SandboxAQ today introduced an open-source cryptography management framework built for the post-quantum era.
The AI and quantum spin-out from Alphabet uses the Sandwich framework for its SandboxAQ Security Suite, currently used by several U.S. government agencies, global banks, telcos, and tech companies. The framework is designed to simplify cryptography management and give developers greater observability and control.
“Modern cryptography management and cryptographic agility are becoming increasingly more essential for businesses of all sizes; however, there has been a distinct lack of open-source tools for developers to support these features,” Graham Steel, head of product for the company’s Quantum Security Group, said in a statement.
“We created Sandwich to rapidly accelerate development of our own cryptographic remediation solutions, but realized that open-sourcing these tools would enable developers to experiment with agile cryptography and advance the preparedness of the community before quantum computers can break today’s encryption standards,” Steel added.
With its Alphabet origins and former Google CEO Eric Schmidt as chairman, SandboxAQ landed a $500 million funding round earlier this year, the biggest cybersecurity round of 2023 thus far, with an A-list of investors that includes Schmidt, Salesforce CEO Marc Benioff, T. Rowe Price, Breyer Capital, Guggenheim Partners, AI investor and film producer Thomas Tull, Paladin Capital Group, and others.
Changing Algorithms Without Changing Code
The Sandwich framework lets developers build their own “sandwich” of protocols and implementations they want available at runtime, which are compiled as a Sandwich object.
Sandwich’s API enables developers to embed cryptographic algorithms into their applications, then change or reconfigure them in response to new threats and the development of new technologies without rewriting code.
SandboxAQ says the API also helps developers avoid common mistakes made when manipulating cryptography at a low level, and helps audit teams verify that cryptography is being used in accordance with company policies.
The open-source solution can be embedded into internal applications and commercial software. It supports multiple languages (C/C++, Rust, Python, Go, and others), operating systems (MacOS and Linux), and cryptographic libraries (OpenSSL, BoringSSL and libOQS), with future additions planned.
Anticipating Post-Quantum Challenges
“Quantum computers will necessitate a complete reengineering of cryptographic systems, including implementing new hardware and software solutions, but many organizations are taking a wait-and-see approach before committing to a particular strategy,” SandboxAQ vice president of product Nadia Carlsten said.
“Sandwich provides developers with a risk-free means to explore post-quantum cryptography, share questions and insights with community members, build cryptographic solutions that protect their organization, and potentially generate revenue from commercial applications they develop,” Carlsten added.
Future plans for the solution include the ability to create smaller and larger “sandwiches” to access basic or broad functionality, as well as multi-layered “sandwiches” with an array of functions, such as enabling access to cryptography at different abstraction levels.
Get the Free Cybersecurity Newsletter
Strengthen your organization’s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices.