption”. Let’s explain the concept and why it is useful.
cryptography like I am 5
In the wild case, you have never heard of cryptography, it is a set of tools and techniques to transform a message (usually of high importance) in a way that only authorized people can read it.
The encrypted message (ciphertext) looks like plain-everyday text but it is gibberish to an external.
Moreover, the encryption/decryption can happen either using a key that is known to all legitimate parties (symmetric encryption) or when the users share their keys (asymmetric encryption). In the latter case, each user has:
- A public key (which they share with anyone they want)
- A private key (known only to them).
envelope encryption 101
Envelope encryption is a technique for encrypting data. It involves using a combination of symmetric and asymmetric encryption algorithms.
First, the basic idea is to use symmetric encryption to encrypt the data itself. Then to use asymmetric encryption to encrypt the symmetric key used for the encryption.
It is the same idea (not the same technique though) SSL uses to exchange keys between the client and the server
If we could lay down the envelope encryption algorithm, the steps would be:
- A random symmetric key is generated to encrypt the data.
- The data is encrypted using the symmetric key generated above.
- The symmetric key is encrypted using the recipient’s public key (asymmetric encryption).
- The encrypted symmetric key and encrypted data are sent to the recipient.
- The recipient uses their private key to decrypt the encrypted symmetric key.
- The decrypted symmetric key is then used to decrypt the encrypted data.
So this “double encryption” in steps 2 and 3, generates a conceptual envelope, thus the name.
what about performance
Symmetric encryption is faster (compared to asymmetric), so we have tangible benefits here.
And wouldn’t it be easier and faster, if we didn’t encrypt at all, I hear you saying? Of course, as with all things in computer science, we have a trade-off here.
In that case, you gain security points, you lose milliseconds. It is up to you and what you are trying to protect against.
For example, what can happen if an attacker gains access to the encrypted key? They would also need to obtain the private key to decrypt it. And this multiplies their effort significantly.
Where can you find envelope encryption? The most known tools are the key management systems in the public cloud providers. The most popular (and I believe the first in that scale) is AWS KMS
I hope this post helped you understand better the concept of envelope encryption. If you came here by accident, I want to say hi and I hope you enjoyed my writing anyway.