Cryptographic primitives
AWS KMS uses configurable cryptographic algorithms so that the system can quickly migrate from one approved algorithm, or mode, to another. The initial default set of cryptographic algorithms has been selected from Federal Information Processing Standard (FIPS-approved) algorithms for their security properties and performance.
Entropy and random number generation
AWS KMS key generation is performed on the AWS KMS HSMs. The HSMs implement a hybrid random
number generator that uses the NIST
SP800-90A Deterministic Random Bit Generator (DRBG) CTR_DRBG using AES-256
Symmetric key operations (encryption only)
All symmetric key encrypt commands used within HSMs use the Advanced Encryption
Standards (AES)
AES-GCM is an authenticated encryption scheme. In addition to encrypting plaintext to produce ciphertext, it computes an authentication tag over the ciphertext and any additional data for which authentication is required (additionally authenticated data, or AAD). The authentication tag helps ensure that the data is from the purported source and that the ciphertext and AAD have not been modified.
Frequently, AWS omits the inclusion of the AAD in our descriptions, especially when referring to the encryption of data keys. It is implied by surrounding text in these cases that the structure to be encrypted is partitioned between the plaintext to be encrypted and the cleartext AAD to be protected.
AWS KMS provides an option for you to import key material into an AWS KMS key instead of
relying on AWS KMS to generate the key material. This imported key material can be encrypted
using RSAES-OAEP
Asymmetric key operations (encryption, digital signing and signature verification)
AWS KMS supports the use of asymmetric key operations for both encryption and digital signature operations. Asymmetric key operations rely on a mathematically related public key and private key pair that you can use for encryption and decryption or signing and signature verification, but not both. The private key never leaves AWS KMS unencrypted. You can use the public key within AWS KMS by calling the AWS KMS API operations, or download the public key and use it outside of AWS KMS.
AWS KMS supports two types of asymmetric ciphers.
-
RSA-OAEP (for encryption) & RSA-PSS and RSA-PKCS-#1-v1_5 (for signing and verification) – Supports RSA key lengths (in bits): 2048, 3072, and 4096 for different security requirements.
-
Elliptic Curve (ECC) – Used exclusively for signing and verification. Supports ECC curves: NIST P256, P384, P521, SECP 256k1.
Key derivation functions
A key derivation function is used to derive additional keys from an initial secret or key.
AWS KMS uses a key derivation function (KDF) to derive per-call keys for every encryption under
an AWS KMS key. All KDF operations use the KDF in
counter mode
AWS KMS internal use of digital signatures
Digital signatures are also used to authenticate commands and communications between AWS KMS
entities. All service entities have an elliptic curve digital signature algorithm (ECDSA) key
pair. They perform ECDSA as defined in Use of
Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS)
Envelope encryption
A basic construction used within many cryptographic systems is envelope encryption. Envelope encryption uses two or more cryptographic keys to secure a message. Typically, one key is derived from a longer-term static key k, and another key is a per-message key, msgKey, which is generated to encrypt the message. The envelope is formed by encrypting the message: ciphertext = Encrypt(msgKey, message) . Then the message key is encrypted with the long-term static key: encKey = Encrypt(k, msgKey) . Finally, the two values (encKey, ciphertext) are packaged into a single structure, or envelope encrypted message.
The recipient, with access to k, can open the enveloped message by first decrypting the encrypted key and then decrypting the message.
AWS KMS provides the ability to manage these longer-term static keys and automate the process of envelope encryption of your data.
In addition to the encryption capabilities provided within the AWS KMS service, the AWS Encryption SDK provides client-side envelope encryption libraries. You can use these libraries to protect your data and the encryption keys that are used to encrypt that data.