pq-vault.com

Menu
Login
Free Demo

Feature Details

Interested in one or more of PQVault’s feature(s)? You can learn more about it here!

Main Features

Cryptographic Operations

Secure your data with 4 cryptographic operations provided by PQVault:

  • Encryption
  • Decryption
  • Signature
  • Verification

Encryption converts data or text into an unreadable format that can only be accessed by authorized parties; effectively protecting any sensitive information contained in the data. A secret key is used for encryptions.

Decryption, on the other hand, converts an encrypted data back into its original readable format. But, it can only be performed by authorized parties; usually parties who own the secret key.

With PQVault all procedures are carried out automatically and in a secure manner.

In addition to encryption, PQVault offers you as an additional feature to verify the authenticity and integrity of your (encrypted) data via signatures.

A unique digital signature will be generated when a piece of data is being signed. This signature is created in the form of a file (or string) via PQVault. The signature is to be attached and sent together with the signed data to proof its authenticity.

During verification the signature in combination with the original message or document will be checked, if indeed the signature is valid. An invalid signature proofs that either the message or the signature has been altered.

This mechanism is extremely important to make sure that e.g. the data you receive has a trusted source or originates from the intended receiver, thus protecting from malicious parties (e.g. contains virus, malware etc.)

Security Level

PQVault offers you several cryptographic algorithms with various levels of security enabling your various use cases. The algorithms are carefully selected based on well-known standardization organizations as well as

  • Standards
  • NIST-Recommendations
  • BSI-Recommendations

To learn more about our algorithms, feel free to contact us.

For instance, you can select algorithms with higher security level for highly confidential files and documents for higher protection and algorithms with medium security level for confidential data requiring sufficient protection while  benefitting from higher efficiency.

Future-Proof

We are specialized to provide post-quantum cryptography services. PQVault offers encryption and signature services using cryptographic algorithms and protocols that are resistant to attacks from quantum computers.

With the advancement of quantum computing and its adoption inevitable in the future, security of your systems may be compromised. You can better protect your data from these future threats with cryptographic algorithms provided by PQVault.

We provide several options for accessing our quantum-resistant encryption and signature services:

PQVault is equipped with very easy-to-use functions for your developers and users, no complex procedures. Access to our services can be as simple as a click of a button or a simple call of a function!

Post-quantum cryptography provides great security but usually requires more resources. Here at PQVault we ensure you that our cryptographic services are quantum-safe, while maintaining high performance.

Password-Protected Data

When encrypting or signing data, PQVault offers you the option to further secure access to that data by locking it behind an additional password. This password is set before encryption or signing and must be provided when decrypting or verifying (accessing) the password-protected data.

PQVault’s post-quantum cryptography will indeed protect your encrypted data from being cracked by malicious actors. However, it is also wise to set additional barriers to forbid these actors to access your confidential data.

Even when an adversary steals your notebook containing your encrypted data, you have several options to stop the adversary from decrypting your data. For instance, with password-protection or 2FA your data remains unaccessible for an adversary even if he uses your very encryption client. There are also possibilities to react appropriately and thus prevent an adversary from revealing your encrypted data.

Two-Factor-Authentication (2FA)

In the online management tool, you may turn on 2FA for your account. This is available to all users under your account.

By enabling 2FA, your account will be better protected from possible malicious attacks. To do so, you would need an authenticator app (e.g. from Google) and enter the code shown in the app each time you sign into the online management tool.

This extra layer of security will require attackers to somehow gain access to your authenticator which is not trivial.

PQVault’s sharing mechanism also incorporates 2FA as a measure for authentication. A share creator may enable 2FA to add an extra layer of security to his/her data or document. When a user attempts decrypt or sign 2FA-protected data, he or she will need to provide the time-based one-time password from the authenticator app.

24/7 Availability

PQVault has built-in scalability and fault tolerance to make its encryption service available to you all the time.

Tools

PQVault Desktop Client

This tool is only available for GUI or in combination with API plans.

The PQVault desktop client is a simple application with which you can quickly and easily perform any cryptographic operations from PQVault. Since it is very user-friendly, it can easily be used even by non-experts, hence applicable in virtually all domains.

It supports both Windows and Linux.

With the desktop client, you can right click and immediately encrypt or sign your folders or files or use the advanced menu and:

  1. Select files or folders  (and more) to encrypt, sign, decrypt and verify via your file system
  2. Set the share policies of your crypto operations
  3. Set further security options such as policies and passwords etc..
  4. If desired add labels in order to identify the data in the WebUI.

PQVault Software-Development-Kit (SDK)

This tool is exclusive only to API plans and IoT Plans.

The provided SDK allows you to access our cryptographic operations via code (call of C++ functions). This allows you to develop and expand your existing software systems to automatically use our post-quantum cryptographic operations to secure and protect your applications and data.

