Related · tier-1 reading. For what a portable artifact actually is, see Portable Artifact.
ML-DSA-65 signatures, ML-KEM-1024 key exchange, FALCON-512, SLH-DSA-SHA2-128f. Three independent mathematical hardness assumptions. 2,209,429 auth/sec sustained.
Four NIST-standardized post-quantum algorithms, each built on a different mathematical foundation. Available through a single unified REST API.
Module-Lattice Digital Signature Algorithm. Primary signature scheme. MLWE lattice hardness. Fast sign and verify with compact keys.
POST /v1/pq/sign
Module-Lattice Key Encapsulation Mechanism. Post-quantum key exchange. Establishes shared secrets resistant to quantum attack.
POST /v1/pq/encapsulate
Fast Fourier Lattice-based Compact Signatures over NTRU. Compact signatures for bandwidth-constrained environments. Independent NTRU lattice hardness.
POST /v1/pq/falcon/sign
Stateless Hash-Based Digital Signature Algorithm. Zero lattice dependency. Breaks only if SHA-2 preimage resistance fails. Conservative fallback.
POST /v1/pq/slh-dsa/sign
Benchmarked on Graviton4 metal (192 vCPUs). Full post-quantum pipeline: FHE batch encryption, three-family attestation, ZK lookup. Not a microbenchmark.
| Pipeline Stage | Latency | % of Pipeline |
|---|---|---|
| FHE Batch (32 users/ciphertext) | 943 µs | 70% |
| Batch Attest (SHA3 + ML-DSA sign + verify) | 391 µs | 29% |
| ZK Lookup (cached) | 0.358 µs | <1% |
| Total (32-user batch) | 1,345 µs | 100% |
| Per authentication | 42 µs | — |
120-second sustained benchmark, not burst. Full pipeline including FHE encryption, PQ attestation, and ZK verification. Independently reproducible.
H33 signs every attestation with three post-quantum families built on independent mathematical problems. An attacker must break all three simultaneously.
| Family | Algorithm | Hardness Assumption | Breaks If |
|---|---|---|---|
| Family 1 | ML-DSA-65 | Module Learning With Errors (MLWE) | MLWE lattices broken |
| Family 2 | FALCON-512 | NTRU Lattice | NTRU lattices broken |
| Family 3 | SLH-DSA-SHA2-128f | Stateless Hash Functions | SHA-2 preimage broken |
Breaks if and only if MLWE lattices, NTRU lattices, AND stateless hash functions are simultaneously broken — three independent mathematical bets.
Four core operations. JSON in, JSON out. Every response includes the H33-74 attestation bundle.
| Operation | Endpoint | Method |
|---|---|---|
| Sign (ML-DSA) | POST /v1/pq/sign | POST |
| Verify (ML-DSA) | POST /v1/pq/verify | POST |
| Encapsulate (ML-KEM) | POST /v1/pq/encapsulate | POST |
| Decapsulate (ML-KEM) | POST /v1/pq/decapsulate | POST |
| Sign (FALCON) | POST /v1/pq/falcon/sign | POST |
| Sign (SLH-DSA) | POST /v1/pq/slh-dsa/sign | POST |
| Attest (H33-74) | POST /v1/substrate/attest | POST |
| Verify (H33-74) | POST /v1/substrate/verify | POST |
Sign a payload with post-quantum cryptography in three lines. Every response includes the full attestation chain.
curl -X POST https://api.h33.ai/v1/pq/sign \
-H "Authorization: Bearer $H33_API_KEY" \
-H "Content-Type: application/json" \
-d '{"payload": "SGVsbG8gd29ybGQ=", "algorithm": "ml-dsa-65"}'
import { H33 } from '@h33/sdk';
const h33 = new H33({ apiKey: process.env.H33_API_KEY });
const result = await h33.pq.sign({
payload: Buffer.from('Hello world'),
algorithm: 'ml-dsa-65'
});
// result.signature — ML-DSA-65 signature
// result.attestation — H33-74 bundle (74 bytes)
// result.chain_hash — 32-byte on-chain commitment
import os
from h33 import H33Client
client = H33Client(api_key=os.environ["H33_API_KEY"])
result = client.pq.sign(
payload=b"Hello world",
algorithm="ml-dsa-65"
)
# result.signature — ML-DSA-65 signature
# result.attestation — H33-74 bundle (74 bytes)
# result.chain_hash — 32-byte on-chain commitment
H33's post-quantum algorithms implement the final NIST standards. Not draft versions. Not approximations. The published specifications.
