About HybridCipher
Building the future of long-lived data protection
Our Mission
Today's encryption protects against today's threats—but what about tomorrow's? Sensitive data has a shelf life measured in decades, while cryptographic assumptions can collapse overnight when quantum computers arrive.
HybridCipher exists to solve two problems most file encryption ignores: true access revocation (not just policy-based) and protection against "harvest now, decrypt later" attacks.
What is HybridCipher?
Client-side encryption layer
Works on top of any cloud storage folder—no vendor lock-in
Device-held keys
Your encryption keys never leave your devices
Rekeying for revocation
Removed team members lose cryptographic access via epoch transitions
Post-quantum hybrid cryptography
ML-KEM-768 + X25519 protects against both classical and quantum threats
Merkle-based audit logs
Tamper-evident transparency for membership and key events
No vendor lock-in
Use any cloud storage provider—your data stays portable
Trust Posture
We believe trust should be earned through transparency, not just claimed. Here's where we stand on key trust indicators:
| Trust Indicator | Status | Link |
|---|---|---|
| Security Model | ✅ Available | View → |
| Technical Documentation | ✅ Available | View → |
| Cryptography Choices | ✅ Available | View → |
| Third-party Security Audit | 🔜 Planned | After product stabilization |
| Open Source Release | ✅ Available | View public repository → |
What We Don't Do
Understanding what a security product doesn't do is just as important as understanding what it does. Here are our explicit non-goals:
We don't store your encryption keys
Your keys live exclusively on your devices. We never have access to them, which means we can't decrypt your files—even if compelled.
We don't process unencrypted content
All encryption and decryption happens client-side. Our servers only ever see encrypted blobs—never your actual files.
We don't require internet for local access
Once your keys are synced, you can access and decrypt your local files offline. No phone-home requirements.