Quantum-Safe Encryption¶
Future-proof your data. Pauhu uses hybrid post-quantum cryptography to protect your translations against both current and future threats—including quantum computers.
Why Quantum-Safe?¶
Traditional encryption (RSA, ECDSA) will be broken by quantum computers. Pauhu protects your data today against "store now, decrypt later" attacks.
| Threat | Traditional Encryption | Pauhu Quantum-Safe |
|---|---|---|
| Classical attacks | Protected | Protected |
| Future quantum computers | Vulnerable | Protected |
| Store-now-decrypt-later | At risk | Safe for 20+ years |
Architecture Overview¶
Your Browser Pauhu Servers
│ │
├─ Generate hybrid keypair │
│ (X25519 + ML-KEM-768) │
│ │
├─ Encrypt with hybrid KEM ─────┤
│ - Classical: X25519 │
│ - Post-quantum: ML-KEM-768 │
│ - Symmetric: AES-256-GCM │
│ │
│ Encrypted data ────────┤
│ (server cannot decrypt)│
│ │
├─ Decrypt locally ─────────────┤
│ (your keys never leave │
│ your device) │
└───────────────────────────────┘
Technical Specifications¶
Hybrid Post-Quantum Cryptography¶
| Component | Algorithm | Standard | Security Level |
|---|---|---|---|
| Classical KEM | X25519 | RFC 7748 | 128-bit |
| Post-Quantum KEM | ML-KEM-768 | NIST FIPS 203 | 192-bit (Level 3) |
| Symmetric | AES-256-GCM | NIST SP 800-38D | 256-bit |
| Key Derivation | HKDF-SHA-256 | RFC 5869 | 256-bit |
Key Sizes¶
| Key Type | Size | Purpose |
|---|---|---|
| X25519 Public | 32 bytes | Classical key exchange |
| X25519 Private | 32 bytes | Classical decryption |
| ML-KEM-768 Public | 1,184 bytes | Quantum-resistant exchange |
| ML-KEM-768 Private | 2,400 bytes | Quantum-resistant decryption |
| Combined Secret | 64 bytes | Derived from both KEMs |
| AES Key | 32 bytes | Symmetric encryption |
How It Works¶
Encryption Flow¶
from pauhu import Pauhu
client = Pauhu()
# Your keys stay on your device
keypair = client.generate_keypair()
# Encrypt with hybrid post-quantum cryptography
encrypted = client.encrypt(
text="Confidential translation",
recipient_public_key=partner_public_key
)
# Send encrypted data (server cannot read it)
client.send(encrypted)
Decryption Flow¶
# Only the recipient can decrypt
decrypted = client.decrypt(
ciphertext=received_data,
private_key=my_private_key
)
print(decrypted) # "Confidential translation"
Why Hybrid?¶
Defense in depth: Both algorithms must fail for a security breach.
Attack Scenario Protection
────────────────────────────────────────────────
Quantum computer breaks X25519 ML-KEM-768 protects
Weakness found in ML-KEM-768 X25519 protects
Both algorithms compromised Extremely unlikely
Industry adoption:
- Google Chrome: X25519Kyber768 in TLS 1.3
- Signal Protocol: Post-quantum key exchange
- Cloudflare: Hybrid post-quantum TLS
Zero-Knowledge Architecture¶
We cannot decrypt your data. Your encryption keys never leave your device.
