Provide a way to encrypt or obfuscate blob names
My application stores a lot of files containing user data, where each blob is named after a corresponding primary-key in a relational database.
Currently my blob storage container is private and all requests for blobs are proxied through my web application.
To reduce server load I would like to expose the blobs directly, however this would mean exposing the raw blob name to end-users, which gives away the unencrypted database primary-key value.
I know I can prevent access to blobs using Shared Access Signatures however I don't need that kind of security - I just want to obfuscate blob names - such as through simple symmetric encryption.
Supposing I have a blob at
/tenants/12/users/456/photos/1563445 then it should be possible to access it using
/VW4uTy7Dtn91TMO4Li5nfi91w693w79Sw4nDvsK/ZnhDJjrDjGguayouw55mwpguZi41w7fDki7CscOsXy4= (which is a base64-encoded representation of an encrypted version of the original blob name, using a symmetric key and fixed IV).
Thank you for your feedback. This ask will be discussed amongst our team to determine if we plan to do this and when. We will provide updates when they become available. For any further questions, or to discuss your specific scenario, send us an email at email@example.com.