Threshold
FROST 3-of-5 signing
Five token-signing VMs across three availability zones. Any three together can mint a token. Two cannot. The signing key never exists in one place.
Work / Enterprise & Security / Enterprise SSO
No. 27 · In progress · MILNET-grade SSODesigned to survive total infrastructure compromise.
Most enterprise SSO is a Cognito wrapper. This is not. Twenty-one isolated VMs across eight security zones. No single machine can authenticate a user. No single machine can sign a token. Quantum computers cannot break it. Past sessions stay safe even if today's keys leak. Architecture finalised · currently in active development. Local laptop hardware cannot carry the twenty-one-VM cryptographic ceremony · build is awaiting dedicated multi-host infrastructure. If your organisation is willing to sponsor compute capacity for this build, or would prefer to engage me to architect and deliver the deployment on your stack, I would be glad to discuss the arrangement that suits you.
21Isolated VMs · designed
8Security zones · designed
3-of-5FROST signing quorum
PQHybrid posture · ML-KEM + X25519
Multi-hostInfra needed · awaiting
Act I · The Problem
The IdP layer is the breach.
Identity is the front door of every enterprise. It is also where the keys are kept. And it is where the same three failure modes keep showing up.
-
i. Server-side
The IdP knows the password.
If the IdP is breached, every user's credential is leaked. OPAQUE solves this. Almost nobody ships it.
-
ii. Single key
One server signs every token.
Compromise that one server and the attacker mints valid tokens for any user. Threshold cryptography solves this. Almost nobody runs it.
-
iii. Quantum
"Harvest now, decrypt later" is here.
State adversaries are recording TLS sessions today. ML-KEM-1024 in a hybrid envelope is the only honest defence.
-
iv. Audit
The audit log is on the same machine as the breach.
Every "tamper-evident" log can be tampered with by root. A 7-node BFT chain across 3 zones cannot.
Act II · The Promise
No single VM can authenticate a user.
"If you breach one machine,
you have breached nothing."
Server-blind
OPAQUE 2-of-3 auth
Password verification splits across three Confidential VMs (AMD SEV-SNP). The server never learns the password. Argon2id-hardened. RFC 9497.
Post-quantum
X-Wing hybrid KEM
X25519 for today's threats. ML-KEM-1024 for tomorrow's quantum computer. Hybrid means safe even if one breaks. Token signing wraps Ed25519 in ML-DSA-87.
Forward secret
30-second ratchet
HKDF-SHA512 epoch-based ratcheting. Every 30 seconds, prior keys are erased from memory. A breach today cannot decrypt yesterday.
BFT audit
7-node hash chain
Audit entries replicated across 7 nodes in 3 zones. Quorum 5. Each entry signed with ML-DSA-87. Root cannot rewrite history. Auditors can prove it.
Moving target
Auto-mutating attack surface
Keys, ports, and certificates rotate continuously across all 21 VMs. Whatever the attacker mapped yesterday is gone today.
Act III · The Architecture
Twenty-one VMs.
One ceremony.
No Docker. Native systemd on Shielded VMs with vTPM, Confidential Computing (AMD SEV-SNP), and Cloud HSM. Every hop is mTLS plus HMAC-SHA512 plus X-Wing KEM tunnel.
Internet │ ▼ Cloud Armor WAF Gateway C2 Spot MIG · autoscale 1→50 · zero secrets │ (hash-puzzle DDoS filter, X-Wing KEM tunnel) ▼ Orchestrator HA pair · ceremony state machine │ PendingOpaque → PendingTss → Complete ├──► OPAQUE 2-of-3 Confidential VMs · Shamir shares ├──► FROST 3-of-5 5 Confidential VMs · 3 AZs ├──► Verifier + Ratchet HA pairs · forward-secret ├──► Audit BFT 7-node 3 AZs · quorum 5 · ML-DSA-87 ├──► PostgreSQL 3-node CMEK + envelope + SEV-SNP └──► Risk + KT + Witness21 VMs · 8 security zones · 3 availability zones · zero shared secrets
Act IV · The Stack
Quantum-safe at every layer.
| Layer | Algorithm | Standard | PQ |
|---|---|---|---|
| Key exchange | X-Wing (X25519 + ML-KEM-1024) | FIPS 203 | Yes |
| Token signing | FROST 3-of-5 Ed25519 + ML-DSA-87 | FIPS 204 | Yes |
| Password auth | OPAQUE Ristretto255 + Argon2id | RFC 9497 | Yes |
| Session keys | HKDF-SHA512 ratchet | RFC 5869 | Yes |
| Symmetric | AEGIS-256 / AES-256-GCM | RFC 9312 | Yes |
| Backup signatures | SLH-DSA | FIPS 205 | Yes |
| Audit signing | ML-DSA-87 | FIPS 204 | Yes |
| DPoP proofs | ML-DSA-87 | RFC 9449 | Yes |
| Entropy | Multi-source CSPRNG | SP 800-90B | n/a |
Act V · Where it stands
Architecture complete · implementation underway.
Reference deployment · in build
Full ceremony from gateway through threshold signing. WebAuthn flow. OAuth 2.1 + OIDC + PKCE. Public reference deployment is being stood up · architecture walkthroughs available on request.
15 Rust crates · planned workspace
gateway · orchestrator · opaque · tss · verifier · ratchet · audit · admin · crypto · common · shard · sso-protocol · fido · kt · risk
FIDO2 / WebAuthn first-class
YubiKey, Windows Hello, platform authenticators. SHA3-256 Merkle Key Transparency tree. Risk scoring with six signals and four levels · designed in.
Test plan · ceremony, attack, chaos
Cryptographic correctness. End-to-end ceremonies. Adversarial simulations. Chaos injection. Compliance checks. Test plan finalised · CI suite is being assembled alongside the build.
Apache 2.0 + patent retaliation
Open source on launch. Section 3 patent retaliation: sue over this software, lose the licence. Original cryptographic architecture by Divya Mohan.
Honey encryption + duress detection
Five plausible decoy outputs on bad input. Silent lockdown PIN. The attacker cannot tell success from failure · designed in.
If your IdP is the front door, build it like a vault.
I build production-grade post-quantum identity systems for governments, banks, and any team where "the IdP got popped" is the headline they cannot afford.