Certified Security - Specialty

Sign Up Free or Log In to participate!

Different CiphertextBlob for user who was Granted CMK usage

In the KMS Grants lesson, the CiphertextBlob generated when the admin user encrypted the string "hello" was different from the CiphertextBlob generated when the user "Dave" encrypted the same string. Since the cleartext string and the key were the same, shouldn’t the cyphertext also be the same?

Do KMS grants use data keys?

1 Answers

KMS uses two-tiered key hierarchy using envelope encryption, creates a unique data key to encrypt customer data.



That page states the following: "To use or manage your CMK, you access them through AWS KMS. This strategy differs from data keys. AWS KMS does not store, manage, or track your data keys. You must use them outside of AWS KMS." I understand that S3 (for example) would need to have a mechanism for handling the data keys. In this example, we are invoking KMS directly, via the command line. In this case, where would such a data key be kept, if KMS does not manage it? According to "KMS Best Practices" page 8, KMS can directly encrypt data blocks up to 4KB in size. I thought that’s what the CLI was doing, but the differing cyphertext values tell me that is not the case. So I am wondering where the data keys are, if KMS does not store them. Or am I mis-reading the docs?

Maks Khomutskyi

Envelope encryption. When you encrypt a data key, you don’t have to worry about storing the encrypted data key, because the data key is inherently protected by encryption. You can safely store the encrypted data key alongside the encrypted data.

Amol Dabholkar

It seems from the CLI commands that they are directly using the CMK to do the encryption. If they needed to do a Data-key based encryption they would need to –generate-data-key ( https://docs.aws.amazon.com/cli/latest/reference/kms/generate-data-key.html). That would give them back a clear new data key which could be used for local encryption on the client. I am guessing the encryption output is different is because a random padding and IV (initialization vector) is used for the plaintext for every encryption, and that creates a different ciphertext string. However when you decrypt and strip off the padding you would get the same plaintext

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?