Key Storage¶
| Location | What's Stored | Who Can Access |
|---|---|---|
| Your device (IndexedDB) | Private keys | Only you |
| Pauhu servers | Encrypted data | No one (encrypted) |
| Backups | Encrypted with your key | Only you |
Cryptographic Erasure¶
Delete your encryption key, and your data becomes permanently unrecoverable:
# GDPR Article 17: Right to Erasure
client.cryptographic_erasure(
customer_id="your-id",
reason="GDPR deletion request"
)
# Result: Data encrypted with deleted key
# Mathematical guarantee: impossible to decrypt
Compliance¶
GDPR Article 32¶
"...implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including... the encryption of personal data"
| Requirement | Pauhu Implementation | Status |
|---|---|---|
| Encryption at rest | AES-256-GCM | Exceeds |
| Encryption in transit | TLS 1.3 | Compliant |
| State-of-the-art | NIST FIPS 203 (August 2024) | Exceeds |
| Customer-controlled keys | Client-side encryption | Exceeds |
| Right to erasure | Cryptographic erasure | Exceeds |
NIST FIPS 203¶
Pauhu's ML-KEM-768 implementation is NIST FIPS 203 compliant:
- Standard: Module-Lattice-Based Key-Encapsulation Mechanism
- Finalized: August 13, 2024
- Security Level: Level 3 (AES-192 equivalent)
- Validation: Verified against official test vectors
Key Rotation¶
Automatic 90-day key rotation for maximum security:
# Automatic (recommended)
client.configure(
key_rotation="automatic",
rotation_interval_days=90
)
# Manual rotation
client.rotate_keys(
reason="Scheduled rotation",
notify=True
)
Rotation Process¶
Day 0: Generate new DATA_KEY
Day 0-7: Re-encrypt data with new key (background)
Day 7: Delete old key (cryptographic rotation)
Day 90: Next rotation
Performance¶
| Operation | Time | Impact |
|---|---|---|
| Keypair generation | 8-10ms | One-time |
| Encryption | 6-8ms | Per message |
| Decryption | 6-8ms | Per message |
| Total roundtrip | 14-16ms | Imperceptible |
UX threshold: <20ms (achieved)
Progressive Enhancement¶
Modern browsers (90%): WASM liboqs-js → 5-7ms
Standard browsers (5%): Pure JS dajiaji → 14-16ms
Legacy browsers (<5%): v2 fallback → 3ms (classical only)
Browser Compatibility¶
| Browser | Version | Quantum-Safe | Classical Fallback |
|---|---|---|---|
| Chrome | 111+ | Full | Yes |
| Firefox | 119+ | Full | Yes |
| Safari | 16.4+ | Full | Yes |
| Edge | 111+ | Full | Yes |
| Older browsers | - | No | Yes (secure) |
Coverage: 95% quantum-safe, 100% encrypted
API Reference¶
Generate Keypair¶
from pauhu import Pauhu
client = Pauhu()
# Generate hybrid keypair (X25519 + ML-KEM-768)
keypair = client.crypto.generate_keypair()
print(keypair.public_key) # Share with partners
print(keypair.private_key) # Keep secret!
print(keypair.algorithm) # "hybrid-x25519-mlkem768"
Encrypt¶
# Encrypt for a recipient
result = client.crypto.encrypt(
plaintext="Sensitive translation data",
recipient_public_key=partner_public_key,
metadata={"document_id": "doc-123"}
)
print(result.ciphertext) # Encrypted data
print(result.ephemeral_key) # Single-use key
print(result.algorithm) # "hybrid-x25519-mlkem768-aes256gcm"
Decrypt¶
# Decrypt with your private key
plaintext = client.crypto.decrypt(
ciphertext=encrypted_data,
private_key=my_private_key
)
print(plaintext) # Original message
Export/Import Keys¶
# Export for backup (encrypted)
backup = client.crypto.export_keys(
password="your-secure-passphrase",
format="pem" # or "jwk"
)
# Import from backup
client.crypto.import_keys(
backup_data=backup,
password="your-secure-passphrase"
)
Security Guarantees¶
| Guarantee | Implementation | Verification |
|---|---|---|
| Forward secrecy | Ephemeral keys per session | Automatic |
| Client-side encrypted | Client-side encryption | Architecture audit |
| Quantum resistance | ML-KEM-768 | NIST FIPS 203 |
| Key isolation | IndexedDB per-origin | Browser security |
| Cryptographic erasure | Key deletion = data deletion | Mathematical |
Competitive Advantage¶
| Provider | Encryption | Quantum-Safe | Price |
|---|---|---|---|
| Pauhu | Hybrid X25519 + ML-KEM-768 | Yes | €25/user/mo |
| DeepL | AES-256 (server keys) | No | €6.49+/user/mo |
| Google Cloud | TLS only | No | Pay-per-use |
| Enterprise LSPs | AES-256 (server keys) | No | $1,000+/month |
Pauhu's advantage: First translation platform with NIST FIPS 203 quantum-safe encryption at any price point.
Getting Started¶
from pauhu import Pauhu
client = Pauhu()
# 1. Generate your keypair (one-time)
keypair = client.crypto.generate_keypair()
# 2. Share your public key with partners
print(f"Share this: {keypair.public_key}")
# 3. Encrypt translations
result = client.translate(
text="Confidential document",
target="fi",
encrypt=True,
recipient=partner_public_key
)
# 4. Partner decrypts with their private key
# Only they can read it - not even Pauhu