Quantum-Safe Encryption
Torvus offers quantum-safe encryption to protect your sensitive documents against future quantum computing threats. This guide explains what quantum-safe encryption is, why it matters, and how to enable it.
What is Quantum-Safe Encryption?​
Quantum-safe encryption (also called post-quantum cryptography) protects your data against attacks from quantum computers. Traditional encryption methods could be broken by powerful quantum computers expected to exist in the next 5-10 years.
The Threat: "Harvest Now, Decrypt Later"​
Adversaries are already recording encrypted data today, planning to decrypt it once quantum computers become available. This threatens:
- Journalists' sources: Encrypted communications could be retroactively revealed
- Legal documents: Privileged information could be exposed years later
- Personal data: Private information could be compromised in the future
Torvus's Solution: Hybrid Encryption​
Torvus uses hybrid encryption that combines:
- Classical encryption (AES-256-GCM) - Proven secure for decades
- Quantum-resistant encryption (ML-KEM-768) - Approved by NIST in 2024
Security = max(classical, quantum-resistant)
This means an attacker would need to break BOTH encryption methods to access your data. If either layer remains secure, your documents stay protected.
Why Enable Quantum-Safe Encryption?​
Benefits​
✅ Future-proof protection: Your data remains secure even when quantum computers arrive ✅ Zero performance impact: Less than 10ms slower than standard encryption ✅ NIST-approved: Uses ML-KEM-768, standardized by the U.S. National Institute of Standards ✅ Backward compatible: You can still access old documents encrypted with standard encryption
Who Should Enable It?​
Highly Recommended For:
- Journalists protecting source identities
- Legal professionals handling privileged documents
- Government contractors with classified information
- Anyone storing data that must remain confidential for 10+ years
Also Beneficial For:
- Enterprise users meeting compliance requirements
- Privacy-conscious individuals
- Anyone storing sensitive personal documents
How to Enable Quantum-Safe Encryption​
Step 1: Navigate to Security Settings​
- Log in to Torvus
- Click your profile icon in the top right
- Select Settings → Security
Step 2: Enable Quantum-Safe Encryption​
- Find the Quantum-Safe Encryption card
- Click Enable Quantum-Safe Encryption
- Wait for key generation (takes ~1 second)
- You'll see a confirmation: "Quantum-safe encryption enabled"
Step 3: Verify It's Working​
After enabling:
- New documents you upload will automatically use quantum-safe encryption
- You'll see "Protected with quantum-safe encryption" badge on documents
- Old documents remain readable but use standard encryption
Frequently Asked Questions​
Is quantum-safe encryption slower?​
No meaningful difference. Our tests show less than 10ms performance difference, which is imperceptible to users. Your documents upload and download at the same speed.
Will this break access to my existing documents?​
No. Quantum-safe encryption is fully backward compatible. You can still access:
- Documents encrypted before enabling quantum-safe encryption
- Documents shared with you by users who haven't enabled it
- All vault contents regardless of encryption version
Can I turn it off after enabling?​
Yes, but not recommended. You can disable quantum-safe encryption in Settings, but:
- New documents will use standard encryption only
- Existing quantum-safe documents remain quantum-resistant (cannot be downgraded)
- You lose protection against future quantum threats
What if a vulnerability is found in quantum-safe encryption?​
You're still protected by classical encryption. Our hybrid approach means:
- If quantum-safe encryption (ML-KEM-768) is broken, classical AES-256 still protects you
- If classical encryption is broken by quantum computers, ML-KEM-768 still protects you
- Attackers must break BOTH to access your data
Does this work for shared documents?​
Yes. When you share a document with another user:
- If BOTH users have quantum-safe encryption enabled, the document uses quantum-safe encryption
- If either user doesn't have it enabled, the document uses standard encryption
- Sharing works seamlessly regardless of encryption version
What algorithm does Torvus use?​
ML-KEM-768 (Module-Lattice-Based Key Encapsulation Mechanism)
- Standardized: NIST FIPS 203 (August 2024)
- Security Level: NIST Category 3 (~AES-192 equivalent against quantum attacks)
- Quantum-resistant: Secure against Shor's algorithm (breaks RSA/ECDH)
How does it compare to competitors?​
As of November 2025, Torvus is one of the first document vault platforms to offer quantum-safe encryption. Most competitors still use only classical encryption, leaving data vulnerable to future quantum attacks.
Technical Details​
Encryption Algorithm​
Version 1 (Classical):
Password → PBKDF2 (100K iterations) → AES-256-GCM
Version 2 (Quantum-Safe):
Password → PBKDF2 (100K iterations) → Classical Secret (256-bit)
↓
Recipient ML-KEM Key → ML-KEM-768 → Quantum Secret (256-bit)
↓
HKDF-SHA256 Combination
↓
Hybrid Master Key (256-bit)
↓
AES-256-GCM Document Encryption
Security Properties​
- Classical Layer: PBKDF2-HMAC-SHA256 + AES-256-GCM (quantum-resistant against key recovery)
- Quantum Layer: ML-KEM-768 (NIST Category 3, ~128-bit quantum security)
- Hybrid Combination: HKDF-SHA256 key derivation
- Authentication: AES-GCM authenticated encryption (prevents tampering)
Performance Benchmarks​
| Operation | Classical | Quantum-Safe | Difference |
|---|---|---|---|
| Key Generation | ~100ms | ~110ms | +10ms (one-time) |
| 1MB File Encryption | ~18ms | ~19ms | +1ms |
| 10MB File Encryption | ~18ms | ~19ms | +1ms |
| Decryption | ~18ms | ~19ms | +1ms |
Conclusion: Negligible performance impact (<10ms per file)
Compliance & Standards​
NIST Compliance​
Torvus's quantum-safe encryption meets NIST standards:
- ✅ FIPS 197: AES-256 (classical encryption)
- ✅ FIPS 203: ML-KEM-768 (post-quantum encryption)
- ✅ SP 800-38D: GCM mode (authenticated encryption)
- ✅ SP 800-56C: HKDF (key derivation function)
- ✅ NIST IR 8547: Post-quantum cryptography migration (ahead of 2035 deadline)
Industry Recognition​
- NIST Standardization: ML-KEM (formerly known as Kyber) won the NIST post-quantum cryptography competition in 2024
- Government Adoption: U.S. government mandates post-quantum cryptography by 2035
- Academic Validation: ML-KEM has undergone extensive cryptanalysis since 2017
Support & Troubleshooting​
Common Issues​
Issue: "Encryption failed" error when uploading
- Cause: Browser compatibility issue with Web Crypto API
- Fix: Update your browser to the latest version, or try a different browser (Chrome/Firefox recommended)
Issue: Document shows "Protected with standard encryption" instead of quantum-safe
- Cause: Recipient doesn't have quantum-safe encryption enabled
- Fix: Ask recipient to enable quantum-safe encryption in their Settings
Issue: Slow upload speed after enabling quantum-safe encryption
- Cause: Browser may be throttling crypto operations
- Fix: Close unnecessary browser tabs, restart browser, or try a different browser
Need Help?​
If you encounter issues with quantum-safe encryption:
- Check our Troubleshooting Guide
- Contact support: support@torvus.com
- Report a bug: GitHub Issues
Learn More​
Additional Resources​
- NIST Post-Quantum Cryptography Project
- Understanding Quantum Threats to Encryption
- Torvus Security Whitepaper
Stay Updated​
Follow our blog for updates on quantum-safe encryption:
- New features and improvements
- Industry news and quantum computing developments
- Security best practices
Last Updated: November 7, 2025 Questions? Contact us at security@torvus.com