We also offer an SDK specially developed for IoT devices which supports various device architectures. However, this SDK is only available to subscribers of the IoT plans.

The SDK has more access to crypto operations of PQVault than the desktop client:

  1. The encryption types are not limited to just files and strings, all types (files, folders, JSON (Fields), Streams, Strings etc.) can be made available for you (provided you have the right API pricing plan)
  2. Offline encryption and decryption
  3. Encryption and decryption of many files simultaneously.
And much more additional features.

Online Management Tool

In addition to performing cryptographic operations with PQVault, we also offer you an online tool to manage your crypto operations. You can find more information on the various features of this tool in the sections below.

This tool is available to all plans.

With the management tool, you can assign crypto rights such as encryption, decryption, signing or verification to specific users or entities.

Via the WebUi you can easily invite your team and enable them to use PQVault’s features and functionalities.

The WebUI also exhibits your crypto usage for every month and providesadditional means .  With the logging feature it is also possible to enable dedicated team members (e.g. the owner) to track crypto operations of the whole team.

Account Features

Helpful features for managing your crypto operations accessible via the online management tool.

Users

Simple admin panel for you to manage your users. Available to all plans.

Invite your team effortlessly via email to your account with our online management tool.

You can give users certain rights by assigning them the role of an admin, developer or a user.

Admins are given permissions to manage users such as inviting new ones or deleting users.

Developers have rights to e.g. manage API keys, apps (API plans) and clusters (IoT plans).

No matter which pricing plan you have selected. We offer you an option to increase the maximum number of users, developers or devices at any point of time.

Upon revocation of a user, you may choose to transfer the permissions and rights of the user’s to another person, even yourself! This prevents any possible data loss due to restricted decryption rights.

Teams

Group users and manage them together. Exclusive to only GUI and API plans.

Onboarded users can be assigned to be a member of one or more teams. You can easily map your organization’s structure using teams and assign multiple users cryptographic rights with one click.

Team creators are able to assign the “member” or editor” role to members of their teams.

Members are just normal participants of a teams. Editors on the other hand are team administrators that can assign new members or remove existing ones and even promote a member to an editor.

Teams you create can be public or private teams. This allows to assign specified rights to a team while not necessarily revealing the composition of that team.

In many use cases either alternative of the team representation is important or desired.

Apps

This feature is exclusive to API plans.

The online management tool allows you to create “Apps to help you integrate your software and applications with PQVault. Apps can be assigned API keys and permissions to access specific APIs of PQVault. Each app can be viewed as a sandbox for your crypto operations.

Developers can assign decryption rights of data encrypted in one app to another app. This allows apps to be able to share data with one another.

Clusters

This feature is only available for IoT plans.

“Devices” can be created in the online management tool to represent your physical IoT devices. These “devices” are grouped into a “cluster” by default to allow efficient assignment of crypto rights to all devices in a cluster.

Additionally, new devices can be added, existing ones edited or removed at any time.

Just like in apps, devices in different clusters can share data between one another. To do so, a developer must assign the proper decryption rights of a cluster to another cluster or its devices.

“Clusters” can be assigned API keys and scopes (permissions) in order to grant its devices access to specific APIs of PQVault.

Other Cryptographic Features

Useful features for securing your data.

Policies

Assign permissions based on time, users, teams, apps and clusters. There are many policies that you may apply and combine in securing your data.

Additionally, time-based policies can be added to prevent data from being decrypted outside specified time frames.

Conversely, you can specify time periods in which decryption is allowed for specified entities.

We further provide a multitude of policies that specify certain decryption or verification policies. Entities maybe enabled to:

  • decrypt data that has been encrypted by someone else
  • be blocked from decrypting data
  • edit existing policies of the share
  • etc.

Entities can be users, teams, apps, clusters or even API keys.

Policies are usually created before encryption or signature generation via the desktop client or function calls in the PQVault Software-Development-Kit (SDK). The online management tool is also able to edit the policies (add, alter and remove) of already encrypted data.

Encryption Types

PQVault offers a great multitude data types for encryption and signing in order to cover all your use cases:

 

  • File
  • Folders
  • JSONs and JSON Fields
  • String & Bytes
  • Streams
  • Custom**

Extra Details

JSON : Possible to encrypt only one or more JSON fields instead of the entire JSON

Folders : Accepts any kind of folders

** Custom : A personalized type created by the customer to suit your use cases

Logging

Track and view all your past crypto operations in your account. PQVault records and shows any crypto operations that is carried out via your account. The log entries contain the user and dates the operation is carried out as well as the ID that is used for it.

The data is made available as a .txt or .csv file.

Control Encrypted Data & Other Features

Our Achievements & Awards

Get A Free Trial 30 Days

Try PQVault and register now! Convince yourself!

Get free trial
en_GBEnglish
de_DEGerman en_GBEnglish