Reputation: 8103
More secure S3 URLs
I am currently following Amazon's documentation to sign S3 URL's for download. Using hmac-sha1 is good but I want something more secure since there are inherent flaws as of 2010. Also, it is good marketing too to use strong encryption. I KNOW that others are using 256-bit encryption when signing their URLs. I too would like to use sha256 or sha512, but it seems like Amazon's docs don't tell you how this is possible. They only reference hmac-sha1 (which I'm currently using w/ succcess).
Signature = URL-Encode( Base64( HMAC-SHA1( YourSecretAccessKeyID, UTF-8-Encoding-Of( StringToSign ) ) ) );
How would I go about using something more secure?
Thanks
Upvotes: 0
Views: 109
Answers (1)
Reputation: 2736
There are inherent flaws to sha-1 but they don't carry over to hmac-sha-1, so there's no need to worry.
That being said, I actually did find the documentation you were looking for here.
Upvotes: 2
Related Questions
- How to Secure amazon s3 bucket web URL of a resource against unauthorised user
- What's the alternatives to keep my s3 buckets secure in AWS?
- How to secure an Amazon S3 URL
- How secure are presigned URLs in AWS S3?
- Secure AWS S3 file urls
- Exposing AWS S3 Signed URLs in Web App?
- Creating a signed S3 URL with Javascript
- aws s3 bucket encryption
- Amazon S3 File Encryption
- Amazon S3 secure URL at the bucket level