Authenticated Encryption
Authenticated encryption provides confidentiality, data integrity, and
authenticity assurances on encrypted data. The Encrypt
API takes plaintext, a customer master key (CMK) identifier,
and an encryption context and returns ciphertext. The
encryption context represents additional authenticated data (AAD). The encryption
process uses
the AAD only to generate an authentication tag. The tag is included with the output
ciphertext
and used as input to the decryption process. This means that the encryption context
that you
supply to the Decrypt
API must
be the same as the encryption context you supply to the Encrypt
API. Otherwise, the
encryption and decryption tags will not match, and the decryption process will fail
to produce
plaintext. Further, if any one of the parameters has been tampered with—specifically
if
the ciphertext has been altered—the authentication tag will not compute to the same
value
that it did during encryption. The decryption process will fail and the ciphertext
will not be
decrypted.
Encryption context is AWS KMS's implementation of authenticated encryption or AAD. To learn how to use encryption context to protect the integrity of encrypted data, see the post How to Protect the Integrity of Your Encrypted Data by Using AWS Key Management Service and EncryptionContext on the AWS Security Blog.