Amazon S3 now supports post-quantum TLS key exchange on S3 endpoints
News
This article announces that Amazon S3 now supports post-quantum TLS key exchange on regional S3, S3 Tables, and S3 Express One Zone endpoints.
- All regional S3 endpoints now support ML-KEM, a NIST-standardized post-quantum cryptographic algorithm
- Provides quantum-resistant encryption for data in-transit using PQ-TLS key exchange
- Combined with S3's default AES-256 server-side encryption for quantum-resistant protection at-rest
- Automatically negotiates highest TLS protocol version supported by client software
- Available at no additional cost across all AWS regions
Amazon S3 now offers quantum-resistant encryption for both in-transit and at-rest data protection.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Nov 21
2025
2025
AWS Application and Network Load Balancers Now Support Post-Quantum Key Exchange for TLS
Nov 20
2025
2025
Amazon S3 adds new bucket-level setting to standardize encryption types used in your buckets
Sep 5
2025
2025
Amazon CloudFront launches TLS security policy with post-quantum support
Apr 16
2025
2025
Amazon S3 Tables now support server-side encryption using AWS KMS with customer-managed keys
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.