BenchmarksStack Ranking
H33-VaultH33-ShareH33-ShieldH33-HealthH33-KeyH33-128H33-CKKSH33-256H33-FHE-IQFHE OverviewH33-CompileZK LookupsBiometricsH33-3-KeyH33-MPCZK-TrustlessZK-PhishZK-VerifyPQC ArchitecturePQ Video
APIsPricingDocsWhite PaperTokenBlogAboutSecurity Demo
Log InGet API Key

Your keys are one breach from becoming weapons. All of them.

API tokens in .env files. SSH keys on disk. Database passwords in config. TLS certs in mounted volumes. Crypto wallet private keys in hot storage. Every key in your infrastructure sits one credential dump from catastrophic compromise.

H33-Key — Kyber-1024 encryption wherever keys live. No vault migration. No workflow change. Sub-millisecond overhead.

Start Encrypting

Vaults centralize secrets behind a new abstraction layer. H33-Key does the opposite — it encrypts keys exactly where they already live. Database columns, environment variables, config files, SSH keys, TLS certificates, crypto wallet private keys. The encryption travels with the key. No migration. No new workflow. No single point of failure.

Not another secrets vault. Encryption that follows your keys.

Here’s what happens when you encrypt and manage a key with H33-Key.

Step 01 — Kyber-1024 Hybrid Encryption
Quantum-Resistant Key Wrapping
Key material is wrapped using Kyber-1024 key encapsulation mechanism combined with AES-256-GCM symmetric encryption. The plaintext key never persists — it exists only in memory during the encapsulation operation. Even if an attacker exfiltrates the encrypted payload, they face a lattice problem that no known quantum algorithm can solve efficiently.
Key material is wrapped using Kyber-1024 key encapsulation mechanism combined with AES-256-GCM symmetric encryption. The plaintext key never persists — it exists only in memory during the encapsulation operation. Even if an attacker exfiltrates the encrypted payload, they face a lattice problem that no known quantum algorithm can solve efficiently.
Step 02 — HMAC-SHA3 Integrity Verification
Detect Tampering Instantly
Every encrypted key payload carries an HMAC-SHA3-256 integrity tag. If a single bit changes — whether from storage corruption, malicious modification, or man-in-the-middle attack — verification fails immediately. You know the moment your encrypted keys have been tampered with, before any decryption attempt.
Every encrypted key payload carries an HMAC-SHA3-256 integrity tag. If a single bit changes — whether from storage corruption, malicious modification, or man-in-the-middle attack — verification fails immediately. You know the moment your encrypted keys have been tampered with, before any decryption attempt.
Step 03 — Key Wrapping + Envelope Rotation
Rotate Without Re-Encrypting
Wrap existing keys under a post-quantum envelope. When rotation policy triggers, H33-Key rotates the outer envelope without touching the underlying key material. Your application never sees a key change. Zero downtime. Zero coordination. The envelope rotates on schedule while the wrapped key remains stable.
Wrap existing keys under a post-quantum envelope. When rotation policy triggers, H33-Key rotates the outer envelope without touching the underlying key material. Your application never sees a key change. Zero downtime. Zero coordination. The envelope rotates on schedule while the wrapped key remains stable.
Step 04 — Threshold Decryption + Provenance
k-of-n Approval for Critical Keys
For high-value keys — production database roots, signing certificates, infrastructure credentials — require k-of-n threshold approval before decryption. Every access is logged with a Dilithium-signed chain of custody. Full provenance: who requested, who approved, when, from where. Tamper-proof and quantum-resistant.
For high-value keys — production database roots, signing certificates, infrastructure credentials — require k-of-n threshold approval before decryption. Every access is logged with a Dilithium-signed chain of custody. Full provenance: who requested, who approved, when, from where. Tamper-proof and quantum-resistant.
< 0.5 ms
per encrypt/decrypt operation

Kyber-1024 KEM + AES-256-GCM wrap + HMAC-SHA3 integrity + Dilithium signature — all under half a millisecond.

Four cryptographic stages — under half a millisecond.

STAGE 1  Kyber-1024 KEM
STAGE 2  AES-256-GCM Wrap
STAGE 3  HMAC-SHA3 Integrity
STAGE 4  Dilithium Signature
Total: —
Key Encryption Pipeline

Every key in your infrastructure is a target. Encrypt them all.

Database Credentials
Encrypt connection strings in-place. No application change. Your ORM reads the same config — H33-Key transparently decrypts at point of use.
SSH Keys & Certificates
Wrap private keys at rest with Kyber-1024 envelope. Decrypt on-demand at point of use. Compromised disk yields only ciphertext.
API Tokens & Service Accounts
PQ-encrypt CI/CD secrets, cloud provider keys, third-party tokens. Rotate envelopes without invalidating the underlying credentials.
TLS Certificate Private Keys
Protect cert private keys with Kyber envelope. Auto-rotate envelope on schedule. The certificate stays valid while the encryption layer refreshes.
Crypto Wallet & Signing Keys
Wrap blockchain private keys, HD wallet seeds, and signing keys with Kyber-1024 encryption. Hot wallets stay operational while keys stay quantum-safe. Threshold decryption (Key-3) adds k-of-n multisig-grade approval before any signing key is released.

Zero to Encrypted in Five Minutes

No infrastructure to deploy. No agents to install. No migration project to plan.

Step 01
Get Your API Key
Sign up at /pricing, select the Key tab, choose a unit pack. API key provisioned instantly. No credit card required for free tier.
Step 02
Encrypt Your First Key
One API call to POST /v1/key/encrypt with your key material. Store the returned ciphertext wherever the plaintext used to live — .env file, database column, CI/CD variable, Kubernetes secret.
Step 03
Decrypt at Point of Use
Call POST /v1/key/decrypt when your app needs the key. Set a TTL so plaintext auto-zeroes from memory after use. Your app code changes are minimal — one decrypt call at startup.
Step 04
Scale with SDKs
Production SDKs for Node.js, Python, Go, and Rust handle caching within TTL windows and provide framework middleware. Docker sidecar available for environments you cannot modify — intercepts env var reads and transparently decrypts.

Zero-Exposure Infrastructure

Every secrets manager on the market decrypts the key before handing it to you. H33-Key doesn’t.

H33-Gateway NEW

TEE proxy — your infrastructure never touches plaintext. Your app sends an encrypted key + request. Gateway decrypts inside a Trusted Execution Environment, forwards the API call to the third-party service, zeroes the plaintext, and returns the response. At no point does your infrastructure — or ours — see the key in the clear.

Healthcare
A hospital where an Epic EHR credential sits in plaintext in a Jenkins env var. Every CI/CD run exposes it. Every developer with pipeline access can read it. With Gateway, Jenkins stores the Kyber-encrypted credential. The API call routes through the TEE. The plaintext credential never exists outside the enclave.
Financial Services
A bank where Stripe API keys live in a config file that 40 engineers can read. One compromised laptop, one misconfigured S3 bucket, one leaked .env — and those keys are in the wild. With Gateway, the config stores ciphertext. Payment API calls route through the TEE. Zero engineers need plaintext access.
STEP 1  App sends encrypted key + request
STEP 2  TEE decrypts key (secure enclave)
STEP 3  API call forwarded to third-party
STEP 4  Plaintext zeroed, response returned
Total: —
Gateway Pipeline

The Ecosystem Vision: Key-FHE NEW

Both sides integrate the H33 SDK. BFV fully homomorphic encryption compares the key without decrypting it — not even inside a TEE. The plaintext key never exists anywhere during verification. This is the endgame: zero-exposure at the mathematical level.

Key-FHE requires both parties to integrate the H33 SDK. We position it honestly as the future — the highest-security option for organizations willing to coordinate with their partners.

