Better-performing “25519” elliptic-curve cryptography

Automated reasoning and optimizations specific to CPU microarchitectures improve both performance and assurance of correct implementation.

Cryptographic algorithms are essential to online security, and at Amazon Web Services (AWS), we implement cryptographic algorithms in our open-source cryptographic library, AWS LibCrypto (AWS-LC), based on code from Google’s BoringSSL project. AWS-LC offers AWS customers implementations of cryptographic algorithms that are secure and optimized for AWS hardware.

Two cryptographic algorithms that have become increasingly popular are x25519 and Ed25519, both based on an elliptic curve known as curve25519. To improve the customer experience when using these algorithms, we recently took a deeper look at their implementations in AWS-LC. Henceforth, we use x/Ed25519 as shorthand for “x25519 and Ed25519”.

Related content
Optimizations for Amazon's Graviton2 chip boost efficiency, and formal verification shortens development time.

In 2023, AWS released multiple assembly-level implementations of x/Ed25519 in AWS-LC. By combining automated reasoning and state-of-the-art optimization techniques, these implementations improved performance over the existing AWS-LC implementations and also increased assurance of their correctness.

In particular, we prove functional correctness using automated reasoning and employ optimizations targeted to specific CPU microarchitectures for the instruction set architectures x86_64 and Arm64. We also do our best to execute the algorithms in constant time, to thwart side-channel attacks that infer secret information from the durations of computations.

In this post, we explore different aspects of our work, including the process for proving correctness via automated reasoning, microarchitecture (μarch) optimization techniques, the special considerations for constant-time code, and the quantification of performance gains.

Elliptic-curve cryptography

Elliptic-curve cryptography is a method for doing public-key cryptography, which uses a pair of keys, one public and one private. One of the best-known public-key cryptographic schemes is RSA, in which the public key is a very large integer, and the corresponding private key is prime factors of the integer. The RSA scheme can be used both to encrypt/decrypt data and also to sign/verify data. (Members of our team recently blogged on Amazon Science about how we used automated reasoning to make the RSA implementation on Amazon’s Graviton2 chips faster and easier to deploy.)

Elliptic curve.png
Example of an elliptic curve.

Elliptic curves offer an alternate way to mathematically relate public and private keys; sometimes, this means we can implement schemes more efficiently. While the mathematical theory of elliptic curves is both broad and deep, the elliptic curves used in cryptography are typically defined by an equation of the form y2 = x3 + ax2 + bx + c, where a, b, and c are constants. You can plot the points that satisfy the equation on a 2-D graph.

An elliptic curve has the property that a line that intersects it at two points intersects it at at most one other point. This property is used to define operations on the curve. For instance, the addition of two points on the curve can be defined not, indeed, as the third point on the curve collinear with the first two but as that third point’s reflection around the axis of symmetry.

Elliptic-curve addition.gif
Addition on an elliptic curve.

Now, if the coordinates of points on the curve are taken modulo some integer, the curve becomes a scatter of points in the plane, but a scatter that still exhibits symmetry, so the addition operation remains well defined. Curve25519 is named after a large prime integer — specifically, 2255 – 19. The set of numbers modulo the curve25519 prime, together with basic arithmetic operations such as multiplication of two numbers modulo the same prime, define the field in which our elliptic-curve operations take place.

Successive execution of elliptic-curve additions is called scalar multiplication, where the scalar is the number of additions. With the elliptic curves used in cryptography, if you know only the result of the scalar multiplication, it is intractable to recover the scalar, if the scalar is sufficiently large. The result of the scalar multiplication becomes the basis of a public key, the original scalar the basis of a private key.

The x25519 and Ed25519 cryptographic algorithms

The x/Ed25519 algorithms have distinct purposes. The x25519 algorithm is a key agreement algorithm, used to securely establish a shared secret between two peers; Ed25519 is a digital-signature algorithm, used to sign and verify data.

