The Implementation of Cryptography in the cloud

Let's imagine how Microsoft store the Office 365 customer data in multi-tenant environment, how Microsoft Azure secures the medical records to fulfill HIPAA standard, or how Xbox Live player can enjoy their digital games. On of the answer is cryptography. define cryptography as Easttom (2015) in his Modern Cryptography book mention that:

Cryptography is the study of how to alter a message so that someone intercepting it cannot read it without the appropriate algorithm and key.

We don't discuss the mathematics of cryptography, we don't discuss the how cryptography is used in Blockchain, but we will discuss some implementations of cryptography in cloud computing environment

What is the difference between cloud cryptography and non-cloud cryptography?

You are right if you think that the cryptography In the cloud has a similarity with non-cloud cryptography. But it would be a mistake if you hear this scenario

  • The data in the cloud can be moved and replicated from one to another data center, how to make the customer can access it with their access
  • You control the data, and you don't want cloud vendor to access the data

Yes, we can use AES and blowfish to encrypt files of folders that are stored in the cloud. But cloud is not about the files, It is about Virtual Machine, Web Apps, API Key, and many more. Therefore, not all cryptography applicable in the cloud, we will discuss what the cryptography trend for the cloud.

Cryptography future trend in the cloud

You control the data, and you don't want cloud vendor to access the data

According to Microsoft Research, Proof of Storage is a way to verify is whether the cloud provider already temper the data. The great of this method is portables and doesn't need a local copy of the data and without having retrieve any data process between cloud and client PC.

The data in the cloud can be moved and replicated from one to another data center

Imagine you are using an email and you want to make sure that the email is not tempered or read by someone else. In Office 365, we know digital right management that can do advanced techniques such as no forward, self-destruct, and revoking access. The simple solution is to sign the data and check the signature when needed. Each resource can be secured with its own cryptography, but it means the customer will have keys for resources and the cloud vendor cant do anything without the customer keys.

Homomorphic encryption

In a simple definition homomorphic encryption is a way a crypto system that allows computations to be performed on data without decrypting it. There are a lot of algorithm that can be used in homomorphic encryption such as:

  • RSA
  • Goldwasser–Micali
  • Paillier

We will discuss it further in one of my session in Summer Course 2019, in 16th July stay tune!

Add comment

  Country flag

  • Comment
  • Preview

Topics Highlights

About @ridife

This blog will be dedicated to integrate a knowledge between academic and industry need in the Software Engineering, DevOps, Cloud Computing and Microsoft 365 platform. Enjoy this blog and let's get in touch in any social media.


Month List