I'm interested in using the Google Cloud KMS for key management and encryption services. One concern is that I want to be able to decrypt encrypted data offline. Is there any way to save the decryption key for offline use, or is there some tool to do the same?
2
votes
I'd love to know more about what you are trying to accomplish with this. I may have design suggestions or maybe we can add something to Cloud KMS.
- Tim Dierks
We sell an appliance which customers may use in an isolated network (no internet). Before using the appliance, customers must have their configuration validated. We plan to run a self service portal on the internet where customers may submit their configuration (plaintext) for validation and approval. Upon approval, we'll sign the config using an encryption service. The customer will use the signed config to start using the appliance. The appliance will need to validate the signature using the corresponding decryption key. Ideally we would ship the decryption key with the appliance.
- plunder
I believe you are better served by signature validation than by encryption/decryption. Please send us an email at [email protected] for further discussion. Thanks again!
- Tim Dierks
Sorry, that's [email protected] if anyone else should want to reach out and say Hi.
- Tim Dierks