Building post-quantum cryptography in-house requires deep expertise in lattice mathematics, constant algorithm updates, key lifecycle management, and performance optimization across multiple hardware targets. H33 eliminates that burden with a production-ready API backed by three independent hardness assumptions.
| Capability | H33 Post-Quantum API | DIY Implementation |
|---|---|---|
| Algorithm Coverage | 4 NIST algorithms (ML-DSA-65, ML-KEM-1024, FALCON-512, SLH-DSA) through one API | Each algorithm requires separate library integration, testing, and maintenance |
| Performance Optimization | 42 µs per auth on Graviton4 metal; hardware-specific tuning included | Requires manual SIMD vectorization, batch optimization, and per-platform profiling |
| Key Management | Automated key generation, rotation, and lifecycle across all 4 algorithms | Must build key storage, rotation policies, and multi-algorithm coordination from scratch |
| Signature Verification | Three-family attestation bundle verified in a single call | Must implement and maintain separate verification paths for each algorithm |
| Compliance | NIST FIPS 203/204/205 compliant, KAT-validated, HATS-ready | Responsible for own KAT validation, compliance documentation, and audit readiness |
| Maintenance Burden | Zero — algorithm updates, security patches, and parameter changes handled by H33 | Ongoing: track NIST updates, CVEs, parameter changes, and re-validate after every change |
Most teams underestimate the maintenance cost of PQ cryptography. NIST standards evolve, parameter sets are revised, and new side-channel attacks require implementation patches. H33 handles all of this behind a stable API contract. Your integration stays the same even as the cryptography evolves underneath.
The H33 post-quantum API pipeline is not four separate endpoints bolted together. It is a unified cryptographic pipeline where each algorithm plays a specific role, and the output is a single attestation object that binds all four operations into one verifiable proof.
When a signing request arrives at the API, the pipeline executes in four stages. First, ML-DSA-65 (Module-Lattice Digital Signature Algorithm, FIPS 204) generates the primary digital signature. ML-DSA operates on the Module Learning With Errors (MLWE) problem, constructing signatures from structured lattice operations that resist both classical and quantum attacks. The ML-DSA signature is the fastest of the three signing operations and handles the primary authentication workload.
Second, FALCON-512 produces a compact secondary signature using NTRU lattice hardness — a mathematically independent problem from MLWE. FALCON signatures are notably compact (under 700 bytes), making them suitable for bandwidth-constrained environments. The NTRU hardness assumption has been studied since 1996 and provides a distinct mathematical foundation from ML-DSA.
Third, SLH-DSA-SHA2-128f (Stateless Hash-Based Digital Signature Algorithm, FIPS 205) adds the conservative fallback signature. SLH-DSA depends solely on the security of hash functions — specifically SHA-2 preimage resistance. This provides a fundamentally different security foundation: even if all lattice-based cryptography is broken, SLH-DSA remains secure as long as SHA-2 holds.
Fourth, ML-KEM-1024 (Module-Lattice Key Encapsulation Mechanism, FIPS 203) handles key exchange when establishing shared secrets for encrypted channels. ML-KEM uses the same MLWE hardness as ML-DSA but for encapsulation rather than signing. In hybrid mode, ML-KEM can be paired with classical ECDH for defense-in-depth during the transition period.
The three signatures plus the key encapsulation output are compressed into a single H33-74 Post-Quantum Attestation Primitive bundle — 74 bytes total. Thirty-two bytes form the on-chain SHA3-256 commitment, and 42 bytes are cached off-chain for full verification. The entire pipeline executes in 42 microseconds per authentication at production scale.
Common questions about integrating post-quantum cryptography through the H33 API.
