FAQ
Fundamental Concepts and Industry Background
Q1|What is Post-Quantum Cryptography (PQC)?
Post-quantum cryptographyPost-Quantum CryptographyIt is a new generation of cryptographic algorithms designed to resist attacks from quantum computers. Widely used public-key cryptosystems like RSA and ECC may face risks in the future once quantum computing capabilities mature, thus the industry is advancing PQC migration through testing, standardization, and implementation.
Q2|Why deploy PQC now? Aren't quantum computers not yet widespread?
A
Due to the realistic risk of "Harvest Now, Decrypt Later": attackers can intercept and save encrypted data today, and then decrypt it later when quantum capabilities are available. For data that requires long-term confidentiality (government, financial, critical infrastructure, etc.), the earlier an inventory, testing, and migration plan begins, the more controllable the risks and future implementation costs will be.
Q3 | What kind of company is CeQureX?
A
CeQureX is a technology company focused on post-quantum cybersecurity. Our core direction is Agile Quantum-Safe Transformation: providing practical PQC solutions to help enterprises build crypto-agility, protect long-term data, and plan and execute quantum-safe transformation in multi-cloud/hybrid cloud environments.
Products and Solutions
Q4|What products does CeQureX offer?
A
CeQureX's PQC solution suite includes:
Wave-Key: An encrypted asset inventory and assessment tool to measure encrypted agility maturity and provide remediation/migration roadmaps.
Wave-On: PQC Transition Toolkit (SDK Pack + Optional Hardware Accelerator) allows for PQC testing and integration to be performed on the cloud or on-premises.
Wave-Plus: PQC Proxy Server (deployed in the DMZ), quickly integrates PQC via bridging without modifying the original system code, reducing system modification costs.
WaaS: PQC Cloud as a Service, offering a quantum-safe cloud platform and crypto-asset management capabilities.
Q5 | What is the difference between Wave-Key, Wave-On, and Wave-Plus? Which one should I choose?
A
The three products correspond to different stages of PQC migration. You can understand it as "first inventory, then test, and finally implement quickly":
Wave-Key (PQC Inventory): Conduct cryptographic asset inventory and readiness assessment, and produce an actionable remediation/migration roadmap (including mitigation strategies, algorithm recommendations, and prioritization).
Wave-On (PQC Migration Toolkit): Enables development/security teams to test PQC algorithms and integrate cryptographic operations on the cloud or on-premises, supports Java/Python calls, and optionally includes hardware accelerators for performance enhancement.
Wave-Plus (PQC Proxy Server): Deploy services in the DMZ via Proxy/Bridge, performing Hybrid (TLS+PQC) conversion externally. This approach requires minimal modifications to existing systems and code, making it suitable for scenarios demanding quick and low-impact integration.
Q6 | What kind of customers is WaaS (PQC Cloud Service) suitable for?
#IT Manager | Procurement/PM | Cloud/Platform Team | Decision-Maker
A
WaaS (PQC Cloud as a Service) is suitable for customers who want to "achieve quantum resilience faster" and do not want to build a complete PQC protection layer from scratch. It is a ready-to-go cloud platform with built-in quantum-safe data protection, cryptographic asset (including certificates and keys) management capabilities, and offers more flexible business models as an alternative to self-building.
Technology, Compatibility, and Standards
How long does PQC migration take?
A
The actual timeline will vary depending on your system scope, dependencies, and implementation strategy. CeQureX's approach is to proceed with "inventory → planning → phased migration," and the document also mentions that the goal is for large enterprises to complete key inventory and migration tasks in an agile manner within one year.
Q8|How much performance can hardware accelerators improve?
# Information Security/Architect | IT Infrastructure | Lead for Performance-Sensitive Systems
Wave-On can be optionally equipped with hardware accelerator cards. For a single accelerator card, computing speeds for operations such as key generation, encryption, and decryption can be increased by 2.55 to 6.7 times.(Varies depending on usage scenario and workload)。
Q9 | What standards and certifications do your products meet?
#CISO | Compliance/Audit | Information Security Architect
A
Wave-On is designed to integrate NIST identified and advancing standardized PQC algorithms into enterprise testing/migration processes, and can be deployed in a FIPS 140-2 certified secure environment (with or without CeQureX HSM). Additionally, the Wave-On SDK Pack documentation lists its supported PQC algorithms, including: CRYSTALS-Dilithium, FALCON, SPHINCS+ (signatures), and CRYSTALS-Kyber (KEM).
