AWS Encryption SDK

The AWS Encryption SDK is a client-side encryption library to help you implement best-practice encryption and decryption in any application even if you're not a cryptography expert.

The AWS Encryption SDK works on all types of data. Every successful call to encrypt returns a single portable, formatted encrypted message that contains metadata and the message ciphertext.

The AWS Encryption SDK offers advanced data protection features, including envelope encryption and additional authenticated data (AAD). It also offers secure, authenticated, symmetric key algorithm suites, such as 256-bit AES-GCM with key derivation and signing.

The AWS Encryption SDK is developed as an open source project. It is available in multiple programming languages, including a command line interface that is supported on Linux, macOS, and Windows. All implementations are interoperable. For example, you can encrypt your data with the AWS Encryption SDK for Java and decrypt it with the AWS Encryption SDK for C. Or you can encrypt data with the AWS Encryption SDK for JavaScript library and decrypt it with the AWS Encryption CLI or the AWS Encryption SDK for Python.

For informations about the AWS Encryption SDK, see the AWS Encryption SDK Developer Guide.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

AWS KMS

AWS Database Encryption SDK