Quantum-safe encryption with the features you need. From personal use to enterprise deployments.
All tiers use hybrid key exchange (ML-KEM + X25519) with AND construction — attackers must break BOTH post-quantum AND classical algorithms to succeed. Authenticated encryption via AES-256-GCM or XChaCha20-Poly1305. True defense-in-depth from day one.
Argon2id (OWASP recommended) transforms your password into encryption keys. Memory-hard design makes brute-force attacks computationally impractical, even with specialized hardware.
AES-256-GCM provides both confidentiality and integrity. Any modification to the encrypted file — even a single bit — is detected immediately upon decryption. No silent corruption.
Zero network capability by design. QNSQY works completely offline. Your files and encryption keys never leave your device. No cloud. No telemetry. No tracking.
The shred command overwrites files multiple times before deletion, making recovery impossible even with forensic tools. Available in all tiers.
Optional compression before encryption reduces file sizes without compromising security. Useful for large documents and archives.
| Feature | Free | Pro | Enterprise |
|---|---|---|---|
| Symmetric Encryption | AES-256-GCM / XChaCha20-Poly1305 | AES-256-GCM / XChaCha20-Poly1305 | AES-256-GCM / XChaCha20-Poly1305 |
| Hybrid KEM (ML-KEM + X25519) | ML-KEM-512/768 + X25519 (default: 768) |
ML-KEM-512/768/1024 + X25519 (default: 768) |
ML-KEM-512/768/1024 + X25519 (default: 1024) |
| ML-KEM Security Levels | NIST Level 1, 3 | NIST Level 1, 3, 5 | NIST Level 1, 3, 5 |
| Password Hashing (KDF) | Argon2id 128 MB, 3 iter, 4 threads |
Argon2id 256 MB, 4 iter, 4 threads |
Argon2id 512 MB, 6 iter, 8 threads |
| Key Derivation | HKDF-SHA3-256 | HKDF-SHA3-256 | HKDF-SHA3-256 |
| Integrity / Hashing | BLAKE3 | BLAKE3 | BLAKE3 + Merkle Tree |
| Nonce Derivation | BLAKE3 deterministic | BLAKE3 deterministic | BLAKE3 deterministic |
| Commands | encrypt, decrypt, shred | encrypt, decrypt, shred, batch, sign, verify | encrypt, decrypt, shred, batch, sign, verify, rekey, split, combine |
| Secure Delete | 3-pass overwrite | 3-pass overwrite | 3-pass overwrite |
| Compression | Zstd | Zstd | Zstd |
| Maximum file size | 1 GB | 10 GB | Unlimited |
| Chunk Processing | 64 KB – 4 MB adaptive | 64 KB – 4 MB adaptive + streaming | 64 KB – 4 MB adaptive + streaming |
| Memory Protection | mlock() / VirtualLock | mlock() / VirtualLock | mlock() / VirtualLock |
| Audit Logging | Append-only encrypted log | Hash-chain ML-DSA signed log | |
| Key Management | ML-DSA-44/65/87 keypairs | ML-DSA-44/65/87 + Ed25519 keypairs | |
| Digital Signatures | ML-DSA-44 | ML-DSA-44/65/87, SLH-DSA-128s/192s/256s | ML-DSA-44/65/87 + Ed25519 hybrid, SLH-DSA |
| Password Change (Rekey) | DEK re-wrap via wrapped KEM SK | ||
| Custom Argon2 Parameters | Configurable memory/iter/threads | ||
| Key Recovery | Shamir Secret Sharing (M-of-N) | ||
| Sandbox* | seccomp-bpf (Linux) | seccomp-bpf (Linux) | seccomp-bpf (Linux) |
| License | Personal use | Commercial use | Enterprise + priority support |
Client confidentiality with decades-long retention requirements
HIPAA compliance and patient record protection
Regulatory compliance and trade secret protection
Source protection and confidential communications
Intellectual property and grant data security
Family documents, passwords, private memories
Process files of any size without loading them entirely into memory. Essential for encrypting large databases, backups, and video files on systems with limited RAM.
Prevents sensitive data (passwords, keys) from being swapped to disk. Protects against cold boot attacks and forensic memory analysis.
Sign files with FIPS 205 hash-based signatures. SLH-DSA doesn't rely on lattice mathematics, providing an alternative post-quantum approach. Choose SLH-DSA-128s/192s/256s based on your security level needs.
Generate, import, and export signing keypairs. Share public keys with colleagues. Manage multiple identities. Full control over your cryptographic keys.
Track all cryptographic operations. Know when files were encrypted, decrypted, signed, or verified. Essential for compliance and security audits.
Use QNSQY in commercial settings. Deploy across your organization. Integrate into business workflows without licensing concerns.
Defense-in-depth signatures using AND construction. Both ML-DSA (post-quantum) and Ed25519 (classical) signatures are computed. Verification requires BOTH to be valid. If either algorithm is broken, the other still protects.
Change the password on encrypted files without decrypting and re-encrypting the entire file. Essential for key rotation policies and password management at scale.
Tune memory cost, iterations, and parallelism to match your security requirements and hardware capabilities. Balance security against performance for your specific use case.
Full control over cryptographic algorithms. Choose between AES-256-GCM and XChaCha20-Poly1305. Select ML-DSA or SLH-DSA signature algorithms. Configure hybrid modes for maximum security.
M-of-N threshold key recovery using Shamir's Secret Sharing. Split your password among trusted parties—any M of N shares can recover it. Ideal for organizational continuity.
Define and enforce encryption standards across your organization. Set minimum password requirements, mandatory signing, and other security baselines.
No restrictions on file size. Encrypt multi-terabyte databases, complete system backups, and large media libraries without artificial limits.
Download the free tier and start protecting your files with quantum-safe encryption today.