diff --git a/modules/material-management-browser/src/browser_cryptographic_materials_manager.ts b/modules/material-management-browser/src/browser_cryptographic_materials_manager.ts
index 309fbc99d..5d1a30035 100644
--- a/modules/material-management-browser/src/browser_cryptographic_materials_manager.ts
+++ b/modules/material-management-browser/src/browser_cryptographic_materials_manager.ts
@@ -86,7 +86,11 @@ export class WebCryptoDefaultCryptographicMaterialsManager
      * and that the unencrypted data key is non-NULL.
      * See: cryptographic_materials.ts, `getUnencryptedDataKey`
      */
-    needs(material.hasValidKey(), 'Unencrypted data key is invalid.')
+    needs(
+      material.hasValidKey(),
+      'No keyring generated an unencrypted data key.' +
+        '\nYou may not have access to any wrapping keys.'
+    )
 
     /* Postcondition: The WebCryptoEncryptionMaterial must contain at least 1 EncryptedDataKey. */
     needs(
@@ -113,7 +117,11 @@ export class WebCryptoDefaultCryptographicMaterialsManager
      * that the data key matches the algorithm suite specification
      * and that the unencrypted data key is non-NULL.
      */
-    needs(material.hasValidKey(), 'Unencrypted data key is invalid.')
+    needs(
+      material.hasValidKey(),
+      'No keyring attempted to decrypted any of the encrypted data keys.' +
+        '\nYou may not have access to any wrapping keys.'
+    )
 
     return material
   }
diff --git a/modules/material-management-browser/test/browser_cryptographic_materials_manager.test.ts b/modules/material-management-browser/test/browser_cryptographic_materials_manager.test.ts
index 2fc60b0ac..19a4b629e 100644
--- a/modules/material-management-browser/test/browser_cryptographic_materials_manager.test.ts
+++ b/modules/material-management-browser/test/browser_cryptographic_materials_manager.test.ts
@@ -361,7 +361,7 @@ describe('WebCryptoDefaultCryptographicMaterialsManager', () => {
 
     await expect(
       cmm.getEncryptionMaterials({ encryptionContext })
-    ).to.rejectedWith(Error)
+    ).to.rejectedWith(Error, 'No keyring generated an unencrypted data key.')
   })
 
   it('Postcondition: The WebCryptoEncryptionMaterial must contain at least 1 EncryptedDataKey.', async () => {
@@ -485,6 +485,9 @@ describe('WebCryptoDefaultCryptographicMaterialsManager', () => {
         encryptionContext,
         encryptedDataKeys: [edk],
       })
-    ).to.rejectedWith(Error)
+    ).to.rejectedWith(
+      Error,
+      'No keyring attempted to decrypted any of the encrypted data keys.'
+    )
   })
 })
diff --git a/modules/material-management-node/src/node_cryptographic_materials_manager.ts b/modules/material-management-node/src/node_cryptographic_materials_manager.ts
index c11fb1f8b..3c730098c 100644
--- a/modules/material-management-node/src/node_cryptographic_materials_manager.ts
+++ b/modules/material-management-node/src/node_cryptographic_materials_manager.ts
@@ -78,7 +78,11 @@ export class NodeDefaultCryptographicMaterialsManager
      * and that the unencrypted data key is non-NULL.
      * See: cryptographic_materials.ts, `getUnencryptedDataKey`
      */
-    needs(material.getUnencryptedDataKey(), 'Unencrypted data key is invalid.')
+    needs(
+      material.hasValidKey(),
+      'No keyring generated an unencrypted data key.' +
+        '\nYou may not have access to any wrapping keys.'
+    )
 
     /* Postcondition: The NodeEncryptionMaterial must contain at least 1 EncryptedDataKey. */
     needs(
@@ -105,7 +109,11 @@ export class NodeDefaultCryptographicMaterialsManager
      * that the data key matches the algorithm suite specification
      * and that the unencrypted data key is non-NULL.
      */
-    needs(material.getUnencryptedDataKey(), 'Unencrypted data key is invalid.')
+    needs(
+      material.hasValidKey(),
+      'No keyring attempted to decrypted any of the encrypted data keys.' +
+        '\nYou may not have access to any wrapping keys.'
+    )
 
     return material
   }
diff --git a/modules/material-management-node/test/node_cryptographic_materials_manager.test.ts b/modules/material-management-node/test/node_cryptographic_materials_manager.test.ts
index a53d9271f..957698f9e 100644
--- a/modules/material-management-node/test/node_cryptographic_materials_manager.test.ts
+++ b/modules/material-management-node/test/node_cryptographic_materials_manager.test.ts
@@ -228,7 +228,7 @@ describe('NodeDefaultCryptographicMaterialsManager', () => {
 
     await expect(
       cmm.getEncryptionMaterials({ suite, encryptionContext: {} })
-    ).to.rejectedWith(Error)
+    ).to.rejectedWith(Error, 'No keyring generated an unencrypted data key.')
   })
 
   it('Postcondition: The NodeEncryptionMaterial must contain at least 1 EncryptedDataKey.', async () => {
@@ -287,7 +287,10 @@ describe('NodeDefaultCryptographicMaterialsManager', () => {
 
     await expect(
       cmm.decryptMaterials({ suite, encryptedDataKeys, encryptionContext: {} })
-    ).to.rejectedWith(Error)
+    ).to.rejectedWith(
+      Error,
+      'No keyring attempted to decrypted any of the encrypted data keys.'
+    )
   })
 
   it('Return decryption material', async () => {