SandboxAQ unveils open-source meta-library Sandwich
SandboxAQ, an AI-driven quantum technology platform, has unveiled “Sandwich.” The open-source framework and meta-library allow developers to build applications leveraging cryptography easily and safely. Sandwich makes modern cryptography management crypto-agile and quantum-resistant.
Historically, cryptographers were the only ones with access to cryptography management and implementation. Nevertheless, the conventional approach to cryptography management has failed to keep pace with the demands of new technology stacks and agile development practices. Therefore, there’s a growing need for improved cryptographic flexibility to safeguard organizations against current and future threats posed by quantum computers. This is where Sandwich comes in.
“Modern cryptography management and cryptographic agility are essential for organizations of all sizes; however, there has been a distinct lack of open-source tools for developers to support these features,” said Graham Steel, Head of Product for SandboxAQ’s security group. “With Sandwich, we’re empowering developers to experiment with different types of cryptography – including the new post-quantum cryptography algorithms soon to be standardized by NIST – so they can achieve the right balance of security and performance.”
Build your Sandwich.
SandboxAQ’s Sandwich offers developers an intuitive and unified API, allowing them to integrate cryptographic algorithms into their applications seamlessly. Developers create their own “Sandwich” of protocols and implementations that becomes available as a cohesive cryptographic object. Moreover, this empowers them to adapt to evolving technologies and threats without the need to rewrite code.
Sandwich supports multiple languages, including C++, Rust, Python, and Go. Additionally, the cryptographic libraries OpenSSL and BoringSSL and libOQS enable post-quantum (PQC) and classical cryptography. This will be critical to protect government entities and corporations against threats posed by quantum computers. By supporting multiple languages and popular cryptography backend providers, the Sandwich API significantly reduces the amount of work developers have to do.
How to use Sandwich:
According to the company, the framework simplifies the creation of a “sandwich” through a three-step process. This makes it easier to implement and reduces complexity.
- Developers decide which protocol to use (e.g., TLS 1.3)
- Choose the implementation (e.g., OpenSSL+libOQS)
- Sandwich composes them into a Sandwich object (in this case, a secure tunnel).
“All enterprises need to have more observability and control over how encryption is managed across their systems, and ensuring that all applications leverage the best possible cryptography is a key aspect of improving cybersecurity posture,” said Nadia Carlsten, Vice President of Product at SandboxAQ. “Sandwich provides developers with an easy set of tools to integrate the latest cryptography standards to reduce the number of vulnerable applications that security-minded organizations have to worry about.”
Future iterations of SandboxAQ’s platform Sandwich will enable the creation of multi-layered, stacked sandwiches with broader functions. This includes providing access to cryptography at different abstraction levels. Other planned features will allow users to create smaller sandwiches to access fundamental cryptographic primitives or larger sandwiches to access functionalities like authentication, virtual private networks (VPNs), or key management services (KMS).
Trusted by U.S. Government and Enterprises
SandboxAQ also recently launched its Security Suite, which handles the discovery and remediation of cryptographic vulnerabilities through crypto-agile encryption management. The company claims that many U.S. government agencies and enterprises already use the platform. This includes the U.S. Air Force, the Defense Information Systems Agency (DISA), the U.S. Department of Health and Human Services, SoftBank, Vodafone, Cloudera, and Informatica. Additionally, several other global banks and telecommunication providers use the platform.