Cryptographic Product Review

Give us the instruction set of your microcontroller and we do the rest.

We have more than 16 years of experience in developing and delivering cycle-accurate optimized cryptographic libraries. Our software can be declined on a variety of hardware platforms and support standard and advanced cryptographic algorithms.

Don't give bad randomness a chance.

Any cryptographic algorithm requires randomness at some point. And it's better be good! Even the most advanced cryptosystem will eventually fail if associated with a bad TRNG or PRNG, putting at risk the full stack of security measures you carefully crafted. Hopefully, we've got you covered.

Security by design is not an abstract concept.

Beware of alleged "military grade secure" products. It is one thing to use AES-256 or RSA-4096, using it correctly is a different kettle of fish.
We can help you build innovative products that require any standard or advanced cryptographic tools, such as elliptic curves, identity-based encryption, anonymous signatures, e-cash, DRM, Pay-TV and many others.

« Certification Sécuritaire de Premier Niveau »

The French information security agency (ANSSI) developed the CSPN certification as a lightweight alternative to CC certifications. If CC/EMVco certification is too long or too expensive for your product, CSPN might be just what you are looking for.

Opening the way to mid-term cryptography revolutions.

ISO/IEC SC 27 is the arena where international crypto standards are conceived. We work within ISO for a world that offers better security and better privacy to the global industry, gov-related institutions and above all, to users.

How (in)secure are mobile phones?

The main goal of the Tisphanie project is to propose a systematic and structured methodology, together with the related tools and evaluation process enabling the concerned users (MNOs, application developers, police laboratories, civil security operators) to efficiently assess the security of all major components embedded in personal devices (mobile handsets, PDAs, netbooks, PMR terminals) for critical or value-added applications.

Verifying side-channel countermeasures with automatic tools.

Cryptographic implementations are often vulnerable to side-channel attacks, which exploit the physical emanations of the underlying component to retrieve the manipulated secrets. They are very powerful and easy to implement. The most widely used countermeasure today is masking, which aims to randomize the manipulated data. The VERISICC project aims to build new methods to automatically verify and generate proven masked cryptographic implementations. VERISICC relies on the multidisciplinarity of its consortium, ranging from researchers specializing in formal methods and side-channel attacks (INRIA, University of Luxembourg) to end-users (IDEMIA), to design innovative software tools with the support of SMEs (CryptoExperts and NinjaLab). These tools will allow on the one hand industrial people to develop safe and effective protected implementations by reaching a high level of certification and on the other hand to certification bodies (represented in the consortium by ANSSI) to quickly and accurately verify the implementations submitted to an evaluation. In particular, the project will focus on the evaluation of existing techniques, the choice of more efficient techniques, and the design of tools dedicated to equipment actually used on the market.