Publications

This paper enhances subversion-resilient Authenticated Key Exchange (AKE) by using "Reverse Firewalls" to protect protocols against tampered implementations. Key contributions include Flexible Security Framework - a new definition that focuses on restoring specific security properties (authentication and key security) across various levels of compromise, Post-Quantum Readiness: the introduction of re-randomizable Key Encapsulation Mechanisms (KEMs), with implementations based on both Diffie-Hellman and Kyber, and Formal Verification - rigorous validation of the protocol using both traditional computational proofs and the CryptoVerif formal prover.

In this episode of Shielded Jo Lintzen speaks with Sofia Celi, Senior Cryptography and Security Researcher at Brave, co-author of the MAYO signature scheme, and co-chair of an IETF working group driving global PQC standards.

In this episode of Shielded, Jo Lintzen speaks with Kevin Reifsteck, Director for Critical Infrastructure Protection at Microsoft, about how governments and global enterprises can turn quantum-safe readiness from policy into practice.

The document describes how PQShield's PQCryptoLib-SDK integrates with Nexus Certificate Manager (CM), Nexus's PKI platform, to create a post-quantum ready certificate management and VPN solution.

In this episode of Shielded, Jo Lintzen speaks with Kevin Reifsteck, Director for Critical Infrastructure Protection at Microsoft, about how governments and global enterprises can turn quantum-safe readiness from policy into practice.

Our CSO Ben Packman speaking at Web Summit, Lisbon November 12:05-12:25 on – "Quantum crossroads: Opportunity and risk in the next computing era."

How can you prove a private conversation ever happened? In modern secure messaging, the goal is "deniability"—ensuring no one can cryptographically prove you sent a message. This vital privacy feature is core to protocols like Signal's X3DH, but achieving it in a fully post-quantum world has been a major roadblock. A promising path forward involves 'split-KEMs' (a method for establishing secret keys), but previous approaches were too inefficient to be adopted. Our latest research, Sparrow-KEM, solves this efficiency problem. It makes this approach a viable way to upgrade the Signal protocol, making it fully resistant to quantum attackers. The results represent a significant leap forward...

Hardware defines trust. If its cryptography fails, no amount of software protection can recover it. In this episode of Shielded, Jo Lintzen speaks with Thalia Laing, Principal Cryptographer at HP.

In this episode of Shielded, Jo Lintzen speaks with Dr. Richard Searle, Chief AI Officer at Fortanix, about how confidential computing and a software-first model accelerate the shift to post-quantum cryptography.

PQShield and Quantinuum have developed a joint solution, combining Quantum Origin’s mathematically-proven Quantum Random Number Generation (QRNG) with PQShield’s FIPS-140-3-validated post-quantum cryptographic library.

In this episode of Shielded, Johannes Lintzen speaks with Bruno Couillard, CEO and co-founder of Crypto4a, about his journey from designing the original Luna HSM to building the next generation of quantum-safe hardware.

We propose a hybrid formal verification approach that combines high-level deductive reasoning and circuit-based reasoning and apply it to highly optimized cryptographic assembly code.