AWS Security Blog

Tag: TLS

The importance of encryption and how AWS can help

Encryption is a critical component of a defense-in-depth strategy, which is a security approach with a series of defensive mechanisms designed so that if one security mechanism fails, there’s at least one more still operating. As more organizations look to operate faster and at scale, they need ways to meet critical compliance requirements and improve […]

Read More

Round 2 Hybrid Post-Quantum TLS Benchmarks

AWS Cryptography has completed benchmarks of Round 2 Versions of the Bit Flipping Key Encapsulation (BIKE) and Supersingular Isogeny Key Encapsulation (SIKE) hybrid post-quantum Transport Layer Security (TLS) Algorithms. Both of these algorithms have been submitted to the National Institute of Standards and Technology (NIST) as part of NIST’s Post-Quantum Cryptography standardization process. In the […]

Read More

TLS 1.2 to become the minimum for all AWS FIPS endpoints

June 12, 2020: We’ve updated this blog post to include a link to the list of AWS services that require a minimum of TLS 1.2 for FIPS Endpoints.  To improve security for data in transit, AWS will update all of our AWS Federal Information Processing Standard (FIPS) endpoints to a minimum Transport Layer Security (TLS) […]

Read More

How to improve LDAP security in AWS Directory Service with client-side LDAPS

You can now better protect your organization’s identity data by encrypting Lightweight Directory Access Protocol (LDAP) communications between AWS Directory Service products (AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft AD, and AD Connector) and self-managed Active Directory. Client-side secure LDAP (LDAPS) support enables applications that integrate with AWS Directory […]

Read More
s2n logo

Post-quantum TLS now supported in AWS KMS

November 11, 2019: Based on customer feedback, we’ve corrected the name of one of our sources. AWS Key Management Service (AWS KMS) now supports post-quantum hybrid key exchange for the Transport Layer Security (TLS) network encryption protocol that is used when connecting to KMS API endpoints. In this post, I’ll tell you what post-quantum TLS […]

Read More

How to Prepare for AWS’s Move to Its Own Certificate Authority

  July 11, 2019 update: The service team has resolved an error that caused customers to see a “Certificate Transparency Required” message when loading test links in Chrome. March 28, 2018 update: We updated the Amazon Trust Services table by replacing an out-of-date value with a new value. Transport Layer Security (TLS, formerly called Secure […]

Read More

How to Enable Server-Side LDAPS for Your AWS Microsoft AD Directory

November 26, 2019: We’ve updated the language in this post to reflect new client-side LDAPS support in AWS Managed Microsoft AD. Starting today, you can encrypt the Lightweight Directory Access Protocol (LDAP) communications between your applications and AWS Directory Service for Microsoft Active Directory, also known as AWS Microsoft AD. Many commercial and homegrown Windows […]

Read More

How to Control TLS Ciphers in Your AWS Elastic Beanstalk Application by Using AWS CloudFormation

Securing data in transit is critical to the integrity of transactions on the Internet. Whether you log in to an account with your user name and password or give your credit card details to a retailer, you want your data protected as it travels across the Internet from place to place. One of the protocols […]

Read More

How to Help Achieve Mobile App Transport Security (ATS) Compliance by Using Amazon CloudFront and AWS Certificate Manager

Web and application users and organizations have expressed a growing desire to conduct most of their HTTP communication securely by using HTTPS. At its 2016 Worldwide Developers Conference, Apple announced that starting in January 2017, apps submitted to its App Store will be required to support App Transport Security (ATS). ATS requires all connections to […]

Read More

Introducing s2n, a New Open Source TLS Implementation

At Amazon Web Services, strong encryption is one of our standard features, and an integral aspect of that is the TLS (previously called SSL) encryption protocol. TLS is used with every AWS API and is also available directly to customers of many AWS services including Elastic Load Balancing (ELB), AWS Elastic Beanstalk, Amazon CloudFront, Amazon S3, […]

Read More