CYBERCRYPT K1

CYBERCRYPT K1 is responsible for handling requests for key material ("Key Sets") from CYBERCRYPT D1 services. The key material is generated by a Key Provider (an HSM or KMS) and stored in encrypted form in the Key Storage. The key generation is initialized by an administrator through the K1 CLI tool. The administrator receives a Key Initialisation Key which, delivered to the D1 service, facilitates a secure Key Set retrieval.

CYBERCRYPT K1 currently supports the following Key Providers:

• Google Cloud Key Management Service
• Azure Key Vault
• AWS Key Management Service
• OASIS Key Management Interoperability Protocol (KMIP)

See the integration guide for how to set up these Key Providers.

For information on how to run and manage K1, see the Getting Started guide and the User Manual.