Beware of alleged "military grade secure" products. It is one thing to encrypt with AES-256 or to sign with CRYSTALS-Dilithium, doing it correctly is a different kettle of fish.
We can help you build innovative products that require any standard or advanced cryptographic tools, such as elliptic curves, identity-based encryption, post-quantum signatures, e-cash, and many others.
You are not prepared.
One day, quantum computers will become a reality. When that day comes, RSA, Elliptic Curves and many other fundamental cryptographic primitives will become obsolete. Post-Quantum Cryptography offers secure alternatives and we can help you get ready.
Meet the Holy Grail of cryptography.
Homomorphic encryption is the ultimate cryptographic tool to build more secure cloud computing services that respect everybody's privacy. It allows to confidentialy share data, and the encrypted data can then be processed without ever needing to decrypt or reveal it. Homomorphic encryption is the future, and we can help you get there!
A fresh pair of eyes on your design.
The development of a cryptographic product, from a whiteboard protocol to an industrial grade implementation, is a long and complex process. Our experts will help you avoid common (and less common) pitfalls at any stage of the development.
With experts in discrete mathematics, cryptanalysis and implementations, the SWAP project aims to explore the design of S-boxes for various contexts. While current constructions mostly derive from the results of classical symmetric cryptanalysis, the emergence of new contexts, applications and environments requires the development of new criteria. In particular, the SWAP project aims to investigate the design of new symmetric cryptography primitives for use cases such as white-box cryptography, fully homomorphic encryption, and side-channel resistance.
A french regroupment for post-quantum cryptography.
The RISQ project brings together the french digital security community (academics and industry) in order to prepare the post-quantum revolution. Combining the strong skills of its actors, the RISQ project aims to take part in the development of standards and of new technologies. It also aims to set up processes of migration, so that french industry can be reactive to this technological change. Considering the paramount importance of this project, several major companies decided to get on board even on their own expense.
Using Fully Homomorphic Encryption in Practice.
The HEAT project will develop advanced cryptographic technologies using Fully Homomorphic Encryption to process sensitive information in ecrypted form, without needing to compromise on the privacy and security of the citizens and organizations that provide the input data.
Countless security products advocate the use of highly secure cryptographic algorithms. Saying so only discloses the tip of the iceberg. Indeed, one should wonder how those algorithms are actually used within the product. This is what cryptographic protocols are all about.
Designing a cryptographic protocol correctly is a hard task, and even cryptographic standard may be flawed. But things can get even worse: assume your product requires two distinct protocols. Assume you choose two secure protocols. Are you safe? Not necessarily. The reason is that composing secure protocols does not necessarily lead to a secure system.
By nature, cryptographic protocols are at the heart of the products that make use of them. Changing protocol during the lifetime of a product is a very painful thing to do, inevitably causing loss in terms of customer trust.
Your product should use the right protocol, right from the start.
The growing quantum threat is pushing manufacturers to migrate to so-called post-quantum cryptographic solutions. Although the NIST competition has brought a portfolio of new post-quantum algorithms for encryption and signatures, their level of maturity remains limited. Therefore, the ANSSI still recommends using hybridization, combining mature pre-quantum cryptographic algorithms and more recent post-quantum ones for each functionality. With its expertise in the design and evaluation of (post-quantum) primitives, CryptoExperts can help you select the right pair of primitives for your needs and implement this hybridation process properly. One step further, cryptoagility, which defines the ability to easily update products by replacing certain cryptographic algorithms (in the event of an attack for example), appears to be the right method to implement to maintain a security level up to date. Our experience in the construction of cryptographic solutions and our permanent monitoring of the state of the art of attacks and new solutions make us essential assets to your cryptoagile design.
Most cryptographic primitives require fresh randomness to fulfill their security requirements (e.g., key generation, side-channel countermeasures). The design of Random Number Generators, whether hardware-based or fully software, is at the core of our expertise.
Deterministic (aka. pseudorandom) Random Number (or Bit) Generators (DRNG, DRBG) are cryptographic constructions that create pseudorandom binary sequences from a short internal state. Several approaches based on block ciphers, hash functions or particular mechanisms coexist among current best practices and industry standards. Although approved DRNGs are subject to strong security expectations, not all of them achieve the best possible security level which states that numbers generated in the past must remain unpredictable when the current internal state is compromised. Our DRNG designs achieve that remarkable property and their concrete security level is guaranteed using security proving.
Physical/Hardware/True RNGs compose a source of digitized noise together with a post-processing hardware module to realize random generation with high entropy. Most commonly found approaches for post-processing are empiric and have no security argument other than passing a number of approved statistical tests. Because we strongly believe that the security-by-design approach is by far the most powerful and preferable, CryptoExperts has developed a post-processing technology which combines the cost-effectiveness of a lightweight hardware implementation with proven randomness properties. Our post-processing design can be combined with any physical noise to get a TRNG with high-entropy output. Our design offers full robustness against attacks attempting to corrupt the noise source by influencing environment variables (temperature, voltage, frequency, etc.) in which the RNG operate.
Do you have a concrete use-case? Are you building an innovative product that requires a secure cryptographic protocol(s) but lack the required expertise? We can design the custom cryptographic protocols that best suit your requirements. We are accustomed to the design and/or evaluation of finely-tuned cryptographic protocols for a variety of use-cases, such as:
Whenever possible, our security solutions come with appropriate cryptographic security proofs that can serve as a basis for security certification schemes (Common Criteria, FIPS, BSI, ANSSI, etc.) and submissions to standardization organizations (ISO/IEC, CEN, ETSI, etc).
We are worldwide experts in cryptography. The members of our team have PhD in cryptography and/or many years of industrial experience. Our cryptographic protocols are not only secure: they are finely tuned to fit your environment.