diff --git a/.gitignore b/.gitignore
index adb8c2a84..1da07539c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,3 +5,4 @@ target/
 .classpath
 /bin/
 .idea/
+*.iml
\ No newline at end of file
diff --git a/src/main/java/com/amazonaws/encryptionsdk/model/CiphertextHeaders.java b/src/main/java/com/amazonaws/encryptionsdk/model/CiphertextHeaders.java
index 57517fea3..5e3b90886 100644
--- a/src/main/java/com/amazonaws/encryptionsdk/model/CiphertextHeaders.java
+++ b/src/main/java/com/amazonaws/encryptionsdk/model/CiphertextHeaders.java
@@ -30,6 +30,7 @@
 import com.amazonaws.encryptionsdk.internal.Constants;
 import com.amazonaws.encryptionsdk.internal.EncryptionContextSerializer;
 import com.amazonaws.encryptionsdk.internal.PrimitivesParser;
+import com.amazonaws.encryptionsdk.internal.VersionInfo;
 
 /**
  * This class implements the headers for the message (ciphertext) produced by
@@ -179,6 +180,9 @@ public Boolean isComplete() {
      */
     private int parseVersion(final byte[] b, final int off) throws ParseException {
         version_ = PrimitivesParser.parseByte(b, off);
+        if (version_ != VersionInfo.CURRENT_CIPHERTEXT_VERSION) {
+            throw new BadCiphertextException("Invalid version ");
+        }
         return 1;
     }
 
diff --git a/src/test/java/com/amazonaws/encryptionsdk/model/CiphertextHeadersTest.java b/src/test/java/com/amazonaws/encryptionsdk/model/CiphertextHeadersTest.java
index 20bbec39d..47216e59c 100644
--- a/src/test/java/com/amazonaws/encryptionsdk/model/CiphertextHeadersTest.java
+++ b/src/test/java/com/amazonaws/encryptionsdk/model/CiphertextHeadersTest.java
@@ -314,6 +314,22 @@ private void readUptoNonceLen(final ByteBuffer headerBuff) {
         headerBuff.get();
     }
 
+    @Test(expected = BadCiphertextException.class)
+    public void invalidVersion(){
+        final Map<String, String> encryptionContext = new HashMap<String, String>(1);
+        encryptionContext.put("ENC", "CiphertextHeader Streaming Test");
+
+        final CiphertextHeaders ciphertextHeaders = createCiphertextHeaders(encryptionContext);
+        final byte[] headerBytes = ciphertextHeaders.toByteArray();
+        final ByteBuffer headerBuff = ByteBuffer.wrap(headerBytes);
+
+        //set version to invalid type of 0.
+        headerBuff.put((byte) 0);
+
+        final CiphertextHeaders reconstructedHeaders = new CiphertextHeaders();
+        reconstructedHeaders.deserialize(headerBuff.array(), 0);
+    }
+
     @Test(expected = BadCiphertextException.class)
     public void invalidType() {
         final Map<String, String> encryptionContext = new HashMap<String, String>(1);