1

Could anyone explain why the bolded part of the wrap key description?

Wraps a symmetric key using a specified key. The WRAP operation supports encryption of a symmetric key using a key encryption key that has previously been stored in an Azure Key Vault. The WRAP operation is only strictly necessary for symmetric keys stored in Azure Key Vault since protection with an asymmetric key can be performed using the public portion of the key. This operation is supported for asymmetric keys as a convenience for callers that have a key-reference but do not have access to the public key material. This operation requires the keys/wrapKey permission.

AFAIK, all the keys in Azure Key Vault are stored at rest in HSM modules. Why is key wrapping necessary for symmetric keys? What does 'protection' mean in this case? Using a public key to encrypt data?

If HSM are securing all the keys in Key Vault (using its built-in symmetric key), then why would encrypting a symmetric key be necessary as quoted?

user4205580
  • 113
  • 5

1 Answers1

2

Key wrapping is a class of algorithms meant specifically to encrypt symmetric keys.

The reason for the wrapping is not the security of the vault itself but rather the security of the key once it leaves the vault.

The way wrapping is typically used is:

  1. client A requests WK = wrap(K)
  2. client A sends WK to client B
  3. once needed (immediately, or in the distant future), client B asks vault for K = unwrap(WK) and uses K.

This short example shows some of the benefits of wrapping a key:

  • protect the key while in transit (sending from A to B) or in storage (stored by B)
  • assign permissions to unwrap the key (client B must have permissions to unwrap the key)
  • set a lifetime on the wrapped key (some vaults allow lifetimes on a wrapped object, or the key that encrypted it)

All of the above assume that the client will only store the wrapped key and not the result of unwrapping. If client B decides to store K itself, we're back to using a plain unwrapped key.

Marc
  • 4,091
  • 1
  • 17
  • 23
  • Essentially this means client B will anyway at some point have the symmetric key K in plain text, but wrapping is all about limiting the time client B has it in plain form only to when it's needed for encrypting/decrypting or whatever other operation is to be performed? – user4205580 Jul 08 '20 at 06:19
  • Correct. Client B can still screw up after unwrapping the key (not much we can do to prevent that, it does need the raw key after all), but at least any use of the wrapped key will be safe. There may also be intermediates (third-party C, or storage system S) between A and B. Using a wrapped key means those don't have to be trusted. – Marc Jul 08 '20 at 06:25