Jiew Meng
Jiew Meng

Reputation: 88337

Can I use asymmetric encryption with AWS KMS?

I was wondering if I can use AWS KMS with such a use case. I want KMS to decrypt data sent over my an on-prem system (so no KMS). I was hoping that KMS can store the secret key. The on-prem system will use the public key to encrypt the data. Is this a feasible way?

From what I read so far KMS uses symmetric encryption? I can do what I want by using KMS to encrypt/decrypt my secret key, but the downside there is my app will have the secret key in plain text when using it.

Upvotes: 1

Views: 668

Answers (2)

Matus Dubrava
Matus Dubrava

Reputation: 14502

Update:

AWS KMS now supports asymmetric keys.

Original answer:

AWS KMS is for symmetric encryption only. There is no way to use KMS with asymmetric cryptography.

If you need this kind of functionality, you can use CloudHSM instead of KMS.

Upvotes: 0

nipy
nipy

Reputation: 5508

AWS KMS supports the following asymmetric key types - RSA 2048, RSA 3072, RSA 4096, ECC NIST P-256, ECC NIST P-384, ECC NIST-521, and ECC SECG P-256k1.

Upvotes: 1

Related Questions