SA'AT Cryptographics — PTH Meridian

Post-quantum security.

The cryptographic algorithms protecting the world today — RSA, ECDSA, Diffie-Hellman — will be broken by quantum computers. PTH Meridian has already built the replacement. Open source. Canadian. Independently auditable. NIST FIPS 203/204/205 compliant. Ready now.

AKR Naos on GitHub → AKR KeyGen ↗ Research Paper ↗

ML-KEM-768 FIPS 203 KEY ENCAPSULATION

ML-DSA-65 FIPS 204 DIGITAL SIGNATURES

ARGON2ID MEMORY-HARD KDF — 64MB/ATTEMPT

OCSP REAL-TIME REVOCATION — 0MS DELAY

ZKP v2 BOUNDS-BINDING RANGE PROOFS

THRESHOLD SIG 3-OF-5 GOVERNANCE

HSM BRIDGE KEYS NEVER LEAVE HARDWARE

SHAMIR 5 SHARES — THRESHOLD 3

ML-KEM-768 FIPS 203 KEY ENCAPSULATION

ML-DSA-65 FIPS 204 DIGITAL SIGNATURES

ARGON2ID MEMORY-HARD KDF — 64MB/ATTEMPT

OCSP REAL-TIME REVOCATION — 0MS DELAY

ZKP v2 BOUNDS-BINDING RANGE PROOFS

THRESHOLD SIG 3-OF-5 GOVERNANCE

HSM BRIDGE KEYS NEVER LEAVE HARDWARE

SHAMIR 5 SHARES — THRESHOLD 3

SA'AT Cryptographics — Open Source

The security stack

Two open-source tools. From raw post-quantum key generation to a complete six-phase cryptographic trust platform.

// 01

AKR KeyGen

ASYMMETRIC KEY RESOLVER — KEY GENERATION ENGINE

Post-quantum cryptographic primitive engine implementing ML-KEM, ML-DSA and SLH-DSA. NIST FIPS 203/204/205 compliant. Hybrid classical/quantum modes for organizations transitioning gradually. REST API and live developer dashboard.

ML-KEM-768 ML-DSA-65 SLH-DSA ECDSA P-256 / P-384 AES-256-GCM Hybrid modes REST API TypeScript

↗

// 02

AKR Naos

NESTED AUTHENTICATION OPERATIONS SUITE

Six-phase cryptographic trust platform with seven hardening steps. Shamir Secret Sharing, Argon2id Key Vault, Certificate Authority with real-time OCSP, Secure Channel, HMIT Audit Engine, Identity Wallet and Zero-Knowledge Proofs with bounds-binding v2. One vulnerability discovered internally and patched before release.

Shamir Secret Sharing Argon2id KDF ZKP v2 PKI / OCSP HSM Bridge Threshold Signatures Key Attestation Self-sovereign DID

↗

Why post-quantum — now

The threats are real

Active threats that post-quantum cryptography defeats. Not theoretical future risks.

⚠ Harvest Now Decrypt Later

HNDL Attack

Adversaries record encrypted traffic today to decrypt when quantum computers arrive. Data encrypted with classical algorithms is already compromised.

✓ Defeated by ML-KEM

⚠ Signature Forgery

Quantum Forgery

Shor's algorithm forges RSA and ECDSA signatures — the algorithms protecting software, financial transactions and legal documents worldwide.

✓ Defeated by ML-DSA

⚠ Vault Brute Force

GPU Key Attack

GPU clusters test billions of passwords per second against weakly derived keys. Argon2id requires 64MB RAM per attempt — economically infeasible at scale.

✓ Defeated by Argon2id

⚠ Proof Substitution

ZKP Bounds Attack

Unbound range proofs allow attackers to substitute valid proofs for different claims — claiming adult eligibility with a proof for a different range.

✓ Defeated by ZKP v2 bounds binding

⚠ Insider Threat

Single-Party Control

Single administrators with unilateral key access are catastrophic insider threat vectors. One person can sign fraudulent certificates or destroy audit records.

✓ Defeated by Threshold Signatures

⚠ Revocation Delay

CRL Window Attack

Cached CRL downloads leave hour-long windows where revoked certificates appear valid. A credential revoked at 9am authenticates successfully at 9:02am.

✓ Defeated by OCSP — 0ms delay

AKR Naos — production hardening

Seven hardening steps

AKR Naos was not just built — it was hardened. Seven steps from functional prototype to production-grade security infrastructure.

// 01

Argon2id KDF

64MB RAM per attempt (INTERACTIVE) · 1GB RAM (SENSITIVE) · GPU brute force economically infeasible

Complete

// 02

OCSP Responder

Real-time certificate revocation · 0ms window · 3,600,000x faster than CRL

Complete

// 03

Security Audit

Independent cryptographic review · Canadian and international academic or government institutions

Seeking

// 04

HSM Bridge

Keys never leave hardware boundary · SoftHSM now · YubiHSM / AWS CloudHSM ready

Complete

// 05

Threshold Signatures

3-of-5 leadership · 2-of-3 crypto team · no single party acts alone

Complete

// 06

Key Attestation

Hardware provenance proven cryptographically · device certificate chain · trust proven not asserted

Complete

// 07

ZKP v2

CVE-AKR-NAOS-2026-001 patched · boundsCommitment binding · Fiat-Shamir challenge · self-discovered

Complete

The timeline

The clock is already running.

NIST published the post-quantum cryptographic standards in 2024. The US government mandated migration for all federal agencies by 2030. Canada's CSE is actively working on transition requirements.

Most organizations are not ready. Average enterprise migration takes three to five years. Organizations starting in 2027 will not finish by 2030.

PTH Meridian has already implemented the standards. Open source. Auditable. The work is done.

Key dates

2016

NIST PQC Competition69 submissions — global evaluation begins

2022

Finalists SelectedML-KEM, ML-DSA and SLH-DSA announced

2024

FIPS 203/204/205 PublishedOfficial standards — migration mandate begins

2026

PTH MeridianAKR KeyGen + AKR Naos — full implementation — open source — Canadian built

2030

US Federal MandateAll agencies must complete migration

2035+

Cryptographically Relevant QuantumCurrent estimates for RSA-2048 breaking capability

Ready to secure your infrastructure?

AKR KeyGen and AKR Naos are open source and free to use. For integration support, custom deployment or security consultation — get in touch.

Get in touch → GitHub ↗