We have more than 20 years of experience in developing and delivering cycle-accurate optimized cryptographic libraries. Our software is available on a variety of hardware platforms and supports standard and advanced cryptographic algorithms.
Related technology
White-Box Cryptography
Use white-box software in lieu of a secure element.
White-box cryptography turns a keyed cryptographic algorithm into an unintelligible program with the same functionality. The white-box secure program can then be executed in an untrusted environment without fear of exposing the underlying keys. The code itself is tamper-proof, just as a secure element.
Related services
Certification
Let us help to get your security certificate.
Are you really sure that your security solution is ready to cope with the real world? Are you certain that your in-house design will survive the scrutiny of expert cryptographers?
CryptoExperts offers externalized R&D and consulting services in a wide variety of security areas. We can perform an in-depth design and security analysis of your application, spot the cryptographic misconceptions, propose appropriate alternatives and help you to achieve a successful security certification.
Implementation
We deliver highly-optimised bulletproof cryptographic software.
We have more than 20 years of experience in developing and delivering cycle-accurate optimized cryptographic implementations. We support standard and advanced cryptographic algorithms on a variety of software and hardware platforms.
Related research projects
VERISICC
Verifying side-channel countermeasures with automatic tools.
The VERISICC project aims to build automatic tools to verify and generate proven masked cryptographic implementations. These tools will allow industrial people to develop secure and efficient implementations and to certification bodies to quickly and accurately verify the implementations submitted to an evaluation.
AMAskZONE
We are already late, using cryptographic implementations in our daily life that are vulnerable to side-channel attacks. Provably secure cryptographic implementations are not practically secure and evaluations on concrete devices are not sufficient to achieve a reasonable security level. The ERC AMAskZONE project offers a solution that brings together all the links in the chain: provable security and practical security verified on concrete devices.
Prince
Formally proving that your crypto libs are side-channel resistant.
The PRINCE research project addresses the challenge of building leakage-resilient primitives and leakage-resilient implementations for standard algorithms. Through an appropriate security modelling, the embedded security industry has never been closer to fill in the gap between empirically secure cryptographic implementations and built-in, provably perfect resistance against side-channels.
ABC4Trust
Towards trustworthy and privacy-respecting authentication.
ABC4Trust is an EU-funded research initiative that uses cryptographic technologies to provide better protection of privacy and identity on the Internet.
Eclipses
Boosting Elliptic Curves in the Embedded World.
Many business cases and user experiences could be improved or made more profitable if specific ECC-supporting hardware existed that would speedup security protocols by an order of magnitude at minimal cost. The main purpose of Eclipses is to accelerate progress towards such hardware solutions and subsequently boost low-cost public-key and pairing-based cryptography in embedded secure applications.
Our humanly developed low-level APIs rely on finely tuned arithmetic algorithms designed to best suit the given microarchitecture and its hardware computational features at the assembly level. Our libraries are faster by orders of magnitude than C code compiled with general-purpose compilers. Challenge us and compare!
Available crypto libraries
Our portfolio of cryptographic libraries includes:
-
ECC (Elliptic Curve Cryptography): ECDSA signature (FIPS PUB 186-3), ECDH key agreement (NIST SP 800-56), ECIES encryption scheme (ISO/IEC 18033), various elliptic curves supported (e.g., NIST, Brainpool, ANSSI, BSI, Curve25519)
-
RSA: signature/decryption in standard and CRT modes, verification/encryption in standard mode, RSA paddings (ISO/IEC 9796-3, PKCS#1 v1.5, v2.0/2.1)
-
RSA OBKG (On-Board Key Generation): random prime number generation, incremental (ISO/IEC 18032) or modular search sequences (Joye-Paillier), strong primes (ANSI X9.31), Rabin-Williams primes (ISO/IEC 9796-3), generation of RSA key pairs in standard or CRT formats
-
AES (Advanced Encryption Standard): 128/192/256-bit encryption and decryption (FIPS PUB 197, ISO/IEC 18033-3), various mode of operations (ECB, CBC, OFB, CTR, GCM)
-
DES (Data Encryption Standard): DES/3DES encryption and decryption (FIPS PUB 46, NIST SP 800-67, ISO/IEC 18033), various mode of operations (ECB, CBC, OFB, CTR, GCM)
