Encryption Hub
Encrypt what your agents remember, retrieve, and share
NuDay encrypts the agent's entire data surface: its memory, its RAG knowledge, and the context agents pass to each other. It is native to the platform, so there is nothing to configure.
Most agent frameworks persist memory, knowledge, and shared context as plaintext. NuDay makes every record its own encrypted, signed, tamper-evident domain.
Breach the infrastructure, and what you get is ciphertext, not our customers' business.
What we encrypt
Three parts of the agent hold your data
Each is a distinct problem, and each has its own protection. Learn about them separately:
Encrypted Memory
Everything the agent saves and recalls: prompts, inputs, and long-term history.
Learn more →Encrypted RAG
Your knowledge base, encrypted, with the vectors themselves obfuscated too.
Learn more →Encrypted Shared Memory
Context-aware memories shared between agents, fully revokable.
Learn more →Sovereignty
The model stays yours
To achieve truly sovereign AI, you run your LLM locally. NuDay secures every other aspect of the agent and everything around the model, and for the highest assurance you keep the model itself in your walls, on-prem or air-gapped. Your data and your reasoning never leave.
See Sovereign AI and Air-Gapped AIHow it runs
Native, fast, standards-based
Strong encryption usually means configuration, latency, and trade-offs. NuDay's does not.
Native and zero-config
Encryption is built into the platform and on by default. Your team configures nothing to get it.
Near-zero overhead
NIST-approved algorithms with native hardware acceleration (AES-NI) in every modern processor, so performance stays high.
Your keys, your choice
Bring your own keys on SaaS or hybrid deployments. On-prem keeps your keys entirely in-house.
Under the hood
One cryptographic engine behind all three
Memory, RAG, and shared memory are protected by the same pipeline: every record gets a plaintext checksum, a signature, authenticated encryption under a per-record key, and an independent MAC before it is stored.
-
Agent Action
reply, memory, or tool call
It starts with the agent.
A reply is generated, a memory saved, a tool called, producing a fresh checkpoint of state.
- Agent config validated
Signed config verified before every turn.
- 01
CHK2 checksum
plaintext integrity
Detect corruption.
A digest of the plaintext rides in a versioned header and is re-verified after every decrypt.
- 02
SIG1 signature
classical or post-quantum
Prove authorship.
Classical DSA or post-quantum ML-DSA (Dilithium), per tenant. Going PQ is a config switch.
- 03
AES-GCM encrypt
epoch-derived key
Seal the record.
Authenticated encryption under a key unique to this checkpoint: epoch root key, XOR version chain.
- Automatic key rotation
Fresh root keys arrive on whatever schedule you set.
- 04
HMAC + headers
MAC over payload + epoch
Verify independently.
A keyed MAC over payload + epoch adds a second integrity layer with an independent key.
- 05
Store sealed blob
written to state database
Nothing readable at rest.
A stolen database yields only ciphertext; tampering is caught on load and alerts fire immediately.
State database
every message its own encrypted, signed, tamper-evident record
Layer-by-layer cryptographic breakdown for technical readers
Future-proofed
Post-quantum cryptography and native crypto-agility
The threat landscape is shifting toward "harvest now, decrypt later": actors steal encrypted data today to break it with tomorrow's quantum computers. NuDay secures your infrastructure against both.
Post-quantum cryptography
We natively support NIST-approved post-quantum algorithms (such as ML-KEM and ML-DSA), so your agent's memory, RAG stores, and A2A communications stay resistant to quantum decryption.
Native crypto-agility
As standards evolve, your security team can hot-swap encryption libraries and key-management protocols with zero downtime, without rewriting a line of agent code.
See it for yourself
See what NuDay encrypts, and what review gets.
Bring your pilot and your reviewers. We will walk through exactly what is encrypted and the evidence your security and audit teams receive.
Encryption Details
CHK2, plaintext checksum
A configurable hash (SHA-256 by default) is computed and prepended in a versioned header, then re-verified against the decrypted payload on every load. Corruption and partial writes are caught immediately.
SIG1, digital signature
Classical DSA or post-quantum ML-DSA (Dilithium), selectable per tenant. Post-quantum readiness is a configuration switch, not a migration project.
AES-GCM, authenticated encryption
A 12-byte random nonce, and a key that is unique per checkpoint: derived from the current epoch root key and XOR-chained with the previous version. No two records ever share a key.
HMAC, independent integrity
A keyed MAC over the payload plus epoch number, verified before decryption. Combined with GCM's own tag, integrity is enforced at two independent layers with independent keys.
Store, the sealed record
What lands in the state database is unreadable without the control plane, and any tampering is detected the moment it is loaded. Verification failures alert operators in real time.