← Lessons

quiz vs the machine

Platinum1820

System Design

Encryption at Rest for Blobs

Encrypt each object with a data key wrapped by a master key so disks alone reveal nothing.

5 min read · advanced · beat Platinum to climb

The goal

Encryption at rest ensures that if someone steals a disk or a backup, the raw bytes are useless without the keys. Every stored object is encrypted before it lands on disk.

Envelope encryption

Modern stores use envelope encryption with two key levels.

  • A unique data key encrypts the object bytes.
  • A master key, held in a key management service, encrypts that data key. The wrapped data key is stored next to the object.

To read, the store asks the key service to unwrap the data key, decrypts the object, then discards the plaintext data key. The master key never leaves the key service.

Why two levels

  • Rotation is cheap: rewrap data keys under a new master key without re encrypting petabytes of objects.
  • Blast radius is bounded: a single leaked data key exposes one object, not the whole store.
  • Access control centralizes on the master key, so revoking a key denies decryption everywhere.

Key idea

Envelope encryption protects blobs with a per object data key wrapped by a master key in a key service, enabling cheap rotation and a bounded blast radius.

Check yourself

Answer to earn rating on the learn ladder.

1. In envelope encryption, what encrypts the object bytes directly?

2. Why does envelope encryption make key rotation cheap?

3. What bounds the blast radius of a leaked data key?