/plushcap/analysis/cloudflare/encrypt-waf-payloads-hpke

Encrypting your WAF Payloads with Hybrid Public Key Encryption (HPKE)

What's this blog post about?

Cloudflare has introduced encrypted Web Application Firewall (WAF) matched payload logging to provide better visibility into security events while ensuring user privacy. The feature logs only the malicious components of requests and encrypts them using a customer-provided key, preventing access by Cloudflare employees. It uses Hybrid Public Key Encryption (HPKE), an emerging standard developed in part by Cloudflare. This feature will be available to Enterprise customers in the coming months.

Company
Cloudflare

Date published
Dec. 11, 2020

Author(s)
Michael Tremante

Word count
618

Language
English

Hacker News points
3


By Matt Makai. 2021-2024.