AWS KMS now supports Elliptic Curve Diffie-Hellman (ECDH) key agreement
News
This announcement introduces a new feature in AWS Key Management Service (KMS) that supports Elliptic Curve Diffie-Hellman (ECDH) key agreement. This allows two parties to establish a shared secret over a public channel.
Specifically, the article covers:
- The ability to derive a shared secret using another party's public key and your own elliptic-curve KMS key within the KMS hardware security module (HSM)
- Using the shared secret to derive a symmetric key for encrypting/decrypting data between the parties
- Integrating with the AWS Encryption SDK for simplified key derivation and encryption
- Potential use cases like hybrid encryption schemes and seeding secrets in remote devices or AWS Nitro Enclaves
- Availability in all AWS Regions, including AWS GovCloud (US)
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Aug 19
2024
2024
Announcing AWS KMS Elliptic Curve Diffie-Hellman (ECDH) support
Nov 7
2025
2025
AWS KMS now supports Edwards-curve Digital Signature Algorithm (EdDSA)
Jun 13
2025
2025
AWS KMS adds support for post-quantum ML-DSA digital signatures
Apr 1
2025
2025
AWS Payment Cryptography launches support for exchanging cryptographic keys using ECDH
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.