Post-quantum end-to-end encryption, direct device-to-device communication, full control over your data. Available as app, web app, and white-label or SDK solution.
The quantum threat is not a future problem: it's a concrete risk for the data you protect right now.
Governments and malicious actors intercept and store encrypted communications today, waiting for a quantum computer capable of decrypting them. Your sensitive data of today will be readable tomorrow if protected only by classical cryptography.
IBM, Google, Microsoft, and governments are investing billions in quantum computer development. Shor's algorithm can break RSA, ECDH, and the elliptic curves that underpin today's cryptography. It's not a matter of "if", but "when".
NIST has already published post-quantum standards (FIPS 203, 204, 205) in August 2024. The NSA requires migration to PQC by 2035. The European ENISA recommends immediate adoption of hybrid solutions. Those who don't comply remain exposed.
Medical records, trade secrets, legal communications, financial data: information that must remain confidential for decades. If encrypted only with RSA or ECDH, it will be vulnerable within a few years.
Qessage implements ML-KEM-768 (Kyber), the NIST FIPS 203 standard, in hybrid mode: classical + post-quantum cryptography together. Even if one of the two layers is compromised, your data stays protected.
Migrating to post-quantum cryptography takes time. Adopting a PQ-ready solution like Qessage today means protecting data before the threat materializes, not after. Proactive security is the only real security.
Qessage combines the simplicity of a modern messenger with enterprise-grade security.
Configurable hybrid encryption modes: ML-KEM-768 (Kyber) + ECDH P-521/RSA-2048. Messages are readable only by sender and recipient.
Hybrid modes combine classical and post-quantum cryptography (NIST FIPS 203). Even a future quantum computer won't be able to decrypt your messages.
Messages travel directly between devices via WebRTC, without passing through the server. The server is only used as a delivery fallback.
File sharing protected by post-quantum cryptography. Every file is encrypted with AES-256, the key wrapped with hybrid ML-KEM-768 (Kyber). Images, videos, audio and documents safe even from the quantum era.
Qessage supports integration with Quantum Key Distribution systems for hybrid PQC + QKD cryptography. Keys generated via quantum distribution are combined with ML-KEM-768 for protection grounded in the laws of quantum physics.
Four registration and login modes configurable remotely, to fit any business and regulatory context.
Every file is encrypted locally before sending. The server only receives opaque data with .enc extension. The AES key is wrapped for both sender and recipient: both can reopen their files.
Available for Android, iOS, Desktop and Web. A single codebase for all platforms, with a native user experience on each one.
After registration, protect access with fingerprint or Face ID. Fast and secure recognition at every app launch.
With deleteReadMessage enabled, messages are deleted from the server after delivery. No trace left on our systems.
Root/jailbreak detection, hooking (Frida), debugger, emulator, and tampering detection via freeRASP. The app protects itself at runtime.
Web dashboard for administrators: user, message, and group monitoring, real-time analytics, and remote system configuration.
Designed to withstand today's and tomorrow's threats.
Every message is encrypted with AES-256. The key is protected by combining two independent secrets (classical + post-quantum). Both private keys are needed to decrypt: breaking only RSA/ECDH or only Kyber is not enough.
Transport is protected by TLS. P2P connection uses DTLS. Message content is end-to-end encrypted. Media files have their own independent AES-256 encryption. The server never sees cleartext data.
From "no encryption" for internal environments to "ecdh+kyber" for maximum security with forward secrecy and post-quantum protection. Mode can be changed remotely without updating the app.
Hybrid P2P/server system for maximum reliability and minimum latency.
Qessage is available as a fully customizable white-label solution.
Logo, colors, app name, and icons fully customizable. Your users will only see your brand.
Dedicated or on-premise Parse Server instance. Data stays in your systems, under your control.
Choose the authentication mode (phone, email, Entra ID), encryption level, and active features.
Healthcare, finance, public administration, defense, legal: each sector has specific requirements. Qessage adapts to your compliance needs.
Builds for Google Play, App Store, and web. Publish with your own developer account, no dependency on us.
Assistance with customization, deployment, and team training. Ongoing technical support.
Comparison with the most popular alternatives.
| Qessage | Telegram | Signal | ||
|---|---|---|---|---|
| Default E2E encryption | Configurable ✓ | Yes | Secret chats only | Yes |
| Post-quantum cryptography | ML-KEM-768 ✓ | No | No | PQXDH (partial) |
| Hybrid modes (classical + PQ) | rsa+kyber, ecdh+kyber ✓ | No | No | Yes (X25519+Kyber) |
| Direct P2P communication | WebRTC ✓ | No | No | No |
| On-premise backend | Yes ✓ | No | No | Yes (self-hosted) |
| White-label / customization | Full ✓ | No | No | Limited |
| Server-side ephemeral messages | Yes ✓ | Disappearing only | Timer | Timer |
| Media file encryption | AES-256 pre-upload ✓ | Yes | Secret chats only | Yes |
| Quantum-safe file sharing | Hybrid ML-KEM-768 ✓ | No | No | No |
| QKD integration (PQC + QKD) | Yes ✓ | No | No | No |
| Admin console | Yes ✓ | Business API | No | No |
| Runtime protection (RASP) | freeRASP ✓ | Proprietary | No | No |
| European digital sovereignty | Italy / EU ✓ | USA (Meta) | UAE / Dubai | USA |
Contact us for a demo, a proof-of-concept, or to discuss your custom white-label solution.
Request access to the demo to try Qessage in action