What Cryptography Algorithms Does DEW Use?
Key Algorithms Supported by KMS
Symmetric keys created on the KMS console use the AES algorithm. Asymmetric keys created by KMS support the RSA and ECC algorithms.
Key Type |
Algorithm Type |
Key Specifications |
Description |
Application Scenario |
---|---|---|---|---|
Symmetric key |
AES |
AES_256 |
AES symmetric key |
|
Symmetric key |
AES |
|
HMAC symmetric key |
Generates and verifies a message authentication code |
Asymmetric key |
RSA |
|
RSA asymmetric password |
|
ECC |
|
Elliptic curve recommended by NIST |
Digital signature and signature verification |
Table 2 describes the encryption and decryption algorithms supported for user-imported keys.
Algorithm |
Description |
Configuration |
---|---|---|
RSAES_OAEP_SHA_256 |
RSA algorithm that uses OAEP and has the SHA-256 hash function |
Select an algorithm based on your HSM functions. If the HSMs support the RSAES_OAEP_SHA_256 algorithm, use RSAES_OAEP_SHA_256 to encrypt key materials.
NOTICE:
The RSAES_OAEP_SHA_1 algorithm is no longer secure. Exercise caution when performing this operation. |
RSAES_OAEP_SHA_1 |
RSA algorithm that uses Optimal Asymmetric Encryption Padding (OAEP) and has the SHA-1 hash function |
Cryptographic Algorithms Supported by KPS
- The SSH key pairs created on the management console support the following cryptographic algorithms:
- SSH-ED25519
- ECDSA-SHA2-NISTP256
- ECDSA-SHA2-NISTP384
- ECDSA-SHA2-NISTP521
- SSH_RSA: The length can be 2048, 3072, and 4096 bits.
- The SSH keys imported to the KPS console support the following cryptographic algorithms:
- SSH-DSS
- SSH-ED25519
- ECDSA-SHA2-NISTP256
- ECDSA-SHA2-NISTP384
- ECDSA-SHA2-NISTP521
- SSH_RSA: The length can be 2048, 3072, 4096 bits.
Supported Cryptography Algorithms
You can use Chinese cryptographic algorithms and certain international common cryptographic algorithms to meet various user requirements.
Category |
Common Cryptographic Algorithm |
---|---|
Symmetric cryptographic algorithm |
AES |
Asymmetric cryptographic algorithm |
RSA, DSA, ECDSA, DH, and ECDH |
Digest algorithm |
SHA1, SHA256, and SHA384 |
General FAQs
- What Functions Does DEW Provide?
- What Cryptography Algorithms Does DEW Use?
- In Which Regions Are DEW Services Available?
- What Is a Quota?
- What Is the Resource Allocation Mechanism of DEW?
- What Are Regions and AZs?
- Can DEW Be Shared Across Accounts?
- How Do I Access the Functions of DEW?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbotmore