AMERICAN BINARY

Quantum-Secure VPN

Your success relies on secure data, but quantum computing will break it wide open
Your success relies on secure data, but quantum computing will break it wide open

You deserve to keep what you've earned
You deserve to keep what you've earned
SECURE YOUR DATA

WORRY LESS, SECURE YOUR SUCCESS

with the only enterprise VPN that protects against all known threats

Maximized Current Protection

against Harvest Now, Decrypt Later attacks
and conventional threats

Maximized Future Protection

against Quantum Computing attacks and
all known future means of decryption

Maximized Speed

the best possible post-quantum
data throughput and latency
*Ambit Client is the only enterprise VPN using exclusively CNSA 2.0 standard algorithms that we are aware of, at time of writing

Why American Binary?

Your business is under cyber-attack. It’s called “Harvest Now, Decrypt Later,” or HNDL. Bad actors are collecting your data and storing it to decrypt with a quantum computer.  American Binary’s VPN defeats this and all other known current threats.
Quantum computers will defeat your existing cybersecurity.  Only post-quantum cryptography (PQC) that meets the US Government’s highest standards (CNSA 2.0) can protect your data.  American Binary solutions are built to strictly comply with CNSA 2.0.
PQC that meets CNSA 2.0 standards typically comes at significant cost of data speeds.  American Binary makes PQC usable via advanced networking technologies that maximize throughput and minimize latency.
SECURE YOUR DATA

Worry less and secure your success easily, with Ambit Client's help

Worry less and secure your success easily, with Ambit Client's help

Uniquely Quantum-Secure

Ambit Client is the only VPN built to comply with CNSA 2.0, making it the only VPN that protects your business against today's Harvest Now, Decrypt Later attacks and provides future-proofing against other quantum attacks.

Simple for Users

Ambit Client installs in minutes and features one-button activation. It maintains quantum-resistant security automatically until the user deactivates it, all in the background.

Easy for Administrators

Ambit Client features streamlined, yet thorough administrative control panels. Fleet deployments can be done in a matter of hours.
*Ambit Client is the only enterprise VPN using exclusively CNSA 2.0 standard algorithms that we are aware of, at time of writing
SECURE YOUR DATA

Features

Post-Quantum Features

Ambit Client protects against HNDL and quantum attacks by exclusively using algorithms that comply with CNSA 2.0 (e.g., the Module-Lattice Key Encapsulation Module (ML-KEM 1024)) across all four key components without any hybrid cryptography:
  • Authentication
  • Key Exchange
  • Bulk Encryption (AEAD)
  • Hashing
Ambit Client also features modern, hyper-efficient networking technology that enhances performance and user experience; this is in contrast to the typical VPN and PQC experience that significantly degrade network performance

Common VPN Features

  1. Protection against traditional cyber-attacks such as Man-in-the-Middle (MITM), remote hacking, Distributed Denial-of-Service (DDoS) attacks and session hijacking
  2. Anonymous browsing
  3. Data protection
  4. Online tracking mitigation
  5. Protection when using public network access points
  6. Multi-factor authentication, including hardware keys
  7. IPv4 and IPv6 compatibility
  8. Detailed logging (visible only to you)

Deployment Configurations

SaaS for Enterprise

For customers who want to minimize management
It features three software components:
  1. Ambit Client Controller, cloud-hosted by American Binary
  2. Ambit Client Tunnel, cloud-hosted by American Binary
  3. Ambit Client VPN, installed on your users’ devices

On-Premises for Enterprise

For customers who want maximum control
It features three software components:
  1. Ambit Client Controller, hosted in your environment
  2. Ambit Client Tunnel, hosted in your environment
  3. Ambit Client VPN, installed on your users’ devices

Available Platforms

SECURE YOUR DATA

Windows:

10 and 11

Mac:

Coming Sep ‘25

Linux:

Coming Oct ‘25

iOS:

Coming Sep ‘25

Android:

Coming Sep ‘25

Frequently Asked Questions

What is Ambit Client?

Ambit Client is an enterprise VPN that combines post-quantum cryptography (PQC) with networking improvements to mitigate both the cryptographic security impacts of quantum computing and the operational friction commonly induced by cryptographic security products.

Ambit Client defeats Harvest-Now-Decrypt-Later (HNDL) attacks through the use of PQC that is compliant with the Federal Information Processing Standard (FIPS) 140-3 and Commercial National Security Algorithm Suite (CNSA) 2.0 standards. When using Ambit Client, all information leaving an endpoint (e.g., workstation, laptop, mobile device) is fully encrypted with PQC. While bad actors may be able to capture information, they will not be able to decrypt, use, or derive value from it. As a result, Ambit Client creates future-proofing for a post-quantum world.

Underlying these capabilities is an innovative cryptographic protocol, MaxKyber®, that enables rapid, modular replacement of classical cryptographic primitives anticipated to be vulnerable to quantum computers with secure PQC algorithms within a framework extensible to currently ubiquitous network protocols (e.g., Transport Layer Security (TLS), IPSec IKEv2) as well as the generation of a product suite supporting all aspects of connected business operations.

What is MaxKyber®?