The x/Ed25519 algorithms have been adopted in transport layer protocols such as TLS and SSH. In 2023, NIST announced an update to its FIPS185-6 Digital Signature Standard that included the addition of Ed25519. The x25519 algorithm also plays a role in post-quantum safe cryptographic solutions, having been included as the classical algorithm in the TLS 1.3 and SSH hybrid scheme specifications for post-quantum key agreement.

Microarchitecture optimizations

When we write assembly code for a specific CPU architecture, we use its instruction set architecture (ISA). The ISA defines resources such as the available assembly instructions, their semantics, and the CPU registers accessible to the programmer. Importantly, the ISA defines the CPU in abstract terms; it doesn’t specify how the CPU should be realized in hardware.

Related content
Prize honors Amazon senior principal scientist and Penn professor for a protocol that achieves a theoretical limit on information-theoretic secure multiparty computation.

The detailed implementation of the CPU is called the microarchitecture, and every μarch has unique characteristics. For example, while the AWS Graviton 2 CPU and AWS Graviton 3 CPU are both based on the Arm64 ISA, their μarch implementations are different. We hypothesized that if we could take advantage of the μarch differences, we could create x/Ed25519 implementations that were even faster than the existing implementations in AWS-LC. It turns out that this intuition was correct.

Let us look closer at how we took advantage of μarch differences. Different arithmetic operations can be defined on curve25519, and different combinations of those operations are used to construct the x/Ed25519 algorithms. Logically, the necessary arithmetic operations can be considered at three levels:

  1. Field operations: Operations within the field defined by the curve25519 prime 2255 – 19.
  2. Elliptic-curve group operations: Operations that apply to elements of the curve itself, such as the addition of two points, P1 and P2.
  3. Top-level operations: Operations implemented by iterative application of elliptic-curve group operations, such as scalar multiplication.
Levels of operations.png
Examples of operations at different levels. Arrows indicate dependency relationships between levels.

Each level has its own avenues for optimization. We focused our μarch-dependent optimizations on the level-one operations, while for levels two and three our implementations employ known state-of-the-art techniques and are largely the same for different μarchs. Below, we give a summary of the different μarch-dependent choices we made in our implementations of x/Ed25519.

  • For modern x86_64 μarchs, we use the instructions MULX, ADCX, and ADOX, which are variations of the standard assembly instructions MUL (multiply) and ADC (add with carry) found in the instruction set extensions commonly called BMI and ADX. These instructions are special because, when used in combination, they can maintain two carry chains in parallel, which has been observed to boost performance up to 30%. For older x86_64 μarchs that don’t support the instruction set extensions, we use more traditional single-carry chains.
  • For Arm64 μarchs, such as AWS Graviton 3 with improved integer multipliers, we use relatively straightforward schoolbook multiplication, which turns out to give good performance. AWS Graviton 2 has smaller multipliers. For this Arm64 μarch, we use subtractive forms of Karatsuba multiplication, which breaks down multiplications recursively. The reason is that, on these μarchs, 64x64-bit multiplication producing a 128-bit result has substantially lower throughput relative to other operations, making the number size at which Karatsuba optimization becomes worthwhile much smaller.

We also optimized level-one operations that are the same for all μarchs. One example concerns the use of the binary greatest-common-divisor (GCD) algorithm to compute modular inverses. We use the “divstep” form of binary GCD, which lends itself to efficient implementation, but it also complicates the second goal we had: formally proving correctness.

Related content
Both secure multiparty computation and differential privacy protect the privacy of data used in computation, but each has advantages in different contexts.

Binary GCD is an iterative algorithm with two arguments, whose initial values are the numbers whose greatest common divisor we seek. The arguments are successively reduced in a well-defined way, until the value of one of them reaches zero. With two n-bit numbers, the standard implementation of the algorithm removes at least one bit total per iteration, so 2n iterations suffice.

With divstep, however, determining the number of iterations needed to get down to the base case seems analytically difficult. The most tractable proof of the bound uses an elaborate inductive argument based on an intricate “stable hull” provably overapproximating the region in two-dimensional space containing the points corresponding to the argument values. Daniel Bernstein, one of the inventors of x25519 and Ed25519, proved the formal correctness of the bound using HOL Light, a proof assistant that one of us (John) created. (For more on HOL Light, see, again, our earlier RSA post.)

