Abstract

This paper describes a cloud-scale encryption system. It discusses the constraints that shaped the design of Amazon Web Services’ Key Management Service, and in particular, the challenges that arise from using a standard mode of operation such as AES-GCM while safely supporting huge amounts of encrypted data that is (simultaneously) generated and consumed by a huge number of users employing different keys. We describe a new derived-key mode that is designed for this multi-user-multi-key scenario typical at the cloud scale. Analyzing the resulting security bounds of this model illustrates its applicability for our setting. This mode is already deployed as the default mode of operation for the AWS key management service.

Highlights

  • Key management for a public cloud is based on the promise for availability, durability, and absolute security and privacy

  • This paper examines the requirements for a cloud-scale encryption system” (CES) against some engineering decisions that were made in deploying the real-world solution called Amazon Web Services (AWS)

  • This paper describes the CES-GCM mode currently used in AWS KMS

Read more

Summary

Introduction

Key management for a public cloud is based on the promise for availability, durability, and absolute security and privacy. An adequate symmetric authenticated encryption with associated data (AEAD) mode of operation is a critical building block for the service, and AES-GCM [2] is a natural selection for such a primitive. It is a (NIST) standard model that enjoys overall acceptance, security proofs, and excellent. Conforming to standardized ciphers and modes induces requirements for avoiding IV reuse This imposes a need for frequent change of master keys before reaching IV collision probability thresholds. This mode uses a random nonce and IV and applies a nonce-based key derivation before every encryption

Related Work
Our Contribution
Preliminaries and Notation
A Cloud-Based Key Management Service
Requirements
Desired Properties of a CES
Requirement Driven Design
Security Bounds for AWS KMS Mode Of Operation
Events That May Occur during Encryption Queries
Discussion
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
TZ-KMS: A Secure Key Management Service for Joint Cloud Computing with ARM TrustZone
Shiyu Luo ... Zhichao Hua
-
Shiyu Luo, et. al.Shiyu Luo ... Zhichao Hua
01 Mar 2018
Self-healing key management service for Mobile Ad hoc Networks
Meng Ge ... Kwok-Yan Lam
-
Meng Ge, et. al.Meng Ge ... Kwok-Yan Lam
01 Jun 2009
Resource-Efficient Security for Medical Body Sensor Networks
O.G Morchon ... H Baldus
-
O.G Morchon, et. al.O.G Morchon ... H Baldus
03 Apr 2006
A Survey of Key Management Service in Cloud
Xiaolong Huang ... Ruining Chen
-
Xiaolong Huang, et. al.Xiaolong Huang ... Ruining Chen
01 Nov 2018
View more papers

More From: Cryptography

Paper Title
Journal
Date
Author
A Novel Two-Level Protection Scheme against Hardware Trojans on a Reconfigurable CNN Accelerator
Zichu Liu ... Chen Yang
Cryptography | VOL. -
Zichu Liu, et. al.Zichu Liu ... Chen Yang
04 Aug 2024
Evaluating the Security of Merkle Trees: An Analysis of Data Falsification Probabilities
Oleksandr Kuznetsov ... Oleksandr Domin
Cryptography | VOL. -
Oleksandr Kuznetsov, et. al.Oleksandr Kuznetsov ... Oleksandr Domin
01 Aug 2024
Entropy Analysis of FPGA Interconnect and Switch Matrices for Physical Unclonable Functions
Jenilee Jao ... Pavel Bochev
Cryptography | VOL. 8
Jenilee Jao, et. al.Jenilee Jao ... Pavel Bochev
15 Jul 2024
Improve Parallel Resistance of Hashcash Tree
Mario Alviano ... Giada Gabriele
Cryptography | VOL. 8
Mario Alviano, et. al.Mario Alviano ... Giada Gabriele
08 Jul 2024
View more papers