THE CRYPTRIG APPROACH

NIST-finalized post-quantum cryptography, executing in FPGA fabric

CRYSTALS-Kyber-1024 and CRYSTALS-Dilithium-3 are the only lattice-based KEM and signature algorithms finalized by NIST in August 2024. CQ1 executes both inside a hardware boundary — without software emulation, without CPU load, without a side-channel attack surface.

Lattice Cryptography Deep Dive FIPS 140-3 Path
Abstract lattice cryptography visualization — interconnected node graph representing LWE mathematical structure

TECHNICAL FOUNDATION

Four layers that make PQC production-viable

01

Algorithm Selection

Kyber and Dilithium are the only fully-finalized NIST PQC standards. Cryptrig does not implement experimental or draft algorithms — only production-stable standards with published test vectors and multi-team review.

Lattice mathematics
02

Hardware Execution

PQC operations run in dedicated FPGA fabric, not CPU. FPGA execution eliminates shared-memory side channels, provides deterministic timing, and sustains >18K ops/sec without software overhead.

CQ1 module specs
03

Physical Security

The boundary around the FPGA meets FIPS 140-3 Level 3 physical requirements. Tamper-detection mesh triggers zeroization within 100ms. Key material never leaves the boundary in plaintext form.

Security boundary
04

Hybrid Migration Mode

Before full PQC deployment is complete, CQ1 supports X25519+Kyber-1024 hybrid key agreement. Classical security is maintained during the transition window. Upgrade is policy-controlled — no hardware replacement.

Migration path

SOFTWARE VS HARDWARE PQC

Why hardware matters for post-quantum

DimensionSoftware PQCCQ1 Hardware PQC
Key encapsulation throughput~1,200 ops/sec (OpenSSL, 4-core)>18,000 ops/sec
Latency at production load5–15ms P99<0.8ms P99
Side-channel attack surfaceShared CPU memory, timing varianceDedicated FPGA, no shared memory
Physical key protectionProcess memory (OS-accessible)FIPS 140-3 Level 3 tamper boundary
FIPS 140-3 certification pathFIPS 140-3 Level 1 (software)FIPS 140-3 Level 3 (hardware)
Compliance for regulated use casesLimited — PCI HSM requires hardwareDesigned for PCI HSM and payment rails

Read the technical deep dives

Lattice Cryptography FIPS 140-3 Path