Amazon S3 now supports post-quantum TLS key exchange on regional S3, S3 Tables, and S3 Express One Zone endpoints providing customers with post-quantum cryptography options for encryption of their data in-transit. All regional S3, S3 Tables, and S3 Express One Zone endpoints now support Module Lattice-Based Key Encapsulation Mechanisms (ML-KEM), one of National Institute of Standards & Technology (NIST) standardized post-quantum cryptographic algorithms. Through the new PQ-TLS key exchange, Amazon S3 now supports quantum-resistant cryptography for the encryption of data in-transit. This new support combined with Amazon S3’s server-side encryption by default utilizing AES-256 algorithms offers customers quantum-resistant encryption both in-transit and at-rest.
Post-quantum TLS key exchange for Amazon S3 is available for all clients configured to use the ML-KEM key exchange algorithm, where you receive the benefits of the post-quantum TLS key exchange. This is because Amazon S3 will automatically negotiate the highest TLS protocol version that your client software supports.
Post-quantum TLS key exchange for Amazon S3 is supported at no additional cost in all regional S3, S3 Tables, and S3 Express One Zone endpoints in all AWS regions. To learn more about PQ-TLS support in Amazon S3, visit our documentation.
Categories: general:products/amazon-s3,marketing:marchitecture/storage,general:products/aws-govcloud-us
Source: Amazon Web Services
Latest Posts
- MC1426708: OneDrive Sync App Ends Support on Windows 10 22H1 and Earlier Starting August 2026

- MC1426709: Microsoft Teams Extends Custom Recording and Transcription Notifications to 1:1 Calls

- MC1426714: Microsoft Viva Insights Adds Power BI Report Creation and Customization for Copilot Analytics

- Amazon EC2 M8in, M8idn, M8ib, M8idb instances are now available in additional regions





