Head's up: This is a blog post about applied cryptography, with a focus on web and cloud applications that encrypt data at rest in a database or filesystem. While the lessons can be broadly applicable, the scope of the post is not. One of the lessons I learned during my time at AWS Cryptography (and…

Hacker News is a community-driven platform for sharing and discussing technology news, startups, and programming-related topics. Through user submissions and comments, Hacker News offers insights into emerging technology trends, industry developments, and entrepreneurial ventures. Readers can participate in discussions, share their insights, and stay informed about the latest advancements in technology and innovation.

Hacker News

This post discusses the importance of encryption at rest in web and cloud applications and the need for a clear threat model. It explores the concept of security theater and the risks it aims to mitigate. The post also explains client-side encryption and the need for proper key management and encryption algorithms. It highlights the issue of confused deputies and offers solutions to mitigate the risk. The post concludes by urging developers to improve their understanding of encryption at rest and engage in threat modeling.

Encryption At Rest: Whose Threat Model Is It Anyway?

Why should we listen to you about this topic?

Why and How to use Encryption At Rest to Protect Sensitive Data

Security Considerations for Client-Side Encryption

<p>For anyone looking to find the image from the thumbnail:</p>
<p><img src="https://scottarc.blog/wp-content/uploads/2024/06/full-disk-encryption.jpg" alt=""></p>