The H33 Post-Quantum API supports four NIST-standardized algorithms: ML-DSA-65 (FIPS 204) for digital signatures based on MLWE lattice hardness, ML-KEM-1024 (FIPS 203) for key encapsulation based on module lattices, FALCON-512 for compact signatures based on NTRU lattice hardness, and SLH-DSA-SHA2-128f (FIPS 205) for stateless hash-based signatures. All four are available through a single unified REST API with consistent JSON request and response formats.
H33 sustains 2,209,429 authentications per second on Graviton4 metal infrastructure (192 vCPUs), benchmarked over 120 seconds continuously — not a burst measurement. Per-authentication latency is 42 microseconds. The full pipeline includes FHE batch encryption (943 microseconds for 32 users), three-family PQ attestation (391 microseconds), and ZK cached lookup (0.358 microseconds). These numbers represent the complete production pipeline, not isolated microbenchmarks.
No. The H33 API abstracts all post-quantum cryptographic complexity behind standard REST endpoints. You send JSON payloads and receive signed, attested responses. Algorithm selection, key management, parameter tuning, and attestation bundling are handled automatically. You do not need to understand lattice mathematics, NTRU structures, or hash-based signature trees. If you can call a REST API, you can ship post-quantum cryptography in production.
Yes. The H33 API operates as an application-layer service over standard HTTPS. Your existing TLS termination, load balancers, CDN, and API gateways continue to function without modification. H33 adds post-quantum cryptographic attestation at the application layer, giving you PQ protection for your data and signatures without replacing your transport infrastructure. When PQ-TLS becomes widely available, H33 will support it as an additional layer.
Yes. H33 supports hybrid key exchange combining classical ECDH with ML-KEM-1024, providing backward compatibility with existing systems while adding post-quantum resistance. Hybrid mode ensures that even if the PQ algorithm has an undiscovered weakness, the classical algorithm provides a security floor, and vice versa. This is the recommended approach during the transition period for systems that must maintain interoperability with classical-only counterparts.
H33 implements the final NIST FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA) standards — not draft versions, not approximations. All implementations are validated against NIST Known Answer Test (KAT) vectors. The API supports HATS (H33 AI Trustworthiness Standard) conformance for organizations requiring independently verifiable evidence of cryptographic governance controls. Every attestation is independently reproducible by any verifier.
Real-world scenarios where the H33 Post-Quantum API solves problems that classical cryptography cannot.
Nation-state adversaries are known to intercept and store encrypted financial communications today, planning to decrypt them once quantum computers mature. A major bank using the H33 API signs all inter-institution settlement messages with three-family PQ attestation. Even if one lattice family is broken in 2035, the remaining two families protect the integrity of today's transactions. The bank integrates via a single API call per message — no in-house PQ expertise required, no algorithm maintenance, and the 42 microsecond latency fits within existing SLA requirements for real-time settlement.
Medical records must remain confidential for decades — often 50 years or longer for pediatric records. A hospital network uses ML-KEM-1024 hybrid key exchange to encrypt patient records at rest, ensuring that data encrypted today will resist quantum decryption throughout the patient's lifetime. Consent attestations are signed with the three-family bundle, creating independently verifiable proof of what the patient authorized, when, and under what regulatory framework. When an insurer or regulator needs to verify consent 20 years later, the attestation is still cryptographically valid regardless of quantum computing advances.
The NSA's CNSA 2.0 guidance requires federal agencies to transition to post-quantum cryptography by 2030 for software signatures and by 2033 for key exchange. Agencies using the H33 API achieve compliance immediately without building internal PQ competency. The API already implements FIPS 203, 204, and 205 final standards. When NIST publishes parameter updates or new algorithm versions, H33 updates the backend transparently — the agency's integration code remains unchanged, and compliance is maintained without redeployment.
One API key. Four algorithms. Three hardness assumptions. 42 microseconds per authentication. Production-ready now.
