Reputation: 88337
Can I use asymmetric encryption with AWS KMS?
I was wondering if I can use AWS KMS with such a use case. I want KMS to decrypt data sent over my an on-prem system (so no KMS). I was hoping that KMS can store the secret key. The on-prem system will use the public key to encrypt the data. Is this a feasible way?
From what I read so far KMS uses symmetric encryption? I can do what I want by using KMS to encrypt/decrypt my secret key, but the downside there is my app will have the secret key in plain text when using it.
Upvotes: 1
Views: 668
Answers (2)
Reputation: 14502
Update:
AWS KMS now supports asymmetric keys.
Original answer:
AWS KMS is for symmetric encryption only. There is no way to use KMS with asymmetric cryptography.
If you need this kind of functionality, you can use CloudHSM instead of KMS.
Upvotes: 0
Related Questions
- Is PGP encryption supported in AWS KMS?
- AWS KMS Multi region
- Encrypt with a AWS KMS Public Key without using an AWS SDK or CLI tool
- Isn't the key used in KMS in data encryption in AWS RDS accessible to Amazon?
- Does AWS KMS use envelope encryption?
- Asymmetric keys in AWS KMS
- AWS Encryption SDK Encrypt/Decrypt with Data Key
- How to use AWS KMS Encryption in the node js SDK
- Can I use AWS KMS encryption for client side encryption in Android?
- AWS iOS SDK with KMS