The Jagged Edge: Streaming End-to-End Encryption with age in Java and Beyond
HTML-код
- Опубликовано: 8 фев 2025
- When TLS is not enough, what options are available for client-side encryption? The age-encryption.org specification presents a modern answer to the problem of file encryption for several common scenarios. With a reference implementation in Go, and a library for Java, the age standard presents a compelling solution for end-to-end file encryption. Apache NiFi has released Processors for encryption and decryption with age, highlighting an example integration approach.
This presentation provides a detailed look at the age standard from the author of the Java implementation. Supporting either password-based or public key exchange strategies, age provides a focused point of extensibility that avoids the pitfalls of algorithm negotiation. Built on authenticated encryption and elliptic curve cryptography, age is not encumbered with historical compatibility concerns. Interoperability is readily achievable with implementations in Go, Java, Python, Rust, and TypeScript, among others.
David Handermann is a member of the Apache NiFi Project Management Committee, with over 20 years of experience in information technology. Interested in all things related to information security, he has designed, developed, and maintained a number of solutions for authentication, authorization, communications security, and data protection. He is one of the founding engineers at Datavolo, and maintains a blog on software development at exceptionfactory.com.
Slides: apachecon.com/...
