Home > Mobile >  Do all 3 versions of AWS SSE use 2 keys?
Do all 3 versions of AWS SSE use 2 keys?

Time:12-14

Are all 3 versions of AWS Server Side Encryption (SSE-S3, SSE-KMS, SSE-C) considered envelope encryption? In other words all 3 use 2 keys (one key to encrypt the data and is stored with the data and another key which is used to encrypted the data key)? Looking through the AWS docs I can't seem to conclude that all 3 versions of SSE are always envelope encryption.

CodePudding user response:

No, only the first two versions of AWS SSE (SSE-S3 and SSE-KMS) use two keys. The third version, SSE-C, uses a single key.

SSE-C does not consider envelope encryption. SSE-C is a server-side encryption service offered by Amazon Web Services (AWS) that provides encryption of data stored in Amazon S3 buckets. It uses the Advanced Encryption Standard (AES) algorithm in Galois Counter Mode (GCM) to encrypt data.

  • Related