# Implementation
## Implementation Guide
### Overview
The ExeQuantum API provides enterprise-grade access to NIST-standardized post-quantum algorithms, including:
* **ML-KEM (Key Encapsulation Mechanism)** - the NIST-selected standard for establishing shared secrets.
* **ML-DSA (Digital Signature Algorithm)** - the NIST-selected standard for authentication and integrity.
Together, these algorithms enable organizations to establish quantum-safe channels for end-to-end communication, TLS, and data integrity, without needing to build or maintain cryptographic primitives in-house.
***
### Security Model
ExeQuantum never stores your private keys, shared secrets, or signatures.
API tokens provide secure, authenticated access. Permanent root tokens should be kept in trusted environments, while temporary tokens are recommended for client-facing or short-lived sessions.
All API endpoints are accessible across programming languages; code samples are provided in Python for clarity.
### Deployment Options
ExeQuantum’s PQCaaS can be integrated flexibly depending on sovereignty and compliance requirements:
* **On-Premise / Local Partner Cloud** - API hosted within your infrastructure or by a certified national partner.
* **ExeQuantum Cloud** - secure, managed hosting by ExeQuantum.
* **Hybrid** - client-controlled key storage with ExeQuantum orchestration.
API dashboard
You can also copy it without showing it, if you need extra privacy.
It is highly recommended that you only use this token from secure environments, and only use temporary (ideally single use) tokens when making calls from more exposed environments like frontend. Steps to generate a temporary tokens will be described later in this documentation.
Below that, you'll see the dashboard that shows your API usage for the month. Keep an eye on it to track your usage.
Usage metric and cost
### Implementation Steps
#### Step 0 - Generate Temporary Token (Recommended)
Temporary tokens reduce exposure of your root API key and are best practice for frontend or client-exposed environments.
```
import requests
response = requests.get(
'https://api.exequantum.com/api/token/new',
headers={'Authorization': 'bearer ' + AUTH_TOKEN}
)
temp_token = response.json()['new_token']
headers = {'Authorization': 'bearer ' + temp_token}
```
#### ML-KEM - Establishing Shared Secrets
**A. Generate Key Pair (Initiator):**
```
headers = {'Authorization': 'Bearer ' + AUTH_TOKEN}
response = requests.get(
'https://api.exequantum.com/api/kem/generate_keys',
headers=headers
)
keys = response.json()
public_key = keys['pk']
secret_key = keys['sk']
verification_key = keys['verification_key']
signature = keys['signature']
```
**B. Encapsulate Shared Secret (Responder):**
```
body = {
'pk': public_key,
'verification_key': verification_key,
'signature': signature
}
response = requests.post(
'https://api.exequantum.com/api/kem/encapsulate_key',
headers=headers,
json=body
)
enc = response.json()
cipher = enc['cipher']
shared_secret = enc['shared_key']
```
**C. Decapsulate Shared Secret (Initiator):**
```
body = {
'cipher': cipher,
'sk': secret_key
}
response = requests.post(
'https://api.exequantum.com/api/kem/decapsulate_key',
headers=headers,
json=body
)
dec = response.json()
shared_secret = dec['shared_key']
```
Both parties now share the same quantum-safe secret for symmetric encryption (e.g., AES-256).
#### Optional - AES via API
ExeQuantum provides AES-256 encryption/decryption endpoints for convenience.
#### AES-256 - Step 1 (By encryptor):
```
body = {
'unencrypted': 'hello world',
'key': shared_secret
}
response = requests.post(
'https://api.exequantum.com/api/aes/encrypt_text',
headers=headers,
json=body
)
encrypted_message = response.json()
```
#### AES-256 - Step 2 (By decryptor):
```
body = {
'ciphertext': encrypted_message,
'key': shared_secret
}
response = requests.post(
'https://api.exequantum.com/api/aes/decrypt_text',
headers=headers,
json=body
)
decrypted_message = response.json()
print("Decrypted message:", decrypted_message)
```
#### ML-DSA - Digital Signatures
**A. Sign Data:**
```
body =
'data': data
}
response = requests.post(
'https://api.exequantum.com/api/signature/sign',
headers=headers,
json=body
)
data = response.json()
pk = data['pk']
sk = data['sk']
signature = data['signature']
```
**B. Verify Data:**
```
body = {
'data': data,
'pk': pk,
'signature': signature
}
response = requests.post(
'https://api.exequantum.com/api/signature/verify',
headers=headers,
json=body
)
data = response.json()
verified = data['verified']
```
* Contact us for enterprise licensing, on-prem deployments, or source code handover.