Performance results

In this section, we will highlight improvements in performance. For the sake of simplicity, we focus on only three μarchs: AWS Graviton 3, AWS Graviton 2, and Intel Ice Lake. To gather performance data, we used EC2 instances with matching CPU μarchs — c6g.4xlarge, c7g.4xlarge, and c6i.4xlarge, respectively; to measure each algorithm, we used the AWS-LC speed tool.

In the graphs below, all units are operations per second (ops/sec). The “before” columns represent the performance of the existing x/Ed25519 implementations in AWS-LC. The “after” columns represent the performance of the new implementations.

Signing new.png
For the Ed25519 signing operation, the number of operations per second, over the three μarchs, is, on average, 108% higher with the new implementations.
Verification.png
For the Ed25519 verification operation, we increased the number of operations per second, over the three μarchs, by an average of 37%.

We observed the biggest improvement for the x25519 algorithm. Note that an x25519 operation in the graph below includes the two major operations needed for an x25519 key exchange agreement: base-point multiplication and variable-point multiplication.

Ops:sec new.png
With x25519, the new implementation increases the number of operations per second, over the three μarchs, by an average of 113%.

On average, over the AWS Graviton 2, AWS Graviton 3, and Intel Ice Lake microarchitectures, we saw an 86% improvement in performance.

Proving correctness

We develop the core parts of the x/Ed25519 implementations in AWS-LC in s2n-bignum, an AWS-owned library of integer arithmetic routines designed for cryptographic applications. The s2n-bignum library is also where we prove the functional correctness of the implementations using HOL Light. HOL Light is an interactive theorem prover for higher-order logic (hence HOL), and it is designed to have a particularly simple (hence light) “correct by construction” approach to proof. This simplicity offers assurance that anything “proved” has really been proved rigorously and is not the artifact of a prover bug.

Related content
New approach to homomorphic encryption speeds up the training of encrypted machine learning models sixfold.

We follow the same principle of simplicity when we write our implementations in assembly. Writing in assembly is more challenging, but it offers a distinct advantage when proving correctness: our proofs become independent of any compiler.

The diagram below shows the process we use to prove x/Ed25519 correct. The process requires two different sets of inputs: first is the algorithm implementation we’re evaluating; second is a proof script that models both the correct mathematical behavior of the algorithm and the behavior of the CPU. The proof is a sequence of functions specific to HOL Light that represent proof strategies and the order in which they should be applied. Writing the proof is not automated and requires developer ingenuity.

From the algorithm implementation and the proof script, HOL Light either determines that the implementation is correct or, if unable to do so, fails. HOL Light views the algorithm implementation as a sequence of machine code bytes. Using the supplied specification of CPU instructions and the developer-written strategies in the proof script, HOL Light reasons about the correctness of the execution.

CI integration.png
CI integration provides assurance that no changes to the algorithm implementation code can be committed to s2n-bignum’s code repository without successfully passing a formal proof of correctness.

This part of the correctness proof is automated, and we even implement it inside s2n-bignum’s continuous-integration (CI) workflow. The workflow covered in the CI is highlighted by the red dotted line in the diagram below. CI integration provides assurance that no changes to the algorithm implementation code can be committed to s2n-bignum’s code repository without successfully passing a formal proof of correctness.

The CPU instruction specification is one of the most critical ingredients in our correctness proofs. For the proofs to be true in practice, the specification must capture the real-world semantics of each instruction. To improve assurance on this point, we apply randomized testing against the instruction specifications on real hardware, “fuzzing out” inaccuracies.

Constant time

We designed our implementations and optimizations with security as priority number one. Cryptographic code must strive to be free of side channels that could allow an unauthorized user to extract private information. For example, if the execution time of cryptographic code depends on secret values, then it might be possible to infer those values from execution times. Similarly, if CPU cache behavior depends on secret values, an unauthorized user who shares the cache could infer those values.

