Vault 101
Encryption and certificates explained
🔐 Secret Messages
Encryption scrambles data so only the intended recipient can read it. Your browser does this every time you send a password or credit card number.
password123
a7xK9mQ2...
🔑 Keys Make It Work
Encryption uses keys — long numbers that lock and unlock data. There are two kinds:
- Public key — Anyone can use this to lock a message.
- Private key — Only the owner has this. It unlocks the message.
📄 A Digital ID Card
A certificate proves a website's identity, like an ID card. It binds a domain name to a public key so your browser knows who it's talking to.
✍️ Signatures Prove It Is Real
A digital signature stamps each certificate to prove two things:
- Who made it — The signature links the certificate to a trusted organization.
- Nobody changed it — If anyone edits the certificate, the signature breaks.
🔗 Who Signs Them?
A Certificate Authority (CA) — a trusted organization that verifies website owners and issues signed certificates. Your browser ships with a list of CAs it trusts.
⚠️ Today's Math Will Break
Today's encryption relies on math problems that take billions of years to solve. Quantum computers solve those specific problems efficiently — breaking the protection.
💡 New Math Already Exists
NIST published new standards (August 2024) using math that quantum computers cannot break. The transition has begun.
📋 What Needs to Change
- Encryption keys — New key types that quantum computers cannot crack.
- Signatures — New signature math for certificates and documents.
- Certificates — CAs need to issue certificates using the new math.
🚀 Explore Quantum Nexum
The full reference library. Algorithms, standards, and specifications.
Interactive tools. Generate keys, test connections, compare algorithms.
Post-quantum CA software. Issue and manage certificates with new math.
Browse the live PKI infrastructure powered by post-quantum algorithms.