// quantum vault
Encrypt anything. Quantum-resistant.
AES-256-GCM with a memory-hard PBKDF2-SHA256 (600k iterations) key. Symmetric AES-256 keeps ~128-bit strength even against a quantum adversary. Your passphrase and text are processed in memory only — never stored, never logged.
How it protects you
- Your passphrase is stretched with PBKDF2-SHA256 (600k iterations), then used as an AES-256-GCM key.
- Every ciphertext is authenticated — if a single byte is altered, decryption refuses (no silent tampering).
- Zero-knowledge: the server never stores your text or passphrase, and the operation is never logged.
- Symmetric AES-256 is the pragmatic post-quantum choice: Grover's algorithm only halves the key strength, leaving ~128-bit security.
Frequently asked questions
What does "zero-knowledge" mean here?
Encryption and decryption happen in your browser. Your passphrase and plaintext never leave memory and are never sent to or stored on the server.
What encryption does Quantum Vault use?
AES-256-GCM for authenticated encryption, with the key derived from your passphrase using Argon2id, a memory-hard function resistant to brute-force hardware.
Can NeoShield recover my data if I lose the passphrase?
No. Because the key is derived from your passphrase and we never receive it, lost passphrases cannot be recovered — keep a secure backup.
Is Quantum Vault free?
Yes. Client-side text encryption is free to use, with no account required.