AWS rolls out ML-KEM to secure TLS from quantum threats

Amazon Web Services (AWS) has added support for the ML-KEM post-quantum key encapsulation mechanism to AWS Key Management Service (KMS), AWS Certificate Manager (ACM), and AWS Secrets Manager, making TLS connections more secure. ML-KEM (Module-Lattice-based Key Encapsulation Mechanism) is a post-quantum cryptographic algorithm designed to secure key exchanges from the perceived, yet still theoretical threat of quantum computers that could break traditional encryption like RSA and elliptic curve cryptography (ECC). The mechanism is based on CRYSTALS-Kyber, which was selected by NIST (National Institute of Standards and Technology) as the basis for its post-quantum cryptography standard, which was announced in its final form in August 2024. Although quantum computers aren't an active threat to cryptography right now, implementing quantum-secure algorithms prevents future exposure of secrets through "harvest now, decrypt later" attacks. AWS says it prioritized securing its most critic ... Read full article.