Announcing the AWS Encryption SDK

We’ve published several posts on client-side encryption using Java tools over the past couple of years, including ones on the S3 Encryption Client and the DynamoDB Encryption Client. Both of these clients assume a specific AWS service as the storage layer for data encrypted by the client. Today, the AWS Cryptography team released the AWS Encryption SDK for Java, a library that you can use to encrypt your data without assuming a particular storage layer. The SDK makes envelope encryption easier for developers while minimizing errors that could lower the security of your applications. The SDK doesn’t require you to use any specific AWS services, but we’ve provided ready-to-use samples for AWS customers who do use AWS CloudHSM or AWS Key Management Service (KMS).

Check out the AWS Encryption SDK on AWS Labs. You should also read Greg Rubin’s post on the AWS Security Blog on how to use the SDK. Let us know what you think!