Podcast | PQC-Powered Corporate Messaging with NetSfere

Anurag Lal: Performance is important from an end user perspective — even more important when you have context-sensitive and time-sensitive applications like voice and video. There is no noticeable difference between our legacy implementation and our post-quantum implementation. I feel good about that.

Konstantinos Karagiannis: Migrating to post-quantum cryptography across an organization will take time, but while you’re replacing every cipher, you may also want to add systems that bring new functionality and come with PQC built in. Imagine a mobile messaging app like WhatsApp, but with ML-KEM under the hood and enterprise-grade controls. Customers from hospitals dodging ransomware to finance professionals sharing secrets and quantum-proof chats are already using it.

Learn about this tool in this episode of The Post-Quantum World. I’m your host, Konstantinos Karagiannis. I lead Quantum Computing Services at Protiviti, where we’re helping companies prepare for the benefits and threats of this exploding field. I hope you’ll join each episode as we explore the technology and business impacts of this post-quantum era.

Our guest today is the founder and CEO at NetSfere, Anurag Lal. Welcome to the show.

Anurag Lal: Great to be here. Thanks for having me on the show.

Konstantinos Karagiannis: We cover PQC quite a lot. It comes up quite regularly, so I’m always interested in what companies are doing to begin their migration and what products can help along the way. We’re going to have an interesting chat today. Can you start by giving us an overview of NetSfere and how post-quantum cryptography fits into your vision for secure communications?

Anurag Lal: Let me introduce NetSfere to you. NetSfere is a secure messaging platform that has been built from the ground up for the enterprise. Our vision behind NetSfere was simple: We recognized that mobile messaging as a means of communication with the enterprise is going to become more and more important. It’s convenient, it’s brief, it allows you to be that much more productive and it’s easily available. We have also data that says that in most cases, mobile messages are responded to within 15 minutes of you receiving a mobile message, which says a lot more than email and other forms of enterprise communication.

We looked around, and we found quickly that there was not a purpose-built enterprise-grade mobile-messaging communications platform. We went about 11 years ago to build a platform that catered to that important need. We built it on multiple pillars, which we felt was important to make this communication mechanism available and usable at the enterprise level.

The first important pillar we built this platform on was encryption. We believed that security was key to enterprise communications. Regardless of who you are and what you do and what business you’re in, you want to be able to keep your communication secure in every way, shape and form. Encryption was at the core of that security prerogative.

The second important pillar was control. We also felt that the enterprise IT organization needed to control the environment they were deploying for their employees. So far, with the consumer-grade applications available out there, like WhatsApp and Slack and others, they weren’t able to control that. Control was an important aspect of what we built as part of this platform.

The other important pillar was regulatory compliance. We also recognized that a lot of industries had important regulatory obligations, and they were unconsciously not complying with them by using some of these consumer platforms. We built the means to be able to comply with your regulatory framework. That was our third pillar.

Then, finally, we built in a range of productivity capabilities that people were used to, but in our case, we did it for them to be able to leverage it in a contextual manner. Now, you were able to use voice, video screen, screen sharing and other means we are used to today, but do it contextually within a conversation, making it that much more valuable in the enterprise environment.

But to answer your question directly, why is PQC important to us? We built this platform in a crypto-agile manner. We recognized that our initial step toward encryption, which leveraged elliptical-curve key exchange, was the right approach for us to take. It allowed us to secure these conversations and leave the keys in the hands of the enterprise. But we also knew there will be threats down the road for which we will have to adapt and evolve. Then, recognizing the recent threat of quantum computing, which continues to grow, we knew it was now time for us to take that next step and make this platform quantum-proof.

Today, we have NetSfere being used by organizations across the globe in the finance vertical, in the healthcare vertical, law enforcement, technology companies, all exchanging information that is important to them. But it’s so important that they want to make sure they get past the harvest-now, decrypt-later threat posed by quantum. We aggressively pursued post-quantum cryptography as a means to make our platform quantum-proof. We followed the activities at NIST carefully and closely. NIST essentially came out with their standard in the fall of last year. We’ve already deployed that as part of our implementation. Today, we believe we are one of the first to be quantum-proof as a business-communications platform.

