Post-Quantum Cryptography
Bringing quantum-resistance to AWS services and customers
What is post-quantum cryptography at AWS?
At AWS, the confidentiality, integrity, and authenticity of our customers’ data is a top priority. Today, the public-key cryptographic schemes we use to protect data are based on mathematical problems of factoring, discrete logarithms, and elliptic-curve cryptography. It is still early days for quantum computing, but the technology holds great promise for benefiting society with a deeper understanding of fundamental physics and faster solutions to difficult computational problems. While large-scale quantum computers are not yet publicly available, the creation of a sufficiently powerful quantum computer would accelerate solving the schemes we use in public-key cryptographic algorithms to protect our data today. AWS is already at work, preparing for a post-quantum world.
AWS research and engineering efforts focus on the continuation of providing cryptographic security for our customers, while developing and testing new cryptographic systems that exceed current customers’ demands and protect against projected future adversaries. AWS has invested in the migration to post-quantum cryptography by contributing to post-quantum key agreement and post-quantum signature schemes to protect the confidentiality, integrity, and authenticity of customer data.
Featured resources
Take the first step to benchmark, prototype, or understand the performance impact of quantum-resistant cryptography on AWS services by reviewing the AWS Security blog posts about Transport Layer Security (TLS), QUIC, and Secure Shell (SSH).
AWS-LC FIPS 3.0: First cryptographic library to include ML-KEM in FIPS 140-3 validation
December 10, 2024
Learn more about the ongoing development, optimization, and validation of the cryptography that we provide to our customers and products through our open source cryptographic library, AWS-LC. This blog introduces the addition of FIPS-validated post-quantum algorithms and provides configuration options to begin using these algorithms today to protect against future threats.
AWS post-quantum cryptography migration plan
December 5, 2024
In this blog post, we cover how AWS will migrate to Post Quantum Cryptography (PQC) as part of our shared responsibility model. We also provide information about how to implement a PQC migration strategy for your organization, where AWS is today in the journey of migrating to PQC, and outlines our path forward.
Customer compliance and security during the post-quantum cryptographic migration
October 3, 2024
In this blog post, we elaborate how customer compliance and security configuration responsibility will operate in the post-quantum migration of secure connections to the cloud. We explain how customers are responsible for enabling quantum-resistant algorithms or having these algorithms enabled by default in their applications that connect to AWS.
Workshop: Post-Quantum Cryptography on AWS
This workshop demonstrates hands-on post-quantum cryptographic algorithms, their performance and size differences to classical ones. It shows how AWS services like AWS KMS can be used with AWS SDKs to establish a quantum-safe tunnel to transfer the most critical IT secrets protected from a theoretical computer targeting these communications in the future. Learn how these tunnels leverage classical and quantum-resistant key exchanges to offer the best of both worlds.
Migration to quantum-resistant cryptography
The AWS Post-Quantum team interfaces with the global cryptographic community by participating in international conferences, the open literature, and standards organizations with a goal of leading the adoption of quantum-resistant cloud-scale cryptographic technology. We are participating in projects and working groups on quantum-resistant cryptography, including the Internet Engineering Task Force (IETF), ETSI Quantum Safe Cryptography Technical Committee, NIST’s National Cybersecurity Center of Excellence (NCCoE) Migration to Post-Quantum Cryptography project, MITRE Post-Quantum Cryptography Coalition, Post-Quantum Cryptography Alliance (PQCA), and the Open Quantum Safe initiative.
Standards and industry collaborations
We're working with researchers around the world to help author the following standards:
NIST
The NIST Post-Quantum Cryptography standardization effort is a process to solicit, evaluate, and standardize one or more quantum-resistant public-key cryptographic algorithms. The new public-key cryptography standards will specify one or more additional digital signatures, public-key encryption, and key encapsulation mechanisms (KEM) algorithms to augment Federal Information Processing Standard (FIPS) 186-4, Digital Signature Standard (DSS), as well as NIST Special Publication 800-56A Revision 3. NIST has outlined an estimated timeline of 2024 for the completion of this process, at which point the draft standards and call for public comments will be released.
Of the submissions remaining in the standardization process that are either to be standardized, or advancing onto further rounds of analysis, AWS team members have contributed to the key encapsulation mechanisms ML-KEM and the signature algorithms ML-DSA and SLH-DSA.
IETF
The standardization of hybrid key exchange in TLS 1.3. This IETF draft is motivated by the transition to quantum-resistant cryptography, in particular, defining more explicitly how we will navigate the transitional phase from classical to post-quantum algorithms in the Transport Layer Security (TLS) protocol version 1.3.
The standardization of the SPHINCS+ Signature Algorithm in the Cryptographic Message Syntax (CMS). CMS is the IETF's standard for cryptographically protected messages. It can be used to digitally sign, digest, authenticate or encrypt any form of digital data. This standard will provide the quantum-resistant algorithm SPHINCS+ into CMS.
The standardization of Dilithium Algorithm Identifiers for X.509 Public Key Infrastructure and Kyber Algorithm Identifiers for X.509 Public Key Infrastructure. These are two IETF drafts to describe the conventions for using Dilithium and Kyber quantum-resistant signature and KEM respectively in Internet X.509 certificates and certificate revocation lists. The conventions for the associated post-quantum signatures, subject public keys, and private key are also described.
The standardization of Post-Quantum Hybrid Key Exchange in Secure Shell that extends the SSH Transport Layer Protocol with post-quantum hybrid key exchange methods.
ETSI
The European Telecommunications Standards Institute (ETSI) plays a leading role in the standardization of quantum-safe cryptography through its Technical Committee on Quantum-Safe Cryptography. The group focuses on identifying, evaluating, and standardizing post-quantum cryptographic algorithms and protocols, offering practical implementation guidelines to support a secure transition to quantum-resistant systems.In collaboration with academia, industry leaders, and governments, ETSI addresses the security impact of quantum computing, defines requirements for post-quantum algorithms, and provides best practices for deploying quantum-safe infrastructures.
Its work helps ensure interoperability, scalability, and performance in real-world applications. ETSI has published extensive technical reports and specifications on the transition to quantum-safe systems, including Technical Report TR 103 619 defining migration strategies and recommendations for Quantum-Safe schemes, and TS 103 744 on Quantum-Safe Hybrid Key Exchanges.
For more information, visit the ETSI Quantum-Safe Cryptography webpage.