Our implementations of x/Ed25519 are designed with constant time in mind. They perform exactly the same sequence of basic CPU instructions regardless of the input values, and they avoid any CPU instructions that might have data-dependent timing.

Using x/Ed25519 optimizations in applications

AWS uses AWS-LC extensively to power cryptographic operations in a diverse set of AWS service subsystems. You can take advantage of the x/Ed25519 optimizations presented in this blog by using AWS-LC in your application(s). Visit AWS-LC on Github to learn more about how you can integrate AWS-LC into your application.

To allow easier integration for developers, AWS has created bindings from AWS-LC to multiple programming languages. These bindings expose cryptographic functionality from AWS-LC through well-defined APIs, removing the need to reimplement cryptographic algorithms in higher-level programming languages. At present, AWS has open-sourced bindings for Java and Rust — the Amazon Corretto Cryptographic Provider (ACCP) for Java, and AWS-LC for Rust (aws-lc-rs). Furthermore, we have contributed patches allowing CPython to build against AWS-LC and use it for all cryptography in the Python standard library. Below we highlight some of the open-source projects that are already using AWS-LC to meet their cryptographic needs.

Open-source projects.png
Open-source projects using AWS-LC to meet their cryptographic needs.

We are not done yet. We continue our efforts to improve x/Ed25519 performance as well as pursuing optimizations for other cryptographic algorithms supported by s2n-bignum and AWS-LC. Follow the s2n-bignum and AWS-LC repositories for updates.

