Microsoft adding Elliptic Curve Cryptography support to Azure Web Sites

You never have enough of securing your machines, have you? As a developer, you are probably continuously striving the good balance between functionality and security of your platform. As a Cloud Developer, possibly on a well-known PaaS platform, you are relieved of most of the encumbrance, which is off-loaded to your provider, but still will need to deploy strategies to ensure that your app is as safe as possible for both you and your users. Well, nowadays we have plenty of resources to defend our website, especially on the cryptography side. Well, probably it’s not the right time to celebrate OpenSSL, the most common and used encryption layer around, but apart from bugs who might cause your heart to bleed (pun intended), the modern asymmetric cryptography technologies are quite robust and well-known, and upon them relies the vast majority of security of the Internet nowadays.
Nevertheless, cryptographers keep looking for ways to make things even more secure, and a somehow new technology is slowly making its way to the tier-1 set of security algorithms: the Elliptic Curve Cryptography. Today’s news is: Microsoft added ECC to Azure Web Sites.

Wait, Elliptic… what?

ECC is not the latest acronym in the computer world: mind immediately goes to Error Correcting Code RAM memory. When speaking about cryptography, though, ECC is an “approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields“, Wikipedia says. Quite easy, right?
Elliptic Curve Let’s take it one bite a time. Mathematically speaking, Elliptic curves are based on equations like “y^2 = x^3 + ax + b”. Once drawn, they produce graphs like this one on the left here. As you might see, the curve has a peculiar elliptic shape and is symmetric. A long and deep (and boring, probably) analysis of the mathematical properties of this kind of curves should be here, but long story short: elliptic curves has a number of interesting features that we can use to derive public keys from private ones very easily, while the other way round is extremely more complex, by at least one order of magnitude. For example, a reasonably strong 3072 bit RSA key is equivalent to a small 256 bit ECC key. Quite impressive, I’d daresay.

ECC in Azure Web Sites

To unleash all the computational efficiency of ECC cryptography in Azure Web Sites is quite easy thanks to the new feature Microsoft added. The starting point is buying an ECC certificate instead of an ordinary SSL ones. ECC is quite a new technology out there, so you might find a little bit difficult to provision one for yourself. Right now, Symantec and Entrust sell them, but you can expect more companies will join the band soon. Once you have it, enough you upload it to Azure as a PFX file, just like for your usual RSA certifcate, and assign it to your site, and you’re done. Azure will take care of everything it’s needed in the background to make it up and running. Anyway, caution ahead: ECC is not yet supported by all the clients around. The most recent ones support this new toy fairly way, but ensure to provide a backup for the older ones, just in case.

Written by

Software Engineer with a solid focus on QA and an extensive experience in ICT. Above all, Andrea has a very strong interest in Free and Open Source Software, and he is a Debian and Ubuntu Developer since years. Non-tech interests include: Rugby, Jazz music and Cooking.

Related Posts

— November 21, 2018

Google Cloud Certification: Preparation and Prerequisites

Google Cloud Platform (GCP) has evolved from being a niche player to a serious competitor to Amazon Web Services and Microsoft Azure. In 2018, research firm Gartner placed Google in the Leaders quadrant in its Magic Quadrant for Cloud Infrastructure as a Service for the first time. In t...

Read more
  • AWS
  • Azure
  • Google Cloud
— October 30, 2018

Azure Stack Use Cases and Applications

This is the second of a two-part series covering Azure Stack. Our first post provided an introduction to Azure Stack. Why would your organization consider using Azure Stack? What are the key differences between Azure Stack and Microsoft Azure? In this post, we'll begin to answer bot...

Read more
  • Azure
  • Hybrid Cloud
  • Virtualization
— October 3, 2018

Highlights from Microsoft Ignite 2018

Microsoft Ignite 2018 was a big success. Over 26,000 people attended Microsoft’s flagship conference for IT professionals in sunny Orlando, Florida. As usual, Microsoft made a huge number of announcements, ranging from minor to major in importance. To save you the trouble of sifting thr...

Read more
  • Azure
  • Ignite
— September 20, 2018

Planning for Microsoft Ignite 2018 Sessions: What Not to Miss

Cloud Academy is proud to be a sponsor of the Microsoft Ignite Conference to be held September 24 - 28 in Orlando, Florida. This is Microsoft’s biggest event of the year and is a great way to stay up to date on how to get the most from Microsoft’s products. In this post, I’ll help you p...

Read more
  • Azure
— September 18, 2018

How to Optimize Cloud Costs with Spot Instances: New on Cloud Academy

One of the main promises of cloud computing is access to nearly endless capacity. However, it doesn’t come cheap. With the introduction of Spot Instances for Amazon Web Services’ Elastic Compute Cloud (AWS EC2) in 2009, spot instances have been a way for major cloud providers to sell sp...

Read more
  • AWS
  • Azure
  • Google Cloud
— August 23, 2018

What are the Benefits of Machine Learning in the Cloud?

A Comparison of Machine Learning Services on AWS, Azure, and Google CloudArtificial intelligence and machine learning are steadily making their way into enterprise applications in areas such as customer support, fraud detection, and business intelligence. There is every reason to beli...

Read more
  • AWS
  • Azure
  • Google Cloud
  • Machine Learning
— July 5, 2018

How Does Azure Encrypt Data?

In on-premises environments, data security is typically a siloed activity, with a company's security team telling the internal technology groups (server administration, database, networking, and so on) what needs to be protected against intrusion.This approach is absolutely a bad...

Read more
  • Azure
— June 26, 2018

Disadvantages of Cloud Computing

If you want to deliver digital services of any kind, you’ll need to compute resources including CPU, memory, storage, and network connectivity. Which resources you choose for your delivery, cloud-based or local, is up to you. But you’ll definitely want to do your homework first.Cloud ...

Read more
  • AWS
  • Azure
  • Cloud Computing
  • Google Cloud
Albert Qian
— June 19, 2018

Preparing for the Microsoft Azure 70-535 Exam

The credibility of Microsoft Azure continues to grow in the first quarter of 2018 with an increasing number of enterprises migrating their workloads, resulting in a jump for Azure from 10% to 13% in market share. Most organizations will find that simply “lifting and shifting” applicatio...

Read more
  • Azure
  • Compute
  • Database
  • Security
— April 12, 2018

Azure Migration Strategy: A Checklist to Get Started

By now, you’ve heard it many times and from many sources: cloud technology is the future of IT. If your organization isn’t already running critical workloads on a cloud platform (and, if your career isn’t cloud-focused), you’re running the very real risk of being overtaken by nimbler co...

Read more
  • Azure
— March 2, 2018

Three Must-Use Azure Security Services

Keeping your cloud environment safe continues to be the top priority for the enterprise, followed by spending, according to RightScale’s 2018 State of the Cloud report.The safety of your cloud environment—and the data and applications that your business runs on—depends on how well you...

Read more
  • Azure
  • Security
— February 15, 2018

Is Multi-Cloud a Solution for High Availability?

With the average cost of downtime estimated at $8,850 per minute, businesses can’t afford to risk system failure. Full access to services and data anytime, anywhere is one of the main benefits of cloud computing.By design, many of the core services with the public cloud and its underl...

Read more
  • AWS
  • Azure
  • Cloud Adoption
  • Google Cloud