Mumbai,
June, 2026 : For the first time in India's history, a
domestically built quantum-safe algorithm has been independently evaluated and
officially recognised by a national authority. The Data Security Council of
India (DSCI) has awarded C-SAFE recognition - Certificate No. DSCI-CSAFE-01 -
to Fortytwo Labs, an Indian deep-tech cybersecurity company building
quantum-safe digital trust infrastructure, for its Ci2: Ring-LWE based
quantum-safe key exchange algorithm - the cryptographic core of the π-Control platform,
in continuous production deployment since 2018.
The
recognition was announced at FINSEC 2026, the DSCI Financial Security Conclave
held in Mumbai, where Fortytwo Labs participated as Quantum-Safe Infrastructure
Partner. Vinayak Godse, CEO of DSCI, presented the recognition to Nilesh
Dhande, Co-Founder and CEO, Fortytwo Labs.
The
Gold Standard of Cryptographic Evaluation - Applied to an Indian Algorithm
C-SAFE - Cryptographic Security Assessment and Functional Evaluation - is India's first independent cryptographic evaluation programme, built from the ground up under DSCI leadership. The Ci2 evaluation was conducted by an expert panel of India's foremost cryptographers across multiple structured rounds covering mathematical correctness, quantum resilience, and implementation security. The evaluation encompassed 13 named statistical security tests including formal IND-CPA security proof, lattice-attack resistance analysis, decryption failure probability modelling, adversarial scenario testing, and post-quantum security margin verification against NIST security category targets. Any organisation can claim its algorithm is secure. C-SAFE recognition means someone independent, rigorous, and nationally authoritative has verified it.
Cryptographic
Sovereignty Is the Foundation of National Digital Trust
An
algorithm is critical infrastructure not merely a technical artefact. When the
cryptographic primitives securing a nation's financial systems, government
data, and communications are designed abroad, audited abroad, and controlled
abroad, that nation's digital sovereignty is contingent on foreign goodwill.
With C-SAFE recognition now awarded to India's only indigenously developed,
deployed, and certified quantum-safe algorithm, India answers a question every
nation must eventually face: whose cryptographic foundations secure your
digital future?
Already
Securing India's Critical Infrastructure, Now Certified!
While
post-quantum cryptography remains a future roadmap item for most organisations
globally, Fortytwo Labs has been operating at production scale already. The
π-Control platform addresses the full spectrum of active threats facing India's
critical sectors today: credential and identity attacks targeting banking
workforces and customers, API-layer attacks, mobile application
vulnerabilities, and the harvest-now-decrypt-later strategy through which
adversaries are capturing encrypted financial records, KYC data, and
communications today to decrypt once quantum computing matures.
What
C-SAFE Recognition Means for Banking and Financial Services
India's
banking sector faces simultaneous pressure from evolving RBI authentication
mandates, rapid open banking API expansion, and long-term cryptographic
vulnerability posed by quantum computing. C-SAFE recognition gives CISOs, CTOs,
and boards independently validated, nationally authoritative evidence that
their cryptographic foundation meets today's regulatory expectations and is
certified resilient against the quantum threats.
For
Indian Defence
Classified
communications and sovereign data transfer cannot carry foreign cryptographic
dependencies not in procurement, operations, or audit. Fortytwo Labs'
Quantum-Safe Secured Data Transfer Appliance and Secured Communications
platform are built on the only algorithm in India to hold C-SAFE recognition,
protected by multiple granted patents in India and the United States, with zero
foreign IP in the cryptographic trust layer. The company has previously
received the SIDM Defence Champion Award 2023 and the BRIG SB Ghorpade Award
for MSMEs in Defence Production 2026.
Quotes
“Cryptographic
sovereignty is not a preference. It is a strategic imperative and for India, it
is long overdue. India's critical infrastructure cannot be secured on
algorithms we did not build, standards we did not set, and trust frameworks
that answer to foreign authorities. An Atmanirbhar India cannot outsource its
cryptographic foundation. That conviction drove us to build the quantum-safe
algorithm from first principles Indian ingenuity, Indian cryptographers, Indian
authority. Today, DSCI's C-SAFE programme recognised it and made that
conviction official. Cryptographic sovereignty India doesn't need to adopt a
standard. We built one.”
-
Nilesh Dhande, Co-Founder and CEO, Fortytwo Labs
“With
the rapid evolution of quantum technologies, it is important to establish
credible alternative mechanisms for evaluating emerging cryptographic
algorithms, being built in India. C-SAFE was created to provide a structured,
expert and researcher led assessment framework at the national level that helps
independently validate the mathematical design, security considerations of such
innovations.\
The
successful completion of the C-SAFE evaluation by Fortytwo Labs’ Ci2 algorithm
marks an important milestone for the programme and demonstrates the growing
maturity of post-quantum cryptographic research and development in India.
Fortytwo Labs' Ci2 is the first algorithm to earn that recognition.”
- Vinayak Godse, CEO, Data Security Council
of India (DSCI)
About
C-SAFE and DSCI
The
Data Security Council of India (DSCI) is India's premier industry body for data
protection and cybersecurity, established by NASSCOM. Under the leadership of
Vinayak Godse, DSCI established C-SAFE: Cryptographic Security Assessment and
Functional Evaluation India's first independent cryptographic evaluation
programme. C-SAFE conducts formal threat modelling, rigorous mathematical
scrutiny, and quantum resilience verification across multiple evaluation
stages. A C-SAFE recognition tells user organisations and their auditors that
an algorithm has been cleared for production use by the country's most credible
cryptographers not by its creator. Certificate DSCI-CSAFE-01 is the first ever
issued under the programme.
About
Fortytwo Labs
Fortytwo
Labs is a Pune based deep-tech cybersecurity company building quantum-safe
digital trust infrastructure and India's first and only C-SAFE recognised
organisation. Its π-Control platform delivers Identity Fabric, Mutual
Authentication, Key Exchange, Encryption, and Access Control across web
applications, mobile apps, APIs, and digital services on a single quantum-safe
cryptographic foundation. The platform is protected by granted patents in India
and the United States. In building India's first independently certified
quantum-safe algorithm, Fortytwo Labs has established that India's digital
future can rest on Indian cryptographic foundations.