Quantum Safe Remediation Solution

All-In-One Quantum Security.

The full CryptoNext Security offer brings remediation technology & know-how to all the different stages of your migration projects and operations. The CryptoNext Quantum Safe Remediation Solution (C-QSR) is effective, simple and sustainable. Designed with long-term agility and evolution in mind, it integrates four product layers for the remediation of applications, data and infrastructure with ultimate Post-Quantum security and performance at all levels - algorithms, protocols, tools and applications.

Our C-QSR products are based on the multi award-winning CryptoNext Quantum Safe Library (C-QSL), which also includes Crypto Services (C-QSC), Integration Tools (C-QST) and Application Plugins (C-QSA). All these products can be leveraged through CryptoNext’s expert services which cover training, consulting, support and maintenance.

C-QSL: Quantum Safe Library

The CryptoNext Quantum Safe Library (C-QSL) contains CryptoNext’s core technology for all of its products. It’s a high performance, fully functional, crypto-agile library layer that:

- Provides the most comprehensive set of post-quantum cryptography algorithms (NIST selection + EU National Agencies additional recommendations)
‍
- Is developped in both C & ASM to run and be optimized for the most common processing units and OS platforms

- Brings a full set of functional modules & API’s to upgrade IT equipment, applications and security infrastructures to pure or hybrid quantum safe security adapted to each use case.

‍

Product Reference: C-QSL
Options:C-QSL-CTM
C-QSL-WRAP
C-QSL-DRBG

Algorithms

Key Exchange Mechanism: Key generation, encryption, decryption: Kyber / FrodoKEM.

Digital Signature: Key(secret/public) generation, signature generation, signature verification: Dilithium, Falcon, Sphincs+. XMSS for stateful digital signature.

Language Wrappers

Go, Rust, Python, Java.

Deterministic Random Bit Generator

Includes DRBG algorithm and access to randomness source. Produces unpredictable bits sequence from secret initial value (not known seed). Also called pseudo-random number generator (PRNG) or deterministic random number generator.

QSL Physical Security

Side Channels protection: Constant-time (Default), Masking & Fault injection Counter-measures

QSL OS Platforms

Linux, Open BSD, Windows 32/64, Android, MacOS, iOS, Webassembly, RaspberryPI, noOS (Firmware).

QSL Processing HW Platforms

ARM (Cortex M3/M4/M7, v7/v8, Apple M1, B13), IntelCore (incl. AVX2, SGX), IBM (PowerPC).

C-QSC: Crypto Services

CryptoNext Quantum Safe Crypto Services (C-QSC) is the layer of pure PQ or hybrid PQ communication protocols, cryptographic objects and programming interfaces.

These are critical for crypto-agility, hybridization and interoperability standards. They are based on existing or in progress RFC’s from bodies such as IETF.

They rely on the new PQ algorithms from lower C-QSL Library (layer 1) and are implemented in upper C-QST integration tools (layer 3). C-QSC includes:

Product References:
‍C-QSC-X3DH
C-QSC-PKCS11-C

Communication Protocols

Crypto-agile, pure post quantum or hybrid versions of the current cryptographic protocols :PQ IKE for IPSec, PQ TLS, PQ S/MIME (CMS-SIG ; CMS-KEM), PQ X3DH Signal Messaging Protocol.

Programming Interfaces

Upgraded PKCS#11 (Cryptoki C-level) with pure/hybrid PQ (i.e. HSM functions call).

Crypto Objects

X-509 PQ Certificates, PADES, XADES (Signature & eiDAS EU regulation).

C-QST: Integration Tools

CryptoNext Quantum Safe Integration Tools (C-QST) is the product layer for Pure PQ and Hybrid PQ implementations for most common development tools.

C-QST plug & play products enable developers rapid and easy migration of new or legacy applications to quantum resilience with minimal modifications and no PQC skills.

C-QST tools leverage the new hybrid PQ protocols or cryptographic objects from the C-QSC layer, and it relies on core CryptoNext Quantum Safe Library (C-QSL).

Product References:
C-QST-OpenSSL
C-QST-BouncyCastle
C-QST-OpenPGP
C-QST-PKCS11-J
C-QST-QT

Secure Communication Tools

PQ OpenSSL, PQ GPG, PQ PKCS#11-J (Java level), PQ BouncyCastle (Java).

Graphic Interface Design Tool

PQ-QT Framework Qt.

C-QSA: Application Plugins

CryptoNext Quantum Safe Application Plugins (C-QSA) products include PQ implementations for Secured Communications, System, Network and Security Infrastructure.

It includes multiple plugins for most popular VPN, HSM, PKI, Web Servers, BlockChain…

Product References:
C-QSA-MSG
C-QSA-ApacheTomcat
C-QSA-NodeJS
C-QSA-StrongSwan
C-QSA-OpenVPN
C-QSA-OpenSSH
C-QSA-EJBCA-C
C-QSA-Luna7-A
C-QSA-Luna7-B
C-QSA-Corda

Secured Communications

PQ Secured Messaging for Android & IoS

Network Infrastructure

StrongSwan PQ VPN IPSec (Server/Client), PQ OpenVPN, PQ OpenSSH (Network Admin).

System Infrastructure

Apache Tomcat based PQ Web server, Node;js based PQ Application Server.

Security infrastructure

EJBCA Community based PQ PKI, HSM Luna7 Network Appliance-based PQ FM, HSM Luna7 PCI Board-based PQ FM, Corda-based PQ Blockchain.

C-QSS: Remediation Services

CryptoNext supports clients at each stage of their quantum transition action plan with service options that meet expected Customer Service Level Agreements (SLAs).

Service References:
‍C-QSS-TRA
C-QSS-PCS
C-QSS-MSS

Training & Awareness

Base Quantum threat and quantum transition: global awareness for general and IT management.

Advanced Technical Post Quantum Cryptography training (algorithms, state of the Art for secured implementation, standardization, crypto-agility…).

Project Management & Expert Consulting

Custom integration development,

Workshops Management for Customer’s PQ Migration enablement for self design, integration & testing,

CryptoNext’s support for a third party to perform the integration.

Maintenance & Support

CryptoNext Technical Remote Assistance 9am/5pm 5x8 HelpDesk for Technical assistance & corrective maintenance,

Software Updates Subscription includes SW updates and associated documentation