AWS Encryption SDK

The AWS Encryption SDK is a client-side encryption library to help you implement best-practice encryption and decryption in any application even if you're not a cryptography expert.

The AWS Encryption SDK works on all types of data. Every successful call to encrypt returns a single portable, formatted encrypted message that contains metadata and the message ciphertext.

The AWS Encryption SDK offers advanced data protection features, including envelope encryption and additional authenticated data (AAD). It also offers secure, authenticated, symmetric key algorithm suites, such as 256-bit AES-GCM with key derivation and signing.

The AWS Encryption SDK is developed as an open source project. It is available in multiple programming languages, including a command line interface that is supported on Linux, macOS, and Windows. All implementations are interoperable. For example, you can encrypt your data with the Java library and decrypt it with the Python library. Or you can encrypt data with the C library and decrypt it with the CLI.

For informations about the AWS Encryption SDK, see the AWS Encryption SDK Developer Guide.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

AWS KMS

DynamoDB Encryption Client