Aller au contenu principal
From Shannon to silicon

Cryptographic
fundamentals

27 foundational papers, 9 layers of proofs, 3 independent mathematical families.

Cryptography is not a product. It is a trust chain that starts with a theorem and ends in silicon.

Request technical dossier
Formal construction

Our Construction Π

Multi-KEM Combiner with PSK — integrated architecture with code-based component activable via signed firmware update upon NIST standard publication.

Construction Π — Multi-KEM Combiner with PSK
ss = H(ss1 ∥ ss2 ∥ ss3 ∥ ψ ∥ H(ct1) ∥ H(ct2) ∥ H(ct3))
K1, K2, K3 — three IND-CCA2 KEMs from distinct mathematical families
ψ — 256-bit pre-shared key (unconditional security)
H — ciphertext-binding extractor (CR + PRF)
cti — per-component ciphertext binding
Theorem: Π is IND-CCA2 secure if any single component holds.
AdvΠ ≤ min(AdvK1, AdvK2, AdvK3, 2−256) + negl(λ)
Total break requires: 3 independent mathematical breakthroughs + 1 physical theft
Trust chain

9 layers of proofs

From information theory to international certification. Each layer builds upon the previous one.

0
Layer 0

Theoretical foundations

Shannon 1949 — Information theory

"A perfect secret exists." Our PSK is one.

1
Layer 1

Hard problems

Ajtai 1996 · Regev 2005 · Peikert 2009 · Berlekamp-McEliece-van Tilborg 1978

Three families of mathematical problems studied for 30 to 78 years. No polynomial algorithm found. The best attempt (Chen 2024) was retracted.

2
Layer 2

Cryptographic constructions

Fujisaki-Okamoto 1999 · Jiang et al. 2021 · Barthe et al. 2023

Proven transformation: a CPA encryption becomes a CCA2 KEM. Machine-verified proof by INRIA (EasyCrypt).

3
Layer 3

Combiner

Giacon-Heuer-Poettering 2018 (PKC)

Our central theorem: combining N KEMs = security of the strongest. Ciphertext-binding: each component is cryptographically linked.

4
Layer 4

Independence

Cramer-Ducas 2016 · Hou-Jiang 2026 · MATZOV 2022

Proof that our 3 families do not fall together. Real attacks (Hou-Jiang: 7-13 bits) that justify our diversification.

5
Layer 5

Protocol

Dowling-Paterson 2018 · Noise Framework · Rosenpass 2023

Formally proven handshake in the eCK model. 100% FIPS primitives. Zero unapproved algorithms.

6
Layer 6

Implementation

Huang et al. 2022 (Plantard) · KyberSlash 2023 · dudect 2017

Assembly code verified bit by bit. Zero divisions in the binary. Proven constant-time — no timing leaks.

7
Layer 7

Formal verification

EasyCrypt (INRIA) · F*/hax (MSR+INRIA) · Vale · CompCert (INRIA)

Each proof is itself proven by a machine. Our verification chain relies on tools from European and international academic research.

8
Layer 8

Concrete estimates

Lattice Estimator (Albrecht 2024) · Both-May 2018 · Chailloux-Loyer 2021

Every security claim has a number. Every number has a calculation. Every calculation is reproducible.

9
Layer 9

Certification

NIST FIPS 203/204/207 · ANSSI PA-2024-007 · NSA CNSA 2.0

A single design certifiable across 3 continents.

Continuous monitoring

Cryptanalytic watch

We continuously monitor publications from the world's leading cryptanalysis laboratories. Every result is evaluated, and if needed a signed firmware update is deployed — without service interruption.

13
laboratories monitored
Europe, Americas, Asia
< 24h
alert delay
arXiv, IACR ePrint, NIST
OTA
signed update
Without service interruption
🇫🇷
INRIA Prosecco / COSMIQ
Formal verification of cryptographic protocols
🇳🇱
CWI Amsterdam
Algorithmic lattice theory
🇺🇸
Microsoft Research
Industrial-scale formal verification
🇨🇭
ETH Zurich / EPFL
Security models and protocol analysis
🇺🇸
IBM Research
Quantum computing and post-quantum cryptography
🇨🇦
University of Waterloo
Quantum information and code-based cryptography
🇪🇸
IMDEA Software
Cryptographic assembly code verification
🇩🇪
Ruhr-Universität Bochum
Embedded PQC implementation and side-channels
🇯🇵
NTT Research
Advanced cryptography and multiparty computation
🇬🇧
University of Oxford
Automated formal protocol analysis
🇨🇳
Tsinghua / CAS
Quantum algorithms and superconducting processors
🇺🇸
Google Quantum AI
Quantum error correction and quantum hardware
Continuous audit

52 audited implementations

Every reference implementation is forked, audited and continuously monitored. We verify every commit, every security patch, every standards evolution.

codeberg.org/cryptosphere-pqc

KEM & Key Exchange — 11 repos

🌐 KEMs🇺🇸 FrodoKEM🌐 BIKE🇩🇪 Classic McEliece🇧🇪 SABER🇰🇷 KPQClean🇰🇷 KpqClean v2🇰🇷 SMAUG-T🇨🇳 PQMagic🇺🇸 CIRCL🇺🇸 BoringSSL-PQ

Post-quantum signatures — 12 repos

🇳🇱 Dilithium🇬🇧 ML-DSA Python🇺🇸 MAYO🇹🇼 SNOVA🇮🇹 CROSS🇮🇹 LESS🌐 FAEST ref🌐 FAEST AVX🌐 FAEST Rust🌐 FAEST VC🇺🇸 Picnic🇫🇷 SQIsign

Primitives & classical crypto — 13 repos

🌐 AEADs🌐 Block Ciphers🌐 KDFs🇦🇹 Ascon🇦🇹 Ascon C🌐 Curve25519🌐 Elliptic Curves🌐 Algebra🌐 RSA🇺🇸 Hash-Sigs (LMS)🇺🇸 FROST🇨🇳 GmSSL (SM2/3/4)🌐 PQClean

Industrial crypto libraries — 7 repos

🌐 Botan🇦🇺 Bouncy Castle🇺🇸 aws-lc-rs🇺🇸 Amazon ACCP🇺🇸 SymCrypt🇺🇸 Go (CF patches)🇸🇪 SoftHSM v2

FHE, MPC & Zero-Knowledge — 6 repos

🇫🇷 Concrete (TFHE)🇨🇭 fhe.rs🇺🇸 HElib🇺🇸 MS SEAL🇬🇧 MP-SPDZ🇺🇸 Halo2

Attribute-based & HSM — 3 repos

🇫🇷 CoverCrypt🇺🇸 Bellman (zk-SNARK)🇩🇪 Nitrokey NetHSM
Methodology

Analyse. Understand. Verify. Certify.

Analyse

Every publication evaluated by our tools. Lattice estimator, ISD calculator, concrete estimates.

Understand

Every attack reproduced and numerically verified. 560 tests, 0 failures.

Implement

Bare-metal assembly. AMD FPGA. Zero divisions. Proven constant-time.

Certify

ANSSI CSPN (Q3 2026). FIPS 140-3 Ready. CNSA 2.0. SOG-IS + CCRA (31 countries). One design, the entire world.

Want the details?

The complete cryptographic justification dossier — formal proofs, concrete estimates, verification specs — is available under NDA for certified evaluators and qualified clients.

Request technical dossier Contact crypto team