Think of Ambit Client as an armored car to transport your data. It needs quantum-resistant armor and a powerful engine to move large payloads of data safely and quickly. The MaxKyber® protocol plays the roles of the armor and the engine. MaxKyber® was designed to meet a number of technical challenges impacting PQC implementation, including:

1. Making the new PQC algorithms functionally useful by packaging them in a modular manner such that they could be readily integrated into any product requiring the secure exchange of information across a potentially insecure channel. Think of it like putting the engine and armor into a different type of car. This includes VPNs, such as Ambit Client VPN, and also networking and connectivity tools like software defined networks (SDN), browsers, and cloud services.

2. Ensuring that common features such as in-session key rotation were provided in a manner consistent with PQC cryptographic standards and CNSA 2.0.  For example, the ML-KEM standard is silent on the issue of key rotation, which is a standard part of legacy cryptographic protocols like Internet Key Exchange, v.2 (IKEv2).

3. Ensuring the provision of a robust, post-quantum analog to the key establishment capabilities provided by classical cryptographic protocols such as the elliptical curve Diffie-Hellman key agreement protocol (ECDH) that was faithful to PQC standards and the requirements specified in CNSA 2.0.

4. Ensuring compatibility with existing networking standards and implementations. For example, PQC algorithms often run into issues with Maximum Transmission Unit (MTU) limitations. This constraint becomes of singular importance when mobile and Internet-of-Things (IoT) networks are considered.

5. Solving the key distribution problem between peers in a manner consistent with CNSA 2.0 without exposing a shared secret (e.g., a cryptographic key) to the risks of transit across an insecure channel.

The MaxKyber® protocol is implemented as a modular package that is portable to TLS and IPSec IKEv2, thus offering a short path to rapid, prolific PQC adoption.

How can you tell if a VPN is really quantum-resistant?

According to the highest global standard, CNSA 2.0, using one, two, or even three CNSA 2.0 or NIST-compliant algorithms is not enough for a VPN to be considered quantum-resistant. In order to do so, four key cryptographic components must use algorithms defined by CNSA 2.0:

1.      Authentication
2.     Key Exchange
3.     Bulk Encryption (AEAD)
4.     Hashing

If just one of those components is not compliant with CNSA 2.0, the entire product cannot be considered quantum resistant by virtue of the CNSA 2.0 standard.

Businesses can ask their VPN providers if they use the Diffie-Hellman Key Exchange, hybrid cryptography, or elliptic-curve cryptography. If the vendor answers “yes” to any of those questions, then according to CNSA 2.0 their VPN is not quantum-resistant and any data transiting through the VPN does not meet the highest standard for protection against HNDL.

Ambit Client, however, completely uses exclusively CNSA 2.0 algorithms (NIST Level 5) across all four key components, and truly meets the highest bar for quantum-resistance.

What impact is quantum computing expected to have on cryptography? When will we feel it? What is HNDL?

Despite the emergence of stable, viable quantum computing platforms not being expected until close to the end of the decade (near to 2030), quantum computing is already having an indirect impact on asymmetric cryptography. Governments and malicious actors around the world are currently engaging in what is known as Harvest-Now-Decrypt-Later (HNDL) attacks. HNDL attacks are premised on a combination of the following ideas:

1. Information transiting the internet is routinely protected with asymmetric cryptographic algorithms that cannot be broken with classical computers today

2. Quantum computing will be able to break these asymmetric algorithms

3. While much of the information that transits the internet loses value quickly over time, a large, significant part of the information retains value over long periods

4. Seemingly innocuous information transiting the internet from many sources can be mosaicked to create valuable sensitive information

As a result, global actors are currently copying and storing everything that transits the internet and are doing so today.

How easy is it to install and operate Ambit Client?

The SaaS version of Ambit Client enables account setup and installation on endpoint devices in minutes.  If an on-premises configuration is selected, server installation, configuration, and subsequent device installation are typically completed in half a day or less. Endpoint installation follows standard platform patterns.  Windows, Mac, iOS, and Android are supported.

Ambit Client is designed for a low/no burden adoption experience. Operation requires minimal expertise or training, and the application itself is initialized with a single click.  Ambit Client can be configured to automatically activate on startup, and maintains protection even after network interruptions.  

Where can I find your whitepaper and other documentation?

DOWNLOAD LINK TO WHITE PAPER

DOWNLOAD LINK TO CRYPTOGRAPHY FAQ

DOWNLOAD LINK TO CNSA 2.0 MANDATE

DOWNLOAD LINK TO CNSA 2.0 FAQ

Where can I download the VPN?

If you are a customer, please see the Welcome Email we sent you.

Media and Recognition

Listed in Booz Allen’s 2024 Top 10 Emerging Technologies for the DoD and National Security report (p.64). Booz Allen is a top-tier defense contractor in the United States and recognizes the urgency to adopt PQC solutions that defend against HNDL attacks:

"Time is of the essence, as the U.S.’s adversaries are already collecting our data in the hopes of decrypting it in the future with a quantum computer... organizations must act now."
Listed in Whitehawk's 2024 Top 10 Innovative Cyber Solutions of 2024. Whitehawk is the first online cybersecurity exchange, focused on mitigating advanced cyber threats.

Contact Sales

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Company

Legal

Business Codes

DUNS:
117377067
CAGE:
8HE69
UEID:
GSNWWQZH2JE4

Contact Info

11335 NE 122nd Way, Suite 105
Kirkland, WA 98034
© 2025 Americanbinary. All rights reserved.