Research areas

Related content

US, TX, Austin
Our team is involved with pre-silicon design verification for custom IP. A critical requirement of the verification flow is the requirement of legal and realistic stimulus of a custom Machine Learning Accelerator Chip. Content creation is built using formal methods that model legal behavior of the design and then solving the problem to create the specific assembly tests. The entire frame work for creating these custom tests is developed using a SMT solver and custom software code to guide the solution space into templated scenarios. This highly visible and innovative role requires the design of this solving framework and collaborating with design verification engineers, hardware architects and designers to ensure that interesting content can be created for the projects needs. Key job responsibilities Develop an understanding for a custom machine learning instruction set architecture. Model correctness of instruction streams using first order logic. Create custom API's to allow control over scheduling and randomness. Deploy algorithms to ensure concurrent code is safely constructed. Create coverage metrics to ensure solution space coverage. Use novel methods like machine learning to automate content creation.
IL, Tel Aviv
We are seeking an Applied Scientist to help build Amazon’s next-generation customer memory and personalization systems. Are you interested in building systems that move beyond reacting to customer behavior, to actually understanding and remembering it over time? Our team is building Amazon’s customer memory layer – a system that extracts, curates, and reasons over customer knowledge to power next-generation personalization. This includes transforming noisy, unstructured signals into durable, high-quality representations of customer preferences, intents, and life events, and using them in real time to improve customer experiences. We are part of Amazon’s Personalization organization, a high-performing group that leverages large-scale machine learning, generative AI, and distributed systems to deliver highly relevant customer experiences. We tackle challenging problems at the intersection of information extraction, knowledge representation, LLM reasoning, and recommendation systems. Our systems operate under real-world constraints of scale, latency, and quality, requiring careful tradeoffs between precision, recall, and responsiveness. This team plays a central role in defining how Amazon understands its customers, and how that understanding is applied across the shopping experience. As an Applied Scientist, you will design and build ML and LLM-powered solutions for Amazon's customer memory and personalization systems. You will work on how customer knowledge is extracted, validated, and applied in production systems. You will own the end-to-end delivery of ML solutions, from problem formulation and modeling to offline and online experimentation, and production deployment at scale. You will deliver high-quality, scalable systems that power customer-facing experiences. You will drive work across areas such as fact extraction, memory quality and lifecycle, temporal reasoning, and grounded personalization, while navigating tradeoffs between quality, latency, and coverage. You will collaborate closely with engineering and product teams to translate research into measurable customer impact. Please visit https://www.amazon.science for more information.
US, NY, New York
The Ads Measurement Science team in the Measurement, Ad Tech, and Data Science (MADS) team of Amazon Ads serves a centralized role developing solutions for a multitude of performance measurement products. We create solutions which measure the comprehensive impact of their ad spend, including sales impacts both online and offline and across timescales, and provide actionable insights that enable our advertisers to optimize their media portfolios. We leverage a host of scientific technologies to accomplish this mission, including Generative AI, classical ML, Causal Inference, Natural Language Processing, and Computer Vision. We are hiring an Economist on the team to develop the next generation of incrementality measurement products, capturing the effect of advertising in driving sales as well as the effects of measurement tools on advertiser engagement with Amazon. As an Economist on the team, you will lead the design, implementation, and validation of large-scale causal inference methodologies to capture these properties. You will communicate your results with science and business leaders, and partner with other scientists and engineers to carry solutions into production. Key job responsibilities Leverage deep expertise in causal inference to develop robust, causally grounded ads measurement solutions Disambiguate problems to propose clear evaluation frameworks and success criteria Work autonomously and write high quality technical documents Partner closely with other scientists to deliver large, multi-faceted technical projects Share and publish works with the broader scientific community through meetings and conferences Communicate clearly to both technical and non-technical audiences and leaders Contribute new ideas that shape the direction of the team's work Mentor more junior scientists and participate in the hiring process
US, NY, New York
