Skip to content

Why use the Cosmian KMS

The Cosmian KMS is a high-performance, open-source, FIPS 140-3 compliant server application written in Rust that presents some unique features, such as:

The Cosmian KMS is a Key Management System, an Encryption Oracle and a Public Key Infrastructure.

  • As a key management system, it is designed to manage the lifecycle of keys and provide services such as on-the-fly key generation and revocation, including in connected HSMs.
  • As en encryption oracle, it provides high-availability, high-scalability, encryption, and decryption operations. This is the Cosmian KMS strong point, offering millions of operations in seconds while providing high security for keys when backed by an HSM.
  • As a PKI it can manage root and intermediate certificates, sign and verify certificates, use their public keys to encrypt and decrypt data. Certificates can be exported under various formats including PKCS#12 modern and legacy flavor, to be used in various applications, such as in S/MIME encrypted emails.

The Cosmian KMS supports all the standard NIST cryptographic algorithms as well as advanced post-quantum cryptography algorithms such as Covercrypt. Please refer to the list of supported algorithms.

Easy to deploy

The Cosmian KMS is packaged as:

Client CLI

The Cosmian KMS has an easy-to-use client command line interface built for many operating systems. The Cosmian CLI can manage the server, and the keys and perform operations such as encryption or decryption.

The Cosmian CLI is packaged as:

  • Debian or RPM package
  • Pre-built binaries for multiple operating systems (Linux, Windows, MacOS)

Note: ckms has been replaced by Cosmian CLI to manage other Cosmian products.

© Copyright 2018-2024 Cosmian. All rights reserved.