Had not heard of this offering.
Amazon Introduces Encrypted Communication Service AWS Wickr by Renato Losio
A year after the acquisition of the company Wickr, Amazon recently announced the preview of the collaboration suite AWS Wickr. Built on a proprietary encryption protocol, the new managed service provides enterprises and government agencies with security and administrative controls to meet security and compliance requirements.
Wikcr uses a multilayered AES-256 end-to-end encryption and key handling protocols to allow users securely sharing mission-critical information. Every call, message, and file in AWS Wickr is encrypted with a new random encryption key and messages. According to the cloud provider, encryption keys are accessible only within Wickr applications and not disclosed to Wickr servers.
Among the suggested use cases, the new service can help secure sensitive communications and enable out-of-band communications for disaster recovery and incident response, facilitate data governance and enable internal and external collaboration through federation. After the acquisition of the company that builds end-to-end encryption-based collaboration solutions for public sector and enterprise customers, Amazon integrated Wickr as an AWS service and developed new features including a new SDK and updated crypto protocols.
Even if AWS claims they cannot access the communications, the choice of a proprietary protocol raised some concerns in the community. Christophe Tafani-Dereeper, cloud security researcher & advocate at Datadog, comments:
"AWS Wickr encrypts every message, call, and file with a proprietary, 256-bit end-to-end encryption protocol" This awfully reads "we're rolling our own encryption". ... '
No comments:
Post a Comment