STEP 1  Encrypted key sent (Kyber-1024 envelope)
STEP 2  BFV FHE comparison (homomorphic)
STEP 3  Match / No-match result returned
No decryption step — key never exists in plaintext
FHE Verification Pipeline — zero decryption

Revocation & Rotation

Every encrypted key has an ID. Revoke instantly. Rotate without downtime. Analogous to certificate revocation (CRL/OCSP) — but for every key in your infrastructure.

Key Identity
Each encrypted key is assigned a unique identifier (hk_*). Track, audit, and manage every encrypted key across your infrastructure by ID. Full lifecycle visibility from creation to retirement.
Instant Revocation
Mark any key ID as revoked — all decrypt operations for that ID are refused immediately. No propagation delay. No key material to chase down. One API call and the key is dead across every system that references it.
Seamless Rotation
Generate a new Kyber envelope and key ID. The old ID is marked rotated with a configurable grace period — systems using the old ID continue to work during the transition window, then automatically cut over. Zero-downtime key rotation.

Built for Post-Quantum Key Security

Every layer of H33-Key is designed to protect key material against both classical and quantum threats.

ML-KEM + X25519
Hybrid Post-Quantum Encryption
ML-KEM + X25519 key exchange. Kyber lattice protection combined with classical ECDH. Defense-in-depth key wrapping ensures security even if one primitive is broken.
SHA3-256
HMAC-SHA3 Integrity
Every encrypted field verified with SHA3-256 HMAC. Tampering detected before decryption attempt. Zero false positives.
Zero-Downtime
Envelope Rotation
Automatic key rotation with zero-downtime re-encryption. Old ciphertexts remain readable. New writes use rotated keys immediately.
k-of-n Policy
Threshold Decryption
k-of-n policy enforcement. No single party can decrypt. Configurable thresholds per secret or per field.
ML-DSA-65
Dilithium Audit Trail
Every key operation — create, rotate, decrypt — signed with ML-DSA-65. Non-repudiable provenance chain. Verifiable by third parties.
Per-Field
Field-Level Granularity
Encrypt individual JSON fields, not entire documents. Mix encrypted and plaintext fields in one record. Selective decryption by field name.

Where H33-Key Fits

Post-quantum key encryption for every infrastructure pattern.

API Key & Secret Management
Encrypt API keys, database credentials, and signing keys at field level. Threshold policies for production secrets. Automatic rotation schedules.
Document Encryption
Encrypt sensitive document fields (SSN, account numbers) while keeping metadata searchable. Per-field access control with ZKP-verified policies.
Tokenization
Replace sensitive values with encrypted tokens. Detokenize with threshold approval. FHE encryption means tokens are mathematically bound to originals.
Regulatory Compliance
HIPAA PHI, PCI cardholder data, SOC 2 secrets. Field-level encryption satisfies data-at-rest requirements. Dilithium audit trail for examiner verification.

The more you encrypt, the less each operation costs.

Key-0
3 units per operation
Kyber-1024 encrypt/decrypt. Masked display. Full audit log.
10K$0.18
50K$0.12
250K$0.075
1M$0.036
5M+$0.018
Get Started
Key-1
8 units per operation
+ HMAC-SHA3-256 integrity verification. Tamper detection.
10K$0.48
50K$0.32
250K$0.20
1M$0.096
5M+$0.048
Get Started
Key-2
15 units per operation
+ Key wrapping + envelope rotation without re-encrypting underlying key.
10K$0.90
50K$0.60
250K$0.375
1M$0.18
5M+$0.09
Get Started
Key-3
25 units per operation
+ Threshold decryption (k-of-n). Dilithium-signed key provenance chain.
10K$1.50
50K$1.00
250K$0.625
1M$0.30
5M+$0.15
Get Started
Key-Gateway NEW
35 units per operation
TEE proxy — your infrastructure never touches plaintext. Works with any third-party API.
10K$2.10
50K$1.40
250K$0.875
1M$0.42
5M+$0.21
Get Started
Key-FHE NEW
50 units per operation
FHE verification — key never decrypted anywhere. Both sides integrate for zero-exposure.
10K$3.00
50K$2.00
250K$1.25
1M$0.60
5M+$0.30
Get Started

