How reliable is encryption used to encrypt Azure service packages?

Question

This question is obsolete. Starting with SDK 1.5 packages are no longer encrypted.

Turns out Azure role service packages are encrypted so that once a package is produced only Azure runtime can decrypt it.

Good, but as Bruce Schneier says,

There are two kinds of cryptography in this world: cryptography that will stop your kid sister from reading your files, and cryptography that will stop major governments from reading your files.

and I couldn't find any description on what cryptography is used in the scenario above - only brief statements that "it is there" which isn't very convincing.

How good and reliable is the cryptography used for encrypting the service packages?

Answer 1

If you find this question interesting, be sure to consider who this encryption is supposed to defend against.

Consider the following attackers:

A1) An internal Microsoft hacker
A2) Rogue internet hacker
A3) A developer in your organization who creates the cspkg files
A4) A person in your organization who does deployments

Microsoft doesn't publish enough details to evaluate A1, but you can suspect this encryption is required as defense, or defense in depth in this complex scenario.

This offers no defense against A2, as your package is stored in a storage account for which an attacker must have your storage key.

No defense is added for A3, since A3 already had access to the unencrypted cspkg bits.

You get defense from A4, although in lots of organizations there is no difference in trust levels between A3 and A4.

To get defense against A3 or A4, read my answer to How paranoid should I be about my Azure application binary files being stolen? .

Answer 2

Look in your %Program Files%\Windows Azure SDK\v1.4 directory and you will find the EncryptKey.cer. The package is encrypted using this public key (assymetric). Only the fabric controller has the private key and can decrypt. It's just standard RSA.