We are building a web app using Amazon EC2 instances running Linux. All the traffic to the client browser is encrypted with SSL. What should be used to encrypt the traffic between the instances.
The traffic will include connections to a MySQL database from Tomcat as well as file transfers.
It needs to be reliable and reconfigure itself if it fails.
Amazon EC2 is running in a VM controlled by Amazon. They have read and write access to all your memory. Do you really think that's much more sophisticated than sniffing the network traffic they have access to?
My understanding is that EC2 instances act as though they are independent servers on a switched network, so traffic should only going to and from your instances if it's supposed to be there, and not visible to any other instance aside from the source and destination within their network, so the level of security you're looking for may be overkill.
Having said that, take a look at scp for copying files between instances as it will provide encryption for you. MySQL 5 also supports SSL between clients and the server.
If you just want to encrypt all traffic, regardless of use, a secure site-to-site VPN may be an option.
If you need good, easy to configure encryption, I recommend OpenVPN. It's easy to get set up, and is pretty rock solid.
That being said, unless you are dealing with some sort of regulations, or are just paranoid, you probably don't need the encryption, since your instances can only talk to your other instances, and no one else can talk to them. You can even separate your own instances if need be.