Which encryption method should I choose?
The table below compares encryption using Yandex.Cloud tools (CLI, API, and SDK) and other libraries (AWS Encryption SDK and Google Tink). Take a look at the table and choose the most suitable method.
| Feature | API | CLI | SDK | Google Tink | AWS Encryption SDK |
|---|---|---|---|---|---|
| Easy authentication | |||||
| Unlimited size of plaintext for encryption | |||||
| Stream encryption |
We recommend encrypting large amounts of data through the AWS Encryption SDK and Google Tink, since they use envelope encryption.
You can also implement the envelope encryption algorithm yourself using the Yandex.Cloud API or SDK based on cryptographic methods provided by KMS.
Warning
In this case, you should consider all implementation features of envelope encryption.