Home icon

AWS post-quantum cryptography migration plan

Security Blog

AWS has announced a comprehensive migration plan to post-quantum cryptography (PQC) to protect against future quantum computer threats that could break current public-key cryptographic algorithms.

  • AWS will implement migration in four key workstreams focusing on different aspects of cryptographic systems
  • Will use new NIST-approved PQC algorithms like ML-KEM for key encapsulation and ML-DSA for digital signatures
  • Initial focus will be on encryption in transit, particularly public AWS service endpoints
  • Will use "hybrid post-quantum key agreement" combining classical and post-quantum algorithms
  • Services like AWS KMS and AWS Private CA will gradually integrate PQC capabilities

The migration aims to provide long-term data confidentiality and security, with AWS recommending customers prepare by ensuring software update capabilities and adopting TLS 1.3.

Go to article

The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

Related articles

May 14
2026
Automating post-quantum cryptography readiness using AWS Config
Nov 21
2025
AWS Payments Cryptography announces support for post-quantum cryptography to secure data in transit
Oct 3
2024
Customer compliance and security during the post-quantum cryptographic migration
Nov 11
2025
Accenture and AWS accelerate customer’s post-quantum cryptography journey

The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.