AWS encryption SDK for .net

Question

Hi Team,
I am working on a POC using AWS Encryption SDK(.net). Please find the use  case below -

We are creating an api which will get a code from users(internet). This code needs to be encrypted using public keys provided by us. We will decrypt the Code - then returns a value (which will be encrypted using customers public keys) and customer decrypts the value with their private keys.

Can someone help me to create the poc (We are able to perform encryption and decryption using our on keys - but not sure how to use the public keys for encyption)

Regards,
Nidheesh

Answer

Unfortunately [AWS Encryption SDK (ESDK)](https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/introduction.html) only supports symmetric encryption use case today. You would need to interact with KMS API directly (e.g., Sign/Verify API) after creating asymmetric key. Another option you can look into is using ESDK to encrypt the data then use [HMAC](https://aws.amazon.com/blogs/security/how-to-protect-hmacs-inside-aws-kms/) for signing/verifying. However, without knowing your architecture and use case, difficult to say whether it will work for you.

Answer

Thank you for the response - below is the use case - 
First organization(A) will create an Asymmetric  Key in AWS KMS. A will share the public key from KMS to Organization B. B will use the public key provided by A and Encrypt the input and Send that to A. 
A then use AWS KMS Private keys (Encryption SDK) and decrypts the encrypted input.

Regards,
Nidheesh

AWS encryption SDK for .net

相關內容