Skip to main content


CYBERCRYPT K1 is responsible for handling requests for key material ("Key Sets") from CYBERCRYPT D1 services. The key material is generated by a Key Provider (an HSM or KMS) and stored in encrypted form in the Key Storage. The key generation is initialized by an administrator through the K1 CLI tool. The administrator receives a Key Initialisation Key which, delivered to the D1 service, facilitates a secure Key Set retrieval.

CYBERCRYPT K1 currently supports the following Key Providers:

See the integration guide for how to set up these Key Providers.

For information on how to run and manage K1, see the Getting Started guide and the User Manual.