We have more than 20 years of experience in developing and delivering cycle-accurate optimized cryptographic implementations. We support standard and advanced cryptographic algorithms on a variety of software and hardware platforms.
Give us the instruction set of your microcontroller and we do the rest.
We have more than 20 years of experience in developing and delivering cycle-accurate optimized cryptographic libraries. Our software is available on a variety of hardware platforms and supports standard and advanced cryptographic algorithms.
Use white-box software in lieu of a secure element.
White-box cryptography turns a keyed cryptographic algorithm into an unintelligible program with the same functionality. The white-box secure program can then be executed in an untrusted environment without fear of exposing the underlying keys. The code itself is tamper-proof, just as a secure element.
Related research projects
Secure Software using Whitebox Technology
Software applications are increasingly deployed in environments which cannot be fully trusted. In this context, the SWITECH project aims at investigating and developing innovative security solutions based on White-Box Cryptography. The first benefit of the project is the development of secure mobile applications without a trusted hardware component. This is an industrial research project that brings together theoretical cryptographers (Université de Versailles and University of Luxembourg) and industrial experts (CryptoExperts) whose main concern is the security of their products.
Verifying side-channel countermeasures with automatic tools.
The VERISICC project aims to build automatic tools to verify and generate proven masked cryptographic implementations. These tools will allow industrial people to develop secure and efficient implementations and to certification bodies to quickly and accurately verify the implementations submitted to an evaluation.
A crypto-calculus platform for the Cloud.
The principle of cloud computing is to allow users to outsource computation resources to the cloud by allowing a remote service to execute, in their name, some procedures on their private data. While many commercial services are growing fast, to this day, all require the client to place total trust in the service regarding the confidentiality of their data. The aim of CRYPTOCOMP is to develop an efficient cloud-based crypto-calculus platform which, using the latest advances in Fully Homomorphic Encryption, would make it impossible for the cloud service to learn anything whatsoever about the user's data, while still executing the procedures as intended.
Various cryptographic primitives
Cryptographic primitives are never trivial to implement. They manipulate variables on various sets and thus require different base arithmetic operations. Lattice-based post-quantum crypto-systems often manipulate variables in polynomial rings defined with modulus that can be primes or powers of two. Symmetric crypto-systems are often built upon operations in finite fields of characteristic two, but not only. All these variants need to be carefully implemented, and each operation must be optimized for the target device. With its strong experience in embedded cryptography, CryptoExperts is a perfect match for this task.
Cryptographic implementations are required on many types of general-purpose processors integrated in a wide range of devices (low-cost devices, IoT devices, etc), depending on the final application. To maintain their target security level, cryptographic implementations must be implemented in the appropriate programming language (C, Rust, Assembly, etc) with possibly vectorial accelerations to boost the performances. With its experience in the smart card industry, CryptoExperts has the expertise to meet your different needs.
Embedded systems are subject to physical attacks such as cache and timing attacks, micro-architectural attacks, power and electromagnetic attacks or fault-injection attacks.
To thwart the former, your implementation needs to be constant-time, which is not a trivial task for many cryptographic algorithms and target devices. Specific precautions need to be taken to ensure that the execution flow will remain constant or at least independent from the sensitive data while maintaining a good level of performance.
One step further, our research team evaluates the latest advances in side-channel analysis and fault-based attacks, attending and contributing to major security related scientific conferences and workshops (CHES, COSADE, FDTC, CARDIS, etc.). Our members are also among the main actors of this field with the construction of the most deployed formal verification tools to automatically check the security cryptographic implementations.
With this expertise, we ensure that our customized implementations embed the most efficient countermeasures so that your software keeps a beyond-state-of-the-art security level, fitting the certification requirements.
Proofs of Concept (POC)
Instead of a secure implementation meeting a specific need on a defined target, you might first need a proof of concept (POC) to demonstrate the feasibility of an innovative solution.
You are lost among the new cryptographic methods such that Fully Homomorphic Encryption, Post-Quantum Schemes or Zero-Knowledge Proofs? We can select the most appropriate and up-to-date advanced cryptographic solutions to meet your requirements and concretely demonstrate the feasibility of your project. Pitch us your use case and let us show you what we can do!
Why Choose CryptoExperts
Several collaborators of CryptoExperts have experience in the smart card industry and in particular in the implementation of secure cryptographic solutions on various targets for various security levels. Some of them additionally hold a PhD thesis on the security of cryptographic implementations in the presence of side-channel attacks. Finally, they all carefully monitor the state of the art to stay on top of new attacks and countermeasures. Combined with the company’s skills in advanced cryptographic methods, CryptoExperts is the perfect fit for your cryptographic implementations.