FlagThis

Abstract

This talk explores the fundamental principles of encryption—confidentiality, integrity, and authentication—using the classic Alice and Bob metaphor. The presenters bridge these cryptographic concepts to Kubernetes, comparing node-to-node encryption (such as WireGuard and IPsec) with pod-to-pod mutual TLS (mTLS) implemented via service meshes like Istio. By examining the limitations of IP-based identity and the importance of cryptographically verified SPIFFE identities, the session demonstrates how to build a robust, unbreakable chain of trust for containerized workloads.