Symmetric Key Encryption in the Cloud
We are generally moving our security into the public cloud, and thus many of our keys are stored there. In AWS, we use KMS (Key Management System) and can create either symmetric keys or asymmetric keys (public keys).
Symmetric key
With symmetric key encryotion, Bob and Alice use the same encryption key to encrypt and decrypt. In the following case, Bob and Alice share the same encryption key, and where Bob encrypts plaintext to produce ciphertext. Alice then decrypts with the same key, in order to recover the plaintext:
Normally we use AES encryption for this. Initially in KMS, we create a new key within our Customer managed keys:
and then create the key:
Next, we give it a name: