Today, post-quantum research is multifaceted:

- Research post-quantum algorithms: Researchers are working on new algorithms designed to be resistant to the capabilities of quantum computers. For example, cryptosystems based on lattices or correction codes are promising candidates.

- Use longer keys: today we use 256-bit keys. It will always be possible to work with longer keys (512 bits for example) if the key generation and encryption/decryption work goes in this direction.

- Develop hybrid cryptography: this method combines classical and post-quantum algorithms to ensure a smooth transition and strengthen security.

- Perform regular updates: Security systems must be regularly updated to incorporate the latest advances in post-quantum cryptography and ensure optimal protection.

We are following this work with great interest because of course we will need to be able to implement the algorithms selected.

To date, we have the possibility to:

- to dynamically change the keys at rapid frequencies to make attacks ineffective

- to incorporate the technology of “future algorithms” that can be developed either in hardware or in software. In either case, we have the technological resources to cover this need.

- new generation FPGAs have more and more processing capacity to ensure treatments

- the FPGAs we use integrate ARM hard-CPUs (which we do not use) but which could include a post-Quantum solution.

‍

CSPN certification is in progress with ANSSI. This process requires several months of work.

‍

SoftLess technology uses 2 dynamic key management mechanisms for the IPsec protocol:

- For customers looking for a simple key management solution, an identification mechanism based on the wpa3 protocol is implemented

- For customers with an IKEv2 key server, SoftLess technology uses the IKE V2 client protocol.

‍

SoftLess technology integrates a functional layer called “health monitoring”. This function ensures real-time monitoring of all product operation. At the slightest detection of an anomaly (unauthorized address, unauthorized flow, etc.) an alarm is sent back to an equipment that will have been previously configured in the form of an SNMPv3 trap or a SYSLOG.

‍

‍

SoftLess technology respects standardized protocols/communication standards up to level 4 of the ISO OSI model.

With for example:

- consideration of the IEEE802.1Q (TSN standard);

- Virtual Link processing with QinQ and vLAN protocol management;

- IP encryption/decryption management with the implementation of IPsec (AES256GCM16 to guarantee integrity and authentication);

- taking into account IP protocols (IP); managing a distributed system time (GPTP, NTP);

- the management of flow redundancy with the protocols FRER, PRP, HSR);

- the wpa3 and IKEv2 protocols to manage encryption keys dynamically;

- the ICMP protocol to manage MTUs; the SNMPv2 protocol to upload logs;

-...

Respecting communication standards facilitates the implementation of SF-106-x range products. For example, it is possible to integrate them into an existing installation or even replace, for example, a level 2 swich by a level 4 router integrating independent firewalls on each port and implementing the possibility of encrypting all data flows without any system modification.

‍

‍

P4S products can be configured either locally (by direct connection to the management console: P4S-Console) or remotely (implementation of a VPN via Ethernet from the management console: P4S-Console).

The configuration data is always doubly encrypted, whether during the configuration phase or at the product level.

It should be noted that: (i) each product has an @IP that can be configured by the user; (ii) there is no clear configuration data in the products.

The P4S-Console application is a resident application that runs on a PC. It allows you to configure each port independently, to route data flows, to manage cybersecurity,...

Once the configuration has been carried out, the configuration data is doubly encrypted and then transmitted to the product.

‍

The addition of cybersecurity functions to a system is generally dealt with:

- or by adding defense in depth architectures and firewalls. These solutions are often (not to say always) based on software-based computer systems managed by operating systems;

- either the installation of equipment such as Fortinet or equivalent;

- or by intervening directly at the level of equipment to integrate a firewall.

Whatever the solution, you need specialized skills in computer science and cybersecurity. And in all cases, you have to ask yourself the following questions (for example):

(i) is it possible to modify equipment without changing its behavior?

(ii) is the computing power to ensure the encryption/decryption of information without changing the execution times sufficient?

(iii) what is the impact of changes for equipment?

(iv) what is the temporal impact of these new functionalities on the system?

(v) How long does it take to implement the solution?

The products offered by P4S provide relevant answers to these questions:

(i) no modification of equipment is necessary;

(ii) the equipment in the SF106 range is sized to handle 100% of the bandwidth of networks in full duplex mode;

(iii) no impact on equipment: no software or hardware modification is necessary;

(iv) no impact on the system: the latency induced by cybersecurity functions at the level of the SF106 boxes is in microseconds;

(v) the implementation of a solution based on SoftLess technology can be done gradually in a few hours.

The implementation of P4S SoftLess technology can be summed up by: I protect and I forget!

‍

To date, the majority of existing solutions (not to say all) for dealing with cybersecurity are developed in software and they implement operating systems based on protocol layers.

technology SoftLess of P4S is based on a hardware architecture. It offers multiple advantages:

- It allows 100% of network bandwidth to be processed in full duplex mode and this independently for each port;

- It uses an independent firewall for each port;

- The processing of a frame is always finalized before the arrival of the next frame;

This means that Encryption/decryption (for example: an IPsec frame with an AES256GCM16 protocol) is done as the frame is processed in A few µs.

In contrast, traditional solutions perform encryption/decryption in software, generating significant processing times that are encrypted, depending on the processing power used, from a few milliseconds to hundreds of milliseconds.

- It offers a robust solution to cyber attacks: no equipment saturation, no battery overflow, no latency,...

SoftLess technology offers another induced advantage: the energy consumption of P4S equipment is very low (less than one watt for the SF106-2, less than 10W for the SF106-8). We are talking about hundreds of watts or even kWatts for existing solutions.

‍

The technology (called SoftLess) offered by P4S is entirely developed in hardware based on FPGA (Field Programmable Gate Array).

Although developed in hardware, the proposed solution is agile and scalable.

The technology is based on the fundamentals of electronics. All functions are implemented using wired logic and (for experts) implement synchronous parallel pipeline architectures.

As a result, The technology does not use any software or operating system.

‍

P4S is a French company that offers sovereign cybersecurity products

- The type of company: P4S is a SAS registered in Evry

- The capital of P4S: 100% French owned at more than 80% by the founders

- The Technology developed by P4S is 100% French and developed in French schools and laboratories (ISEP, EPITA, ENSTA,...)

- P4S owns its technology

- Industrialization/Product Manufacturing is carried out by a French PMI with 100% French (family) capital.

‍

P4S offers cybersecurity network equipment.

Placed at the heart of the network infrastructure, this equipment simply makes it possible to significantly increase the level of protection of an installation against cyber attacks.

‍

We offer a comprehensive range of cybersecurity solutions tailored to the industrial, medical, energy, and government sectors.

Our equipment is designed to provide maximum protection without disrupting your existing network.

Each product is easy to deploy and use.