The Ads Measurement Science team in the Measurement, Ad Tech, and Data Science (MADS) team of Amazon Ads serves a centralized role developing solutions for a multitude of performance measurement products. We create solutions which measure the comprehensive impact of advertiser's ad spend, including sales impacts both online and offline and across timescales, and provide actionable insights that enable our advertisers to optimize their media portfolios. We also own the science solutions for AI tools that unlock new insights and automate high-effort customer workflows, such as custom query and report generation based on natural language user requests. We leverage a host of scientific technologies to accomplish this mission, including Generative AI, classical ML, Causal Inference, Natural Language Processing, and Computer Vision. As an Applied Scientist on the team, you will lead measurement solutions end-to-end from inception to production. You will propose, design, analyze, and productionize models to provide novel measurement insights to our customers. Key job responsibilities Leverage deep expertise in one or more scientific disciplines to invent solutions to ambiguous ads measurement problems Disambiguate problems to propose clear evaluation frameworks and success criteria Work autonomously and write high quality technical documents Implement a significant portion of critical-path code, and partner with engineers to directly carry solutions into production Partner closely with other scientists to deliver large, multi-faceted technical projects Share and publish works with the broader scientific community through meetings and conferences Communicate clearly to both technical and non-technical audiences Contribute new ideas that shape the direction of the team's work Mentor more junior scientists and participate in the hiring process About the team We are a team of scientists across Applied, Research, Data Science and Economist disciplines. You will work with colleagues with deep expertise in ML, NLP, CV, Gen AI, and Causal Inference with a diverse range of backgrounds. We partner closely with top-notch engineers, product managers, sales leaders, and other scientists with expertise in the ads industry and on building scalable modeling and software solutions.
US, CA, Pasadena
The Amazon Center for Quantum Computing in Pasadena, CA, is looking to hire a Fabrication R&D Scientist with experience in semiconductor process development who will aid in Amazon’s effort to bring cloud quantum computing services to its worldwide customer base. You will join a multi-disciplinary team of scientists, and hardware and software engineers working at the forefront of quantum computing. Through your work inside and outside of the cleanroom environment in the fabrication research and development group, you will solve problems related to developing next-generation quantum processors. Candidates must have a demonstrated background in sound scientific and engineering principles, and must have excellent data analysis, bias for action, problem solving, and communication skills, and be highly motivated and curious to research and learn new technical topics as needed. As a Fab R&D scientist you will be expected to work on new ideas and stay abreast of novel approaches in fabricating and packaging superconducting quantum processors. Working effectively within a team environment is critical. Diverse Experiences Amazon values diverse experiences. Even if you do not meet all the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying. Work/Life Balance Our team puts a high value on work-life balance. It isn’t about how many hours you spend at home or at work; it’s about the flow you establish that brings energy to both parts of your life. We believe striking the right balance between your personal and professional life is critical to life-long happiness and fulfillment. We offer flexibility in working hours and encourage you to find your own balance between your work and personal lives. Mentorship & Career Growth We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional. Export Control Requirement Due to applicable export control laws and regulations, candidates must be either a U.S. citizen or national, U.S. permanent resident (i.e., current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum, or be able to obtain a US export license. If you are unsure if you meet these requirements, please apply and Amazon will review your application for eligibility. Key job responsibilities Responsibilities include developing and optimizing processes to fabricate high-coherence superconducting qubits; developing advanced 3DI interconnect and routing technologies for integrating superconducting quantum technologies; analyzing inline metrology and electrical test data; developing and maintaining integration documentation, design rules, and standard operating procedures; interacting with project leads to provide feedback that continuously improves different processes; staying updated with the latest advancements and industry trends in process integration and apply knowledge to improve processes and drive innovation providing technical guidance and support to junior colleagues, fostering a collaborative and knowledge-sharing work environment. A day in the life The candidate will develop novel technologies using micro-/nano-fabrication techniques inside the cleanroom (independently or in collaboration with other scientists, engineers, and technicians) for next-generation quantum computing. Outside the cleanroom, the candidate will plan experiments, analyze data, and conceive future innovations.
US, WA, Bellevue
The Amazon Middle Mile Science team is seeking an Applied Scientist to be part of a team solving complex airline operations problems to reduce cost and improve performance. You will work closely with product, research science and technical leaders throughout Amazon Air, Amazon Delivery Technology and and will be responsible for influencing funding decisions in areas of investment that you identify as critical future product offerings. You will partner with software developers and data scientists to build end-to-end data pipelines and production code, and you will have exposure to senior leadership as we communicate results and provide scientific guidance to the business. You will analyze large amounts of business data, build the or models that will enable us to continually delight our customers worldwide. The ideal candidate will have extensive experience in Science work, business analytics and have the aptitude to incorporate new approaches and methodologies while dealing with ambiguities. Excellent business and communication skills are a must to develop and define key business questions and build models that answer those questions. You should have a demonstrated ability to think strategically and analytically about business, product, and technical challenges. Further, you must have the ability to build and communicate compelling value propositions, and work across the organization to achieve consensus. This role requires a strong passion for customers, a high level of comfort navigating ambiguity, and a keen sense of ownership and drive to deliver results. Key job responsibilities - Partnership with the engineering and operations to drive modeling and design for complex business problems. - Drive full life-cycle projects. - Design and prototype decision support tools (product) to automate standardized processes and optimize trade-offs across the full decision space. - Execute complex modeling analyses to aid management in making key business decisions and set new policies.
