diff --git a/SecureStorgageSample/SecureStorgageSampleApp.swift b/SecureStorgageSample/SecureStorgageSampleApp.swift
index 3f3fcdc..6077ed6 100644
--- a/SecureStorgageSample/SecureStorgageSampleApp.swift
+++ b/SecureStorgageSample/SecureStorgageSampleApp.swift
@@ -13,7 +13,7 @@ struct SecureStorgageSampleApp: App {
     init() {
         _ = WatchConnectivityService.shared
         Task {
-            await EncryptionHelper.shared.registerKeyMaterialProvider(
+            await StorageRouter.shared.registerKeyMaterialProvider(
                 ExternalKeyMaterialProvider(),
                 for: SampleKeyMaterialSources.external
             )
diff --git a/SecureStorgageSample/Services/ExternalKeyMaterialProvider.swift b/SecureStorgageSample/Services/ExternalKeyMaterialProvider.swift
index 70f9156..c9f9844 100644
--- a/SecureStorgageSample/Services/ExternalKeyMaterialProvider.swift
+++ b/SecureStorgageSample/Services/ExternalKeyMaterialProvider.swift
@@ -1,37 +1,26 @@
+import CryptoKit
 import Foundation
 import LocalData
-import Security
 
 nonisolated
 struct ExternalKeyMaterialProvider: KeyMaterialProviding {
     private enum Constants {
-        static let service = "com.example.securestorage.externalkey"
         static let keyLength = 32
     }
 
     func keyMaterial(for keyName: String) async throws -> Data {
-        if let existing = try await KeychainHelper.shared.get(
-            service: Constants.service,
-            key: keyName
-        ) {
+        let key = StorageKeys.ExternalKeyMaterialKey(keyName: keyName)
+        if let existing = try await StorageRouter.shared.get(key) as Data? {
             return existing
         }
 
-        var bytes = [UInt8](repeating: 0, count: Constants.keyLength)
-        let status = SecRandomCopyBytes(kSecRandomDefault, bytes.count, &bytes)
-        guard status == errSecSuccess else {
+        let symmetricKey = SymmetricKey(size: .bits256)
+        let material = symmetricKey.withUnsafeBytes { Data($0) }
+        guard material.count == Constants.keyLength else {
             throw StorageError.securityApplicationFailed
         }
 
-        let material = Data(bytes)
-        try await KeychainHelper.shared.set(
-            material,
-            service: Constants.service,
-            key: keyName,
-            accessibility: .afterFirstUnlock,
-            accessControl: nil
-        )
-
+        try await StorageRouter.shared.set(material, for: key)
         return material
     }
 }
diff --git a/SecureStorgageSample/StorageKeys/Keychain/ExternalKeyMaterialKey.swift b/SecureStorgageSample/StorageKeys/Keychain/ExternalKeyMaterialKey.swift
new file mode 100644
index 0000000..c767d2d
--- /dev/null
+++ b/SecureStorgageSample/StorageKeys/Keychain/ExternalKeyMaterialKey.swift
@@ -0,0 +1,24 @@
+import Foundation
+import LocalData
+
+extension StorageKeys {
+    /// Stores external key material used for encryption policies.
+    struct ExternalKeyMaterialKey: StorageKey {
+        typealias Value = Data
+
+        let name: String
+        let domain: StorageDomain = .keychain(service: "com.example.securestorage.externalkey")
+        let security: SecurityPolicy = .keychain(
+            accessibility: .afterFirstUnlock,
+            accessControl: nil
+        )
+        let serializer: Serializer<Data> = .data
+        let owner = "SampleApp"
+        let availability: PlatformAvailability = .phoneOnly
+        let syncPolicy: SyncPolicy = .never
+
+        init(keyName: String) {
+            self.name = keyName
+        }
+    }
+}