Post-Quantum Cryptography

Bringing quantum-resistance to AWS services and customers

What is post-quantum cryptography at AWS?

At AWS, the confidentiality, integrity, and authenticity of our customers’ data is a top priority. Today, the public-key cryptographic schemes we use to protect data are based on mathematical problems of factoring, discrete logarithms, and elliptic-curve cryptography. It is still early days for quantum computing, but the technology holds great promise for benefiting society with a deeper understanding of fundamental physics and faster solutions to difficult computational problems. While large-scale quantum computers are not yet publicly available, the creation of a sufficiently powerful quantum computer would accelerate solving the schemes we use in public-key cryptographic algorithms to protect our data today. AWS is already at work, preparing for a post-quantum world.

AWS research and engineering efforts focus on the continuation of providing cryptographic security for our customers, while developing and testing new cryptographic systems that exceed current customers’ demands and protect against projected future adversaries. AWS has invested in the migration to post-quantum cryptography by contributing to post-quantum key agreement and post-quantum signature schemes to protect the confidentiality, integrity, and authenticity of customer data.

Take the first step to benchmark, prototype, or understand the performance impact of quantum-resistant cryptography on AWS services by reviewing the AWS Security blog posts about Transport Layer Security (TLS), QUIC, and Secure Shell (SSH).

Post-quantum hybrid SFTP file transfers using AWS Transfer Family

June 13, 2023

This blog post introduces post-quantum hybrid key exchange with Kyber in the SSH protocol. Learn how to use it with Secure File Transfer Protocol (SFTP) file transfers in AWS Transfer Family, the AWS file transfer service.

Preparing today for a post-quantum cryptographic future

July 26, 2022

Learn how Amazon is helping develop standards for post-quantum cryptography and deploying promising technologies for customers to experiment with.

Enable post-quantum key exchange in QUIC with the s2n-quic library

July 25, 2022

This blog post focuses on the QUIC transport protocol and shows how you can enable and experiment with the post-quantum key exchange by using our s2n-quic library, an open-source implementation of the QUIC protocol.

How to tune TLS for hybrid post-quantum cryptography with Kyber

July 5, 2022

Read this blog post to learn about hybrid post-quantum TLS with Kyber for connecting to AWS Key Management Service, AWS Secrets Manager, and AWS Certificate Manager.

Post-quantum cryptography migration strategy for cloud services (44:11)

The challenge quantum computers pose to currently used public-key cryptographic algorithms and how the industry is responding. Post-quantum cryptography offers a solution to this challenge. See a high-level approach to migrate cloud services as well as proposed algorithms for standardization and their suitability for different use cases.

Building post-quantum cryptography for the cloud (26:41)

This session introduces post-quantum cryptography and how you can use it today to secure TLS communication. You will learn about updates to post-quantum standards and existing deployments, including the AWS post-quantum TLS implementation (pq-s2n).

Migration to quantum-resistant cryptography

The AWS Post-Quantum team interfaces with the global cryptographic community by participating in international conferences, the open literature, and standards organizations with a goal of leading the adoption of quantum-resistant cloud-scale cryptographic technology. We are participating in projects and working groups on quantum-resistant cryptography, including the  Internet Engineering Task Force (IETF), ETSI Quantum Safe Cryptography Technical Committee, NIST’s National Cybersecurity Center of Excellence (NCCoE) Migration to Post-Quantum Cryptography project, and the Open Quantum Safe initiative.

Standards and industry collaborations

We're working with researchers around the world to help author the following standards:


The NIST Post-Quantum Cryptography standardization effort is a competition like process to solicit, evaluate, and standardize one or more quantum-resistant public-key cryptographic algorithms. The new public-key cryptography standards will specify one or more additional digital signatures, public-key encryption, and key encapsulation mechanisms (KEM) algorithms to augment Federal Information Processing Standard (FIPS) 186-4, Digital Signature Standard (DSS), as well as NIST Special Publication 800-56A Revision 3. NIST has outlined an estimated timeline of 2024 for the completion of this process, at which point the draft standards and call for public comments will be released.

Of the submissions remaining in the standardization process that are either to be standardized, or advancing onto further rounds of analysis, AWS team members have contributed to the key encapsulation mechanisms ML-KEM and the signature algorithms ML-DSA and SLH-DSA.