***
### Next Steps
* [Request a Demo](https://calendly.com/samuel-exequantum/30min)
* [Download the STAC White Paper](https://cdn.prod.website-files.com/6894247081dee0c35feb7f96/68a17022dfe3241d0aa3ff4c_Technical%20STAC%20Paper.pdf)
* [Contact Us](https://airtable.com/appvPTvZQLiu7j7fx/pagmVzWN3xXCFa1zw/form)
###
{% openapi src="" path="/api/token/new" method="get" %}
[openapi.json](https://1251611773-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTe8j79lU2v2SHbz2aT2P%2Fuploads%2FHRuF3zHp9EK2RzVOGdoa%2Fopenapi.json?alt=media\&token=85bb12a6-8ce1-45d9-b996-90176c8a52ad)
{% endopenapi %}
{% openapi src="" path="/api/kem/generate\_keys" method="get" %}
[openapi.json](https://1251611773-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTe8j79lU2v2SHbz2aT2P%2Fuploads%2FHRuF3zHp9EK2RzVOGdoa%2Fopenapi.json?alt=media\&token=85bb12a6-8ce1-45d9-b996-90176c8a52ad)
{% endopenapi %}
{% openapi src="" path="/api/kem/encapsulate\_key" method="post" %}
[openapi.json](https://1251611773-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTe8j79lU2v2SHbz2aT2P%2Fuploads%2FHRuF3zHp9EK2RzVOGdoa%2Fopenapi.json?alt=media\&token=85bb12a6-8ce1-45d9-b996-90176c8a52ad)
{% endopenapi %}
{% openapi src="" path="/api/kem/decapsulate\_key" method="post" %}
[openapi.json](https://1251611773-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTe8j79lU2v2SHbz2aT2P%2Fuploads%2FHRuF3zHp9EK2RzVOGdoa%2Fopenapi.json?alt=media\&token=85bb12a6-8ce1-45d9-b996-90176c8a52ad)
{% endopenapi %}
{% openapi src="" path="/api/signature/sign" method="post" %}
[openapi.json](https://1251611773-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTe8j79lU2v2SHbz2aT2P%2Fuploads%2FHRuF3zHp9EK2RzVOGdoa%2Fopenapi.json?alt=media\&token=85bb12a6-8ce1-45d9-b996-90176c8a52ad)
{% endopenapi %}
{% openapi src="" path="/api/signature/verify" method="post" %}
[openapi.json](https://1251611773-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTe8j79lU2v2SHbz2aT2P%2Fuploads%2FHRuF3zHp9EK2RzVOGdoa%2Fopenapi.json?alt=media\&token=85bb12a6-8ce1-45d9-b996-90176c8a52ad)
{% endopenapi %}
{% openapi src="" path="/api/aes/encrypt\_text" method="post" %}
[openapi.json](https://1251611773-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTe8j79lU2v2SHbz2aT2P%2Fuploads%2FHRuF3zHp9EK2RzVOGdoa%2Fopenapi.json?alt=media\&token=85bb12a6-8ce1-45d9-b996-90176c8a52ad)
{% endopenapi %}
{% openapi src="" path="/api/aes/decrypt\_text" method="post" %}
[openapi.json](https://1251611773-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FTe8j79lU2v2SHbz2aT2P%2Fuploads%2FHRuF3zHp9EK2RzVOGdoa%2Fopenapi.json?alt=media\&token=85bb12a6-8ce1-45d9-b996-90176c8a52ad)
{% endopenapi %}
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://exequantum.gitbook.io/exequantum-docs/documentations/quickstart.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
