Key Management Service (KMS) supports common symmetric and asymmetric keys and ensures the security of encrypted data. This topic describes the key specifications in KMS by key type.
Key specifications supported for symmetric encryption
Symmetric encryption is commonly implemented to protect sensitive data. You can use the same key to encrypt and decrypt data. KMS keeps the key material of a symmetric key confidential to prevent the symmetric key from being used by authorized users or being stolen. This ensures the security of encrypted data.
In most cases, symmetric keys are used for data encryption. The following table describes the key specifications that are supported by different types of symmetric keys.
Key type | Key specification | Data encryption mode | Padding mode |
---|---|---|---|
Default key | Aliyun_AES_256 | GCM | N/A. |
Software-protected key | Aliyun_AES_256 | Galois/Counter Mode (GCM), electronic codebook (ECB), and cipher block chaining (CBC) |
|
Hardware-protected key |
| GCM, ECB, and CBC |
|
Aliyun_DES3_192 | ECB and CBC | The padding mode is PKCS7_PADDING or NO_PADDING. |
Note If you call the CreateKey operation to create a key but do not specify the KeySpec parameter, KMS creates a symmetric key whose key specification is Aliyun_AES_256.
Key specifications supported for asymmetric encryption
An asymmetric key consists of a public key and a private key that are cryptographically related. The public key is available for all users, while only the owner or trusted users can use the private key. The private key must be securely protected.
Note After you create an asymmetric key in KMS, you can obtain the public key in the KMS console or by calling the GetPublicKey operation. KMS ensures the security of the private key and does not support exporting the private key by calling operations.
In most cases, asymmetric key pairs are used for signing and verification or to encrypt and transmit a small amount of confidential information, such as symmetric keys. You can specify the key purpose when you create an asymmetric key.
- If the key purpose is ENCRYPT/DECRYPT, you can call the Encrypt operation to encrypt data by using the public key and call the Decrypt operation to decrypt data by using the private key.
- If the key purpose is SIGN/VERIFY, you can call the Sign operation to generate a digital signature by using the private key and call the Verify operation to verify the signature by using the public key.
Note Asymmetric encryption is computationally intensive. In most cases, asymmetric cryptographic operations are used to encrypt data in small pieces such as securely distributing symmetric keys.
The following table describes the key specifications that are supported by different types of asymmetric keys.
Key type | Key specification | Supported encryption algorithm | Supported signature algorithm |
---|---|---|---|
Software-protected key | RSA_2048 and RSA_3072 | RSAES_OAEP_SHA_256 | RSA_PSS_SHA_256 and RSA_PKCS1_SHA_256 |
EC_P256 and EC_P256K | ECIES_DH_SHA_1_XOR_HMAC | ECDSA_SHA_256 | |
Hardware-protected key | RSA_2048, RSA_3072, and RSA_4096 | RSAES_OAEP_SHA_256 | RSA_PSS_SHA_256 and RSA_PKCS1_SHA_256 |
EC_P256 and EC_P256K | ECIES_DH_SHA_1_XOR_HMAC | ECDSA_SHA_256 |
Encryption algorithm description:
- RSAES_OAEP_SHA_256: uses the Rivest-Shamir-Adleman (RSA) encryption algorithm that uses MGF1 and SHA-256 with RSAES-OAEP padding defined in PKCS #1 in RFC 3447.
- ECIES_DH_SHA_1_XOR_HMAC: follows SEC 1: Elliptic Curve Cryptography, Version 2.0, uses Elliptic-curve Diffie–Hellman (ECDH) for key agreement, uses key derivation function 2 (KDF2) with SHA-1 for key derivation, uses HMAC-SHA-1 as the Message Authentication Code (MAC) algorithm, and uses XOR for symmetric encryption.
- RSA_PSS_SHA_256: uses the SHA-256 algorithm to calculate hash values and uses MGF1 with SHA-256 to calculate signatures based on the RSASSA-PSS algorithm defined in PKCS #1 in RFC 3447.
- RSA_PKCS1_SHA_256: uses the SHA-256 algorithm to calculate hash values and calculate signatures based on the RSASSA-PKCS1-v1_5 algorithm defined in PKCS #1 in RFC 3447.
- ECDSA_SHA_256: uses the Elliptic Curve Digital Signature Algorithm (ECDSA) to calculate signatures and SHA-256 to calculate hash values.