Can someone help me understand this recommendation:

Under symmetric encryption, the authors write:

> If you are in a position to use a key management system (KMS), then you should use KMS. If you are not in a position to use KMS, then you should use authenticated encryption with associated data (AEAD).

These seem orthogonal to me. KMS := how keys are generated and distributed to communication partners. AEAD := how data is encrypted between communication partners using those keys.

How can it be “use a KMS if you can _or else_ use AEAD”? Shouldn’t it be “and”? What am I missing?

I think this was copied from Latacora’s cryptographic right answers without some of the necessary context. It’s specifically talking about the KMS offerings from AWS/Google Cloud, which provide trusted hardware implementations of not just key management, but also symmetric/asymmetric encryption, HMAC, etc. All the symmetric constructions provided by these platforms are AEADs, so the point is, if you’re using AWS’s KMS, don’t think about it, just use the default. Which is fairly sensible advice.

It also goes on to say not to use Amazon or Google in the last section.

Fortunately there are good FOSS KMSes out there. I like Cloudflare's Red October: https://github.com/cloudflare/redoctober