High Assurance Systems Engineering

Secure design, engineered for certainty.

CE Labs designs and builds systems where security comes first — applied cryptography and rigorous engineering, backed by formal methods where correctness matters most.

Get in touch → Learn more

Scope of work

$ ce-check ./system/handshake.rs

✓ handshake ⊨ authenticated

✓ key schedule ⊨ forward-secret

✓ primitives ⊨ correct

──────────────────────────────

secure · system → primitive · post-quantum secure

What we do

Security on every layer.

L1 System

Systems & Architecture

Threat models, trust boundaries, and the architecture of systems that stay secure under real-world pressure — not just on the whiteboard.

Threat modellingDesign review STRIDEMITRE ATT&CK

L2 Protocol

Protocols & Key Management

Key exchange, authentication, and transport — designed and reviewed against formal security models and the threats they actually face.

Protocol analysisDesign TLSMLS

L3 Primitive

Cryptography Engineering

The algorithms at the foundation: implemented for performance and correctness, hardened against side channels, and post-quantum ready.

PerformancePost-quantum ML-KEMAES-GCM

L4 Foundation

Machine-Checked Proofs

When the stakes call for it, we go further: machine-checked proofs that the code meets its specification — the strongest assurance there is.

Functional correctnessEquivalence proofs F*Lean

How we work

From Specification to Production.

01 · DESIGN

Design the system

We map the requirements, threats, and trust boundaries up front, then design an architecture that stays secure under the pressure it will actually face.

02 · SPECIFY

Pin down the spec

We capture what the system must do — and what an attacker must never be able to do — as a precise specification that everything else is built and tested against.

03 · IMPLEMENT

Build the system

We build to that spec, with security and correctness designed in from the first line rather than bolted on after, and reviewed as the code is written.

04 · ANALYZE

Confirm it holds

We check the result against the spec through review, testing, and — where the stakes call for it — machine-checked proofs, with every requirement traced to what we specified.

Learn More

We publish what we do.

A high-assurance Rust implementation of HPKE (Hybrid Public Key Encryption, RFC 9180), built on libcrux's verified cryptographic primitives.

cryspen/libcruxRust

A high-assurance cryptographic library: formally verified, high-performance implementations of post-quantum and classical primitives.

View all projects →

Have something that has to be right?

Tell us what you're building. We'll tell you what it would take to make it secure.

Start a conversation →