Embrace Crypto Agility

Implement Long-term Resilient Cryptography

Unlike traditional public-key cryptosystems based on a single standard, PQ cryptosystems are based on a family of algorithms depending on function, use case or country-based regulations. This family is likely to expand or adapt to meet further standards in the coming years. On-going updates regarding availability and configurability are therefore critical.CryptoNext’s solutions are natively crypto-agile.

Our Multi-layer Solutions

Extended Security

Today’s classic Public-Key Cryptosystems are mostly based on the standard Rivest, Shamir and Adleman (RSA) encryption algorithm. A few systems have migrated to Elliptic Curve Cryptopgraphy (ECC) a key- based technique for encrypting data. 

The Quantum threat requires the implementation of new Post-Quantum Cryptography algorithms and technologies. 

Updating physical protection against physical (side-channel) attacks is also critical, especially in the IoT space.

Full PQC Library

CryptoNext’s technology is based on its Quantum Safe Library which contains both Key Exchange Mechanism (KEM) and Digital Signature (DS) algorithms:

KEM: Crystals-Kyber, FrodoKEM

DS: Crystals-Dilithium, Falcon, Sphincs+

This library is constantly updated to meet new security compliance standards and national agency guidelines. 

Side-Channels Counter-measures

A side-channel attack (SCA) is a security exploit that attempts to extract secrets from a chip or a system. This can be achieved by measuring or analyzing various physical parameters.

CryptoNext has developed specific countermeasures on top of its library to protect against SCA, such as time, electro-magnetic or power masking

Platforms & Performance

Post-Quantum remediation is essential for the vast majority of systems and applications. Implementation challenges may be significant in certain environments.

CryptoNext C-QSR  is widely available and ensures the performance and optimization of  remediation technology. It enables organizations to acquire knowledge and gain global control of their PQ management and implementation plan.

OS Platforms

The C-QSR Solution supports the most popular operating systems including Linux, OpenBSD, Windows 32/64, Android, MacOS, iOS, Webassembly, RaspberryPI and no OS (Firmware).

CPU Platforms

The C-QSR Solution supports the most popular processing units including ARM (Cortex M3/M4/M7, v7/8, Apple M1, B13), Intel (Core2/i7, AVX, SGX), IBM (PowerPC).

Languages Wrappers

Developed at C and Assembler level for optimal performance, the QS Library also has adaptation wrappers for languages such as Go, Rust, Python and Java.

Remediation & Hybridization

PQC Remediation

The transition to quantum-safe Systems & applications goes far beyond defining new cryptographic algorithms that can resist quantum computer attacks.

If post-quantum remediation is not implemented in the right way, it  will be open to vulnerabilities. That’s why CryptoNext has developed a global Quantum Safe multi-layer approach encompassing a crypto library, protocols and objects, development tools and applications plugins. The CryptoNext quantum safe framework is the foundation for the CryptoNext quantum safe remediation solution.

PQC Hybridization

Rising to the protection vs quantum threat is a must, but new PQC algorithms are still immature and updates are likely. Quantum Safe Solutions cannot risk decreasing the existing level of protection, they have to add new long-term security. This is the purpose of hybridization. CryptoNext’s solutions implement both hybrid RSA/Elliptic Curves/PQC and pure PQC, including upper layers such as protocols and various initiatives for digital certificates.

Standards & Compliance

Standards are critical for a trusted and interoperable Post-Quantum ecosystem. Regulation bodies such as the NIST, IETF or National US and EU Agencies have achieved major milestones preparing these PQ standards, best practices and certification processes.

NIST PQC Standardization

In 2016, the NIST declared that “the Quantum risk is now simply too high and can no longer be ignored” and launched a competition to identify future PQ Cryptography standards with the following goal: “We do not expect to ‘pick a winner’. Ideally, several algorithms will emerge as ‘good choices’.”  CryptoNext participated with signature algorithms that reached Round 3. On August 13th, 2024, the NIST released three standards drafts for Key Exchange Mechanisms (KEM) and Digital Signature (DS) algorithms.

See More

In 2022, the NIST launched the National Cryptography Center of Excellence (NCCoE) and selected CryptoNext alongside 15 other companies including big players like Microsoft, AWS, IBM, VMWare and Sandbox.

See More

Protocols Standardization

Among all the standardization bodies working on the future impact of PQC, whether it’s on crypto-agility or hybridization, the IETF is one of the most influential. Its expertise is centred on a wide variety of upper layer technologies that need to be upgraded, such as pure PQ, hybrid PQ communication protocols or X509 certificates.

CryptoNext is an active member of several IETF work groups focused on initiatives for protocols standardization.

National Cyber Security Agencies

National Cyber Security Agencies such as the White House in the USA, ANSSI in France or BSI in Germany, have released memorandums and PQC migration guidelines. White House: In January 2022, President Biden signed a National Security Memorandum to improve the cybersecurity of National Security, the Department of Defense and Intelligence Community Systems, giving the first clear directive for quantum-resilient cryptography in history. On 21 August 2023, the Cybersecurity and Infrastructure Security Agency (CISA), NIST and NSA released recommendations on “How to prepare now” for PQC.

See here.

ANSSI: On 4 January, 2022, the French National Agency for Security of Information Systems published its views on the PQC transition: “ANSSI recommends introducing post-quantum defense-in-depth as soon as possible for security products aimed at offering a long-lasting protection of information (until after 2030) or that will potentially be used after 2030 without updates.”

It defines 3 stages for PQ transition with PQC hybridization, which may become mandatory for critical infrastructures by 2025.

See Report

BSI: In May 2022, the German Bundesamt fur Sicherheit in der Informationstechnik released a report with recommendations for the transition to PQC: “For national security systems, the BSI is acting according to the hypothesis that cryptographically relevant quantum computers will be available in the early 2030s”. These include crypto-agility, hybridization, NIST algorithms with FrodoKEM addition, adaptation of protocols and PQC addition in case of QKD…

See report

Copyright © 2023 CryptoNext, inc.

C-QSR, C-QSL, C-QST, C-QSA, C-QSS, C-QS-MSS, C-QS-PCS, C-QS Partner and associated logos are CryptoNext trademarks.