AWS Transfer Family announces quantum-safe key exchange for SFTP

AWS Transfer Family now supports quantum-safe public-key exchange for SFTP file transfers. Quantum-safe public-key exchange helps protect your file transfers from threats such as “harvest now, decrypt later“ attacks that record present day traffic for decrypting once cryptographically relevant quantum computers become available.

AWS Transfer Family offers fully managed support for SFTP, AS2, FTPS, and FTP enabling customers to run their managed file transfer (MFT) workflows on AWS. This launch introduces new hybrid post-quantum (PQ) security policies that enable quantum-safe key exchange between your SFTP servers and clients that use PQ encryption algorithms. When using a hybrid PQ policy, your SFTP server preserves the standard connection options supported by most clients today, while leveraging the most secure connection options with clients that support quantum-safe cryptography.

Quantum-safe key exchange for SFTP file transfers is supported in all AWS Regions where AWS Transfer Family is available. To learn more about using hybrid PQ security policies to enable quantum-safe key exchange, visit our documentation.