How to Store microsoft SEAL Keys(LWE keys) in Azure Vault?

vinoth.sivakumar 0 Reputation points
2023-04-03T16:21:36.3133333+00:00

Im doing POC on Microsoft SEAL for E2EE in my applications, and I would like to know about the key creation, management and rotation process.

Is Azure Vault support storing LWE keys(Crystal Kyber)?

How does an automated rotation of Keys without decrypting the data?

Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,150 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Shweta Mathur 28,191 Reputation points Microsoft Employee
    2023-04-04T10:00:48.57+00:00

    Hi @vinoth.sivakumar , Thanks for reaching out.

    Azure Key Vault allows you to store any arbitrary string as secrets. SEAL Keys (LWE) are like binary blobs, you can easily convert them into Base64 and store them there. You can use the az keyvault key rotate command-line utility to automate the rotation of a key in Azure Key Vault Managed HSM. When you rotate a key, a new key version is generated with new key material. You can use the versionless key URI to automatically refresh to the latest version of the key. This way, you can avoid disruption to your services and avoid decrypting the data.

    You can refer this to automate rotation of keys - https://learn.microsoft.com/en-us/azure/key-vault/keys/how-to-configure-key-rotation

    Hope this will help.

    Thanks,

    Shweta

    Please remember to "Accept Answer" if answer helped you.

    0 comments No comments