Amazon S3 encryption overview: How to secure data in the Amazon cloud

Analyzing Amazon S3 encryption

Encrypting data in the cloud means understanding that data can be in one of two states: in transit and at rest. First, to encrypt the transport session used to send and receive data within an Amazon environment, S3 enables users to connect via the HTTPS protocol. This is a fairly standard option among cloud providers, all of whom need to allow SSL-based connectivity to protect sensitive data in transit.

Protecting data at rest is another story though; few public cloud providers offer encryption support for such cases. Amazon actually offers two types of encryption to S3 users to protect data at rest. The simpler choice is Server Side Encryption (SSE), which allows Amazon to manage the encryption keys within its infrastructure. SSE employs the Advanced Encryption Standard (AES) with 256-bit keys, which is considered a secure key length. Amazon encrypts each S3 object with a unique key, and then encrypts this unique key with a master key that is rotated frequently (at least monthly).

Establishing SSE for a particular S3 object within a bucket is optional and can easily be established at the individual object level. A "blanket" policy can also be set that requires all data sent to S3 buckets to be encrypted. A sample of such a policy is as follows:

To successfully place any data into this S3 bucket, the request would need to include the "x-amz-server-side-encryption" header. This policy can be established via Amazon's REST-based APIs for working with S3 by using Amazon's software development kits (SDKs) that include APIs to achieve the same thing. Clients can also mandate SSE via the standard Amazon Web Services management console. In May 2013, Amazon announced that its Elastic MapReduce Big Data analysis service now employs S3 SSE.

The second option for encrypting data at rest within S3 is for organizations to create and manage keys themselves using Amazon's client-side encryption. This way, data is encrypted before it is sent to S3. Client-side encryption can be deployed using Amazon's SDK for Java, specifically the S3 Encryption Client, which uses a process called "envelope encryption." The client creates a one-time-use symmetric key to encrypt the data; this key is then encrypted using the user's own keys. The encrypted "envelope key" is then uploaded to S3 with the encrypted data, and the key is stored in S3 as metadata.

Cloud provider encryption comparison

We've detailed the encryption features available in Amazon S3, but how do these encryption options compare to those from other cloud storage providers? Many adhere to the same encryption standards, but most do not have the same degree of flexibility as Amazon S3 encryption. For example, Rackspace offers server-side 256-bit encryption in its Cloud Backup product, and both Dropbox and SpiderOak have 256-bit AES encryption too. SpiderOak is somewhat different in that it has always used client-side encryption (also referred to as zero-knowledge security) versus the more traditional server-side.

Most other major cloud providers, including Verizon Terremark and Savvis, also offer data encryption to their cloud storage clients. Terremark has automated encryption for backup and redundancy, a variety of managed and co-managed encryption options for hosted platforms and data and a customer-managed encryption offering in its CloudSwitch hybrid cloud. Savvis uses SafeNet for its cloud storage encryption, extending key management and API integration to customers.

For organizations comparing the encryption features of different cloud providers, here are several points to consider:

• Ensure any cloud encryption options support standards-based encryption with the highest key length/strength possible (AES-256 being the industry standard).
• Determine whether API access to encryption functions is offered, as this may be a critical need for Software as a Service and Platform as a Service environments and application integration.
• Find out whether both server-side and client-side key management is supported. Client-side encryption is better for the most security-conscious enterprises, although the burden of key management is on the customer. If only server-side encryption is supported, inquire about how internal keys are managed and protected.
• Learn about other options that might be available, such as the recently-announced CloudHSM service from Amazon that leverages a hardware-based encryption key storage unit. This may prove to be a better fit in some circumstances.

Encryption is rightfully viewed as one of the most important security controls when it comes to protecting data in the cloud. While S3 offers a variety of encryption options, it's a sure bet that more cloud storage providers will follow suit before long.

About the author:
Dave Shackleford is senior vice president of research and chief technology officer (CTO) at IANS, and a SANS analyst, instructor and course author. He has consulted with hundreds of organizations in the areas of security, regulatory compliance and network architecture and engineering. He is a VMware vExpert and has extensive experience designing and configuring secure virtualized infrastructures. He has previously worked as chief security officer for Configuresoft; CTO for the Center for Internet Security; and as a security architect, analyst and manager for several Fortune 500 companies. Dave is the author of the Sybex book Virtualization Security: Protecting Virtualized Environments, and he recently co-authored the first published course on virtualization security for the SANS Institute. He currently serves on the board of directors at the SANS Technology Institute and helps lead the Atlanta chapter of the Cloud Security Alliance.