Our Blogs

Google cloud based encryption key management service launched

January 19, 2017
Google, the search engine giant has introduced a new cloud-based encryption key management service. It enables developers to create, rotate, use and destroy symmetric encryption keys very effectively. 

The new cloud-centric service is integrated with the Cloud Identity Access Management and Cloud Audit Logging developed by the company. However, the relevant keys will be able to manage using key management service separately.

With the help of the Google Key Management Service, you will be able to easily manage cloud-based keys. Moreover, you can encrypt and decrypt data through the relevant API. It also allows you to rotate keys either manually or via a schedule.

When you rotate keys, old keys will remain active for decryption. However, only one primary key will be employed for the purpose of encrypting new data. In a statement released by Google, the newly developed Cloud KMS will be capable of handling millions of encryption keys. It provides low latency access to keys.

Google Cloud KMS make effective use of AES256 keys supplied by BoringSSL library developed by Google and available as open source. Furthermore, Google refreshed the algorithm works in Galois/Counter Mode. The main purpose of this mode is to provide authenticated encryption at high data rates due to the integration of pipelines.