-
Hash Functions: SHA-1, SHA-224/256/384/512, SHA-3 (FIPS PUB 180), Ascon, Poseidon
-
MAC (Message Authentication Code): AES-based and DES-based MAC, CBC-MAC (FIPS PUB 113), CMAC, GMAC (NIST SP 800-38), hash-based MAC, NMAC, HMAC (ISO/IEC 9797-2, FIPS PUB 198, MD5/RFC 6151)
-
DRNG (Deterministic Random Number Generation): ANSI X9.31, X9.17 based on an approved block cipher, ISO/IEC 18031 random bit generators, NIST SP 800-90A (Rev. 1) random bit generation, AIS20/31 compliant DRNG
-
Post-quantum cryptography: lattice-based schemes (CRYSTALS-Kyber, CRYSTALS-Dilithium, FALCON), code-based schemes (Classic McEliece, Bike, HQC), multivariate schemes (UoV), hash-based schemes (SPHINCS+, XMSS, LMS)
-
Advanced Cryptographic Primitives: pairings (aka bilinear maps), IBE (Identity-Based Encryption), anonymous signatures/credentials, ABE (Attribute-Based Encryption), FHE (Functional Homomorphic Encryption), SNARKs (Succinct Non-interactive Arguments of Knowledge)
Security countermeasures
Our implementations feature the best crypto coding practice such as being constant-time and free of data-dependent memory access to avoid pitfalls such as microarchitectural attacks (cache attacks, flush+reload, Spectre, …) and timing attacks. Embedded cryptographic implementations are further subject to physical attacks such as power and electromagnetic attacks (SPA, (HO-)DPA, CPA, MIA, template attacks, horizontal attacks, deep-learning based attacks, etc.), fault-injection attacks (FA, DFA, IFA, safe-error attacks, etc.). Our research team evaluates the latest advances in side-channel analysis and fault-based attacks, attending and contributing to major security related scientific conferences and workshops (CHES, COSADE, FDTC, CARDIS, etc.). Our team members are among the main actors of this field authoring several provably-secure countermeasures and widely deployed formal verification tools that automatically check the security of cryptographic implementations. With this expertise, we ensure that our libraries embed the most efficient countermeasures keeping them at a beyond-state-of-the-art security level.
Our offer
Our business offer aims at providing flexibility and trust to our customers. That is why we strongly commit on efficiency and security, while considering intellectual property issues and proposing flexible contracting options. In particular, our offer covers:
-
Certification readiness. Our cryptographic libraries are guaranteed to successfully pass in-lab security evaluations (FIPS 140-2, CC EAL 4+, CAST, EMVco, etc.).
-
Fine-tuning of the intellectual property. We customize the selection of algorithmic techniques and security countermeasures in order to avoid unnecessary patents.
-
Flexible contracting options. We propose flexible contracting options from the on-demand development of cryptographic software to the licensing of our home-made libraries.
Contact us and get a precise quotation.
Why choose CryptoExperts
CryptoExperts was co-founded by internationally recognized experts in the field of embedded cryptography. Our R&D staff of PhDs totalizes 60+ patents and 300+ scientific publications, and maintains a beyond-state-of-the-art knowledge to secure smart card products. Four senior members of our staff are former program chairs of CHES, the prime scientific event on secure cryptographic implementations. We coordinated the innovative VeriSiCC project and we now host the AMAskZONE ERC project which both aim to automatically generate and verify practical side-channel countermeasures. Let world-class experts develop or evaluate your embedded cryptographic libraries.
Related publications
-
High Order Side-Channel Security for Elliptic-Curve Implementations.In IACR Trans. Cryptogr. Hardw. Embed. Syst., 2023.
-
IronMask: Versatile Verification of Masking Security.In IEEE Symposium on Security and Privacy 2022, pp. 142-160, 2022.
-
Strong Non-Interference and Type-Directed Higher-Order Masking.Gilles Barthe,
Sonia Belaïd, François Dupressoir, Pierre-Alain Fouque, Benjamin Grégoire, Pierre-Yves Strub, Rébecca Zucchini.In CCS 2016, pp. 116-129, 2016. -
Formal verification of a CRT-RSA implementation against fault attacks.Maria Christofi, Boutheina Chetali,
Louis Goubin, David Vigilant.In J. Cryptogr. Eng., 2013. -
Generating Provable Primes Efficiently on Embedded Devices.Christophe Clavier, Benoit Feix, Loïc Thierry,
Pascal Paillier.In Public Key Cryptography 2012, pp. 372-389, 2012. -
Provably Secure Higher-Order Masking of AES.
Matthieu Rivain, Emmanuel Prouff.In CHES 2010, pp. 413-427, 2010. -
Securing RSA against Fault Analysis by Double Addition Chain Exponentiation.In CT-RSA 2009, pp. 459-480, 2009.
-
A Refined Power-Analysis Attack on Elliptic Curve Cryptosystems.In Public Key Cryptography 2003, pp. 199-210, 2003.
-
A Sound Method for Switching between Boolean and Arithmetic Masking.In CHES 2001, pp. 3-15, 2001.