Azure Key Encryption

Secure Key Management backed by Azure Key Vault

With Kaleido’s Azure Key Encryption you can enhance security with a master encryption key stored in your Azure Key Vault.
What it is

Azure Key Encryption, Simplified

Enhance Kaleido’s built-in protection of your private key materials with a master encryption key stored in your Azure Key Vault Service.

Increase Security and Meet Compliance Standards

Microsoft processes your keys as FIPS 140-2 Level 2 validated so you can rest assured your data is secured to the highest levels.

Key Management at Your Fingertips

Because Azure supports the ethereum cryptography SECP256k1 curve, Kaleido is able to offload transactions signed to the Azure Key Vault so you can back a Kaleido Managed Wallet by keys —and your keys never have to leave your Azure Key Vault so you retain full control. When the need arises, you can revoke access to Kaleido Managed Wallet at any time.

Create and Import Encryption Keys with Ease

Provision new vaults or import existing keys in minutes all within a centralized place. You can encrypt authentication keys, storage account keys, data encryption keys, passwords and more.

How it Works

Azure Key Vault provides hardware security modules (HSM) that are maintained in the Azure Cloud. This allows clients total control of their cryptographic materials in hardware and firmware without being exposed to any operators including Microsoft. Using an HSM based keys management provides the highest level of security.

Kaleido CloudHSM service supports using keys maintained by Azure Key Vault to sign transactions. The Kaleido service communicates with Azure Key Vault via HTTP over TLS to discover the list of signing accounts and sending it payload to sign. During the entire process the signing keys stay safe inside the customer's Azure Key Vault instance and are never shared with Kaleido.

Create a Key Vault in Azure

Create one or more keys in the vault that can be used to sign Ethereum transactions

Create and configure a Kaleido CloudHSM signer service which has the ability to interact with the Key Vault in Azure to sign and send transactions to an Ethereum node in the Kaleido environment.

Create & Configure Key Vault in Azure

Azure Key Vault is backed by FIPS 140-2 Level 2 certified HSMs keeping your keys secure. The first step is to provision a Key Vault in Azure and generate secp256k1 keys suitable for signing Ethereum transactions.

Why Kaleido

Everything You Need to Build Enterprise-Grade Blockchain and Digital Asset Solutions on Microsoft Azure

Kaleido's blockchain platform makes it radically simple for businesses to create complete web3 networks and applications. With just a few clicks, you can launch a blockchain network, deploy it globally, set up governance, and start plugging in familiar services.

Quickly Launch Blockchain

Launch blockchain networks in minutes
Choose from leading protocols
Select permissioned chains, appchains,  sidechains, or consortium chains
Deploy on AWS, Azure or on-prem
Stand up nodes worldwide in regions of your choice

Simplify Development to Get to
Production Fast

Access 40+ plug-and-play services for wallets, key management, storage, data, and more
Automate management and deployment with our fully API-enabled platform
Turn any smart contract into familiar APIs with our smart contract API generator
Make digital assets, NFTs, and consortia easy with our dedicated solutions
Mint, manage, and burn tokens at scale with robust tooling

All Backed by Enterprise-Grade Infrastructure and Support

Modern cloud scale architecture
Built-in high availability and disaster recovery
ISO 27k and SOC 2 Type 2 compliant
Integrate seamlessly with existing internal systems
Open source tech and no vendor lockin
24x7 support and SLAs
Additional Resources
Learn More About Azure Key Encryption

Ready to Get Started with Azure Key Encryption?

No Credit Card Required
ISO27K & SOC2 Type 2 Compliant
Free Training & Support