Authenticating nonces prior to encrypting and decrypting cryptographic keys

What is claimed is: 1. A computer-implemented method, comprising: receiving a web service request through a request application programming interface wherein the web service request identifies an encrypted data key, additional authenticated data, and a first authentication tag, where the first authentication tag is cryptographically derived from the encrypted data key and the additional authenticated data, and where the additional authenticated data includes at least a nonce; obtaining a data key by decrypting the encrypted data key using a master key and the nonce; authenticating the nonce by at least: computing a second authentication tag, where the computing of the second authentication tag is based at least in part on the encrypted data key and the nonce; comparing the first authentication tag and the second authentication tag; detecting the first authentication tag and second authentication tag match; and making the obtained data key and the authenticated nonce available for use. 2. The computer-implemented method of claim 1 , wherein the authentication tag is a message authentication code. 3. The computer-implemented method of claim 1 , wherein the message is received from a requestor and making the obtained data key available for use comprises providing the obtained data key to the requestor. 4. A system, comprising: at least one computing device including a processor and a memory that implements one or more services, wherein the one or more services: receive a web service request through a request application programming interface, where the web service request identifies an encrypted data key, an authentication tag, and additional authenticated data that includes at least a nonce, where the authentication tag is cryptographically derived from the encrypted data key and the additional authenticated data; decrypt the encrypted data key by at least using a cryptographic key and the nonce, thereby obtaining a plaintext data key; determine that the nonce is authentic by comparing the authentication tag to a second authentication tag computed based at least in part on the encrypted data key and the nonce; and provide the plaintext data key and the nonce for input into a decryption algorithm to decrypt data. 5. The system of claim 4 , wherein the one or more services are further configured to receive the nonce separately from the additional authenticated data. 6. The system of claim 4 , wherein one or more services are further configured to input the plaintext data key and the nonce into the decryption algorithm. 7. The system of claim 4 , wherein the one or more services are configured to decrypt the encrypted data key using an authenticated encryption mode of a cryptographic algorithm, wherein the authenticated encryption mode is in accordance with a block cipher mode of operation. 8. The system of claim 7 , wherein the block cipher mode of operation is Counter with CBC-MAC (CCM) mode. 9. The system of claim 4 , wherein the one or more services are configured to decrypt the encrypted data key by at least using the nonce to initialize an initialization vector. 10. The system of claim 4 , wherein the encrypted data key, the authentication tag, and the additional authenticated data are received in a request received from a requestor over a network and the one or more services are further configured to receive the nonce from the requestor. 11. The system of claim 4 , wherein the one or more services are further configured to generate the nonce and the encrypted data key. 12. The system of claim 4 , wherein determine, based at least in part on the additional authenticated data, that the encrypted data key is authentic. 13. A non-transitory computer-readable storage medium having stored thereon executable instructions that, if executed by one or more processors of a computer system, cause the computer system to at least: obtain a plaintext data key, an encrypted data key, additional authenticated data that includes at least a nonce, and the nonce, wherein both the additional authenticated data and the encrypted data key are based at least in part on the nonce and the encrypted data key is generated using the plaintext data key and the nonce; input data, the plaintext data key, and the nonce into a web service request through a request application programming interface to generate: a ciphertext; and an authentication tag that is cryptographically derived from the encrypted data key and the additional authenticated data; and cause the generated the ciphertext, the nonce, the authentication tag, and the encrypted data key to be stored in association with one another. 14. The non-transitory computer-readable storage medium of claim 13 , wherein the instructions that cause the computer system to obtain the plaintext data key, the encrypted data key, and the additional authenticated data, when executed by the one or more processors, cause the computer system to generate the nonce. 15. The non-transitory computer-readable storage medium of claim 13 , wherein the instructions that cause the computer system to obtain the plaintext data key, the encrypted data key, and the additional authenticated data, when executed by the one or more processors, cause the computer system to receive the nonce from another computer system. 16. The non-transitory computer-readable storage medium of claim 13 , wherein the instructions that cause the computer system to obtain the plaintext, when executed by the one or more processors, cause the computer system to generate the plaintext data key. 17. The non-transitory computer-readable storage medium of claim 13 , further comprising instructions that, when executed by the one or more processors, cause the computer system to: receive a request to decrypt the encrypted data key; verifying, based at least in part on the additional authenticated data and the authentication tag, authenticity of the nonce; and provide the plaintext data key in response to the request as a result of the authenticity of the nonce being verified. 18. The non-transitory computer-readable storage medium of claim 13 , wherein the additional authenticated data comprises the ciphertext. 19. The non-transitory computer-readable storage medium of claim 13 , wherein: the instructions that cause the computer system to obtain the plaintext data key, when executed by the one or more processors, cause the computer system to generate the plaintext data key; and the instructions that cause the computer system to provide the generated encrypted data key, when executed by the one or more processors, cause the computer system to provide the generated encrypted data key without providing the generated plaintext data key. 20. The computer-implemented method of claim 1 , wherein the encrypted data key and the additional authenticated data are cryptographically hashed using at least the master key to cryptographically derive the first authentication tag. 21. The system of claim 7 , wherein the block cipher mode of operation is Galois/Counter Mode.