[Cryptography] Does this keying scheme make sense?

Joseph Lawson joe at joekiller.com
Sun Oct 22 09:43:55 EDT 2017


encrypts files in cloud storage with each file
having a different key.  The keys are all generated from a secret
keystore seed in a way that is supposed to be secure


This sounds almost exactly like Amazon"s server side encryption for S3
storage.


http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html

> Amazon S3 encrypts each object with a unique key. As an additional
safeguard, it encrypts the key itself with a master key that it regularly
rotates. Amazon S3 server-side encryption uses one of the strongest block
ciphers available, 256-bit Advanced Encryption Standard (AES-256), to
encrypt your data.

-Joe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20171022/e39573d4/attachment.html>


More information about the cryptography mailing list