Picked solution - using clinet side encryption. Messages are sent to DLQ manually in case of errors and message content is manually encrypted using KMS.

I think double encryption will be in place (since both regular queue and DLQ have encryption enabled already).

Additional attribute is added to the message sent to DLQ to indicate that it is encrypted. This way when read from DLQ using console SQS UI message body is shown encrypted. When reprocessed - based on the attribute presense message is decrypted prior to processing (same workload is used for regular queue and DLQ).