Custody Models

QuantumSafe supports different custody models for PQC key management. Currently, only BYOK is available. Managed and Threshold custody are on the roadmap.

Overview

ModelVersionStatusPrivate Key LocationUser Control
BYOKv1.0AvailableClient deviceFull
Managedv1.5AvailableAWS KMS HSMShared
Thresholdv2.0PlannedSplit across parties (MPC)Distributed

BYOK (Bring Your Own Key) — v1.0

The current and default custody model.

How It Works

The SDK generates PQC key pairs locally on your device. Only the public key is registered with QuantumSafe. The private key never leaves your environment.

Your Responsibility

You are fully responsible for private key storage, backup, and security. If lost, the key cannot be recovered.

Advantages

  • Full control over private keys
  • No trust required in QuantumSafe infrastructure
  • Lowest attack surface
  • Works offline (key generation only)

Disadvantages

  • No recovery mechanism if private key is lost
  • Requires secure key storage infrastructure
  • Single point of failure (the device holding the key)
EnvironmentStorage
DevelopmentEncrypted file on disk
ProductionHSM, AWS KMS, Azure Key Vault, GCP Cloud KMS
MobileSecure Enclave (iOS) / StrongBox (Android)
HardwareDedicated HSM appliance

Managed Custody — v1.5 (Available)

KMS Managed mode stores your PQC private keys in AWS KMS hardware security modules (FIPS 140-3 Level 3). Keys are non-exportable — they never leave the HSM.
KMS Managed Keys require Pro plan ($499/mo) or above. See the KMS Managed guide for a full walkthrough.
In Managed mode, QuantumSafe handles PQC key storage using AWS KMS:
  • Key generation happens in the KMS (keys never exist in plaintext outside the HSM)
  • Signing happens in the KMS via the KMS Sign endpoint
  • Access control via IAM policies and QuantumSafe permissions

BYOK vs Managed Comparison

FeatureBYOK (v1)Managed (v1.5)
Key LocationYour deviceAWS KMS HSM
Security LevelSoftwareFIPS 140-3 Level 3
Private Key AccessYou controlNon-exportable
CostFree1/key/mo+1/key/mo + 0.15/10K ops
Plan RequiredFree+Pro+
AlgorithmsAllML-DSA only

Algorithm Compatibility

AlgorithmBYOKManaged (KMS)
ML-DSA-44
ML-DSA-65
ML-DSA-87
SLH-DSA
FN-DSA

Advantages

  • No private key management burden
  • FIPS 140-3 Level 3 hardware security
  • Automatic backup and disaster recovery
  • HSM-grade security
  • Audit logging

Disadvantages

  • Trust in QuantumSafe + AWS KMS
  • Requires network connectivity for signing
  • Higher latency for signing operations
  • Monthly KMS costs (1/key/mo+1/key/mo + 0.15/10K signing ops)

Migration from BYOK

Only ML-DSA keys can be migrated to Managed custody. SLH-DSA and FN-DSA keys created in BYOK mode cannot be imported into KMS due to format constraints. If you plan to use Managed custody, choose an ML-DSA variant now.
Migration from BYOK to Managed:
  1. Export your ML-DSA private key from local storage
  2. Import into KMS via QuantumSafe’s secure import flow
  3. Verify the import succeeded
  4. Delete the local copy

Cost Breakdown

  • $1 per key per month
  • $0.15 per 10,000 signing operations
  • Verification is free (uses public key locally)

Threshold Custody — v2.0 (Planned)

Threshold custody is planned for v2.0 and is not yet available. The details below are subject to change.
Threshold custody uses multi-party computation (MPC) to split the private key across multiple parties. No single party holds the complete key.

How It Works

  • Key is split into n shares with a threshold of t
  • Any t of n parties can collaborate to sign
  • No party ever sees the full private key
  • Signing is performed via an MPC protocol

Advantages

  • No single point of failure
  • Compromise of t-1 parties does not reveal the key
  • Suitable for organizational custody
  • Can implement approval workflows

Disadvantages

  • Higher complexity
  • Requires coordination between parties
  • Higher latency for signing
  • MPC protocol overhead

Choosing a Model

Use BYOK. You maintain full control and can store keys in your existing infrastructure.