AWS-LC FIPS 3.0: First cryptographic library to include ML-KEM in FIPS 140-3 validation
Security Blog
AWS has announced AWS-LC FIPS 3.0, the first open-source cryptographic library to include post-quantum cryptographic algorithm ML-KEM in FIPS 140-3 validation.
- Introduces Module Lattice-Based Key Encapsulation Mechanisms (ML-KEM) to protect against future quantum computer threats
- Supports three ML-KEM parameter sets: ML-KEM-512, ML-KEM-768, and ML-KEM-1024
- Enables hybrid key exchange in TLS 1.3 using ML-KEM and traditional algorithms like x25519
- Added new algorithms including SHA-3, EdDSA, and performance improvements for RSA and other cryptographic operations
- Supports organizations requiring FIPS-validated cryptographic modules under frameworks like FedRAMP and HIPAA
This release represents a significant step towards enhancing long-term data confidentiality and protecting against potential future quantum computing threats.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Nov 12
2024
2024
Bottlerocket announces new AMIs that are preconfigured to use FIPS 140-3 validated cryptographic modules
Apr 7
2025
2025
ML-KEM post-quantum TLS now supported in AWS KMS, ACM, and Secrets Manager
Sep 24
2024
2024
WorkSpaces Secure Browser now supports FIPS 140-3 validated cryptography
Jun 13
2025
2025
AWS KMS adds support for post-quantum ML-DSA digital signatures
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.