menu
techminis

A naukri.com initiative

google-web-stories
source image

Amazon

2w

read

43

img
dot

Image Credit: Amazon

AWS-LC FIPS 3.0: First cryptographic library to include ML-KEM in FIPS 140-3 validation

  • AWS-LC FIPS 3.0, the first open-source cryptographic module to provide post-quantum algorithm support within the FIPS module has been added to NIST Cryptographic Module Validation Program.
  • This validation introduces support for Module Lattice-Based Key Encapsulation Mechanisms (ML-KEM), which works by establishing a shared secret between two parties based on an underlying problem that is believed to be hard for quantum computers to solve.
  • Organizations that require FIPS-validated cryptographic modules can now use these algorithms within AWS-LC to enhance long-term confidentiality of their sensitive customer workflows.
  • AWS-LC FIPS 3.0 includes the ML-KEM algorithm for all three provided parameter sets, ranging from security strength as specified by NIST.
  • This announcement is part of the long-term promise made by AWS-LC to obtain new FIPS 140-3 certificates and to support its wider developer community of Rust, Java and Python developers.
  • In AWS-LC FIPS 3.0, the latest member of the Secure Hash Algorithm standard SHA-3 and the digital signature algorithm EdDSA are added, and performance improvements are made on public-key cryptography algorithms widely used in transport protocols.
  • ML-KEM is now available in our open-source TLS implementation s2n-tls, through hybrid key exchange and adding support for hybrid ECDHE-ML-KEM key agreement for TLS 1.3.
  • With ML-KEM’s addition to the list of NIST-approved algorithms, you can now include non-FIPS standardized algorithms like Curve x25519 in hybrid cipher suites within FIPS 140-approved mode.
  • You can use both s2n-tls and AWS-LC TLS libraries to enable hybrid post-quantum security with ML-KEM today by enabling X25519MLKEM768 and SecP256r1MLKEM768 for key exchange.
  • AWS-LC is committed to continually validating new versions of AWS-LC as new algorithms are added within the FIPS boundary, to facilitate integration into CPython, rustls, and ACCP 2.0 libraries.

Read Full Article

like

2 Likes

For uninterrupted reading, download the app