Skip to content
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
81 changes: 81 additions & 0 deletions changes/2026-06-23_aws-kms-ml-kem-keyring/change.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
[//]: # "Copyright Amazon.com Inc. or its affiliates. All Rights Reserved."
[//]: # "SPDX-License-Identifier: CC-BY-SA-4.0"

# AWS KMS ML-KEM Keyring

## Affected Features

| Feature |
| --------------------------------------------------------------------------- |
| [AWS KMS ML-KEM Keyring](../../framework/aws-kms/aws-kms-ml-kem-keyring.md) |

## Affected Specifications

| Specification |
| ------------------------------------------------------------------------------------------------------ |
| [AWS KMS ML-KEM Keyring](../../framework/aws-kms/aws-kms-ml-kem-keyring.md) (new) |
| [Keyring Interface — Supported Keyrings](../../framework/keyring-interface.md#supported-keyrings) |
| [Test Vectors — Key Description](../../framework/test-vectors/key-description.md) |
| [Test Vectors — Keys Manifest](../../framework/test-vectors/keys-manifest.md) |
| [Test Vectors — MPL Enumeration](../../framework/test-vectors/mpl-test-vector-enumeration.md) |
| [Test Vectors — AWS KMS ML-KEM Keyring](../../framework/test-vectors/complete-vectors/ml-kem.md) (new) |
Comment on lines +18 to +21

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need to make sure we run TV only for Java.

Copy link
Copy Markdown
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will add a note


## Affected Implementations

| Language | Version Introduced | Version Removed | Implementation |
| -------- | ------------------ | --------------- | -------------- |
| Java | TBD | n/a | TBD |

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Version Introduced: 4.X ?

Copy link
Copy Markdown
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will add this to the backlog for after the ml-kem feature is merged. Current major version is 3.X, I assume 4.X marks PQ for the ESDK?


## Definitions

### Conventions used in this document

The key words
"MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL"
in this document are to be interpreted as described in
[RFC 2119](https://tools.ietf.org/html/rfc2119).

## Summary

Add an AWS KMS ML-KEM Keyring that protects data keys with a NIST-standardized
post-quantum Key Encapsulation Mechanism (ML-KEM, FIPS 203).
The keyring uses an ML-KEM KMS key to establish a per-message shared secret,
derives a wrapping key from it, and AES-GCM-256 wraps (encrypts) the data key.
Encapsulation source is configurable (KMS or local);
decapsulation is always performed by AWS KMS.

## Out of Scope

- A Raw ML-KEM Keyring that performs decapsulation locally.
- Cross-language implementations beyond Java.
- Changes to the ESDK message format or algorithm-suite registry.

## Motivation

The ESDK's body cipher (AES-GCM) is quantum-resistant,
but the asymmetric primitives currently used to wrap symmetric data keys
(RSA, ECC inside AWS KMS) are not.
ML-KEM is the NIST-standardized post-quantum KEM and is now exposed by AWS KMS
via `Encapsulate` / `Decapsulate`.
This keyring lets customers migrate envelope encryption to a quantum-resistant
primitive without changing the message format, the algorithm suites,
other keyrings, or needing to create their own custom keyring.

## Security Implications

See
[Security Considerations](../../framework/aws-kms/aws-kms-ml-kem-keyring.md#security-considerations)
in the keyring specification for the full normative treatment.
In summary: the keyring binds the encryption context into both the KDF and the
AES-GCM AAD, and relies on the AES-GCM authentication tag plus ML-KEM's implicit
rejection for tamper detection in lieu of a separate key commitment value.

## Reference-level Explanation

This change introduces
[`framework/aws-kms/aws-kms-ml-kem-keyring.md`](../../framework/aws-kms/aws-kms-ml-kem-keyring.md),
registers the keyring in the
[Supported Keyrings](../../framework/keyring-interface.md#supported-keyrings) list,
and enumerates the keyring in the test-vector framework
(key descriptions, keys manifest, input dimensions, and a complete-vectors document).
Loading
Loading