The standardization of hybrid key exchange in TLS 1.3. This IETF draft is motivated by the transition to quantum-resistant cryptography, in particular, defining more explicitly how we will navigate the transitional phase from classical to post-quantum algorithms in the Transport Layer Security (TLS) protocol version 1.3.

The standardization of the SPHINCS+ Signature Algorithm in the Cryptographic Message Syntax (CMS). CMS is the IETF's standard for cryptographically protected messages. It can be used to digitally sign, digest, authenticate or encrypt any form of digital data. This standard will provide the quantum-resistant algorithm SPHINCS+ into CMS.

The standardization of Dilithium Algorithm Identifiers for X.509 Public Key Infrastructure and Kyber Algorithm Identifiers for X.509 Public Key Infrastructure. These are two IETF drafts to describe the conventions for using Dilithium and Kyber quantum-resistant signature and KEM respectively in Internet X.509 certificates and certificate revocation lists. The conventions for the associated post-quantum signatures, subject public keys, and private key are also described.

The standardization of Post-Quantum Hybrid Key Exchange in Secure Shell that extends the SSH Transport Layer Protocol with post-quantum hybrid key exchange methods.

Open source contributions

AWS Libcrypto
AWS Libcrypto (AWS-LC) is a general-purpose cryptographic library maintained by the AWS Cryptography team for AWS and our customers. Based on code from the Google BoringSSL project and OpenSSL project. AWS-LC contains the post-quantum algorithms Kyber and Dilithium as well as an experimental post-quantum branch.

Open Quantum Safe  
This open-source project aims to support the development and prototyping of quantum-resistant cryptography. AWS cryptography is part of the Open Quantum Safe (OQS) core team and contributors. OQS consists of two main lines of work: liboqs, an open-source C library for quantum-resistant cryptographic algorithms, and prototype integrations into protocols and applications, including the widely used OpenSSL library. OQS also provides post-quantum algorithm performance visualizations through extensive benchmarking

ETSI Quantum-safe Hybrid Key Exchanges
This informative reference implementation as reported in Annex C of ETSI TS 103 744, CYBER; Quantum-safe Hybrid Key Exchanges. The code is not intended for production use. This code is provided as an informative implementation of the Quantum-safe Hybrid Key Exchanges for the Concatenate KDF (CatKDF) and Cascade KDF (CasKDF). It generates the test vectors contained in the technical specification TS 103 744.

This package is an "Additional Optimized" implementation of the KEM Bit Flipping Key Encapsulation (BIKE). In BIKE's specification the repository is referred to as the default optimized and constant-time implementation of BIKE (all the performance figures come from this implementation).

Learn more about AWS open source security.

Research and experimentation

AWS researchers regularly contribute papers to help advance the field of post-quantum cryptography.

The impact of data-heavy, post-quantum TLS 1.3 on the time-to-last-byte of real-world connections

by Panos Kampanakis and Will Childs-Klein
MADweb Workshop, March 2024

Security of Hybrid Key Establishment using Concatenation

by Adam Petcher and Matthew Campagna
June 2023

Vision Paper: Do We Need to Change Some Things?

by Panos Jampanakis and Tancréde Lepoint
International Conference on Research in Security Standardization (SSR), April 2023

PQ-HPKE: Post-Quantum Hybrid Public Key Encryption

by Mila Anastasova, Panos Kampanakis, and Jake Massimo
ICMC 2022, September 2022

Faster Post-Quantum TLS Handshakes Without Intermediate CA Certificates

by Panos Kampanakis and Michael Kallitsis
CSCML 2022, June 2022

On the applicability of the Fujisaki–Okamoto transformation to the BIKE KEM

by Shay Gueron, Dusan Kostic, Nir Drucker, and Edoardo Persichetti
International Journal of Computer Mathematics: Computer Systems Theory, October 2021

Security of Hybrid Key Encapsulation

by Matthew Campagna and Adam Petcher
November 2020

Fast polynomial inversion for post quantum QC-MDPC cryptography

by Shay Gueron, Dusan Kostic, and Nir Drucker
International Symposium on Cyber Security Cryptography and Machine Learning, July 2020

On constant-time QC-MDPC decoding with negligible failure rate

by Shay Gueron, Dusan Kostic, and Nir Drucker
Code-Based Cryptography Workshop, May 2020

Get Involved

Interested in learning more about post-quantum cryptography with AWS?
Drop us a line.