Publications

In this episode of Shielded we speak with Stefan Kölbl, an information security engineer at Google, about what it actually takes to migrate cryptography across complex global systems at scale.

This is paper is concerned with the theoretical basis of lattice-based cryptography, clarifying how “easy” distinguishing attacks relate to “hard” search attacks used in security proofs.

In this episode of Shielded, Jo speaks to Darren Bender, a US litigation attorney and Chief Litigation Officer in the post-quantum cryptography sector.

In this paper, we present a simpler, more efficient way to create a secure, quantum-resistant shared "vault" (a threshold KEM) without using overly complex or slow mathematical tools. It's achieved by combining established cryptographic frameworks with a new, proven mathematical assumption called Coset-Hint-MLWE. The result is a highly secure system that is easier to implement and more practical for real-world use than previous versions.

Recent efforts to transition secure messaging to post-quantum standards, like Apple’s PQ3 and Signal’s updated Triple Ratchet, have introduced complex design trade-offs due to the high communication overhead of post-quantum cryptography. This paper introduces a pragmatic metric and experimental framework to compare these protocols, revealing that no "optimal" protocol exists when balancing security against real-world bandwidth constraints. Additionally, the authors propose a new optimization called "opportunistic sending" and a building block termed "sparse continuous key agreement" to improve protocol efficiency.

This special episode of Shielded brings together experts from cryptography, security architecture, and risk to explain what comes next. The conversation clarifies that security can no longer rely on fixed algorithms or one-time upgrades.

This paper enhances subversion-resilient Authenticated Key Exchange (AKE) by using "Reverse Firewalls" to protect protocols against tampered implementations. Key contributions include Flexible Security Framework - a new definition that focuses on restoring specific security properties (authentication and key security) across various levels of compromise, Post-Quantum Readiness: the introduction of re-randomizable Key Encapsulation Mechanisms (KEMs), with implementations based on both Diffie-Hellman and Kyber, and Formal Verification - rigorous validation of the protocol using both traditional computational proofs and the CryptoVerif formal prover.

In this episode of Shielded Jo Lintzen speaks with Sofia Celi, Senior Cryptography and Security Researcher at Brave, co-author of the MAYO signature scheme, and co-chair of an IETF working group driving global PQC standards.

In this episode of Shielded, Jo Lintzen speaks with Kevin Reifsteck, Director for Critical Infrastructure Protection at Microsoft, about how governments and global enterprises can turn quantum-safe readiness from policy into practice.

The document describes how PQShield's PQCryptoLib-SDK integrates with Nexus Certificate Manager (CM), Nexus's PKI platform, to create a post-quantum ready certificate management and VPN solution.

In this episode of Shielded, Jo Lintzen speaks with Kevin Reifsteck, Director for Critical Infrastructure Protection at Microsoft, about how governments and global enterprises can turn quantum-safe readiness from policy into practice.