Cryptographic operations tend to concentrate the confidentiality, integrity and authenticity assurances of data or entire system into a very small high-value target. Vulnerabilities can be obscure and poorly understood yet can be devastating. Systems that seem to be operating correctly, may actually be insecure - a lurking risk that can be taken advantage of at the worst possible time and in the worst possible way.
Cryptography services are not just about the mathematics of the algorithms used in the cryptographic hardware and software solutions but how these solutions are designed, implemented, run and audited. CREAplus offers a range of cryptographic consulting and delivery engagements to help you understand how to implement new solutions or to validate the integrity of existing cryptographic services. Our experienced consultancy services can assist you to either augment your team or seek independent advice and guidance as to the status of your cryptography services.
CREAplus works on custom cryptographic protocol designs based on a client's particular needs. From AES, RSA and elliptic curves to less widely implemented and even custom algorithms, we help clients navigate the many options available and take a concept from design to secure implementation of cryptographic algorithms (executable code). A review of cryptographic implementation ensures that systems are designed, implemented, and operate correctly.
Examples of our work:
- Implementation of traditional cryptographic algorithms such as ARIA, SEED, Keccak, as well as custom key derivations, and other custom cryptographic schemes.
- Implementation of the Boneh–Lynn–Shacham (BLS) signature. We identified the appropriate curve, appropriate bilinear pairing, pinpointed the exact implementation route and supported new arithmetic for enabling mathematical operation over non-binary finite field extensions.
- Implementation of KCDSA, the Korean version of DSA. Private key derivation is done differently than is the norm. New derivation had to be studied, understood and translated into the HW environment.
- Definition of technical requirements and data flow for the implementation of Schnorr signature algorithm over Pallas, using Poseidon as the hash function. Verification if implementation of Schnorr includes any variations from the general definition of Schnorr signatures, if Pallas and Vespa curves are supported by the firmware, check if the Poseidon hash has any peculiarities that might hinder the implementation.
CREAplus’ cryptography consultants focus on the most challenging projects involving cryptographic primitives, protocols, implementations, systems, and applications. The team combines years of experience in security with a life-long passion in cryptography to provide a unique and unmatched services. We have a wealth of experience designing, developing, fixing and implementing cryptographic solutions that our clients rely on for their core business, compliance, data protection and security needs.