How AWS KMS and AWS Encryption SDK overcome symmetric encryption bounds
Security Blog
This article explains how AWS KMS and AWS Encryption SDK handle AES-GCM symmetric encryption limits automatically using derived key methods, eliminating manual tracking for high-scale applications.
- AES-GCM has encryption invocation limits (2^32 encryptions) and data bounds (2^68 bytes) per key
- AWS KMS derives a unique 256-bit key per encryption using a random 128-bit nonce and KDF
- KMS generates random IV and encrypts plaintext (max 4 KB) with derived key via AES-GCM
- AWS Encryption SDK uses HKDF with 256-bit random nonce to derive per-invocation keys
- SDK frames data into 4 KB chunks with deterministic IVs, limiting total encrypted data to 2^44 bytes
- Derived key approach ensures encryption bounds are never exceeded without manual key rotation
By deriving unique keys per encryption invocation, both services automatically overcome AES-GCM bounds, simplifying secure encryption at cloud scale.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.