Key Types¶
CMKs can be categorized into symmetric keys and asymmetric keys.
Symmetric keys are commonly used for data encryption. Asymmetric keys are used for digital signature verification or sensitive information encryption in systems where the trust relationship is not mutual. An asymmetric key consists of a public key and a private key. The public key can be sent to anyone. The private key must be securely stored and only accessible to trusted users.
An asymmetric key can be used to generate and verify a signature. To securely transfer data, a signer sends the public key to a receiver, uses the private key to sign data, and then sends the data and signature to the receiver. The receiver can use the public key to verify the signature.
Key Type | Algorithm Type | Key Specifications | Description | Usage |
---|---|---|---|---|
Symmetric key | AES | AES_256 | AES symmetric key | Encrypts and decrypts a small amount of data or data keys. |
Asymmetric key | RSA |
| RSA asymmetric password | Encrypts and decrypts a small amount of data or creates digital signatures. |
ECC |
| Elliptic curve recommended by NIST | Digital signature |