Amazon AWS continues to use TrueCrypt despite project's demise
Bad news for any users who have settled on Amazon Simple Storage Service as a provider: Importing and exporting data from Amazon Simple Storage Service still requires TrueCrypt, two weeks after the Truecrypt encryption software was discontinued .
What to do now? Well, no word from Amazon, anyway, who did not immediately respond to an inquiry seeking information on whether it plans to support other data encryption technologies for the AWS import/export feature aside from TrueCrypt in the future.
Curious how it works currently? Here are Amazon's docs on using Truecrypt with ASSS export and import . And here are Amazon's security FAQs.
What to do now? Well, no word from Amazon, anyway, who did not immediately respond to an inquiry seeking information on whether it plans to support other data encryption technologies for the AWS import/export feature aside from TrueCrypt in the future.
Curious how it works currently? Here are Amazon's docs on using Truecrypt with ASSS export and import . And here are Amazon's security FAQs.
Quoting:
"Amazon / AWS sent out the following email:
Dear Amazon S3 Customer,
Amazon S3 now supports server side encryption with customer-provided keys (SSE-C), a new encryption option for Amazon S3. When using SSE-C, Amazon S3 encrypts your objects with the custom encryption keys that you provide. Since Amazon S3 performs the encryption for you, you get the benefits of using your encryption keys without the cost of writing or executing your own encryption code.
Until now, in order to use your own encryption keys, you needed to encrypt your data client-side prior to uploading them to Amazon S3. With SSE-C, you now have the option to securely store your data using keys that you manage, without having to build client-side encryption infrastructure.
To use SSE-C, simply include your custom encryption key in your upload request, and Amazon S3 encrypts the object using that key and securely stores the encrypted data at rest. Similarly, to retrieve an encrypted object, provide your custom encryption key, and Amazon S3 decrypts the object as part of the retrieval. Amazon S3 doesn't store your encryption key anywhere; the key is immediately discarded after S3 completes your requests.
You can learn how to use SSE-C today by visiting "Using SSE with Customer-provided Keys" in the Amazon S3 Developer Guide.
Sincerely,
The Amazon S3 Team"