Building post-quantum cryptography in-house requires deep expertise in lattice mathematics, hash-based signature schemes, and parameter selection. The H33 Post-Quantum API eliminates this complexity while delivering production-grade performance and multi-family attestation out of the box.
| Capability | H33 Post-Quantum API | DIY PQ Implementation |
|---|---|---|
| Time to production | Single API call — minutes to first attestation | 6–18 months of cryptographic engineering, parameter tuning, and security review |
| Algorithm coverage | ML-DSA-65, ML-KEM-1024, FALCON-512, SLH-DSA-SHA2-128f — all four via one endpoint | Typically one algorithm; each additional family multiplies integration and maintenance cost |
| Multi-family attestation | Three independent hardness assumptions per attestation (MLWE, NTRU, hash-based), automatic | Requires building custom signature aggregation, compression, and verification pipeline |
| Performance | 2,209,429 auth/sec sustained (Graviton4), 42 microseconds per auth | Highly variable; unoptimized implementations commonly 10–100x slower than tuned native code |
| NIST KAT validation | All algorithms validated against official NIST Known Answer Test vectors | Team must implement and maintain KAT test suites for every algorithm version |
| Key management | Fully managed — key generation, rotation, storage, and revocation handled by H33 | Team must build secure key lifecycle infrastructure from scratch |
| Algorithm agility | Backend updates transparent to caller when NIST publishes new parameter sets | Every parameter change requires code modification, testing, and redeployment |
| Hybrid classical + PQ | Built-in ECDH + ML-KEM-1024 hybrid mode | Requires implementing key encapsulation combiner and dual-key infrastructure |
| H33-74 Post-Quantum Attestation Primitive | 74-byte attestation bundle per operation, automatic | Not available — must design custom attestation format and compression |
| Ongoing maintenance | Zero — algorithm updates, security patches, and compliance changes handled by H33 | Continuous cryptographic engineering required to track NIST revisions and vulnerability disclosures |
The fundamental difference is risk surface. A DIY implementation places the full burden of cryptographic correctness on your engineering team. Parameter selection errors, side-channel vulnerabilities, and incorrect key lifecycle management are common in even well-funded PQ implementations. The H33 API concentrates that risk in a single, continuously audited service backed by three independent mathematical hardness assumptions: MLWE lattices, NTRU lattices, and stateless hash functions. An attacker must break all three simultaneously to forge a single attestation.
A production pipeline built on Rust, running on Graviton4 metal, with five proprietary cryptographic engines and zero external FHE or ZK dependencies.
Every API request follows a three-stage pipeline. Stage one is FHE batch encryption using BFV inner product with 32 users per ciphertext, completing in 943 microseconds. Stage two is batch attestation, where SHA3-256 hashing followed by ML-DSA-65, FALCON-512, and SLH-DSA-SHA2-128f signing and verification completes in 391 microseconds. Stage three is ZK cached lookup via the H33 cache engine, returning in 0.358 microseconds. The total pipeline latency for 32 users is 1,345 microseconds, yielding 42 microseconds per individual authentication.
The API produces an H33-74 Post-Quantum Attestation Primitive for every operation. The primitive is 74 bytes total: 32 bytes of SHA3-256 commitment hash stored on-chain or in persistent storage, plus 42 bytes of signer set metadata, timestamp, authority scope, version, and governance link cached in the H33 cache layer. The three PQ signature families are independently generated then compressed into the 74-byte envelope. Verification requires only the 74-byte bundle and the public key set — no connection to H33 infrastructure is needed.
The production backend runs on AWS Graviton4 metal instances (c8g.metal-48xl) with 192 vCPUs and 371 GiB memory. The entire stack is Rust with no garbage collection pauses. The FHE engine uses BFV with N=4096, a single 56-bit modulus, and t=65537 (the H33-128 parameter set). Montgomery multiplication with radix-4 and Harvey lazy reduction powers the polynomial arithmetic. The system allocator (not jemalloc) is used after benchmarking showed superior throughput under high concurrency. All code is compiled with target-cpu=native for Graviton4-specific NEON optimizations.
Any party can verify an H33-74 attestation without contacting H33. The public verifier binary is freely downloadable and requires no API key, account, or subscription. Verification checks the SHA3-256 commitment, then independently verifies all three PQ signatures against the published public key set. If any signature fails, the attestation is rejected. This design ensures that H33 is not a trust bottleneck — the mathematics is the trust anchor, not the company.
Beyond financial services, healthcare, and government, post-quantum attestation protects long-lived digital artifacts across industries.
