Feedback from PL folks and others has pointed us to offer additional assymetric key types beyond RSA as the KEK in the design. Currently we use the RSA keys in 2048 bit RSA - OAEP Padding mode. The same is used by GCP and other major cloud vendors for their assymetric encryption offering.
However, there is a growing body of concern over the viability of RSA keys in the mid to long term. Hence, we will support Elliptic curve key types as well for KEKs.
Feedback from PL folks and others has pointed us to offer additional assymetric key types beyond RSA as the KEK in the design. Currently we use the RSA keys in 2048 bit RSA - OAEP Padding mode. The same is used by GCP and other major cloud vendors for their assymetric encryption offering.
However, there is a growing body of concern over the viability of RSA keys in the mid to long term. Hence, we will support Elliptic curve key types as well for KEKs.