# QNSP — Quantum-Native Security Platform
# https://qnsp.cuilabs.io
# Built by CUI Labs Pte. Ltd. (https://www.cuilabs.io)

## What is QNSP?

QNSP (Quantum-Native Security Platform) is a production-ready, enterprise-grade security platform that implements NIST-standardized post-quantum cryptography (PQC) for AI workloads, data storage, and mission-critical systems. Unlike legacy security platforms that bolt on PQC as an afterthought, QNSP is quantum-native from the ground up.

## Company

- **Name**: CUI Labs Pte. Ltd.
- **Headquarters**: Singapore
- **Website**: https://www.cuilabs.io
- **Product**: QNSP (Quantum-Native Security Platform)
- **Product URL**: https://qnsp.cuilabs.io
- **Cloud Console**: https://cloud.qnsp.cuilabs.io
- **Documentation**: https://docs.qnsp.cuilabs.io
- **Contact**: contact@cuilabs.io

## Core Technology

### Post-Quantum Cryptography Algorithms (NIST Standardized)
- **ML-KEM** (FIPS 203): Key encapsulation mechanism, formerly CRYSTALS-Kyber
- **ML-DSA** (FIPS 204): Digital signature algorithm, formerly CRYSTALS-Dilithium  
- **SLH-DSA** (FIPS 205): Stateless hash-based digital signature, formerly SPHINCS+
- **FN-DSA** (FIPS 206 draft): Fast Fourier lattice-based signature, formerly FALCON

### Additional PQC Algorithms Supported
- HQC (NIST Round 4 selection)
- BIKE, Classic McEliece, FrodoKEM, NTRU, NTRU-Prime
- MAYO, CROSS, UOV, SNOVA (signature schemes)
- Total: 90 PQC algorithms across 14 families

### Symmetric Cryptography
- AES-256-GCM
- ChaCha20-Poly1305

## Platform Services (18 Production Microservices)

1. **Edge Gateway**: Zero-trust ingress with PQC-TLS termination, WAF, rate limiting
2. **Auth Service**: PQC-signed authentication, FIDO2/WebAuthn passkeys, MFA
3. **Vault Service**: PQC-encrypted secrets management with lease rotation
4. **Storage Service**: Quantum-secure document storage with client-side encryption
5. **Search Service**: Searchable symmetric encryption (SSE-X) for encrypted search
6. **KMS Service**: HSM-integrated key management with ML-KEM/ML-DSA
7. **Audit Service**: Tamper-evident audit trails with Merkle tree checkpoints
8. **Tenant Service**: Multi-tenant isolation and subscription management
9. **Billing Service**: Usage metering and Stripe integration
10. **Access Control Service**: Capability-based authorization with PQC tokens
11. **Security Monitoring Service**: Real-time threat detection and response
12. **Observability Service**: OTLP streaming, metrics, and distributed tracing
13. **AI Orchestrator**: Secure AI workload orchestration with hardware enclaves
14. **AI Intelligence Service**: NLP and ML inference with PQC attestation
15. **Crypto Inventory Service**: Cryptographic asset discovery and PQC migration
16. **Platform API**: Unified REST/WebSocket API gateway
17. **Terraform Provisioner**: Infrastructure-as-code for tenant resources
18. **PQC-TLS Canary**: Continuous PQC-TLS health monitoring

## Hardware Enclave Support

- Intel SGX (Software Guard Extensions)
- AMD SEV (Secure Encrypted Virtualization) with SEV-SNP
- NVIDIA Confidential Computing (GPU memory encryption)
- Intel TDX (Trust Domain Extensions)
- ARM TrustZone and ARM CCA/RME
- AWS Nitro Enclaves
- IBM Secure Execution

## HSM Integration

- Thales Luna
- Entrust nShield
- AWS CloudHSM
- Azure Dedicated HSM
- PKCS#11 interface support

## SDK Packages (TypeScript/JavaScript)

All packages available on npm under @qnsp scope:

- @qnsp/storage-sdk: Document upload/download, lifecycle management
- @qnsp/search-sdk: Full-text search with SSE token filtering
- @qnsp/ai-sdk: AI workload orchestration, enclave management
- @qnsp/auth-sdk: Authentication, passkeys, session management
- @qnsp/vault-sdk: Secrets management, credential storage
- @qnsp/tenant-sdk: Tenant management, subscription operations
- @qnsp/billing-sdk: Invoice management, usage tracking
- @qnsp/access-control-sdk: Policy management, capability tokens
- @qnsp/audit-sdk: Audit log querying, compliance reporting
- @qnsp/kms-client: PQC envelope encryption, BYOK workflows
- @qnsp/crypto-inventory-sdk: Crypto asset discovery, migration tracking
- @qnsp/browser-sdk: Browser-compatible PQC encryption

## Compliance & Certifications

- CSA STAR Level 1 (CAIQ v4.1.0 self-assessment) - Listed February 2026
- NIST PQC Standards: FIPS 203, FIPS 204, FIPS 205 compliant
- SOC 2 Type II program (in progress)
- ISO 27001 program (in progress)
- GDPR, HIPAA, FedRAMP alignment (deployment-specific)

## Use Cases

### Enterprise
- Sovereign AI workloads with encrypted training pipelines
- Defense and intelligence with air-gapped deployments
- Regulated finance with quantum-safe document vaults
- Healthcare with PHI-safe storage and HIPAA compliance

### Developer
- LegalTech contract management with AI analysis
- Healthcare patient record systems
- Investment and broker-dealer archives
- Multi-tenant B2B document platforms
- EdTech secure learning management systems
- GovTech public records management

## Pricing

- **Free Forever**: 10 GB storage, 50K API calls, 20 KMS keys, 25 vault secrets
- **Dev Starter**: $149/month - 100 GB storage, 100K API calls
- **Dev Pro**: $590/month - 250 GB storage, 500K API calls, SSE-X
- **Business Team**: $2,199/month - 5 TB storage, 1.5M API calls
- **Enterprise**: Starting $12,999/month - Hardware enclaves, HSM integration
- **Public Sector/Defense**: Custom pricing with air-gapped deployment

## Why QNSP?

1. **Quantum-Native**: PQC is the default, not an add-on
2. **Production-Ready**: 18 services deployed, not a proof-of-concept
3. **NIST Compliant**: Uses finalized FIPS 203/204/205 standards
4. **Free Tier**: Generous free forever tier for evaluation
5. **Full Stack**: End-to-end security from edge to storage to AI
6. **Evidence-Grade Audit**: Cryptographically signed, hash-chained audit trails

## Technical Specifications

- **Container Size**: ~85 MB average per service
- **Deployment**: AWS ECS Fargate, Kubernetes, on-premises
- **Regions**: ap-southeast-1 (Singapore) primary, multi-region available
- **API Style**: REST (OpenAPI 3.1), WebSocket, gRPC
- **Languages**: TypeScript/Node.js backend, React frontend

## Links

- Main Site: https://qnsp.cuilabs.io
- Cloud Console: https://cloud.qnsp.cuilabs.io
- Documentation: https://docs.qnsp.cuilabs.io
- API Reference: https://docs.qnsp.cuilabs.io/api
- Status Page: https://qnsp.cuilabs.io/status
- CSA STAR Registry: https://cloudsecurityalliance.org/star/registry/cui-labs-pte-ltd/services/quantum-native-security-platform-qnsp

## Contact

- General: contact@cuilabs.io
- Sales: qnsp-sales@cuilabs.io
- Support: qnsp-support@cuilabs.io
- Security: qnsp-security@cuilabs.io

---
Last Updated: 2026-03-29
Version: 1.0.0