Konstantinos Karagiannis: That was very in-depth. Let’s double-click on a few facts in there. You did a great job explaining why you built this when you’re doing a migration post-cryptography, obviously, one way is to just replace ciphers everywhere. It becomes a game of inventory and hunting them down and all that good stuff. We have to do that, of course, across the board.

But it sounds like this wasn’t built to solve the PQC problem. It sounds like you were building something to get, as you said, more of a corporate version of WhatsApp or something like that because of the benefits, the speed of response and whatever. What we have here is one approach where you’re trying to solve that problem — having a regulatory-friendly communication system — but you also want to make sure you’re not introducing a new problem by not being able to be part of this migration. Right now, you’re claiming the ability to implement NIST finalists. Can you talk about which finalists you’re able to implement and what drove any selection process you might have gone through? Obviously, NIST picked some, so that might be the answer, but I’d love to hear from you.

Anurag Lal: You said it quite well. In a simplistic form, we can be looked at as an enterprise-grade WhatsApp platform. But that’s at the base level. There’s so much more the platform offers. We wanted to make sure the migration was seamless because we have existing users who are using the platform leveraging traditional means of encryption, and as they start using post-quantum algorithms, we want to make sure that that transition is seamless because you have conversations with old ciphers and now you’re going to introduce new ciphers into the process. How does that work when you’re going from device to device? Because we also support multidevice authentication and multidevice synchronization in these conversations. We just went through that, and we were able to do it in a seamless manner.

But answering your questions directly, we adopted the CRYSTALS Kyber 1024 mechanism for PQC, and we are in the process of implementing ML-KEM as well to ensure that all devices, whether those be iOS, Android or desktop platforms, are able to leverage the strength of PQC.

Konstantinos Karagiannis: You’re going to use one of the levels of ML-KEM, like maybe level 5 or something?

Anurag Lal: Correct.

Konstantinos Karagiannis: Are you doing anything for signatures like ML-DSA or anything like that?

Anurag Lal: Not at this point, because we felt this approach was adequate for what we were trying to accomplish. But as the standard continues to evolve, like I mentioned, we’ve built the platform to be crypto-agile and so, if we have to evolve our implementation, it’s very easy for us to do so.

Konstantinos Karagiannis: When some products in the wild started implementing the idea of post-quantum early, they did it often in a hybrid way or some customized way. Of course, we’ve heard about how AWS is done in the cloud — they’re hybrid. Then you’ve got things like Apple’s PQ3 and you’ve got, of course, what Signal did. How would you describe the way you’re implementing? Are you implementing it as a pure straight-up, “Here’s ML-KEM”? Or is it some kind of hybrid wrapper?

Anurag Lal: We did not want to do a hybrid approach, because we felt confident in the way we could implement this. We also felt we could manage the transition seamlessly from an end user perspective. The complexity was hidden behind the platform. Again, one of the things we pride ourselves on is, we built the platform to be mobile-first and to be friction-free from an end user perspective.

We also wanted to ensure that we did not introduce friction. We felt that if we took that hybrid approach, we would be introducing a level of friction we did not want to do. It’s entirely invisible to the end user. We manage it in the background, but they see no change in their interaction with the platform the minute they upgrade to the latest version of the platform that supports PQC. Everything else happens in the background. They just continue to use the platform as they would normally do.

Konstantinos Karagiannis: A sysadmin, would they make any decisions, would they say, “When Anurag’s on his phone, he’ll be getting ML-KEM, but if he tries to access these messages on his laptop, he’s only going to use whatever other standard because he’s in this other environment”? Are there going to be granularity differences like that?

Anurag Lal: The sysadmin has a powerful portal we make available to them from which they can manage the platform. We give them granular detail with regards to what end users do, how they do it and what they use. They have the means to do exactly what you just said, but we recommend they do not do that because it just adds a level of complexity they don’t want to deal with. Ultimately, their phone is going to ring when they have a problem from one device to another device, which inherently would happen because if you have a PQC conversation now being accessed from a device that’s not PQC-ready, you’re going to see gibberish, and we don’t want to see that happen. Our counsel to them is turn it on the minute the upgrade goes out and let it run. That way, you will not have to deal with the support issues that may come about.

