Quantum Proof Crypto Management Solution

All-In-One Post-Quantum Transition Solution.

The full CryptoNext Security offer brings crypto-management, remediation technology and know-how to all the different stages of your migration projects and operations. The CryptoNext Post-Quantum Transition Suite is powerful, intuitive and resilient. Designed with long-term agility and evolution in mind, it integrates four product layers for the remediation of applications, data and infrastructure with ultimate Post-Quantum security and performance at all levels- algorithms, protocols, tools and applications.

Our CryptoNext suite is based on the multi award-winning CryptoNext Quantum Safe Library (C-QSL), which also includes Crypto Services (C-QSC), Integration Tools (C-QST), Application Plugins (C-QSA) and Management (C-QSM). All these products can be leveraged through CryptoNext’s expert services which cover training, consulting, support and maintenance.

C-QSL: Quantum Safe Library

The CryptoNext Quantum Safe Library (C-QSL) contains CryptoNext’s core technology for all of its products. It’s a high performance, fully functional, crypto-agile library layer that:

- Provides the most comprehensive set of post-quantum cryptography algorithms (NIST selection + EU National Agencies additional recommendations)
‍
- Is developped in both C & ASM to run and be optimized for the most common processing units and OS platforms

- Brings a full set of functional modules & API’s to upgrade IT equipment, applications and security infrastructures to pure or hybrid quantum safe security adapted to each use case.

‍

Algorithms

Key Exchange Mechanism: Key generation, encryption, decryption: Kyber / FrodoKEM.

Digital Signature: Key(secret/public) generation, signature generation, signature verification: Dilithium, Falcon, Sphincs+. XMSS for stateful digital signature.

Language Wrappers

Go, Rust, Python, Java

Random Number Generator

Includes DRBG algorithm and access to randomness source. Produces unpredictable bits sequence from secret initial value (not known seed). Also called pseudo-random number generator (PRNG) or deterministic random number generator.

QSL Physical Security and Side Channels Protection

Side Channels Protection: Constant-time (Default), Masking & Fault injection Counter-measures

QSL OS Platforms

Linux OS, AIX, Open BSD, Windows 32/64, Android, MacOS, iOS, Webassembly, RaspberryPI, noOS (Firmware)

QSL Processing HW Platforms

ARM (Cortex M3/M4/M7, v7/v8, Apple M1, B13), IntelCore (incl. AVX2, SGX), IBM (PowerPC)

C-QSC: Crypto Services

CryptoNext Quantum Safe Crypto Services (C-QSC) is the layer of pure PQ or hybrid PQ communication protocols, cryptographic objects and programming interfaces.

These are critical for crypto-agility, hybridization and interoperability standards. They are based on existing or in progress RFC’s from bodies such as IETF.

They rely on the new PQ algorithms from lower C-QSL Library (layer 1) and are implemented in upper C-QST integration tools (layer 3). C-QSC includes:

Communication Protocols

Crypto-agile, pure post quantum or hybrid versions of the current cryptographic protocols: PQ IKE for IPSec, PQ TLS, PQ Embedded-TLS, PQ S/MIME (CMS-SIG ; CMS-KEM), PQ X3DH Signal Messaging Protocol

Programming Interfaces

Upgraded PKCS#11 (Cryptoki C-level) with pure/hybrid PQ (i.e. HSM functions call)

Crypto Objects

X-509 PQ Certificates, PADES, XADES (Signature & eiDAS EU regulation)

Identity Management

Quantum Safe Identity Management Protocols: QS SAML, QS OpenID, QS SSO

C-QST: Integration Tools

CryptoNext Quantum Safe Integration Tools (C-QST) is the product layer for Pure PQ and Hybrid PQ implementations for most common development tools.

C-QST plug & play products enable developers rapid and easy migration of new or legacy applications to quantum resilience with minimal modifications and no PQC skills.

C-QST tools leverage the new hybrid PQ protocols or cryptographic objects from the C-QSC layer, and it relies on core CryptoNext Quantum Safe Library (C-QSL).

Secure Communication Tools

PQ OpenSSL, PQ GPG, PQ PKCS#11-J (C & Java provider level), PQ BouncyCastle (Java), PQ gRPC

Graphic Interface Design Tool

PQ-QT Framework Qt

C-QSA: Application Plugins

CryptoNext Quantum Safe Application Plugins (C-QSA) products include PQ implementations for Secured Communications, System, Network and Security Infrastructure.

It includes multiple plugins for most popular VPN, HSM, PKI, Web Servers, BlockChain…

Secured Communications

PQ Secured Instant Messaging, PQ Email Messaging

Network Infrastructure

StrongSwan PQ VPN IPSec (Server/Client), PQ OpenVPN, PQ OpenSSH (Network Admin)

Proxy

PQ TLS Desktop, Enterprise Site, Server Proxy/Reverse Proxy, PQ HSM Proxy

Application Server

PQ Application Server for NGNINX, Apache Tomcat, Node;js

Security infrastructure

CryptoNext OpenSSL & EJBCA EC based PQ PKI, HSM Luna7 Network Appliance-based PQ FM, HSM Luna7 PCI Board-based PQ FM, Corda-based PQ Blockchain

Web Client

PQ Firefox Client, PQ Outlook Light and Heavy Client

C-QSS: Remediation Services

CryptoNext supports clients at each stage of their quantum transition action plan with service options that meet expected Customer Service Level Agreements (SLAs).

Training & Awareness

Base Quantum threat and quantum transition: global awareness for general and IT management.

Advanced Technical Post Quantum Cryptography training (algorithms, state of the Art for secured implementation, standardization, crypto-agility…).

Project Management & Expert Consulting

Custom integration development,

Workshops Management for Customer’s PQ Migration enablement for self design, integration & testing,

CryptoNext’s support for a third party to perform the integration.

Maintenance & Support

CryptoNext Technical Remote Assistance 9am/5pm 5x8 HelpDesk for Technical assistance & corrective maintenance,

Software Updates Subscription includes SW updates and associated documentation