PQSDK
Cryptographic SDK for Mobile and Server Technologies
Comprising modern, agile, and secure implementations of post-quantum and classical cryptographic primitives with applications such as PKI, TLS and VPN.
Background
Our team of world-class cryptography engineers, heavily involved in the standardisation of post-quantum cryptography at NIST, ensures correct implementation of our algorithms and uses state-of-the-art techniques to defend against side-channel attacks, data races or any memory safety issues, all while ensuring the right level of performance.
Our implementations are benchmarked from multiple angles. We also perform micro-benchmarking for our cryptographic code during the development process and network measurements for solutions based on client-server architecture.
PQSDK Crypto Core
Our PQSDK Crypto Core aims at helping organisations migrate to modern and crypto-agile solutions that are quantum-resistant. At its heart, it is a proprietary software library implementing NIST standards cryptographic primitives and exposing them via common APIs. This library can be used at each stage of the migration process including production deployments.
The API is designed to be flexible, easy to use, and require a minimal amount of changes at the adjusting phase, allowing for rapid experimentation. Interfaces allow the interaction with post-quantum (NIST PQC finalists), classical, or combination of both done in FIPS compliant manner. The code is crafted to get the best possible performance from the machine, leveraging the capabilities provided by the x86-64 and ARMv8 architectures.
Public Key Infrastructure (PKI)
The PKI makes it possible to create X509 certificates signed with the post-quantum signature schemes. Our solution embeds additional unique identifiers for the post-quantum algorithms into X509 certificate and makes it possible to sign and verify chains of such certificates.
Additionally, conservative early adopters of post-quantum cryptography may first adopt a hybrid approach to certificates and digital signatures. In such a scheme a PQC primitive is coupled with a conventional public-key algorithm for additional security assurance or/and interim FIPS 140 compliance.
Virtual Private Network (VPN)
The solution integrates hybrid post-quantum key exchange provided by CryptoCore into software that allows managing Virtual Private Networks that follows the standardization process done by the Internet Engineering Task Force (IETF) related to the usage of multiple key exchange schemes during VPN session establishment (creation of IKEv2 Security Association).
Our PQVPN solution is also compatible with existing open-source VPN solutions (e.g. StrongSwan).