Post-Quantum Cryptography

Bringing quantum-resistance to AWS services and customers

What is post-quantum cryptography at AWS?

At AWS, the confidentiality, integrity, and authenticity of our customers’ data is a top priority. Today, the public-key cryptographic schemes we use to protect data are based on mathematical problems of factoring, discrete logarithms, and elliptic-curve cryptography. It is still early days for quantum computing, but the technology holds great promise for benefiting society with a deeper understanding of fundamental physics and faster solutions to difficult computational problems. While large-scale quantum computers are not yet publicly available, the creation of a sufficiently powerful quantum computer would accelerate solving the schemes we use in public-key cryptographic algorithms to protect our data today. AWS is already at work, preparing for a post-quantum world.

AWS research and engineering efforts focus on the continuation of providing cryptographic security for our customers, while developing and testing new cryptographic systems that exceed current customers’ demands and protect against projected future adversaries. AWS has invested in the migration to post-quantum cryptography by contributing to post-quantum key agreement and post-quantum signature schemes to protect the confidentiality, integrity, and authenticity of customer data.

Take the first step to benchmark, prototype, or understand the performance impact of quantum-resistant cryptography on AWS services by reviewing AWS Security blog posts about TLS and QUIC.

Preparing today for a post-quantum cryptographic future

July 26, 2022

Learn how Amazon is helping develop standards for post-quantum cryptography and deploying promising technologies for customers to experiment with.

Enable post-quantum key exchange in QUIC with the s2n-quic library

July 25, 2022

This blog post discusses AWS TLS work and QUIC transport protocol and shows how you can enable and experiment with the newly released post-quantum (PQ) key exchange by using our s2n-quic library.

How to tune TLS for hybrid post-quantum cryptography with Kyber

July 5, 2022

This blog shares details of hybrid post-quantum TLS with Kyber for connecting to AWS Key Management Service, AWS Secrets Manager, and AWS Certificate Manager.

Building post-quantum cryptography for the cloud (26:41)

This session introduces post-quantum cryptography and how you can use it today to secure TLS communication. Learn about recent updates on standards and existing deployments, including the AWS post-quantum TLS implementation.

An AWS approach to post-quantum cryptography (9:46)

Learn about the emerging requirement that cryptographic schemes remain secure against a future quantum computer and what the steps AWS is taking to ensure our infrastructure can meet these new requirements.

Migration to quantum-resistant cryptography

The AWS Post-Quantum team interfaces with the global cryptographic community by participating in international conferences, the open literature, and standards organizations with a goal of leading the adoption of quantum-resistant cloud-scale cryptographic technology. We are participating in projects and working groups on quantum-resistant cryptography, including the  Internet Engineering Task Force (IETF), ETSI Quantum Safe Cryptography Technical Committee, NIST’s National Cybersecurity Center of Excellence (NCCoE) Migration to Post-Quantum Cryptography project, and the Open Quantum Safe initiative.

Standards and industry collaborations

We're working with researchers around the world to help author the following standards:


The NIST Post-Quantum Cryptography standardization effort is a competition like process to solicit, evaluate, and standardize one or more quantum-resistant public-key cryptographic algorithms. The new public-key cryptography standards will specify one or more additional digital signatures, public-key encryption, and key encapsulation mechanisms (KEM) algorithms to augment Federal Information Processing Standard (FIPS) 186-4, Digital Signature Standard (DSS), as well as NIST Special Publication (SP) 800-56A Revision 3. NIST has outlined an estimated timeline of 2024 for the completion of this process, at which point the draft standards and call for public comments will be released.

Of the submissions remaining in the standardization process that are either to be standardized, or advancing onto further rounds of analysis, AWS team members have contributed to the key encapsulation mechanisms CRYSTALS-Kyber, BIKE, and SIKE, and the signature algorithms CRYSTALS-Dilithium and SPHINCS+.


The standardization of hybrid key exchange in TLS 1.3. This IETF draft is motivated by the transition to quantum-resistant cryptography, in particular, defining more explicitly how we will navigate the transitional phase from classical to post-quantum algorithms in the Transport Layer Security (TLS) protocol version 1.3.