Volume Unit Pricing

Monthly Volume $/Unit Key-0 (3u) Key-1 (8u) Key-2 (15u) Key-3 (25u) Key-Gateway (35u) Key-FHE (50u)
10K $0.060 $0.18 $0.48 $0.90 $1.50 $2.10 $3.00
50K $0.040 $0.12 $0.32 $0.60 $1.00 $1.40 $2.00
250K $0.025 $0.075 $0.20 $0.375 $0.625 $0.875 $1.25
1M $0.012 $0.036 $0.096 $0.18 $0.30 $0.42 $0.60
5M+ $0.006 $0.018 $0.048 $0.09 $0.15 $0.21 $0.30

How H33-Key compares

H33-Key AWS KMS HashiCorp Vault Transit Azure Key Vault
Post-quantum encryption Kyber-1024 (NIST)
Latency < 0.5ms 5–15ms 2–8ms 10–25ms
Per-operation cost From $0.018 $1/10K requests Self-managed infra Per-op + per-key
Migration required None — transparent layer Full integration Complex setup SDK integration
Vendor lock-in None AWS-only Azure-only
Threshold decryption (k-of-n) Key-3
Dilithium-signed provenance Key-3
Zero-exposure infrastructure Key-Gateway (TEE proxy)
FHE key verification Key-FHE

All units fungible — same balance as H33-Auth, H33-Vault, H33-Share, H33-Shield, and H33-Health.

