Security Blog
AWS has announced support for ML-KEM post-quantum key agreement in three critical security services: AWS Key Management Service (AWS KMS), AWS Certificate Manager (ACM), and AWS Secrets Manager.
- ML-KEM is a new hybrid post-quantum key agreement standard for TLS
- Support is currently available in non-FIPS endpoints across all AWS regions
- Performance impact is minimal, with only a 0.05% decrease in transactions per second
- CRYSTALS-Kyber (the predecessor) will be supported through 2025
- AWS plans to deploy ML-KEM support to all HTTPS endpoints in coming years
Customers can enable post-quantum TLS in AWS SDK for Java by calling `.postQuantumTlsEnabled(true)` when configuring their HTTP client, protecting against future quantum computing threats.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.