Cryptsoft demonstrates Hybrid-PQC Authentication Token use for quantum-safe systems and infrastructure
Wisconsin Eagle/10334655

BRISBANE, Australia - WisconsinEagle -- Cryptsoft has successfully demonstrated a Hybrid Post-Quantum Cryptography (PQC) authentication token proof-of-concept (POC) combining a low-memory rust implementation of ML-DSA-65 with Fetian's OpenSK dongle to deliver hybrid PQC passkey authentication for the Cryptsoft KMIP C Server. This POC demonstrates a practical path to implementing the quantum-safe authentication systems, systems that up to now have been a critical missing element allowing for the build-out of PQC security systems and infrastructure.

The solution builds on top of one of the development branches of the OpenSK project, but replaces the cryptographic implementation with the ML-DSA-65 implementation from Bouncy Castle's bc-rust alpha release which was then tuned for embedded platform use. To enable PQC algorithm support in highly embedded platforms like OpenSK-class devices, a memory-efficient design throughout key generation, signing, and verification was required.

Public-key material is derived incrementally, and fully expanded private-key state is reconstructed only when needed for signing. During signing, the implementation avoids materializing large vectors and processes signing state sequentially, row by row or component by component, recomputes commitment and response data as needed, hashes incrementally, and packs results directly into the output buffer. Verification follows the same model by reconstructing only the required data and streaming hash inputs rather than building large intermediate structures. These techniques were applied in earlier attempts by the OpenSK project on a lower security strength and non-standardised version of Dilithium and we have adapted these approaches to the bc-rust alpha ML-DSA-65 implementation.

More on Wisconsin Eagle

• Boston Industrial Solutions Launches Natron® 717S Series: A New Flexible UV LED Ink for Ricoh GH2220 Printheads
• 5 Things NYC Courier Services Won't Tell You About How Same-Day Delivery Actually Works
• Tropidelic Links Up With International Reggae Star Collie Buddz and Eli Mac for Feel-Good Breakthrough Single "Follow Your Nature"
• Save 15 Percent on Florida Keys Accommodations with KeysCaribbean's 'Advance Purchase Rate Discount'
• HCC Announces Webinar on Innovations in Affordable Housing Finance—May 20

"The successful integration of ML-DSA-44, ML-DSA-65 and ML-DSA-87 into OpenSK demonstrates Cryptsoft's commitment to advancing security standards and to driving innovation in the Key Management Server market," said Justin Corlett, Business Development Manager, Cryptsoft. "It gives developers, security engineers, and researchers a practical platform for testing how next-generation FIDO2 credentials may operate in a modern PQC-ready security architecture."

"FEITIAN is thrilled to congratulate Cryptsoft on implementing NIST PQC Algorithms into their products and SDKs. By leveraging the FEITIAN hardware platform, Cryptsoft has demonstrated how collaboration can solve the most pressing security challenges of the quantum era. At FEITIAN, we will continue our dedicated efforts to ensure our hardware remains a trusted, future-proof foundation for the global security ecosystem." - Geoffrey Li, International Technical Director at FEITIAN Technologies Co. Ltd.

"A goal of the bc-rust project is to ensure support for embedded platforms and constrained environments. Meeting this goal is one of the reasons we have worked with Cryptsoft to better explore and understand techniques for PQC algorithms on constrained devices." - David Hook, Secretary, Legion of the Bouncy Castle Inc.

Note the resulting FEITIAN hardware token, combined with the Cryptsoft modified OpenSK firmware is not FIDO2 certified and is intended for development testing only.

About Cryptsoft
Cryptsoft is a privately held Australian company that operates worldwide in the enterprise key management security market. Cryptsoft's Key Management Interoperability Protocol (KMIP) software development kits (SDKs) are the market's preferred OEM solutions. Cryptsoft's solutions have been selected by prominent global companies for interoperable enterprise key management and encryption technology in their storage, security and cloud products. Cryptsoft is an OASIS Sponsor and actively participates on the KMIP, PKCS#11 and SAM Technical Committees. (cryptsoft.com)

More on Wisconsin Eagle

• Atelier 411 Studios and Columbus Fashion Council Present Red Carpet Experience at Gateway Film Center for The Devil Wears Prada 2
• Hazel E Celebrates Birthday with Luxury "Goddess" Yacht Experience in Marina del Rey
• Joseph Neibich sits down with Bold Jounrey (aka Joseph Nybyk)
• AI Suite 360 Launches Done-For-You AI Implementation to Rescue SMBs from the "Frankenstein Tax"
• Professional Custom Web Design in Milwaukee & Wisconsin

About Feitian Technologies

Founded in 1998, FEITIAN Technologies is committed to developing a comprehensive portfolio of robust authentication, identity verification and secure payment solutions across a full range of security key and smart card form factors; as a member of the Microsoft Intelligent Security Association (MISA), a board member of the FIDO Alliance, and a technology partner of Google, FEITIAN is a global leader in fingerprint biometric and passwordless authentication solutions, serving enterprise, financial, telecommunications, government and educational institutions in more than 150 countries with industry-leading solutions and services. (ftsafe.com)

Legion of the Bouncy Castle Inc.

Legion of the Bouncy Castle Inc. is an Australian open-source charity, best known for the Bouncy Castle project which offers open-source APIs for Java, C# and Kotlin that support cryptography and cryptographic protocols. They cover many security areas, such as public key infrastructure, digital signatures, authentication, and secure communication. Additionally, FIPS certified versions are available for both Java and C#. (bouncycastle.org)