US, CA, San Francisco
We are seeking a Product Manager, Data Strategy & Physical AI to define and execute the long-term product vision for FAR's AI-powered robotics platform. The intersection of foundation models and physical intelligence is creating a once-in-a-generation opportunity to reimagine how intelligent systems perceive, reason, and act in the real world. We need a visionary product leader who can treat data as our primary competitive moat and translate research frontiers into scalable, production-grade capabilities. In this role, you will champion our core data strategy for foundation model creation, building a partner and tool ecosystem to systematically acquire, label, and iteratively improve physical AI datasets. You will architect a continuous data collection flywheel across deployed robot fleets, transforming real-world kinematics, video, and force-torque telemetry from edge operations back into high-fidelity training tokens. Recognizing the limitations of real-world environments, you will also lead the strategy to create high-fidelity synthesized datasets, utilizing advanced physics engines and simulation to generate diverse training tokens at massive scale. Key job responsibilities Data Acquisition & Labeling Ecosystem: Establish the partnerships, tools, and vendor pipelines necessary to acquire, curate, and continuously label multi-modal datasets for training large-scale models. Fleet Data Flywheel Infrastructure: Architect the framework for a continuous data flywheel that securely streams high-frequency kinematics, egocentric video, and force-torque telemetry from real-world robot fleets back into the training loop. Synthetic Data & Simulation Strategy: Define the strategy for generating high-fidelity, physics-aligned synthesized datasets using advanced simulation environments to scale training tokens for edge-case scenarios and long-horizon tasks. Data Compliance & Governance: Partner with operations, privacy, legal, and security teams to build enterprise-grade data management pipelines that programmatically enforce data minimization, anonymization, and CCPA/GDPR compliance. Data Quality & Token Curation: Implement automated telemetry filtering and dataset pruning strategies to identify high-value operational logs, eliminate redundant fleet data, and optimize training compute costs. Cross-Functional Physical AI Delivery: Act as the strategic bridge between machine learning research scientists, simulation developers, robotics engineers, and hardware teams to deliver data-ready platform features that improve physical reliability. About the team At Frontier AI & Robotics, we're not just advancing robotics - we're reimagining it from the ground up. Our team is building the future of intelligent robotics through frontier foundation models and end-to-end learned systems. We tackle some of the most challenging problems in AI and robotics, from developing sophisticated perception systems to creating adaptive manipulation strategies that work in complex, real-world scenarios. What sets us apart is our unique combination of ambitious research vision and practical impact. We leverage Amazon's computational infrastructure and rich real-world datasets to train and deploy state-of-the-art foundation models. Our work spans the full spectrum of robotics intelligence - from multimodal perception using images, videos, and sensor data, to sophisticated manipulation strategies that can handle diverse real-world scenarios. We're building systems that don't just work in the lab, but scale to meet the demands of Amazon's global operations. Join us if you're excited about pushing the boundaries of what's possible in robotics, working with world-class researchers, and seeing your innovations deployed at unprecedented scale.
US, WA, Seattle
Amazon Search is reinventing how customers find products through natural-language and semantic understanding. We are looking for an Applied Scientist II to push the science behind Natural Language Search that interprets complex, constraint-rich shopping queries, retrieves and ranks the most relevant products. You will build and ship large-scale relevance and ranking models that measurably reduce the rate at which customers see irrelevant results, working on problems that span query understanding, semantic matching, and contextual ranking at Amazon scale. Key job responsibilities - Design, train, and ship deep-learning ranking and semantic-matching models that improve search relevance and reduce how often customers see irrelevant results, across hard query types. - Build the training data and evaluation methods that make these models work: synthetic and historical labels, hard-negative mining, and targeted sampling at the cases where search fails. - Develop signals that match product attributes to what the customer actually asked for. - Run offline and online A/B experiments, analyze precision/recall tradeoffs, and iterate to launch. - Work with engineers and scientists across teams to take models from prototype to production at Amazon scale. A day in the life You work alongside scientists and engineers on some of the hardest open problems in search relevance, teaching models to understand what customers really mean when they ask for something specific and nuanced. A typical day blends model development and data curation with sharp experiment analysis: diagnosing where search breaks down for a query segment, designing the fix, and proving the gains through offline metrics and live A/B tests that reach real Amazon customers. The work spans the full range, from surgical fixes that resolve stubborn failure pattern to broad modeling changes that move relevance for millions of queries at once. You'll see your ideas go from whiteboard to production fast, present results regularly to wider team, and help shape the team's relevance roadmap worldwide. About the team We are the science team behind Amazon's semantic search relevance and ranking. We own the models that understand nuanced, multi-constraint shopping queries and show products customers actually want. We operate close to production, measure ourselves on real customer-impact metrics, and run a culture of fast, rigorous experimentation. Every model decision is grounded in data.