Konstantinos Karagiannis: For customers using this now, are there any that are saying, “It’s since August, we have the finalists, so flip the switch — we’re all in”? Are there any that when they install it, they’re, like, “We only want this PQC — let’s go”?

Anurag Lal: You’d be amazed. I just came back from a roadshow in January that encompassed our customers and prospects in Asia, Europe and the Americas. It was two and a half weeks of extensive meetings with hospitals and finance companies and first responders and all our customer base. I was amazed at how aware people were of the quantum threat, regardless of in what geography I was approaching it, and the level of excitement when they were seeing that we were implementing it. There was, all of a sudden, a collective sigh of relief I picked up as I went through these meetings.

Quantum is something people are recognizing as a must-have. I was amazed by that. I thought we were right up front implementing this, but the feedback from our customers was that that gives us an assurance that not only are we secure today, but we’re going to be secure in the very near future as well, when the quantum threat becomes that much more prevalent. There was an amazing amount of interest, an amazing amount of excitement, and people wanted to have it right away, as soon as it’s available — “Turn it on, and let us have the benefits of PQC.” That was pretty much universal.

Konstantinos Karagiannis: Interesting. You mentioned healthcare. I imagine that with the lifetime of a secret in health care being a lifetime, they’re more sensitive to harvest now, decrypt later.

Anurag Lal: They’ve also gone through a lot of challenges with recent ransomware attacks going up exponentially. They are sensitive with regards to what platforms they are now deploying within their environment. There was one large hospital with about 12,000 beds in Indonesia where, during our presentation — they’re an existing customer — the CEO showed up unannounced, and the only reason she showed up was because they had just come through a ransomware attack they were extremely conscious about and they wanted to make sure they accelerate the deployment to other aspects of their hospital that were not previously covered by our platform. That’s why post-quantum was important to them.

Konstantinos Karagiannis: Interesting. It sounds like, as we mentioned earlier, this is something you have to buy into, obviously. You’re not just adding a cipher to Microsoft Teams or whatever. You’re buying into something here. What kind of replacement do you see happening in a company? Do you see this being used for the video calls we’re all used to inside of a company? And how would you handle someone calling in from the outside — I invite a customer in, whatever? What happens? Do they get a web interface they end up going to that starts to introduce them to the platform?

Anurag Lal: Our platform typically is specific to mobile communication, and it fits at the heart of that problem. That problem is not resolved by Teams. It’s not resolved by Slack. People recognize that clearly. They also have this need for security and encryption, which those platforms don’t necessarily provide. That’s where we come in and we get deployed. Our footprint is much smaller and our cost per user is much less than a Microsoft 365 or a Slack implementation. They are then able to deploy us across the board and to all their end users.

You bring up a great point. How do we encompass a third party coming into a conversation from the outside? The good news is, we have a web-based interface we extend out, and the extension happens on the invitation of a recognized user. Only they can push forth that extension to a third party, who then participates based on that invitation, sets up an account, participates, and after that, they’re torn down as and when that conversation is deleted. If they keep the conversation live, they stay part of that conversation, and they have the means to continue to communicate and participate in that conversation. We support video — we support broadcast streaming as well. We also support audio. We pretty much support all the features and capabilities you’re used to from any other platform, but we do it in a much more secure manner.

Konstantinos Karagiannis: Do you find that your users are using it on a computer and a phone, or just the phone?

Anurag Lal: We built it mobile-first for them. This was important. It’s ideally suited for either Android or an iOS device. But we see phone implementations, we see iPad or tablet implementations, and we see laptop and desktop implementations. The good news is, you can take this platform anywhere you want, and you’re not incurring an additional cost. You get that same experience. You can start off in a conversation on a phone and put the phone down and go to your laptop as you get home, and you can pick up where you left off on that conversation. It seamlessly integrates from device to device.

Konstantinos Karagiannis: Does it pick up the conversation and show you history when you switch?

Anurag Lal: Showing history was important. When you introduce a new person to the conversation, that history remains.

