ShieldFive's Post-Quantum Default File Format Prioritizes Future-Proof Security

This review analyzes ShieldFive's file format, which makes post-quantum cryptography the default for at-rest data, detailing its hybrid key establishment and cryptographic primitives for long-term data security.

The Answer Up Front

For founders and teams building tools that handle sensitive data requiring long-term confidentiality, ShieldFive's post-quantum default file format offers a robust, forward-looking design. Its explicit embrace of "harvest now, decrypt later" protection, by making post-quantum (PQ) cryptography the default, is a significant differentiator. Developers concerned about future quantum threats should consider this design pattern. Those building short-lived data systems or who prioritize maximum classical performance over PQ readiness may find the overhead unnecessary. The core value lies in its hybrid key establishment, which combines classical and PQ strengths without the common misconception of encrypting data twice.

Methodology

This v0 review draws on the founder chogarcia's published claims at https://dev.to/chogarcia/making-post-quantum-the-default-in-a-file-format-not-a-toggle-59c0, accessed on 2026-06-11. Independent benchmarks are pending. We will re-test when claims diverge from observed behavior or when a public implementation becomes available for direct evaluation. This review covers the technical decisions behind ShieldFive's post-quantum default file format, including the specific cryptographic algorithms (ML-KEM-1024, HKDF-SHA-256, XChaCha20-Poly1305) and the multi-step hybrid key establishment process as described by the founder. The founder also references a public specification and test vectors. What is not covered includes independent performance benchmarks, long-term workflow implications, or specific edge cases of the file format, nor the broader features of the ShieldFive product itself.

What It Does

Post-Quantum as the Default

The central premise of ShieldFive's file format is to make post-quantum cryptography the default for all newly created encrypted files. This design choice directly addresses the "harvest now, decrypt later" threat model, where adversaries can collect encrypted data today and decrypt it once cryptographically relevant quantum computers become available. The founder's goal is for a file written today to remain secure against future quantum attacks for as long as its classical AEAD (Authenticated Encryption with Associated Data) remains secure, without requiring any user intervention.

Hybrid Key Establishment

The file format employs a hybrid cryptographic approach for key establishment, explicitly avoiding the common misconception of encrypting data twice. Instead, it combines the outputs of two distinct key exchanges into a single, strong key using a Key Derivation Function (KDF). The default suite, identified as 0x03, performs two steps:

1. A classical share: A random 32-byte secret S_c is wrapped to the recipient's classical key.
2. A post-quantum share: An ML-KEM-1024 encapsulation is performed against the recipient's ML-KEM public key, yielding a ciphertext and a 32-byte shared secret S_pq.

These two secrets, S_c and S_pq, are then concatenated and fed into HKDF-SHA-256 along with the file's random identifier and an info string. The output, K, is the final 32-byte key used for file encryption. This construction ensures that the security of K relies on at least one of the two shares remaining secret, providing resilience even if one of the underlying cryptographic primitives is broken.

Core Cryptographic Primitives

The file format leverages specific, well-regarded cryptographic algorithms. For the post-quantum share, it uses ML-KEM-1024, aligning with NIST's Level 5 security requirements. The key derivation is handled by HKDF-SHA-256. The actual file encryption is performed once with the derived key K using XChaCha20-Poly1305, a standard AEAD cipher. This combination aims for IND-CCA2 security against an adversary who might break one primitive but not both.

What's Interesting / What's Not

The most interesting aspect is the founder's explicit commitment to a default-first post-quantum posture. Many security products offer PQ as an opt-in feature, which often leads to underutilization. ShieldFive's approach forces the issue, ensuring forward compatibility for long-lived secrets. The technical explanation of the hybrid key exchange, clarifying that it's about combining key material via a KDF rather than nested encryption, is crucial. This aligns with modern cryptographic best practices, such as the IETF's X-Wing construction (mlkem768x25519), and demonstrates a sound understanding of hybrid security proofs.

The use of ML-KEM-1024 for NIST Level 5 security is a strong signal of commitment to robust, standardized post-quantum algorithms. The founder's mention of a public specification and test vectors is also a positive indicator for transparency and verifiability, though we have not independently reviewed these artifacts. What's notably absent from this initial signal, however, are the specific

The investor read

The market for post-quantum cryptography is nascent but growing, driven by long-term data security concerns and government mandates. ShieldFive's file format signals a move towards embedding PQ security by default, rather than as an optional toggle, which could become a competitive advantage in sectors like defense, finance, and healthcare. Comparable efforts include IETF standardization work (e.g., X-Wing) and various open-source cryptographic libraries integrating NIST-selected algorithms. For ShieldFive to be investable as a product, the file format's robust design needs to translate into a compelling, performant, and easy-to-integrate solution for developers. Key questions for investors would revolve around adoption rates, the total addressable market for 'default PQ' solutions, and the team's ability to navigate the evolving PQ landscape and potential algorithm changes. This appears to be a deliberate technical play, potentially bootstrapping on deep cryptographic expertise.