US, WA, Seattle
As part of the AWS Applied AI Solutions organization, we're advancing the frontier of trust and safety systems for cloud-based communication services. Our vision is to be the trusted foundation for transforming every business with Amazon AI teammates. Our mission is to deliver turnkey, enterprise-grade foundational AI capabilities that create delightful AI powered solutions. We're building sophisticated AI systems that protect infrastructure from evolving threats while enabling legitimate high-volume users to operate without friction, with messaging services at scale as a key application area. Key job responsibilities - Develop advanced machine learning approaches and agentic systems that autonomously adapt to evolving threat patterns across cloud communication services - Create behavioral detection models that quickly identify malicious patterns after onboarding rather than creating friction during signup - Design intelligent resource allocation algorithms that optimize service delivery based on real-time feedback - Develop frameworks operating at scale across diverse usage patterns, analyzing hundreds of thousands of daily active customers - Research novel approaches combining AI agents with trust and safety systems to solve complex security problems - Collaborate with engineering teams to integrate science components into production systems - Conduct rigorous experimentation and establish evaluation frameworks to measure solution performance A day in the life As an Applied Scientist, you'll develop fraud detection algorithms and AI-powered security systems while maintaining a clear path to customer impact. You'll investigate novel approaches to behavioral analysis, develop methods for real-time reputation assessment, and validate ideas through rigorous experimentation. You'll collaborate with other scientists and engineers to transform research insights into scalable solutions, work directly with enterprise customers to understand requirements, and help shape the future of cloud security technology. About the team Our team is a central science organization supporting multiple product teams across AWS Core Services. We tackle fundamental challenges in AI and machine learning that require novel approaches beyond off-the-shelf solutions. Working at the intersection of machine learning, large language models, and domain-specific applications, we develop practical techniques that advance the state-of-the-art while maintaining a clear path to customer impact. Our team builds deep domain expertise across geospatial intelligence, trust and safety systems, autonomous operations, and other critical areas, collaborating closely with engineering teams to transform research insights into scalable production solutions.
IN, KA, Bengaluru
Alexa International is looking for passionate, talented, and inventive Senior Applied Scientists to help build industry-leading technology with Large Language Models (LLMs) and multimodal systems, requiring strong deep learning and generative models knowledge. Senior applied scientists will drive cross-team scientific strategy, influence partner teams, and deliver solutions that have broad impact across Alexa's international products and services. Key job responsibilities As a Applied Scientist II with the Alexa International team, you will work with talented peers to develop novel algorithms and modeling techniques to advance the state of the art with LLMs, particularly delivering industry-leading scientific research and applied AI for multi-lingual applications — a challenging area for the industry globally. Your work will directly impact our global customers in the form of products and services that support Alexa+. You will leverage Amazon's heterogeneous data sources and large-scale computing resources to accelerate advances in text, speech, and vision domains. The ideal candidate possesses a solid understanding of machine learning, speech and/or natural language processing, modern LLM architectures, LLM evaluation & tooling, and a passion for pushing boundaries in this vast and quickly evolving field. They thrive in fast-paced environment, like to tackle complex challenges, excel at swiftly delivering impactful solutions while iterating based on user feedback, and are able to influence and align multiple teams around a shared scientific vision. A day in the life * Analyze, understand, and model customer behavior and the customer experience based on large-scale data. * Build novel online & offline evaluation metrics and methodologies for multimodal personal digital assistants. * Fine-tune/post-train LLMs using advanced and innovative techniques like SFT, DPO, Reinforcement Learning (RLHF and RLAIF) for supporting model performance specific to a customer’s location and language. * Quickly experiment and set up experimentation framework for agile model and data analysis or A/B testing. * Contribute through industry-first research to drive innovation forward. * Drive cross-team scientific strategy and influence partner teams on LLM evaluation frameworks, post-training methodologies, and best practices for international speech and language systems. * Lead end-to-end delivery of scientifically complex solutions from research to production, including reusable science components and services that resolve architecture deficiencies across teams. * Serve as a scientific thought leader, communicating solutions clearly to partners, stakeholders, and senior leadership. * Actively mentor junior scientists and contribute to the broader internal and external scientific community through publications and community engagement.