Cryptsoft demonstrates Hybrid-PQC Authentication Token use for quantum-safe systems and infrastructure
Wisconsin Eagle/10334655

BRISBANE, Australia - WisconsinEagle -- Cryptsoft has successfully demonstrated a Hybrid Post-Quantum Cryptography (PQC) authentication token proof-of-concept (POC) combining a low-memory rust implementation of ML-DSA-65 with Fetian's OpenSK dongle to deliver hybrid PQC passkey authentication for the Cryptsoft KMIP C Server. This POC demonstrates a practical path to implementing the quantum-safe authentication systems, systems that up to now have been a critical missing element allowing for the build-out of PQC security systems and infrastructure.

The solution builds on top of one of the development branches of the OpenSK project, but replaces the cryptographic implementation with the ML-DSA-65 implementation from Bouncy Castle's bc-rust alpha release which was then tuned for embedded platform use. To enable PQC algorithm support in highly embedded platforms like OpenSK-class devices, a memory-efficient design throughout key generation, signing, and verification was required.

Public-key material is derived incrementally, and fully expanded private-key state is reconstructed only when needed for signing. During signing, the implementation avoids materializing large vectors and processes signing state sequentially, row by row or component by component, recomputes commitment and response data as needed, hashes incrementally, and packs results directly into the output buffer. Verification follows the same model by reconstructing only the required data and streaming hash inputs rather than building large intermediate structures. These techniques were applied in earlier attempts by the OpenSK project on a lower security strength and non-standardised version of Dilithium and we have adapted these approaches to the bc-rust alpha ML-DSA-65 implementation.

More on Wisconsin Eagle

• JetGlow Aviation Launches Premium Aircraft Condition Maintenance Services at Wittman Airport
• $29.8 Million Record Setting Q1 with Boosted Annual Guidance to $160 Million for Expanding Pre-Owned Boat Dealer: Off The Hook YS, Inc. N Y S E: OTH
• All About Technology Celebrates 25 Years of Bridging Detroit's Digital Divide
• iatroX surpasses 500,000 clinical queries and expands specialist exam coverage
• Inside-Out Hollywood: The Relentless Rise of Joseph Nybyk (AKA Joseph Neibich)

"The successful integration of ML-DSA-44, ML-DSA-65 and ML-DSA-87 into OpenSK demonstrates Cryptsoft's commitment to advancing security standards and to driving innovation in the Key Management Server market," said Justin Corlett, Business Development Manager, Cryptsoft. "It gives developers, security engineers, and researchers a practical platform for testing how next-generation FIDO2 credentials may operate in a modern PQC-ready security architecture."

"FEITIAN is thrilled to congratulate Cryptsoft on implementing NIST PQC Algorithms into their products and SDKs. By leveraging the FEITIAN hardware platform, Cryptsoft has demonstrated how collaboration can solve the most pressing security challenges of the quantum era. At FEITIAN, we will continue our dedicated efforts to ensure our hardware remains a trusted, future-proof foundation for the global security ecosystem." - Geoffrey Li, International Technical Director at FEITIAN Technologies Co. Ltd.

"A goal of the bc-rust project is to ensure support for embedded platforms and constrained environments. Meeting this goal is one of the reasons we have worked with Cryptsoft to better explore and understand techniques for PQC algorithms on constrained devices." - David Hook, Secretary, Legion of the Bouncy Castle Inc.

Note the resulting FEITIAN hardware token, combined with the Cryptsoft modified OpenSK firmware is not FIDO2 certified and is intended for development testing only.

About Cryptsoft
Cryptsoft is a privately held Australian company that operates worldwide in the enterprise key management security market. Cryptsoft's Key Management Interoperability Protocol (KMIP) software development kits (SDKs) are the market's preferred OEM solutions. Cryptsoft's solutions have been selected by prominent global companies for interoperable enterprise key management and encryption technology in their storage, security and cloud products. Cryptsoft is an OASIS Sponsor and actively participates on the KMIP, PKCS#11 and SAM Technical Committees. (cryptsoft.com)

More on Wisconsin Eagle

• SRK Collective Media Group Launches with a Modern Approach to Media, Authority Building, and Cultural Visibility
• MSBG Corporation Acquires GridWatch US Telemetry Automation System
• TAYP Expands Athlete Exposure Platform Beyond Georgia With New Push Into Virginia and the 757
• KT Medical Staffing Expands Concierge Nursing and Private Duty Nursing Services in Orange County
• The Millennium Alliance Achieves Great Place To Work® Certification™ Amid Continued Growth

About Feitian Technologies

Founded in 1998, FEITIAN Technologies is committed to developing a comprehensive portfolio of robust authentication, identity verification and secure payment solutions across a full range of security key and smart card form factors; as a member of the Microsoft Intelligent Security Association (MISA), a board member of the FIDO Alliance, and a technology partner of Google, FEITIAN is a global leader in fingerprint biometric and passwordless authentication solutions, serving enterprise, financial, telecommunications, government and educational institutions in more than 150 countries with industry-leading solutions and services. (ftsafe.com)

Legion of the Bouncy Castle Inc.

Legion of the Bouncy Castle Inc. is an Australian open-source charity, best known for the Bouncy Castle project which offers open-source APIs for Java, C# and Kotlin that support cryptography and cryptographic protocols. They cover many security areas, such as public key infrastructure, digital signatures, authentication, and secure communication. Additionally, FIPS certified versions are available for both Java and C#. (bouncycastle.org)