Post-quantum readiness, certified.
A senior cryptographer maps every place asymmetric cryptography lives in your systems, ranks your exposure, and gives you a roadmap — and a certificate you can show investors, customers, and regulators.
Three tiers, one standard of rigour
Every engagement begins with a paid scoping & discovery call. From there, choose the depth that fits.
Crypto-Agility Readiness
For · SMBs, crypto-native startups, consultancies
A focused readiness assessment: self-assessment questionnaire, document review, and a working session to establish your exposure and a crypto-agility baseline.
- Structured readiness questionnaire & review
- Crypto-agility baseline report
- One guided workshop with your engineers
- Readiness badge on completion
Standard Audit
For · Mid-market, fintech, regulated industries
A full crypto inventory and migration roadmap, with staff training. We map every place asymmetric cryptography is used and order the migration against your threat model.
- Complete cryptographic inventory
- Threat-model-ordered migration roadmap
- Hybrid & primitive selection guidance
- Three workshops + staff training
- qproof certificate + annual renewal
Enterprise / Regulated
For · Banks, insurance, telco, government
Everything in the Standard Audit, plus a board-level report and regulatory alignment mapping across ISO 27001, DORA, and NIS2, with quarterly check-ins.
- Everything in Tier II
- Board report & executive briefing
- Regulatory alignment mapping (27001 · DORA · NIS2)
- Quarterly check-ins for the renewal year
- Named senior cryptographer throughout
How an audit runs
Open, repeatable, and ordered against your threat model — not a checklist.
Scoping & discovery
Always first, always a paid engagement. We agree the scope, map your systems at a high level, and deliver a scope document with indicative pricing before any deeper work begins.
Cryptographic inventory
We find every place asymmetric cryptography is used — TLS, PKI, signing pipelines, identity keys, prekeys, backups, multi-device sync. There is no single switch; each location is its own decision.
Exposure analysis
We assess harvest-now-decrypt-later exposure, select primitives and hybrid constructions, evaluate library fitness, and map findings against the regulatory regimes that apply to you.
Migration roadmap
A prioritised, threat-model-ordered plan — including a rollout strategy from dark launch through gradual ramp to default-on and hardening, with explicit rollback paths.
Certification & renewal
A point-in-time qproof certificate you can show investors, customers, and regulators, with an annual renewal that keeps your posture current as the standards and library landscape move.
The bug classes we hunt
A correct-looking implementation can still fail in specific, recurring patterns. These are the ones we target.
Replay-attackable post-quantum prekeys
Post-quantum prekeys issued one-shot but never retired after use. An attacker can replay the same ML-KEM encapsulation, defeating forward secrecy. The server must atomically consume each prekey.
Variable-time decapsulation (KyberSlash)
A decapsulation path that branches on an internal comparison in a timing-distinguishable way. ML-KEM requires constant-time decapsulation precisely because the reject-vs-accept distinction would otherwise be observable.
Weak randomness in key generation
An ML-KEM keygen drawing randomness from a non-cryptographic or unseeded source. Post-quantum primitives have specific entropy requirements — a working implementation does not prove the RNG path is sound.
Constant-time, undone by the compiler
Source that looks constant-time but is compiled into branchy code by the optimiser. The property must be verified at the binary level, not the source level — the class of timing attacks that exploits this gap is real.
Missing encapsulation-key modulus check
Implementations accepting an out-of-range encapsulation key without validation. Two peers can then derive different shared secrets from the same key — an interoperability and correctness failure.
Treating post-quantum as a single switch
A system may use asymmetric primitives in ten places — identity keys, signed prekeys, ratchets, group key derivation, backups, attestation. “Adding post-quantum” means addressing each, in threat-model order.
Standards & regulation we map against
We assess against the standards as written and align findings to the regime that governs you.
NIST PQC Standards
The finalised ML-KEM, ML-DSA, and SLH-DSA standards. We audit against the standards as written — not earlier round-3 candidates.
NSA Commercial National Security Algorithm Suite
The NSA's algorithm suite and migration timeline for national-security systems and their suppliers.
Digital Operational Resilience Act
Operational resilience obligations for EU financial entities — including the cryptographic posture of critical systems.
Network & Information Security Directive 2
Expanded cybersecurity obligations across essential and important entities, with state-of-the-art cryptography expectations.
Information Security Management
We align findings to the 27001 family so your PQC work slots into an existing certification cycle rather than running beside it.
National guidance (DE · FR)
Germany's BSI and France's ANSSI publish their own migration guidance and timelines; we map exposure to the regime that governs you.
Before you book
Do you certify the company or the product?
The organisation. The qproof certificate attests to your post-quantum readiness posture at a point in time, scoped to the systems we assessed.
Is the discovery call really paid?
Yes. Scoping & discovery is always a separate, paid engagement. It delivers a scope document and indicative pricing so you can decide on the full audit with real information.
What if no PQC standard exists for our exact case?
We assess against the finalised NIST standards and align to the ISO 27001 family, DORA, and NIS2. You get credibility today without waiting for a dedicated PQC accreditation scheme.
Is a certificate a guarantee?
No — and we say so on every certificate. An assessment is point-in-time. The annual renewal keeps your posture current as standards and libraries move.
Find out where you stand.
Book a paid discovery call and leave with a scope and indicative pricing.