Key Types
CMKs include custom keys and default keys. This section describes how to create, view, enable, disable, schedule the deletion, and cancel the deletion of custom keys.
Custom keys can be categorized into symmetric keys and asymmetric keys.
Symmetric keys are most commonly used for data encryption protection. Asymmetric keys are used for digital signature verification or sensitive information encryption in systems where the trust relationship is not mutual. An asymmetric key consists of a public key and a private key. The public key can be sent to anyone. The private key must be securely stored and only accessible to trusted users.
An asymmetric key can be used to generate and verify a signature. To securely transfer data, a signer sends the public key to a receiver, uses the private key to sign data, and then sends the data and signature to the receiver. The receiver can use the public key to verify the signature.
|
Key Type |
Algorithm Type |
Key Specifications |
Description |
Usage |
|---|---|---|---|---|
|
Symmetric key |
AES |
AES_256 |
AES symmetric key |
Encrypts and decrypts a small amount of data or data keys. |
|
Symmetric key |
SM4 |
SM4 |
SM4 symmetric key |
Encrypts and decrypts a small amount of data or data keys. |
|
Symmetric key |
AES |
|
HMAC symmetric key |
Generates and verifies a message authentication code |
|
Symmetric key |
SM3 |
HMAC_SM3 |
SM3 symmetric key |
Generates and verifies a message authentication code |
|
Asymmetric key |
RSA |
|
RSA asymmetric password |
Encrypts and decrypts a small amount of data or creates digital signatures. |
|
ECC |
|
Elliptic curve recommended by NIST |
Digital signature |
|
|
Asymmetric key |
SM2 |
SM2 |
SM2 asymmetric key |
Encrypts and decrypts a small amount of data or creates digital signatures. |
Last Article: Key Management Service
Next Article: Creating a Key
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.