-
Notifications
You must be signed in to change notification settings - Fork 258
docs(km): add docs on cryptographic details #4940
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from 1 commit
Commits
Show all changes
7 commits
Select commit
Hold shift + click to select a range
4bd3790
docs(km): add docs on cryptographic details
enzzc 61eb5f7
docs(review): review neda
nerda-codes c8fa359
Update cryptographic-details-key-manager.mdx
nerda-codes 20d2522
Update pages/key-manager/reference-content/cryptographic-details-key-…
nerda-codes f570f9a
Update pages/key-manager/reference-content/cryptographic-details-key-…
nerda-codes a95ad5a
Merge branch 'scaleway:main' into main
enzzc 673bde5
Apply suggestions from code review
nerda-codes File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
66 changes: 66 additions & 0 deletions
66
pages/key-manager/reference-content/cryptographic-details-key-manager.mdx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,66 @@ | ||
| --- | ||
| meta: | ||
| title: Cryptographic details of Scaleway Key Manager | ||
| description: This document details the cryptographic mechanisms of Scaleway Key Manager with adherence to ANSSI-PA-079 recommendations | ||
| content: | ||
| h1: Cryptographic details of Scaleway Key Manager | ||
| paragraph: This document details the cryptographic mechanisms of Scaleway Key Manager with adherence to ANSSI-PA-079 recommendations | ||
| tags: key-manager security | ||
| dates: | ||
| validation: 2025-04-30 | ||
| posted: 2025-04-30 | ||
| --- | ||
|
|
||
| ## Cryptographic primitives | ||
|
|
||
| ### Random number generation | ||
|
|
||
| #### Generating KEKs | ||
|
|
||
| Scaleway Key Manager uses a **Cryptographically Secure Pseudorandom Number Generator (CSPRNG)** | ||
| to generate both keying material for managed keys and cryptographic unique IVs. | ||
|
|
||
| The CSPRNG relies on recent Linux provided ChaCha-based PRNG, which is seeded with high-entropy and unpredictable sources: | ||
| - Timing variations from hardware events | ||
| - True Random Number Generators (TRNGs), such as the `RDSEED`/`RDRAND` instructions on AMD64 family processors | ||
|
|
||
| <Message type="note"> | ||
| Conforms to ANSSI-PA-079 R14. | ||
| </Message> | ||
|
|
||
| <Message type="warning"> | ||
| That section does not apply to key imported by users via the Bring Your Own Key (BYOK) mechanism. | ||
| </Message> | ||
|
|
||
|
|
||
| #### Customer-provided KEKs (BYOK) | ||
|
|
||
| Scaleway's Key Manager supports Bring Your Own Key (BYOK), so customer can import their | ||
| own key material without relying on Scaleway to generate keys for them. In this case, | ||
| the user has the responsibility to provide a strong key material. | ||
|
|
||
| The provided material is not used as is. It is derived using the **HKDF algorithm with SHA2-256** | ||
| as the hash algorithm, with secure random bytes injected as salt. | ||
|
|
||
| ### Symmetric encryption | ||
|
|
||
| Scaleway Key Manager uses **AES-256-GCM** (AES with 256-bit key in Galois Counter Mode) with | ||
| authenticated associated data (AEAD) to encrypt and decrypt user-provided payload. | ||
|
|
||
| To reduce the risk of key overuse, plaintext payloads cannot exceed 64 KiB. | ||
|
|
||
| For each encryption operation, a 96-bit Initialization Vector (IV) | ||
| is generated using the CSPRNG described in the previous section. | ||
|
|
||
| <Message type="note"> | ||
| Conforms to ANSSI-PA-079 R1, R4, R12. | ||
| </Message> | ||
|
|
||
| <Message type="warning"> | ||
| The Key Manager uses AES-256-GCM algorithm internally, but this does not constrain users to the same algorithm for their DEKs. | ||
| We recommend using cryptographic libraries like Tink, which handle DEK management with robust and reviewed algorithms. | ||
| Scaleway provides a Tink integrations for Go and Python, which is the preferred integration method. | ||
| - [Tink Python integration](https://github.com/scaleway/tink-py-scwkms) | ||
| - [Ting Go integration](https://github.com/scaleway/tink-go-scwkms) | ||
|
|
||
| </Message> | ||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.