In-depth cryptography evaluation of security protocols and applications.
Your security solution must fulfill crypto-related conformity requirements (ANSSI, BSI, NIST) but you are lacking resources or expertise to make sure it really does? We perform an in-depth security analysis of your security application or architecture and spot the cryptographic misconceptions if any, at both:
The Applicative Level: we extract a cryptographic model from the specifications of the applicative architecture and identify the threat model that best captures your security expectations. Based on the latest advances of cryptanalysis techniques and/or using security proving, we then provide a concrete measurement (security strength aka number of bits of security) as to how well the security solution effectively resists the identified security threats.
The Implementation Level: given the low-level specifications and/or software code, we let you know whether the implementation really conforms to the identified security requirements or not. Security-related or cryptographic code often leaves the door open to a number of practical attacks that are hardly taken into account at the specification level (physical attacks enabling key recovery such as side channels and fault injection, security-impacting bugs, internal trapdoors and kleptographic hacks).
Find out whether your security product, application or architecture is worth your investments.