Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

AWS Crypto Tools Documentation

Cryptography is hard to do safely and correctly. The AWS Crypto Tools libraries are designed to help everyone do cryptography right, even without special expertise. Our client-side encryption libraries help you to protect your sensitive data at its source using secure cryptographic algorithms, envelope encryption, and signing.

Use the AWS Encryption SDK to encrypt all types of data in your applications.

Use the AWS Database Encryption SDK or the Legacy DynamoDB Encryption Client to encrypt and sign database records in your applications.

Use the Amazon S3 Encryption Client to encrypt your Amazon S3 objects before uploading them to Amazon S3.

  1. Learn how to use the AWS Encryption SDK, a client-side encryption library for all types of data. It makes best-practice client-side encryption easier, so you can focus on the core functionality of your application. Use these libraries with any cryptographic service provider, including AWS Key Management Service or AWS CloudHSM, but the libraries do not require AWS or any AWS service.
  2. Learn how to use the AWS Database Encryption SDK, a set of software libraries that enable you to include client-side encryption in your database design. The encryption and signing features are easy to incorporate into your existing applications. Use these libraries with any cryptographic service provider, including AWS Key Management Service or AWS CloudHSM, but the libraries do not require AWS or any AWS service.
  3. Learn how to use the Amazon S3 Encryption Client, a client-side encryption library designed especially for Amazon S3 objects. With the Amazon S3 Encryption Client, you can encrypt your Amazon S3 objects before uploading them to Amazon S3. Use these libraries with any cryptographic service provider, including AWS Key Management Service or AWS CloudHSM, but the libraries do not require AWS or any AWS service.

Join Us on GitHub

Learn about AWS Cryptography Services

Read Our Blog Posts

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.