Skip to main content

Microsoft Adding Elliptic Curve Cryptography Support to Azure Websites

You never have enough of securing your machines, have you? As a developer, you are probably continuously striving the good balance between functionality and security of your platform. As a Cloud Developer, possibly on a well-known PaaS platform, you are relieved of most of the encumbrance, which is off-loaded to your provider, but still will need to deploy strategies to ensure that your app is as safe as possible for both you and your users. Well, nowadays we have plenty of resources to defend our website, especially on the cryptography side. Well, probably it’s not the right time to celebrate OpenSSL, the most common and used encryption layer around, but apart from bugs who might cause your heart to bleed (pun intended), the modern asymmetric cryptography technologies are quite robust and well-known, and upon them relies the vast majority of security of the Internet nowadays.

Nevertheless, cryptographers keep looking for ways to make things even more secure, and somehow new technology is slowly making its way to the tier-1 set of security algorithms: the Elliptic Curve Cryptography. Today’s news is: Microsoft added ECC to Azure Web Sites.

Wait, elliptic…what?

ECC is not the latest acronym in the computer world: mind immediately goes to Error Correcting Code RAM memory. When speaking about cryptography, though, ECC is an “approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields“, Wikipedia says. Quite easy, right?
Elliptic Curve

Let’s take it one bite a time. Mathematically speaking, Elliptic curves are based on equations like “y^2 = x^3 + ax + b”. Once drawn, they produce graphs like this one on the left here. As you might see, the curve has a peculiar elliptic shape and is symmetric. A long and deep (and boring, probably) analysis of the mathematical properties of this kind of curves should be here, but long story short: elliptic curves have a number of interesting features that we can use to derive public keys from private ones very easily, while the other way round is extremely more complex, by at least one order of magnitude. For example, a reasonably strong 3072 bit RSA key is equivalent to a small 256 bit ECC key. Quite impressive, I’d daresay.

ECC in Azure Web Sites

To unleash all the computational efficiency of ECC cryptography in Azure Web Sites is quite easy thanks to the new feature Microsoft added. The starting point is buying an ECC certificate instead of an ordinary SSL one. ECC is quite a new technology out there, so you might find a little bit difficult to provide one for yourself. Right now, Symantec and Entrust sell them, but you can expect more companies will join the band soon. Once you have it, enough you upload it to Azure as a PFX file, just like for your usual RSA certificate, and assign it to your site, and you’re done. Azure will take care of everything it’s needed in the background to make it up and running. Anyway, caution ahead: ECC is not yet supported by all the clients around. The most recent ones support this new toy in a good way but ensure to provide a backup for the older ones, just in case.

Avatar

Written by

Andrea Colangelo

Software Engineer with a solid focus on QA and an extensive experience in ICT. Above all, Andrea has a very strong interest in Free and Open Source Software, and he is a Debian and Ubuntu Developer since years. Non-tech interests include: Rugby, Jazz music and Cooking.

Related Posts

Avatar
Guy Hummel
— June 6, 2019

How to Become a Microsoft Certified Azure Administrator

Microsoft Azure is one of the hottest cloud services on the planet, and it’s growing at a phenomenal rate. This rapid growth has created a huge demand for people who know how to administer and manage Azure implementations.To make it easier for employers to verify the skills of Azure...

Read more
  • Azure
  • exam
Avatar
Guy Hummel
— May 20, 2019

Preparing for the Microsoft AZ-900 Exam

Microsoft has offered Azure certification exams for years, but until recently, they were all meant for technical IT professionals. Now non-technical professionals, such as salespeople and managers, can take the new AZ-900 exam to prove their understanding of Azure fundamentals. People w...

Read more
  • Azure
Avatar
Thomas Mitchell
— May 16, 2019

An Overview of Azure Storage (Part 2)

Archive StorageArchive Storage offers the lowest storage costs of all Azure storage. Its retrieval costs, however, are higher when compared to Hot and Cool storage. The archive tier of storage is designed for data that can tolerate several hours of latency when being retrieved. It’s a...

Read more
  • Azure
  • Storage
Avatar
Thomas Mitchell
— May 14, 2019

An Overview of Azure Storage (Part 1)

Welcome to part one of our series on Azure Storage. Stay tuned for the second part. An Overview of Azure StorageMicrosoft Azure Storage is a cloud-based storage offering that provides multiple storage solutions for organizations. In addition to a massively scalable object store for ...

Read more
  • Azure
  • Storage
Avatar
Giacomo Marinangeli
— March 29, 2019

NEW: Custom Hands-On Labs for Azure and Google Cloud Platform

Harvard Business Review recently estimated that some 90% of corporate training never gets applied on the job. Given the $200B training industry, that is a staggering amount of waste. One reason for the disconnect? Lack of context.Cloud Academy’s platform was built to make it extraor...

Read more
  • Azure
  • Content Engine
  • Google Cloud Platform
  • Hands-on Labs
Avatar
Guy Hummel
— March 28, 2019

How to Become a Microsoft Certified Azure Solutions Architect

Microsoft Azure is the fastest growing cloud provider. Azure’s revenue grew an incredible 76% in the last quarter of 2018. As more and more businesses move their IT infrastructure to Microsoft’s cloud platform, the demand for Azure professionals keeps rising. Since there are relatively ...

Read more
  • Azure
Avatar
Nitheesh Poojary
— March 20, 2019

What is Heroku? Getting Started with PaaS Development

So just what is Heroku? It's a service for developers eager to get their applications online without having to worry about infrastructure details.Metered, pay-as-you-go Cloud Computing services come in all kinds of flavors. Infrastructure as a Service (IaaS) offerings like AWS allow e...

Read more
  • Azure
  • Development & Deploy
Avatar
Nitheesh Poojary
— March 12, 2019

Understanding Object Storage and Block Storage Use Cases

Cloud Computing, like any computing, is a combination of CPU, memory, networking, and storage. Infrastructure as a Service (IaaS) platforms allow you to store your data in either Block Storage or Object Storage formats.Understanding the differences between these two formats - and how ...

Read more
  • Azure
  • Storage
Avatar
Thomas Mitchell
— January 29, 2019

What are Azure Blueprints?

What are Azure Blueprints?Blueprints, in the traditional sense, are used by architects and engineers to design and build new things.  They are used to ensure that the final products are built to specifications and in compliance with certain standards and requirements.Azure Bluepri...

Read more
  • Azure
  • Blueprints
Avatar
Thomas Mitchell
— January 22, 2019

Azure Hybrid Identity Authentication Methods

The move to the cloud is picking up steam.  As such, many corporations are beginning to find themselves supporting a mixture of on-prem apps as well as cloud apps. Users are finding that they need access to this mix of applications as well.  As one would expect, this can become a challe...

Read more
  • Azure
  • Hybrid Cloud
  • Hybrid Identity
Avatar
Andrew Larkin
— January 15, 2019

2018 Was a Big Year for Content at Cloud Academy

As Head of Content at Cloud Academy I work closely with our customers and my domain leads to prioritize quarterly content plans that will achieve the best outcomes for our customers.We started 2018 with two content objectives: To show customer teams how to use Cloud Services to solv...

Read more
  • AWS
  • Azure
  • Cloud Computing
  • Google Cloud Platform
Avatar
Dwayne Monroe
— December 17, 2018

Azure Internet of Things (Azure IoT) – An Introduction

IoT, or the ‘Internet of Things’, is an intriguing and rapidly growing technology that's bringing significant change to important elements of modern life. According to Gartner, IoT security spending alone is set to reach $1.5 billion during 2018.Like many newly minted terms, the def...

Read more
  • Azure
  • IoT