1 · Algorithm breadth
90 PQC algorithms across 14 families
Most vendors ship 3–4. QNSP supports the entire NIST + IETF candidate field.
27 KEMs (ML-KEM, HQC, BIKE, Classic McEliece, FrodoKEM, NTRU, NTRU-Prime/sntrup761) and 63 signatures (ML-DSA, SLH-DSA, FN-DSA, MAYO, CROSS, UOV, SNOVA). If your regulator requires a code-based fallback (McEliece, NSA preference), a hash-based fallback (SLH-DSA), or any non-lattice scheme — QNSP can ship it today. Fortanix publicly lists 4. SandboxAQ doesn't publish a count.
2 · Algorithmically-distinct backup KEM
HQC — the second NIST KEM
An algorithmically-distinct backup to ML-KEM, in production today.
ML-KEM (Kyber) is a structured-lattice scheme. HQC is code-based — a fundamentally different mathematical foundation. NIST selected HQC in March 2025 specifically so that an algorithmic break in lattices does not break the entire KEM stack. QNSP ships HQC-128 / 192 / 256 in production today; most vendors still ship only ML-KEM. If structured lattices fall, your KEM is not breached.
3 · Two implementations on every operation
Dual-provider cross-verification
liboqs (native C) + noble (pure JS). Every crypto op verified by both.
On Maximum and Government crypto-policy tiers, every signature is signed by one provider and verified by the other; provider attestation is recorded in the audit ledger. 18 NIST-finalised algorithms overlap between the two independent codebases. A single-implementation bug — like the kind that historically affects new cryptographic code — is caught at runtime. No competitor publishes this architecture.
4 · Enforced policy, not flexible guidance
Four crypto-policy tiers (default → strict → maximum → government)
Hard algorithm restrictions enforced at edge-gateway, KMS, and vault — not just UI suggestions.
Default supports the full algorithm registry. Strict mandates ML-KEM-768/1024 + HQC-192/256 and ML-DSA-65/87 + FN-DSA-1024 + SLH-DSA-256f/s. Maximum collapses to ML-KEM-1024 + ML-DSA-87 + FN-DSA-1024. Government enforces FIPS-finalized-only (FIPS 203 / 204 / 205) with no draft standards and HSM-protected root keys. Each tier is enforced as a hard contract at every protected route, not as a tenant setting that can be downgraded by a user with the wrong scope.
5 · Tamper-evident, PQC-signed audit chain
59 crypto-critical event types across 12 source services
ML-DSA-65-signed events with SHA3-256 hash chains and SHA3-512 Merkle checkpoints.
Every key operation, signature, policy decision, and entitlement check from kms-service, vault-service, access-control-service, storage-service, search-service, ai-orchestrator, auth-service, security-monitoring-service, edge-gateway, tenant-service, billing-service, and audit-service flows into a single hash-chained ledger. Real-time WebSocket streaming to SIEM (Splunk, Datadog, Slack, GitHub, AWS, Azure, GCP, Okta). Receipt-replay verification lets any party independently re-validate any signed event without trusting QNSP's database.
6 · BYO-everything, no lock-in
8 HSM vendors + 11 cloud connectors
Customer hardware. Customer cloud. Customer crypto. No QNSP-managed lock-in required.
BYOH across AWS CloudHSM, Azure Dedicated, Thales Luna, Entrust nShield, Utimaco CryptoServer, Marvell LiquidHSM, Fortanix DSM, and HashiCorp Vault HSM. Crypto posture across 11 cloud-vendor connectors (AWS, Azure, GCP, Alibaba, Akamai, Cloudflare, DigitalOcean, Fastly, IBM, Oracle, HashiCorp Vault). Most KMS products integrate 1–2 HSM vendors and 1–3 cloud providers. QNSP is built so a regulated buyer in Singapore, Frankfurt, or Washington can use their existing hardware, their existing cloud, and their existing key custody story.
