Encryption Master Key (KMS) vs Distributed Multiple Encryption Keys (KMS)
I have a problem. I'm a message relay and i want to prioritize user privacy as much as possible. Unfortunately, there is one issue. I can't design my system to implement E2EE (end-to-end encryption), because the original message is always sent to me (unencrypted), and the user always needs to receive it decrypted. My goal is to encrypt user data in the database, as well as when their message is waiting for transmission in the Celery/Redis queue. Each user should have their own AES encryption key.
Now, i have a question. Would it be a better solution to use a single Encryption Master Key stored in KMS, which encrypts randomly generated key for each user, and then store this key in the database? Or should i generate a random encryption key for each user and store it in KMS without using a Master Key? Or even a third option: encrypt these keys with a master key and store them in KMS, with the master key also stored in KMS (the master key would be stored in a separate KMS instance). Please let me know which option is the best (Which of these options has the most advantages, and which has the most disadvantages?), or if you have a better encryption solution, feel free to share it.