The standardization of the SPHINCS+ Signature Algorithm in the Cryptographic Message Syntax (CMS). CMS is the IETF's standard for cryptographically protected messages. It can be used to digitally sign, digest, authenticate or encrypt any form of digital data. This standard will provide the quantum-resistant algorithm SPHINCS+ into CMS.


The standardization of Dilithium Algorithm Identifiers for X.509 Public Key Infrastructure and Kyber Algorithm Identifiers for X.509 Public Key Infrastructure. These are two IETF drafts to describe the conventions for using Dilithium and Kyber quantum-resistant signature and KEM respectively in Internet X.509 certificates and certificate revocation lists. The conventions for the associated post-quantum signatures, subject public keys, and private key are also described.

The standardization of Post-Quantum Hybrid Key Exchange in Secure Shell (SSH) that extends the SSH Transport Layer Protocol with post-quantum hybrid key exchange methods.

Open source contributions

AWS libcrypto (AWS-LC) is a general-purpose cryptographic library maintained by the AWS Cryptography team for AWS and our customers. It is based on code from the Google BoringSSL project and the OpenSSL project. AWS-LC contains the post-quantum algorithms Kyber and Dilithium as well as an experimental post-quantum branch.

Open Quantum Safe  
This open-source project aims to support the development and prototyping of quantum-resistant cryptography. AWS cryptography is part of the Open Quantum Safe (OQS) core team and contributors. OQS consists of two main lines of work: liboqs, an open-source C library for quantum-resistant cryptographic algorithms, and prototype integrations into protocols and applications, including the widely used OpenSSL library. OQS also provides post-quantum algorithm performance visualizations through extensive benchmarking

ETSI Quantum-safe Hybrid Key Exchanges
This informative reference implementation as reported in Annex C of ETSI TS 103 744, "CYBER; Quantum-safe Hybrid Key Exchanges. The code is not intended for production use. This code is provided as an informative implementation of the Quantum-safe Hybrid Key Exchanges for the Concatenate KDF (CatKDF) and Cascade KDF (CasKDF). It generates the test vectors contained in the technical specification TS 103 744.

This package is an "Additional Optimized" implementation of the Key Encapsulation Mechanism (KEM) BIKE. In BIKE's specification the repository is referred to as the default optimized and constant-time implementation of BIKE (all the performance figures come from this implementation).

Research and experimentation

AWS researchers regularly contribute papers to help advance the field of post-quantum cryptography.

PQ-HPKE: Post-Quantum Hybrid Public Key Encryption

by Mila Anastasova, Panos Kampanakis, and Jake Massimo
ICMC 2022, September 2022

Fast polynomial inversion for post quantum QC-MDPC cryptography

by Shay Gueron, Dusan Kostic, and Nir Drucker
International Symposium on Cyber Security Cryptography and Machine Learning, July 2020

Faster Post-Quantum TLS Handshakes Without Intermediate CA Certificates

by Panos Kampanakis and Michael Kallitsis
CSCML 2022, June 2022

On constant-time QC-MDPC decoding with negligible failure rate

by Shay Gueron, Dusan Kostic, and Nir Drucker
Code-Based Cryptography Workshop, May 2020


On the applicability of the Fujisaki–Okamoto transformation to the BIKE KEM

by Shay Gueron, Dusan Kostic, Nir Drucker, and Edoardo Persichetti
International Journal of Computer Mathematics: Computer Systems Theory, October 2021

QC-MDPC decoders with several shades of gray

by Shay Gueron, Dusan Kostic, and Nir Drucker
International Conference on Post-Quantum Cryptography, April 2020


Security of Hybrid Key Encapsulation

by Matthew Campagna and Adam Petcher
November 2020

Prototyping post-quantum and hybrid key exchange and authentication in TLS and SSH

by Eric Crockett, Christian Paquin, and Douglas Stebila
NIST 2nd Post-Quantum Cryptography Standardization Conference, August, 2019

Get Involved

Interested in learning more about post-quantum cryptography with AWS?
Drop us a line.