Q10 | Which cloud platforms does CeQureX's solution support?
# Cloud/Platform Team | IT Manager | Information Security Architect
A
Supports multi-cloud/hybrid cloud deployment scenarios, including On-Premise, AWS, GCP, and Azure.
Q11|Which existing platforms/components can your solution integrate with?
#IT Architect | Platform Engineering | DevOps | Information Security Engineering
A
The platforms listed in the document include IIS, F5, Apache, Kubernetes, HashiCorp Vault, and Azure Key Vault, and can be quickly integrated through service interfaces, REST APIs, standard protocols, or existing plugins.
Q12 | What password operations does Wave-On support?
# Development Team | Information Security Engineering | Architect
A
Wave-On supports PQC-related operations such as key generation, key signing, digital signature, encryption, decryption, and key exchange, and allows developers to test and integrate PQ algorithms.
Introduction Process and Usage
Q13 | How to start with PQC migration? What's the first step?
A
We recommend starting with "Inventory and Risk Visualization":
1. Wave-Key Inventory and Assessment: Inventory cryptographic assets, and assess cryptographic agility maturity and readiness.
2. Produce an Actionable Roadmap: Not only identify risks but also define mitigation strategies, recommend algorithms, prioritize actions, and guide step-by-step implementation.
3. Choose an Deployment Path: For rapid, low-interference deployment, choose Wave-Plus; for in-depth testing and integration, choose Wave-On; to accelerate with a cloud platform, choose WaaS.
Q14| Can you implement PQC in "phases"? Does it have to be a complete overhaul all at once?
# Decision-Makers | CISO | IT Managers | PMs
Okay.CeQureX One of its positioning goals is to allow large enterprises to transition to post-quantum architectures in "phases," migrating gradually without making significant changes to their existing environments.
Q15 | What skills does our development team need to use Wave-On?
# Development Manager | Engineering Team | Information Security Engineering | PM
Wave-On provides a suite of cryptographic operations that can be executed in a secure testing environment and supports use with Java 或 Python Method call password operation(e.g., key generation, signature, encryption/decryption, key exchange)to test and integrate PQC.
Q16 | Can Wave-Plus truly achieve zero-change deployments?
#IT Architect | Information Security Architect | PM | Head of External Service Systems
A
Wave-Plus's positioning is "PQC migration via Proxy/Bridge." The documentation clearly states that it can be introduced without modifying existing infrastructure, environment, or network, and deployed in the DMZ as a PQC proxy between internal and external networks. Externally, it packages TLS messages into a Hybrid Model (TLS + PQC), while internally, it can maintain existing legacy TLS.
Services, Compliance, and Support
Q17 | What technical support and services do you offer?
#CISO | Compliance/Audit | PM | IT Operations
- PQC Transition Planning Support (Experienced SME): Assist enterprises in planning PQC migration.
- Audit/Compliance Visualization: Provides intuitive dashboards and CBOM reports to simplify audit and compliance requirements.
- Global Intelligence Integration: Integrate global intelligence from the US cybersecurity alliance to support clients in advancing their migration strategies.
Q18 | How do you assist companies with audits and compliance?
# Audit/Compliance | CISO | Information Security Governance
A
CeQureX mentions that it will help businesses simplify audit and compliance requirements and improve visibility through an intuitive dashboard and CBOM reports.
Industry and cooperation
Q19 | Which industries and regions does CeQureX primarily serve?
# Decision-Makers | Strategy/Partners | Government/Financial Contacts
A
CeQureX will collaborate with governments, banks, and critical infrastructure operators in various regions in the future, and is focusing its efforts on the Asian market, including Taiwan, Malaysia, the Philippines, Vietnam, Indonesia, and Thailand.
Q20 | How can I contact CeQureX for a consultation or to get a quote?
Please contact us via the following methods:
- Email:[email protected]
- Website: www.cequrex.com
Team and R&D
Q21|What is the background of CeQureX's R&D and expert team?
# Decision-Makers | Partners | Government/Financial Contacts | Technology Peers
A
The PKI Officer is the head of the R&D team, holding a Ph.D. in Electrical and Computer Engineering, with over ten years of experience in advanced research and engineering practices. They previously served as a senior engineer at several top research institutions. With over 85 SCIE international journal publications in the field of quantum cryptography and holding multiple core technology patents, they combine theoretical innovation with over six years of practical cybersecurity experience to drive the practical application of research findings in cybersecurity.