QNSP
Start building free
Why QNSP
The Quantum ImperativeWhy QNSPPQC Migration GuideCompetitive AnalysisVet PQC Vendors
Platform
Platform ArchitectureCapabilitiesUse Cases by IndustryKnowledge BaseBlogResearch
Trust
Trust HubCompliance MappingNIST ACVP ConformancePerformance BenchmarksEntropy ChainAlgorithm CatalogSystem Status
Developers
Developer HubUse CasesAI Assistants (MCP)
PricingContactStart building free

Auditor entry point

Have a signed conformance evidence pack from a QNSP customer?

If a QNSP customer has shared a JSON-LD conformance evidence pack with you as part of their SOC 2 / ISO 27001 / FedRAMP audit work, you can verify the ML-DSA-44 (FIPS 204) signature independently on this site. The bundle is parsed, the embedded signature is checked against the embedded public key, and the public key's SHA-256 fingerprint is cross-checked against a separately-published QNSP signer registry (the file's git history at cuilabs/qnsp-public is the audit record of every rotation).

Open the evidence-pack verifier →Or scroll for QNSP's own NIST ACVP evidence

NIST ACVP test-vector evidence

Validated against official NIST ACVP-Server vectors.

QNSP ships two independent PQC providers and runs each one against the official NIST ACVP test vectors. @noble/post-quantum(pure-JS) is the reference implementation used in the browser SDK and as the cross-verification secondary in KMS + audit-service. @cuilabs/liboqs-native (native-C, Open Quantum Safe) is the primary production engine in every QNSP backend service. Vectors come from github.com/paulmillr/acvp-vectors@main — a community mirror of NIST's canonical usnistgov/ACVP-Server/gen-val/json-files repository. Algorithmic correctness, not vendor self-attestation. The complementary entropy chain documentation covers where the randomness consumed by these PQC operations comes from.

@noble/post-quantum (pure-JS reference) · v0.6.1

435 passed · 0 failed · 0 skipped / 435 total (100%)

@cuilabs/liboqs-native (production engine) · v0.15.0

240 passed · 0 failed · 195 skipped / 435 total (55.17%)

  • @cuilabs/liboqs-native 0.15.1 binds OQS_KEM_keypair_derand and OQS_KEM_encaps_derand for ML-KEM ACVP coverage: keyGen (75/75) and encapsulation AFT (75/75) now run deterministically against the production engine, matching the noble figure for ML-KEM.
  • ACVP signature keyGen tests (ML-DSA, SLH-DSA) remain deferred because liboqs 0.15.0 upstream does NOT expose OQS_SIG_keypair_derand — the pqcrystals_ml_dsa and slh_dsa_c reference implementations only ship crypto_sign_keypair(pk, sk) using internal randombytes(). Closing this gap requires an upstream PR against github.com/open-quantum-safe/liboqs to add the seed-controlled keypair API.
  • The liboqs C library's own ACVP test record is maintained upstream by the Open Quantum Safe project at github.com/open-quantum-safe/liboqs.

NIST tests

435 / 435 pass

Failures

0

Operations

4

Generated

2026-06-02 11:31:45Z

SHA-3-256 digest

102decef2e45560bc37ac75c

AlgorithmOperationNIST vector directoryPassed / TotalSkippedDuration
ML-KEMkeyGenML-KEM-keyGen-FIPS20375 / 75031ms
ML-KEMencapDecapML-KEM-encapDecap-FIPS203165 / 165055ms
ML-DSAkeyGenML-DSA-keyGen-FIPS20475 / 750142ms
SLH-DSAkeyGenSLH-DSA-keyGen-FIPS205120 / 120031634ms

Honesty caveats: (1) The "skipped" column on ML-KEM encapDecap covers ACVP negative / key-validation edge-case groups not yet wired into our runner; we run the positive-case encapsulation and decapsulation flows directly. (2) SLH-DSA keyGen runs in FAST mode (one test per parameter set) on the CI snapshot because the full vector sweep takes 30+ minutes. The full sweep is run pre-release; the FAST snapshot here proves the implementation maps to the same expected bytes NIST publishes for the first vector of each parameter set. (3) This is algorithmic correctness validation, not module-level CMVP / FIPS 140-3 validation — QNSP is not on the NIST IUT or MIP list. The two validation regimes are orthogonal; CAVP-style algorithm validation is the prerequisite for the module-level work.

