如何保护AWS S3上传/下载的数据？

Question

当我们将数据上传到S3时，它是否在默认情况下受到保护（可能通过HTTPS）？

我找到了this article，如果我理解正确，说S3不使用HTTPS：

  

Amazon Simple Storage Service：您仍然可以在Amazon S3上使用HTTP   并安全地进行身份验证请求。该服务使用不同的   安全签名协议。

在这种情况下，我们是否应使用Client-Side Encryption保护传输中的数据？

Answer 1

Quoting from the Security section of the S3 FAQs:

You can securely upload/download your data to Amazon S3 via SSL endpoints using the HTTPS protocol.

If you're using the https:// endpoint for S3, then your data in transit should be encrypted properly. The quote that you referred to in the question means that it's also possible to access S3 using http:// protocol, in which case the data wouldn't be encrypted in transit. See this related question.

If you were asking specifically about whether AWS CLI encrypts data in transit, then the answer is yes. See this question.

Also, please note that the primary purpose of using client-side encryption would be to encrypt data at rest, and to use an encryption algorithm of your own choosing. If you use client-side encryption but still use the http:// endpoint, your communication over the wire would still be unencrypted, technically speaking, because the cyphertexts being passed over the wire could be extracted by an attacker for analysis.

Update:

1. If you were asking specifically about AWS Java SDK, the default protocol is again https. Quoting from javadocs for AWS Java SDK:

By default, all service endpoints in all regions use the https protocol. To use http instead, specify it in the ClientConfiguration supplied at construction.

And from the javadocs for ClientConfiguration.getProtocol:

The default configuration is to use HTTPS for all requests for increased security.

2. Client-side/server-side encryption's primary purpose is to secure data at rest. If anyone was to break open your cloud provider's data center somehow and steal the disks that had your data, you're making it difficult for them to get hold of your data in plaintext by encrypting it either client-side/server-side. Doing it client-side gives you the benefit of having more control on the encryption algorithm with the seemingly additional side-effect of your data not being transmitted in plaintext over the wire. However, the communication channel itself is not encrypted. If you were using a weak encryption algorithm for example, an attacker could still sniff the encrypted data over the wire and decrypt it. Also, it's important to know that using SSL means:
   • You as the client can be sure you're talking to AWS
   • Your communication with AWS is encrypted, so others can't intercept it
   • You have verification that the message received is the same as the message sent

In essence, you definitely want to use SSL irrespective of whether you want to use client-side encryption or not.

Answer 2

您引用的文章已过时。它最初写于2008年，显然在2015年更新时，一些过时的信息已经存在。

  

版本是指用于签署请求的特定算法。这些AWS服务已弃用旧的安全性较低的方法（签名版本0和1），并且在2009年9月之后将不再允许这些方法。

确实，版本0和1不受支持。

  

一些AWS服务不支持签名版本2：

     

Amazon Simple Storage Service：您仍然可以将HTTP与Amazon S3一起使用，并安全地进行经过身份验证的请求。该服务使用不同的安全签名协议。

这也是不准确的。 S3在部署了签名版本2的所有区域中支持签名版本2。 2014年或之后推出的地区根本不支持V2，它们需要签名版本4，在这些地区，S3也需要签名版本4.

重要的是，这些都与HTTPS无任何关系。

来自同一份文件：

  

大多数AWS服务接受HTTPS请求，包括：

     

...

     

亚马逊简单存储服务

好的，那么，让我们重新审视这一行：

  

该服务使用不同的安全签名协议。

此声明与加密或有效负载的安全性无关。这是关于请求身份验证和授权过程的安全性的声明 - 它对伪造和反向工程的抵制 - 无论请求是否以加密方式发送。

S3支持HTTPS，以保护传输中的数据。