A global manufacturer attests every component's origin, testing results, and certifications with three-family PQ signatures. Twenty years from now, when a product liability claim arises, the attestations remain independently verifiable regardless of quantum computing advances. Each component's provenance is cryptographically bound to specific test results, timestamps, and the authority that signed off — no forged certificates, no retroactive modifications.
Law firms use the H33 API to attest contracts, depositions, and evidence packages. Each document receives a 74-byte attestation binding it to the signer, timestamp, and governance policy in effect. During litigation, any party can independently verify that the document existed in its current form at the attested time. PQ signatures ensure the attestation survives the transition to quantum computing without requiring re-signing.
IoT devices deployed for 15–20 year lifecycles need firmware update signatures that will remain secure throughout the device's operational life. The H33 API signs firmware updates with three PQ families, ensuring that even resource-constrained devices can verify update authenticity against quantum-capable adversaries. The 42-microsecond attestation latency fits within real-time firmware validation requirements for industrial control systems.
Research institutions and patent filers use PQ attestation to create tamper-evident timestamps for inventions, datasets, and publications. The attestation proves that a specific intellectual artifact existed at a specific time, signed with three hardness assumptions that will survive quantum cryptanalysis. This provides stronger priority evidence than traditional timestamping services that rely on classical signatures vulnerable to future quantum attacks.
Detailed answers to the most common questions about integrating and operating the H33 Post-Quantum API in production environments.
The H33 Post-Quantum API supports four NIST-standardized algorithms through a single unified REST API. ML-DSA-65 (FIPS 204) provides digital signatures based on MLWE lattice hardness. ML-KEM-1024 (FIPS 203) provides key encapsulation based on module lattices. FALCON-512 provides compact signatures based on NTRU lattice hardness. SLH-DSA-SHA2-128f (FIPS 205) provides stateless hash-based signatures. Every attestation is signed with three of these families simultaneously — ML-DSA, FALCON, and SLH-DSA — creating a security model where forgery requires breaking three independent mathematical problems at once.
H33 sustains 2,209,429 authentications per second on Graviton4 metal infrastructure with 192 vCPUs, benchmarked continuously over 120 seconds. Per-authentication latency is 42 microseconds. The full pipeline includes FHE batch encryption at 943 microseconds for 32 users, three-family PQ attestation at 391 microseconds, and ZK cached lookup at 0.358 microseconds. These numbers are measured under sustained load, not burst benchmarks. The per-authentication cost is approximately $3.8 times 10 to the negative 10th power on current infrastructure pricing.
No. The H33 API abstracts all post-quantum cryptographic complexity behind standard REST endpoints. You send JSON payloads and receive signed, attested responses. Algorithm selection, key management, parameter tuning, and attestation bundling are handled automatically. You do not need to understand lattice mathematics, NTRU structures, or hash-based signature trees. If you can call a REST API, you can ship post-quantum cryptography in production.
Yes. The H33 API operates as an application-layer service over standard HTTPS. Your existing TLS termination, load balancers, CDN, and API gateways continue to function without modification. H33 adds post-quantum cryptographic attestation at the application layer, giving you PQ protection for your data and signatures without replacing your transport infrastructure. When PQ-TLS becomes widely available, H33 will support it as an additional transport-layer option.
Yes. H33 supports hybrid key exchange combining classical ECDH with ML-KEM-1024, providing backward compatibility with existing systems while adding post-quantum resistance. Hybrid mode ensures that security is bounded by the stronger of the two algorithms: even if the PQ algorithm has an undiscovered weakness, the classical algorithm provides a security floor, and vice versa. This is the recommended configuration during the transition period for systems that must maintain interoperability with classical-only counterparts.
H33 implements the final NIST FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA) standards — not draft versions, not approximations. All implementations are validated against official NIST Known Answer Test vectors. The API is designed to meet CNSA 2.0 transition timelines (2030 for software signatures, 2033 for key exchange). H33 also supports HATS (H33 AI Trustworthiness Standard) conformance for organizations requiring independently verifiable evidence of cryptographic governance controls. Every attestation produced by the API is independently reproducible by any verifier using the freely available public verification binary.