Reputation: 523
I'm new to encryption, so my question might seem basic. Despite reading multiple articles, I'm still unsure if I fully understand.
I have an S3 bucket, bucket_a, which will be used by different AWS accounts to upload data. The frequency of file uploads can be as frequent as every 5 minutes, and the size of each file can vary from 1KB to 100MB. I want to ensure that the data uploaded to bucket_a is encrypted in transit with KMS for an added layer of security over TLS.
I attempted to encrypt the bucket with asymmetric KMS and provide the public key to clients for data uploads. However, encrypting larger data with the public key is failing.
Another approach I read about is hybrid encryption, where data is sent using a symmetric key and the symmetric key is encrypted with the public key. My confusion with this approach is:
Can someone help answer these questions or guide me to resources that can help me understand this better?
Upvotes: 0
Views: 36