Skip to content

AI infrastructure that plans for the cryptography deadline

Bee integrates the three NIST-finalized post-quantum standards — FIPS 203, 204, and 205 — with PQC transport shipping default-on for Enclave Sovereign deployments.

The harvest-now, decrypt-later problem

Traffic recorded today can be decrypted later by a sufficiently capable quantum computer if it was protected only by classical key exchange. For prompts and documents with a long confidentiality horizon — contracts, filings, defense material — the migration clock is set by the data's lifetime, not by when such machines arrive.

NIST finalized its post-quantum standards in August 2024. Bee's position is simple: the platform carries them now, so customers with long-lived data don't have to wait for a re-architecture.

The three standards Bee uses

  • FIPS 203 — ML-KEM (module-lattice key encapsulation): post-quantum key exchange that derives session keys on Bee Enclave Sovereign customer transport.
  • FIPS 204 — ML-DSA (module-lattice signatures): signs server attestations and SDK release artefacts so clients can verify provenance.
  • FIPS 205 — SLH-DSA (stateless hash-based signatures): a long-lived attestation chain for offline verification and air-gapped deployments.

Where it's on today — stated precisely

Bee Enclave Sovereign customers transact on the post-quantum stack from the first request — no opt-in toggle, no classical-fallback handshake. Public Bee tiers use standard TLS 1.3 today; the public-tier PQC default follows the Sovereign rollout.

That precision matters: a platform that claims blanket “quantum-safe” without saying which paths run which primitives is asking you not to check. Bee's claims are scoped so you can.

Defense in depth around the PQC boundary

  • AES-256-GCM at rest under per-tenant keys — symmetric encryption with margin against quantum attack by construction.
  • Customer-managed keys on Hive and above; HSM-backed roots on Enclave Regulated and Sovereign.
  • Hardware-backed FIDO2 as the only operator path to production; no long-lived static credentials.
  • Each FIPS standard cited to its NIST source on the /security page, so review teams verify against the authority, not our paraphrase.

Frequently asked questions

Is all Bee traffic post-quantum encrypted today?
No, and we say so plainly: PQC transport is default-on for Bee Enclave Sovereign deployments today. Public tiers run standard TLS 1.3, with the public-tier PQC default following the Sovereign rollout.
Which post-quantum algorithms does Bee use?
Only NIST-finalized standards: ML-KEM (FIPS 203) for key encapsulation, ML-DSA (FIPS 204) and SLH-DSA (FIPS 205) for signatures. No draft or pre-standard primitives.
Why does post-quantum matter for an AI platform specifically?
Prompts and uploaded documents often carry an organisation's most sensitive material, and AI traffic is high-volume and predictable — attractive to record now and decrypt later. PQC key exchange removes that future decryption path.
Is quantum-safe encryption the same as quantum computing features?
No — they're separate. Post-quantum cryptography defends against quantum attack. Bee also offers opt-in quantum reasoning on IBM quantum hardware, which is a compute capability, not a security control.
Can we get the PQC posture in writing for a security review?
Yes — the /security page documents the algorithms, scope, and NIST sources, and procurement-grade evidence is available under NDA via bee-security@heossi.com.

Related

Start on the free tier

Bee Cell is free — no card. Scale to paid tiers, the API, or sovereign deployment when you are ready.