Raw ACVP evidence JSON →Upstream NIST ACVP vectors →Runner source →

Public conformance evidence

FIPS 203 / 204 / 205 determinism vectors.

Server-rendered determinism check. Each row below was computed when this page loaded — the runtime ran keygen(seed) against the live @noble/post-quantum library and compared SHA-256 of the resulting public and secret keys against the expected hashes recorded in the committed determinism vector file. All rows must match for the platform to ship.

Result

9 of 9 match

Checked at

2026-06-13T07:58:22.720Z

Runtime library

@noble/post-quantum@0.6.1

Vectors generated

2026-06-02T11:33:39.832Z

Raw JSON →Live sandbox API →Public SDK & integration source mirror →

Per-vector results

9 determinism vectors · 9 match · 0 mismatch

AlgorithmStandardSeedPublic key SHA-256 (expected → actual)Secret key SHA-256 (expected → actual)Match
ml-kem-512FIPS 203001122334455…221100 (64B)
cff30cbda9…0dae27
cff30cbda9…0dae27
ab17760f9c…dd5ddd
ab17760f9c…dd5ddd
MATCH
ml-kem-768FIPS 203001122334455…221100 (64B)
8c2a46b0e9…bf79e8
8c2a46b0e9…bf79e8
fc7939d119…33bcd4
fc7939d119…33bcd4
MATCH
ml-kem-1024FIPS 203001122334455…221100 (64B)
3186f48e3f…3828e1
3186f48e3f…3828e1
e615148e01…014aca
e615148e01…014aca
MATCH
ml-dsa-44FIPS 2040123456789ab…543210 (32B)
1e58038ad5…fb092c
1e58038ad5…fb092c
b44d6e98c5…6d0cf0
b44d6e98c5…6d0cf0
MATCH
ml-dsa-65FIPS 2040123456789ab…543210 (32B)
7988d22a80…42710f
7988d22a80…42710f
9173b2d2b3…b7338d
9173b2d2b3…b7338d
MATCH
ml-dsa-87FIPS 2040123456789ab…543210 (32B)
a1912e7a6e…0e76ac
a1912e7a6e…0e76ac
719fa772ad…57b602
719fa772ad…57b602
MATCH
slh-dsa-sha2-128fFIPS 2050123456789ab…556677 (48B)
910c156830…738bac
910c156830…738bac
fa53646750…272693
fa53646750…272693
MATCH
slh-dsa-sha2-192fFIPS 2050123456789ab…556677 (72B)
dc0c8bd3e6…2a4508
dc0c8bd3e6…2a4508
d489cf141b…752a3d
d489cf141b…752a3d
MATCH
slh-dsa-sha2-256fFIPS 2050123456789ab…556677 (96B)
bf68dc92d3…b5a6f3
bf68dc92d3…b5a6f3
b3228be362…cbd2df
b3228be362…cbd2df
MATCH

For each row, the runtime executed keygen(seed) on this server when the page loaded, then computed SHA-256 of the resulting public and secret keys. "Expected" rows are the hashes recorded when the conformance vectors were last regenerated against the pinned liboqs build. Mismatches indicate either a library upgrade without a vector regeneration, or a real determinism regression in the upstream implementation.

Standards reference

FIPS standards covered.

FIPS 203
Module-Lattice-Based Key-Encapsulation Mechanism Standard (NIST, finalized August 2024)
FIPS 204
Module-Lattice-Based Digital Signature Standard (NIST, finalized August 2024)
FIPS 205
Stateless Hash-Based Digital Signature Standard (NIST, finalized August 2024)

Note:

These are determinism vectors for QNSP's pinned @noble/post-quantum version, not NIST official ACVP test vectors.
Independent NIST conformance is established by the upstream @noble/post-quantum project against NIST CAVP / ACVP test vectors.

Sandbox key material is generated for assurance testing only and must not be used in production systems.
Public SDKs and integration examples are independently verifiable at the public SDK and integration source mirror at github.com/cuilabs/qnsp-public.