Cryptographically secured HTTP lambda invocations

A lambda function invocation is when the caller supplies a piece of code to a function, for then to have the other function execute the code the caller supplied. In the following video, I am illustrating how you can securely transmit code over the web, to another server, for then to have the other server execute your code (securely), and return the result of the invocation back to the client. As an additional bonus, all the traffic is encrypted between both parties.

The whole idea is based upon combining two simple ideas; Cryptographic signatures guaranteeing the invocation originated from some trusted party – And sandbox execution environments, assigning rights on a “per keyword level” to some other party, as long as he can establish the code originated from him or her. As a bonus, everything is encrypted back and forth, preventing a malicious adversary to understand what the clients are communicating about. The whole thing works due to cryptographic signatures, being a lookup into “which sandbox” the client is allowed to play in. Hence, a public cryptography key is associated with elevated rights, associated with a particular client.

If you want to reproduce what I am doing in the above video, you can download Magic and play with it yourself. Technologies used are.

  • RSA cryptography
  • AES cryptography
  • Cryptographic signatures
  • Whitelist/sandboxed environments
  • ++++

Effectively allowing you to “de-militarise” the World Wide Web, using it as an extension of your intranet, distributing code horizontally – At least in theory to thousands of heterogeneous servers spanning across the entirety of the web. Within a Turing Complete environment of course …

This UrIoTNews article is syndicated fromDzone