The quantum-safe signing that protects RankShield Legal’s certificates points at a broader need: much of what a firm holds must stay confidential for decades, and the encryption protecting it today was not chosen for that lifetime. The vault extends post-quantum protection from the proof to the underlying records.
What the vault is designed to protect
The vault targets data ranked by confidentiality lifetime rather than by size or recency: the material that would still cause harm if decrypted in ten or twenty years. That is precisely the data harvest-now, decrypt-later collection is aimed at, and precisely where classical RSA and ECDSA — slated for deprecation after 2030 — leave the longest exposure.
How it would work
Records would be sealed with the same NIST-standardized post-quantum algorithms the platform already uses for signing (ML-DSA and SLH-DSA, FIPS 204/205), with integrity anchored to the tamper-evident transparency log. The honest boundary is the same one we state everywhere: quantum-safe describes resistance to foreseeable quantum attack under current standards — not immunity, and never “quantum-proof.”
Honest status
- The vault is a roadmap capability, not a shipped storage product.
- The post-quantum signing it builds on is live on the platform today.
- It protects confidentiality lifetime; it is not a claim that any system is unbreakable.