QNSP vs AWS KMS

AWS KMS is a strong product for classical cryptography on AWS. QNSP is built for the next decade — quantum-safe by default, multi-cloud by design, with per-tenant crypto-policy enforcement and a unified SDK across four languages. The two systems can also coexist: QNSP can wrap existing AWS KMS keys for a phased migration without re-keying every artifact.

Category	QNSP	AWS KMS
NIST PQC algorithm coverage	89 algorithms across 14 PQC families. ML-KEM (FIPS 203, finalized Aug 2024), ML-DSA (FIPS 204, finalized Aug 2024), SLH-DSA (FIPS 205, finalized Aug 2024), Falcon, HQC, BIKE, Classic McEliece, FrodoKEM, MAYO, CROSS, UOV, SNOVA, NTRU-Prime. Verified against packages/cryptography/src/providers/liboqs.ts.	No NIST-finalized PQC algorithms inside the public KMS / Secrets Manager API surface (still RSA / ECC / AES) as of May 2026. The April 14 2026 AWS Security Blog announcement enables hybrid X25519+ML-KEM-768 in the TLS handshake for the Secrets Manager endpoint — keys stored under KMS still wrap with classical material. See aws.amazon.com/blogs/security/protecting-your-secrets-from-tomorrows-quantum-risks.
Multi-cloud / portability	Same wire contract on AWS, GCP, Azure, on-prem, and air-gapped deployments. Customer-managed HSMs (Thales Luna, Entrust nShield, AWS CloudHSM, Azure HSM) integrate via PKCS#11. SDKs identical across AWS / GCP / on-prem.	AWS-only. Cross-region keys via multi-region key feature; cross-cloud unsupported. Migrating off AWS requires re-encryption of all KMS-protected data with a different KMS provider.
Hardware Security Module model	Three options: (a) QNSP-managed FIPS 140-3 Level 3 HSMs included; (b) Bring-Your-Own-HSM via PKCS#11 on Thales / Entrust / AWS CloudHSM / Azure HSM; (c) M-of-N key escrow with threshold recovery for compliance regimes that require it.	AWS CloudHSM (separate service) is FIPS 140-2 Level 3 validated; FIPS 140-3 modules are listed as in-process on the NIST CMVP MIP — see csrc.nist.gov/projects/cryptographic-module-validation-program/modules-in-process. KMS itself uses HSMs internally; customers cannot bring their own HSM into KMS. CloudHSM integration requires a separate cluster + per-hour pricing (aws.amazon.com/cloudhsm/pricing).
Audit trail	Every KMS operation hash-chained into a tamper-evident audit log via apps/audit-service. Real-time WebSocket streaming for SIEM integration. Retention controlled by add-on (90d / 180d / 1yr / 7yr).	CloudTrail logs every KMS API call. Tamper-evidence depends on CloudTrail log file integrity validation (a separate, customer-enabled feature). Real-time streaming via EventBridge requires additional plumbing.
Crypto policy enforcement	Per-tenant crypto-policy tiers (default / strict / maximum / government) enforce algorithm allow-lists at the KMS service layer. Government tier allows only ML-KEM-1024 + ML-DSA-87 + SLH-DSA-256f. Tenants on lower tiers cannot accidentally use weaker algorithms.	Algorithm choice is per-key; AWS does not ship a built-in per-tenant crypto-policy abstraction. Customers compose policy gating from KMS key policies, Org SCPs, IAM conditions, or third-party tools (e.g. CloudCustodian) — see docs.aws.amazon.com/kms/latest/developerguide/key-policies.html and docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html.
Free tier	Free forever: 20 KMS keys + 20 000 KMS ops/month + 25 vault secrets + 10 GB PQC-encrypted storage + 50 000 API calls/month, no credit card. Verified in apps/billing-service/src/pricing/config.ts.	AWS Free Tier: 20 000 KMS requests/month for the first 12 months. Beyond 12 months, $0.03 per 10 000 requests + $1/month per customer-managed key (aws.amazon.com/kms/pricing — verify before quoting).
Migration / coexistence	Customers running AWS KMS today can layer QNSP on top: QNSP wraps existing KMS-protected keys with PQC envelope encryption (vault.wrap → kms.sign with ML-DSA), so the AWS-side key never moves. Crypto Inventory (CBOM) auto-discovers existing KMS keys for a phased migration plan.	Vendor lock-in by design. Migrating to a different KMS provider requires re-encryption of every KMS-encrypted artifact (S3 SSE-KMS objects, EBS volumes, RDS snapshots, etc.) — a multi-quarter project for most enterprises.
SDK languages	TypeScript / Node.js (@qnsp/qnsp), Python (qnsp), Go (sdks/go/qnsp), Rust (qnsp on crates.io). Identical wire contracts; outputs round-trip across languages byte-for-byte. One activation handshake per process.	AWS SDK for ~10 languages. AWS Encryption SDK is a separate package per language. Cross-language byte-compatibility depends on careful KMS context + AAD wiring.

Stay on AWS KMS if…

Your data lifecycle is < 7 years and your threat model excludes HNDL (harvest-now-decrypt-later) attacks.
You're 100% AWS-resident and not under an upcoming multi-cloud mandate.
Classical RSA/ECC keys are sufficient for your compliance regime today.

Add QNSP on top if…

You have data with retention > 7 years that an adversary could harvest today and decrypt later.
You're under regulator pressure to show a NIST PQC migration plan (NIST SP 800-208).
You need multi-cloud or hybrid-cloud KMS without re-keying.

Replace AWS KMS with QNSP if…

You're starting greenfield — no migration cost, get PQC by default.
You operate in a regulated sector (finance, healthcare, defense, government) where the auditor is asking about quantum readiness.
Your application stack uses Python / Go / Rust as much as TypeScript and you want one consistent SDK.

The PQC sandbox at qnsp.cuilabs.io/#verify-sandbox runs real ML-KEM-768 and ML-DSA-65 operations on every page request. Or sign up for a free QNSP account, get an API key, and wrap your first ML-KEM secret in a few lines of @qnsp/qnsp.

Start free →Run the live sandbox

Eight categories that matter to a security buyer

Decision guide

Verify the QNSP claims in 30 seconds