Frequently Asked Questions

What makes H33-Key different from AWS KMS?
AWS KMS uses AES-256 with RSA or ECDSA key wrapping, all vulnerable to quantum attack. H33-Key uses Kyber-1024 for key encapsulation, HMAC-SHA3 for integrity verification, and Dilithium ML-DSA-65 for audit signatures. Every key operation is post-quantum secure end-to-end. AWS KMS also locks you into one cloud; H33-Key runs anywhere.
How does Kyber-1024 protect my keys?
Kyber-1024 is a lattice-based key encapsulation mechanism standardized by NIST as ML-KEM. It wraps your data encryption keys with a shared secret derived from a problem that neither classical nor quantum computers can efficiently solve. Even an attacker recording your encrypted keys today won't be able to decrypt them when quantum hardware matures.
What are the 4 cryptographic stages?
Stage 1: Kyber-1024 key encapsulation generates a shared secret. Stage 2: the shared secret encrypts the target key material using AES-256-GCM. Stage 3: HMAC-SHA3 computes an integrity tag over the encrypted payload. Stage 4: Dilithium ML-DSA-65 signs the complete operation record for the audit trail. All four stages complete in under 0.5ms.
Can H33-Key manage SSH keys?
Yes. H33-Key can encrypt, store, rotate, and distribute SSH keys (RSA, Ed25519, ECDSA). It integrates with ssh-agent via a local proxy that decrypts keys on demand using Kyber-1024 decapsulation. You can also configure automatic SSH key rotation on a schedule, with the new public key pushed to your servers via webhook or Ansible callback.
How does H33-Key integrate with CI/CD pipelines?
H33-Key provides plugins for GitHub Actions, GitLab CI, Jenkins, and CircleCI. The plugin authenticates with HMAC-SHA3, retrieves the encrypted key, decapsulates it in the runner's memory, and injects it as an environment variable or file. Keys never touch disk unencrypted. The pipeline step adds approximately 50ms of overhead.
How does the key hierarchy work?
H33-Key uses a three-tier hierarchy. A root key (stored in HSM or your BYOK provider) protects master keys. Master keys protect data encryption keys (DEKs). DEKs encrypt your actual key material. Each level uses Kyber-1024 wrapping. Rotating a master key automatically re-wraps all its DEKs without re-encrypting end-user key material, making rotation fast and non-disruptive.
What happens if a key is compromised?
H33-Key supports immediate key revocation via the API or dashboard. Upon revocation, all systems using that key receive a webhook notification and the key is marked as unusable in under 1 second. A new key is automatically generated and distributed if you have auto-rotation enabled. The compromised key's usage history is preserved in the Dilithium-signed audit trail for forensic review.
Can I rotate keys without downtime?
Yes. H33-Key supports graceful rotation with a configurable overlap period. During rotation, both the old and new key versions are valid. Consumers gradually pick up the new version via the SDK's built-in version negotiation. Once all consumers have migrated (confirmed via usage telemetry), the old version is retired. Zero downtime, zero manual coordination.
How does HMAC-SHA3 integrity verification work?
Every encrypted key payload includes an HMAC-SHA3 tag computed over the ciphertext, the key identifier, and a timestamp. On retrieval, the HMAC is recomputed and compared. If a single bit of the encrypted payload was altered in storage or transit, the HMAC check fails and the operation is rejected. This detects tampering, corruption, and replay attacks.
Is H33-Key compatible with hardware security modules (HSMs)?
Yes. H33-Key supports PKCS#11-compatible HSMs for root key storage. The root key never leaves the HSM boundary. All Kyber-1024 wrapping operations for master keys are performed inside the HSM if it supports the algorithm, or the HSM-stored root key unwraps a software master key that then handles Kyber operations. AWS CloudHSM, Thales Luna, and Yubico YubiHSM are tested and supported.
What's the latency per key operation?
A full encrypt-wrap cycle (Kyber-1024 encapsulation + AES-256-GCM encryption + HMAC-SHA3 + Dilithium sign) completes in under 0.5ms. Decrypt-unwrap is slightly faster at approximately 0.4ms. Batch endpoints process up to 200 keys per request with amortized overhead, bringing per-key latency below 0.1ms at scale.
How does H33-Key handle audit and compliance?
Every key operation (create, read, wrap, unwrap, rotate, revoke) generates a Dilithium-signed audit record with caller identity, timestamp, key path, and operation result. Audit logs satisfy SOC 2 CC6.1 (logical access), PCI DSS Requirement 3 (key management), and NIST 800-57 key lifecycle requirements. Logs export to any SIEM via syslog, S3, or webhook.
Does H33-Key support multi-region key replication?
Yes. Keys can be replicated across H33 regions with configurable consistency (strong or eventual). Each replica is independently Kyber-wrapped with a region-specific master key. Cross-region replication adds approximately 50ms of propagation delay. If a region fails, replicas in other regions serve requests automatically with no manual failover required.
What does the SDK look like?
SDKs are available for Python, Node.js, Go, Rust, Java, and .NET. A typical key encryption call is three lines: initialize the client with your API key, call client.key.encrypt(key_material, policy), and receive the encrypted payload. The SDK handles Kyber encapsulation, HMAC computation, and retry logic internally. All SDKs are open-source.
Can I perform batch key operations?
Yes. The POST /v1/key/batch endpoint accepts up to 200 key operations (encrypt, decrypt, rotate, or revoke) in a single request. Batch operations share a single Dilithium signing context and HMAC computation pass, reducing per-key overhead significantly. A 200-key batch typically completes in under 20ms total.
TECHNICAL DEEP DIVES

Go Deeper

🔑 KYBER
CRYSTALS-Kyber Key Encapsulation Explained
How ML-KEM works, why it replaced RSA key exchange, and how H33-Key uses Kyber-1024 to protect every key.
Read Full Article →
🗄️ KEY MGMT
FHE Key Management Best Practices
Key rotation, derivation, storage, and lifecycle — managing cryptographic keys at enterprise scale.
Read Full Article →
🔐 UNIVERSAL
H33-Key: Universal Post-Quantum Key Encryption
Encrypt any key format — SSH, TLS, env vars, wallet keys — with a single API call. Auto-detection built in.
Read Full Article →

Start Encrypting Your Keys

Get API Key

Free tier includes 1,000 units. No credit card required.