We built this with the enterprise in mind, and we recognize there’d be use cases when you are introducing a new person to a conversation who’s taking over. We’ve also built in the means to leverage AI to summarize that conversation too. Our first AI release was in 2018, believe it or not. Since then, we’ve been evolving and building on our AI capability as well, which is powerful.

Let’s say you join a conversation that’s been running for six months and you’re the new program manager, and you want to get yourself up to speed. You hit an icon and say, "Summarize the last six months for me,” and it’ll pull up a summary for you on everything that’s happened, with people’s names and action items and dates that specifically call out highlights of that conversation that allow you to get quickly up to speed and be up and running. If you want to go through all the detail yourself, that’s available to you as well.

This is true in not only a case of just any conversation. We further specialized it to be effective and accurate in the context of medical conversations. When there are two physicians speaking and they’re talking about a particular patient and then they switch the conversation to another patient, we have the means to pick that up as well and lay out exactly what was discussed for each of those patients.

Konstantinos Karagiannis: By having people using this mode, now you have some real-world data from the field. I don’t know what access you have, but I don’t mean you’re reading people’s messages. I don’t know what access you have to performance headaches and complaints and that kind of thing. Also, I’m assuming there’s lab testing going on all the time. Did you have any preliminary benchmarks of what ML-KEM looks like when you switch it on compared to ECDSA or whatever else you were doing?

Anurag Lal: The important point to make is, we have absolutely no access to anybody’s information.

Konstantinos Karagiannis: I didn’t think so — that’s why I clarified. I meant like, you hear from admin saying, “All of a sudden, my users are saying it’s taking an hour to send a photo.” That’s an exaggeration, but that’s what I meant.

Anurag Lal: It’s important to make that clear because sometimes people don’t realize that. Even if you’re approached by a third party to gain access, we don’t have the keys. Whoever owns the data, they own the key. If you’re company ABC Inc., you own the ABC Inc. key. I have no role to play in that.

We were tracking this area carefully, and we wanted to make sure we waited for the standard to be ratified to a certain extent before we did any implementation of PQC. As NIST approached it and progressed, unlike Apple and Signal, which took a precursor approach to PQC, we didn’t want to do that. We wanted to wait. Once we felt that ML-KEM was where it’s going to be, we felt confident enough, we had a quick prototype that was put together, and within a few months, we were out in alpha. A couple of months after that, we were out in beta for a bunch of months and then we went ahead and launched and deployed it across the user base.

Konstantinos Karagiannis: With the performance, have you seen any difference?

Anurag Lal: We wanted to be careful. Performance is important from an end user perspective. It becomes even that much more important when you have context-sensitive and time-sensitive applications like voice and video. We worked hard to make sure there was no difference. There is no noticeable difference between our legacy implementation and our post-quantum implementation. I feel very good about that.

Konstantinos Karagiannis: There’s always a difference. You’re saying it’s not perceptible.

Anurag Lal: Exactly.

Konstantinos Karagiannis: If you compare RSA and ML-KEM, you’ve got key size differences. You’ve got time to key generation, encapsulation, decapsulation.

Anurag Lal: You can see the key size difference. When we were demonstrating this to our customers, we would show them. That’s the only way you can visibly show something’s going on. They said, “Show us.” I said, “We’ll show you the key.” This is not smoke and mirrors. That is a very visible means to show them the difference in the key size. That hits you in the face the minute you see that.

Konstantinos Karagiannis: The main speed-up is decapsulation, from what I found. ML-KEM is crazy fast. One of my favorite analogies is, if you take the world’s fastest fighter jet and multiply its speed by 3, that’s RSA. If you then take the speed of light, that’s ML-KEM. That’s how much faster it is. It’s crazy fast at that.

Anurag Lal: Maybe I’ll use that the next time somebody asks me a question. I’ll quote you on it.

Konstantinos Karagiannis: It comes to something like 1,100 versus 140,000. It’s a crazy difference that the human mind can’t even conceive of.

