Publications

0

Peer-Reviewed
Papers

0

Further NIST PQC
Submissions

0

NIST PQC Standards
Co-Authored

0

Patents in
Process

0

Mature Products
Developed

0

Best Paper
Awards

SPOTLIGHT PUBLICATION | 29/09/2025

Quantum Secure Key Management: PQShield and Cryptomathic’s CrystalKey360

This joint Guide with Cryptomathic outlines the critical challenges driving a major evolution in cryptographic key management, namely the threat of quantum computing and the growing complexity of multi-cloud environments

Complacency, Not Quantum, Is the Real Threat: Mike Silverman on Why Crypto-Agility Can’t Wait

In this episode of Shielded: Jo speaks to Mike Silverman, Chief Strategy & Innovation Officer at FS-ISAC. Mike shares why treating cryptographic migrations as one-off projects leaves organisations exposed, how building inventories and risk-based models creates real readiness, and why crypto-agility, not quantum anxiety, is the foundation for long-term security.

The Crypto Agility Paradox: When Hardware Becomes Your Security Bottleneck

In this episode of Shielded, we are joined by Cassie Crossley, Vice President of Supply Chain Security in the Global Cybersecurity & Product Security Office at Schneider Electric. Cassie shares the hard-earned lessons from a multi-year crypto agility program in one of the world’s largest OT environments.

Filter by:

WiP: Applicability of ISO Standard Side-Channel Leakage Tests to NIST Post-Quantum Cryptography

We discuss how to apply ISO 17825 to hardware modules that implement lattice-based PQC standards for public-key cryptography. We find that simple “random key” vs. “fixed key” tests are unsatisfactory due to the close linkage between public and private components of PQC keypairs.

SP 800-22 and GM/T 0005-2012 Tests: Clearly Obsolete, Possibly Harmful

NIST SP 800–22, describes 15 statistical tests and suggests that they can be used to evaluate random and pseudorandom number generators in cryptographic applications. The Chinese standard GM/T 0005–2012 describes similar tests. These documents have not aged well. The weakest pseudorandom number generators will easily pass these tests, promoting false confidence in insecure systems.

More efficient, provably-secure direct anonymous attestation from lattices

The Cloud-Edges (CE) framework, wherein small groups of Internet of Things (IoT) devices are serviced by local edge devices, enables a more scalable solution to IoT networks.

On Entropy and Bit Patterns of Ring Oscillator Jitter

We show how to evaluate entropy, autocorrelation, and bit pattern distributions of thermal jitter ring oscillator noise sources, even with low jitter levels or some bias.

Development of the RISC-V entropy source interface

The RISC-V true random number generator (TRNG) architecture breaks with previous ISA TRNG practice by splitting the entropy source (ES) component away from cryptographic DRBGs.

MIRACLE: MIcRo-ArChitectural Leakage Evaluation: A study of micro-architectural power leakage across many devices

In this paper, we describe an extensible experimental infrastructure for evaluating the micro-architectural leakage, based on power consumption, that stems from a physical device.

A Concrete Treatment of Efficient Continuous Group Key Agreement via Multi-Recipient PKEs

Continuous group key agreements (CGKAs) are a class of protocols that can provide strong security guarantees to secure group messaging protocols such as Signal and MLS.

A lightweight ISE for ChaCha on RISC-V

This paper proposes a lightweight ISE to support the cipher ChaCha on RISC-V architectures. we target embedded computing systems such as IoT edge devices that don’t support a vector engine.

XDIVINSA: eXtended DIVersifying INStruction Agent to Mitigate Power Side-Channel Leakage

Side-channel analysis (SCA) attacks pose a major threat to embedded systems due to their ease of accessibility.

An Instruction Set Extension to Support Software-Based Masking

In both hardware and software, masking can represent an effective means of hardening an implementation against side-channel attack vectors such as Differential Power Analysis (DPA).

Probing Security through Input-Output Separation and Revisited Quasilinear Masking

This paper introduces a new framework for the composition of probing-secure circuits.

SoK: How (not) to Design and Implement Post-quantum Cryptography

Post-quantum cryptography has known a Cambrian explosion in the last decade. We systematize the current state of knowledge on post-quantum cryptography.