Cryptographically secured HTTP lambda invocations

A lambda function invocation is when the caller supplies a piece of code to a function, for then to have the other function execute the code the caller supplied. In the following video, I am illustrating how you can securely transmit code over the web, to another server, for then to have the other server execute your code (securely), and return the result of the invocation back to the client. As an additional bonus, all the traffic is encrypted between both parties.

The whole idea is based upon combining two simple ideas; Cryptographic signatures guaranteeing the invocation originated from some trusted party – And sandbox execution environments, assigning rights on a “per keyword level” to some other party, as long as he can establish the code originated from him or her. As a bonus, everything is encrypted back and forth, preventing a malicious adversary to understand what the clients are communicating about. The whole thing works due to cryptographic signatures, being a lookup into “which sandbox” the client is allowed to play in. Hence, a public cryptography key is associated with elevated rights, associated with a particular client.

Read the full article at