2
votes

I have uploaded a key into AWS Key Management Service. Using it I can encrypt things, and then decrypt them using the service.

However, I would like to have the reassurance I can decrypt the Ciphertext blob using the key I placed into the KMS (to prove that it is my key), and for backup purposes (should KMS fail).

I can't find the format and method of encyption that KMS uses.

Can anyone provide example (openssl / python etc).

1
Thanks - this actually may be a better way to achieve in practice what I want - encrypt the key twice, once using AWS and once using a public key that is on the server; however, it still doesn't explain how the encryption KWS transforms the random string + Customer Key I provided into the CipherText blob (or how to reverse it) without using their service.Matthew Shun-Shin

1 Answers

0
votes

The only information I found about KMS ciphertext blob is in this document. Starting at the bottom of page 23 it says:

Whenever an element is encrypted under a CMK the resulting object is a customer ciphertext. The ciphertext will contain two sections: an unencrypted header (or cleartext) portion, protected by the authenticated encryption scheme as the additional authenticated data, and an encrypted portion. The cleartext portion will include the HSA backing key identifier (HBKID).

I could not find any more format specifics, not even:

  • Which part of the ciphertext blob is the encrypted portion?
  • What initialization vector (IV) was used?
  • Was there a key derivation function (KDF) used?

However, if you want to backup in case KMS fails, when using envelope encryption, it is enough to backup the data key only. In the end, this is the only key that is needed to decrypt the data. Of course storing such key backup has to be done with equal care as you would store the imported key material.