Cryptography as a Service Security Pattern

In this pattern, the management of cryptographic keys is delegated to the same entity that performs the cryptographic actions. Consequently, the system under design never possesses the used cryptographic keys.

Benefits and Trade-offs

Benefits:

• Limits risk of leaking cryptographic keys
• Reduces risk of incorrectly configuring and/or using a cipher
• System only handles key identifiers, not key material

Trade-offs:

• Requires greater trust in the entity providing cryptographic operations
• Dependency on external service availability

Common Implementations

Type	Examples
Cloud-based KMS	Google Cloud KMS, Amazon KMS, Azure Key Vault
Mobile Platform	Android Keystore, iOS KeyChain
Hardware	Hardware Security Modules (HSM)

Core Components

Role	Type	Responsibility
System	Entity	Wants to perform cryptographic operations
Cryptography Service	Entity	Handles cryptographic operations, key storage, and key management

Note: The Cryptography Service inherits the Cryptographer role from the parent Cryptographic Key Management pattern.

Data Elements

• keyConf: Configuration for key generation (e.g., symmetric/asymmetric, key length) - optional
• keyId: Identifier returned by the service to reference the generated key
• input: Plaintext input for cryptographic action
• output: Result of cryptographic action (e.g., ciphertext, signature)
• config: Configuration for the cryptographic operation (e.g., cipher mode) - optional
• masterKey: Credential used to authenticate the System to the Cryptography Service

Actions

• generate_key: Generate new cryptographic key according to configuration
• crypto_action: Perform cryptographic operation using the identified key

Pattern Flow

Key Generation

System → [generate_key(keyConf)] → Cryptography Service
Cryptography Service → [keyId] → System

The System requests key generation with optional configuration. The Cryptography Service generates the key internally and returns only an identifier (not the key material) for future operations.

Cryptographic Action

System → [crypto_action(input, keyId, config)] → Cryptography Service
Cryptography Service → [output] → System

To use a previously generated key, the System provides the keyId received during generation. The key material never leaves the Cryptography Service.

Key Difference from Self-Managed Cryptography

Aspect	Cryptography as a Service	Self-Managed Cryptography
Key possession	System holds only key identifiers	System holds actual key material
Key storage	Managed by service	Managed by application
Key exposure risk	Lower (keys never exposed)	Higher (keys in application memory)
Trust requirement	Trust the service provider	Trust your own implementation

Security Considerations

The Cryptography Service as Uncontrolled Entity

The Cryptography Service should be considered an uncontrolled entity, requiring additional measures to secure interactions.

Cloud-based Services (Google Cloud KMS, Amazon KMS)

When using cloud-based cryptographic services:

• All interactions travel via the public Internet
• Confidentiality and integrity of exchanged messages must be ensured
• Authentication is critical—verify you're interacting with the actual service, not an attacker spoofing it
• Use TLS/HTTPS for all communications
• Implement proper service authentication (API keys, certificates, IAM)

Mobile Platform Services (Android Keystore, iOS KeyChain)

When using platform-provided services:

• Service is a local entity provided by the underlying platform
• Communication channel is typically more controlled
• Still verify platform-specific security guarantees
• Consider device compromise scenarios

Communication Channel Security

As the Cryptography Service is an uncontrolled entity, at least part of the communication channel will also be uncontrolled.

Required protections:

• Confidentiality of requests (especially for encryption/decryption operations)
• Integrity of requests and responses
• Authentication of the service endpoint

Master Key Handling

The master key is used as a credential to authenticate the System to the Cryptography Service.

Critical: The master key should be treated as a credential:

• Store securely (environment variables, secrets manager)
• Never hardcode in source code
• Rotate periodically
• Limit access to minimal required principals

Key Identifier (keyId) Protection

While keyId is not the key material itself:

• Protect against unauthorized tampering during storage
• An attacker who can modify keyId might redirect operations to a different key
• Consider encrypting or signing stored key identifiers

Implementation Checklist

• [ ] Selected appropriate Cryptography Service for your use case
• [ ] Reviewed service documentation for security guarantees
• [ ] Secured communication channel (TLS, certificate validation)
• [ ] Master key stored and managed as a credential
• [ ] Key identifiers protected from tampering
• [ ] Service authentication properly configured
• [ ] Considered service availability and failure modes
• [ ] Implemented proper error handling for service failures
• [ ] Documented which keys are used for which purposes

Service Selection Considerations

Consideration	Cloud KMS	Platform Keystore	HSM
Network dependency	Required	No	Varies
Audit logging	Built-in	Limited	Built-in
Regulatory compliance	Varies by provider	Platform-dependent	Often required
Key ceremony	Managed	N/A	Often required
Multi-cloud support	Provider-specific	Platform-specific	Usually portable

Consult Service Documentation

Always consult the documentation of candidate Cryptography Service(s) to assess:

• Security guarantees for interactions between your system and the service
• Key protection mechanisms (hardware backing, encryption at rest)
• Audit and compliance capabilities
• Service Level Agreements (SLAs)
• Key backup and disaster recovery procedures

Related Patterns

• Cryptographic Key Management (parent pattern)
• Self-Managed Cryptography (alternative implementation)
• Cryptographic Action (uses keys managed by this pattern)
• Encryption (specific cryptographic action)
• Digital Signature (specific cryptographic action)

References

• Source: https://securitypatterns.distrinet-research.be/patterns/99_02_002__crypto_as_a_service/
• E. Barker, 'Recommendation for Key Management: Part 1 – General', NIST SP 800-57 Part 1, May 2020
• Google Cloud KMS Documentation: https://cloud.google.com/kms/docs
• AWS KMS Documentation: https://docs.aws.amazon.com/kms/
• Android Keystore System: https://developer.android.com/training/articles/keystore
• iOS Keychain Services: https://developer.apple.com/documentation/security/keychain_services