AWS prescriptive-guidance documentation change
Summary
Added comprehensive section detailing cryptographic algorithms, their statuses (preferred/acceptable), and AWS's cryptographic implementation standards
Security assessment
Introduces detailed security documentation about encryption standards and algorithm preferences but does not address a specific vulnerability. Enhances security guidance by clarifying cryptographic best practices.
Diff
diff --git a/prescriptive-guidance/latest/encryption-best-practices/aws-cryptography-services.md b/prescriptive-guidance/latest/encryption-best-practices/aws-cryptography-services.md index 20b028bb1..8a0d1df98 100644 --- a//prescriptive-guidance/latest/encryption-best-practices/aws-cryptography-services.md +++ b//prescriptive-guidance/latest/encryption-best-practices/aws-cryptography-services.md @@ -5 +5,3 @@ -# About AWS cryptography services +AWS cryptography servicesCryptographic algorithms + +# Cryptography algorithms and AWS services @@ -8,0 +11,2 @@ An _encryption algorithm_ is a formula or procedure that converts a plaintext me +## AWS cryptography services + @@ -21,0 +26,73 @@ AWS cryptographic services comply with a wide range of cryptographic security st +## Cryptographic algorithms + +Cryptography is an essential part of security for AWS. AWS services support encryption for data in transit, at rest, or in memory. Many also support encryption with customer managed keys that are inaccessible to AWS. You can learn more about the AWS commitment to innovation and investing in additional controls for sovereignty and encryption features in the [AWS digital sovereignty pledge](https://aws.amazon.com/blogs/https://aws.amazon.com/blogs/security/aws-digital-sovereignty-pledge-control-without-compromise/) (AWS blog post). + +AWS is committed to using the most secure available cryptographic algorithms to meet your security and performance requirements. AWS defaults to high-assurance algorithms and implementations and prefer hardware-optimized solutions that are faster, improve security, and are more energy efficient. See the [AWS Crypto Library](https://github.com/aws/aws-lc) for optimized, high-assurance and formally verified, constant-time cryptographic algorithms. AWS follows the [shared responsibility model](https://aws.amazon.com/compliance/shared-responsibility-model/) and offers cryptography options to meet your individual security, compliance, and performance requirements, while still meeting industry-accepted security levels. For example, Elastic Load Balancing offers Application Load Balancers that provide various [security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies) for the Transport Layer Security (TLS) protocol. + +AWS services use trusted cryptographic algorithms that meet industry standards and foster interoperability. These standards are widely accepted by governments, industry, and academia. It takes considerable analysis by the global community for an algorithm to become widely accepted. It also takes time for it to become widely available within the industry. Lack of analysis and availability introduces challenges to interoperability, complexity, and risks for deployments. AWS continues to deploy new cryptographic options to meet a high bar for security and performance. + +The following tables summarize the cryptographic algorithms, ciphers, modes, and key sizes that AWS deploys across its services to protect your data. They should not be considered to be an exhaustive list of all cryptography options available in AWS. The algorithms fall into two categories: + + * _Preferred_ are the algorithms that meet the AWS security and performance standards. + + * _Acceptable_ algorithms can be used for compatibility in some applications but are not preferred. + + + + +Asymmetric encryption | Status +---|--- +RSA-OAEP with 2048 or 3072-bit modulus | Acceptable +HPKE with P-256 or P-384, HKDF and AES-GCM | Acceptable + +Asymmetric key agreement | Status +---|--- +ECDH(E) with P-384 | Preferred +ECDH(E) with P-256, P-521, or X25519 | Acceptable +ECDH(E) with brainpoolP256r1, brainpoolP384r1, or brainpoolP512r1 | Acceptable +ML-KEM-768 combined with ECDH(E) (in PQ-hybrid key exchanges) | Preferred (for quantum-resistance) + +Block ciphers and modes | Status +---|--- +AES-GCM-256 | Preferred +AES-XTS-256 | Acceptable +AES-GCM-128 | Acceptable +ChaCha20/Poly1305 | Acceptable +CBC / CTR / CCM modes (with AES-128 or AES-256) | Acceptable + +Hashing | Status +---|--- +SHA2-384 | Preferred +SHA2-256 | Acceptable +SHA3 | Acceptable + +Key derivation | Status +---|--- +HKDF_Expand or HKDF with SHA2-256 | Preferred +Counter Mode KDF with HMAC-SHA2-256 | Acceptable + +Key wrapping | Status +---|--- +AES-GCM-256 | Preferred +AES-KW or AES-KWP with 256-bit keys | Acceptable + +Message Authentication Code (MAC) | Status +---|--- +HMAC-SHA2-384 | Preferred +HMAC-SHA2-256 | Acceptable +KMAC | Acceptable + +Password hashing | Status +---|--- +scrypt with SHA384 | Preferred +PBKDF2 | Acceptable + +Signatures | Status +---|--- +ECDSA with P-384 | Preferred +ECDSA with P-256, P-521, or Ed25519 | Acceptable +RSA-2048 or RSA-3072 | Acceptable +SLH-DSA | Preferred (for quantum-resistant software/firmware signing) + +AWS closely tracks cryptographic developments, security issues, and research results. As deprecated algorithms and security issues are discovered, they are addressed. For more information, see the [AWS Security Blog](https://aws.amazon.com/blogs/https://aws.amazon.com/blogs/security/tag/cryptography/). AWS remains committed to identifying compatibility issues with clients that use legacy security algorithms and to helping customers migrate to more secure options. AWS also remains involved in new cryptographic areas, which includes [post-quantum cryptography](https://aws.amazon.com/security/post-quantum-cryptography/) and [cryptographic computing](https://aws.amazon.com/security/cryptographic-computing/). +