Project Metamorphosis: Unveiling the next-gen event streaming platformLearn More

End-to-End Encryption with Confluent Cloud

Download the White Paper

When an enterprise subscribes to Confluent Cloud™ services, their data is encrypted in motion and at rest. This document outlines our recommended approach to designing for “end-to-end encryption” into Kafka clients, in other words, for encryption both in motion and at rest. It is based on a symmetric encryption scheme. It is intended for engineering design teams who seek to implement end-to-end message payload encryption on the Confluent Cloud platform.



Jason Gustafson, Software Engineer, Confluent

Jason Gustafson is an engineer at Confluent and a member of the Apache Kafka PMC. He is one of the most active contributors to Kafka and has made many improvements including support for exactly-once semantics and core enhancements to the replication protocol.