Amazon Web Services just announced support for AES-256 server-side encryption with their Simple Storage Service (S3). For enterprise, healthcare and government, this makes S3 very attractive — but for the wrong reasons.
Server-side encryption is about data encryption at rest, that is, Amazon S3 encrypts your data as it writes it to disks in its data centers and decrypts it for you when you access it. As long as you authenticate your request and you have access permissions, there is no difference in the way you access encrypted or unencrypted objects. Amazon S3 manages encryption and decryption for you. For example, if you share your objects using a pre-signed URL, the pre-signed URL works the same way for both encrypted and unencrypted objects.
I think this is awesome for developers who have requirements that data be encrypted while stored, but a timeline or budget that doesn’t support doing client-side encryption. And it’s even more awesome that there’s no additional implementation effort and no additional cost. But at the same time, I’m a little disappointed that the only official offering is where Amazon completely manages the keys for you.
Dropbox promises absolute security, which means AES-256 encryption using Dropbox’s keys. A development error caused their web application to be wide open a few months ago. The assurance was that your data was secure because the non-PKI authentication process was secure. But in reality, the authentication layer failed and because the encryption layer trusts the application layer, encryption was meaningless.
I’m sure Amazon knows what they’re doing, but things happen and I ultimately have concerns with them storing keys. I’m sure they’ve adequately mitigated the risk of having individual employees with the private keys, but human error is still the greatest threat. To businesses, the next big threat is the legal system. If Amazon were to receive a subpoena for your data, you might think it’s encrypted and safe, but Amazon would technically could decrypt your data and would be forced to do so under a subpoena.
So, server-side encryption is a good thing, but as implemented, it’s not infallible and not perfect for everyone. That said, there’s no reason not to use it since Amazon made it free and with no additional implementation effort.