AWS re:Inforce 2024
Explorations of Cryptography Research Sec204 Int

Title: AWS re:Inforce 2024 - Explorations of cryptography research (SEC204-INT)

Insights:

  • Introduction to Cryptography at AWS: Peter O'Donnell, Principal Solutions Architect at AWS, emphasizes the importance of cryptography in protecting customer data, both at rest and in transit, and in ensuring secure software connections.
  • Expert Panel: The session features three renowned cryptographers: Hugo Krawcheck (co-creator of HMAC), Shai Halevy (homomorphic encryption expert), and Tal Rabin (multi-party computation and threshold cryptography specialist). They have joined AWS to bring advanced cryptographic techniques into practical use.
  • Journey to AWS: The cryptographers have a long history of collaboration, starting at IBM Research and later working on the Algorand cryptocurrency. They joined AWS to leverage its scale and customer focus to implement advanced cryptographic techniques.
  • Vision for Cryptography at AWS: The goal is to integrate state-of-the-art cryptographic techniques to enhance security and enable new services. Techniques like threshold cryptography, secure multi-party computation, and cryptographic computing are highlighted.
  • Cryptographic Computing: Shai Halevy explains cryptographic computing, particularly homomorphic encryption, which allows data processing without decrypting it. This can enable private outsourcing and collaboration without exposing data.
  • Threshold Cryptography: Tal Rabin discusses threshold cryptography, which eliminates single points of failure by distributing key shares across multiple servers. This enhances security and availability.
  • Applications in AWS: The team is working on integrating these techniques into AWS services, such as IAM, to provide defense in depth and harden security without affecting user experience.
  • Multi-Party Computation in Advertising: Hugo Krawcheck describes using secure multi-party computation to measure the success of advertising campaigns without sharing sensitive data between advertisers and publishers.
  • Homomorphic Encryption: Shai Halevy highlights the potential of homomorphic encryption to process encrypted data, with applications in private queries to ML models and private set intersections.
  • Post-Quantum Cryptography: The panel discusses the future threat of quantum computers to current cryptographic systems and the ongoing efforts to develop and implement post-quantum cryptographic algorithms.
  • Customer Involvement: The panel emphasizes the importance of customer feedback in guiding the development and implementation of cryptographic techniques at AWS.

Quotes:

  • "Cryptography is at the basis of protecting your data for most of our customers."
  • "We are trying to bring state-of-the-art cryptographic techniques to raise the bar for security for our customers."
  • "Homomorphic encryption allows you to process data without ever seeing it in the clear."
  • "Threshold cryptography eliminates single points of failure in relation to keys."
  • "In cryptography, there are no simulations or tests that you can do for the security. So actually it's only theoretical tools that we have."
  • "The simplest, shortest answer I can give customers about preparing for a PQ future is adopt TLS 1.3."
  • "Come tell us where it hurts. This is a very good time to have an impact on where these techniques come in."
  • "We need your help. Almost everything we've built here at Amazon Web Services, we've built because customers asked for it."
  • "We are doing the more advanced stuff, but not forgetting also the core basis of cryptography."
  • "We really need your input on where these techniques have impact."
Expect the Unexpected Building Resilience with Aws Cfs122Explore Cloud Workload Protection with Guardduty Feat Bookingcom Tdr304