Did you have any sectors that are still worried about flipping the switch, or do they feel that it shouldn’t be across the board, it should only be for like test areas? I do see some folks who are considering this like a POC-for-PQC period: “We’re going to start doing inventory, but we’ve got this one sensitive thing that we’ll start testing PQC in that, and then we’ll slowly migrate everything else.” Are you encountering anything like that? Or have your customers so far been, like, “Flip the switch — let’s go”?

Anurag Lal: It’s interesting you bring that up because the excitement around PQC was so evident and so apparent, people just wanted to start using it. I have to recognize my team because they did such a great job of implementing it and providing a transition path from legacy to PQC that was seamless. Because of that, nobody wanted to test it, because there was nothing to test. We said, “Release 6.7 is going to be quantum-proof. We’re going to deploy it on such and such date. If you want to participate in the beta, you’re welcome to participate. Otherwise, one fine day, you’re going to come in and it’s going to be upgraded to that native latest release.” People love that.

Now, we obviously had our support team ready and available to provide that additional layer of support in case problems happen. We did have some problems where some devices upgraded late. As a result, they started a conversation with the legacy encryption and they sent it to a device that was PQC-ready. Then there was a mismatch. But ultimately, we managed through that by forcing upgrades on all devices as soon as they came up. As soon as they launched the application, we forced an upgrade, and that way, they were safe and didn’t have to run into that problem.

Konstantinos Karagiannis: I imagine the handshake wouldn’t go very well.

Anurag Lal: Not at all.

Konstantinos Karagiannis: Two very different sets of numbers being exchanged.

Anurag Lal: Exactly.

Konstantinos Karagiannis: That’s interesting. You’re saying you’re ready for the future in that when, let’s say, there’s a round-four NIST finalists or whatever, you’re going to be ready to try and implement code where people can select, let’s say, multivariate or code-based or whatever else comes along the line. Have you been testing any of those?

Anurag Lal: That’s an interesting point. I did. We had not looked at it that way. Our decision was that we would decide on what the platform would use, and it would be the same across the board. But it’s an interesting approach you mentioned, that we list the supported capabilities in there and let end users pick and choose. We have not approached it that way. Our product team, ultimately, will make the decision based on market feedback and customer requests on where to go with this. If we have to upgrade to that next level, we will. But as of now, we are in a good spot with what we’ve implemented.

Konstantinos Karagiannis: We know there will be future rounds. It’ll be interesting how much of a positioning approach will be here. ML-KEM will be so thoroughly entrenched, assuming for the next few years. Then, all of a sudden, it’ll be, like, “You can also do multivariate or whatever.” It’ll be, like, “Should we? Is there a reason?” I was curious how ready you’d be.

Anurag Lal: Like I said at the start, we built it to be crypto-agile. Then we have the means to go down that path should we need to, but we also want to be smart about it.

Konstantinos Karagiannis: Are there any sectors that feel that this is so super critical, they have to get it in the hands of certain people? Let’s say there was some government agency in some country that they’re, like, “We’ve got people in dangerous areas, and we need to be absolutely certain their communication one day can’t be decrypted — we’re going to implement this for our field troops” or something like that? Have you encountered any real specific urgent use cases?

Anurag Lal: The way we implemented it and kept it seamless at the same point in time, we did not charge them extra for this. We said, “We’re just going to make it part of the platform.” Because it was seamless and it was not an additional charge, there was no pushback. Everybody said, “This is a new capability. If you made the way of encrypting, we want it — turn it on and let’s go.” That way, we can also tell our constituents we are using a platform that’s quantum-proof. And we had a CISO sit in on these conversations, and they felt good that they would be one of the first organizations rolling something like this out because they wanted to then go out and talk about it, saying, “ started down the quantum path” because now they feel that they look better on a peer-by-peer basis. There was no pushback.

Now, there were some constituents who wanted it sooner rather than later and who have been part of our beta program, and they were saying, “Let’s go, let’s go, let’s go.” You can guess who those people were. But there was no pushback saying, “I don’t want it — please don’t deploy it.” That’s counterintuitive based on the promise PQC delivers.

Konstantinos Karagiannis: Because I like to act as a beta tester at times, even though I haven’t used this, one thing you might want to consider is, this could become an interesting out-of-band or multifactor communication pathway. You could be sending passphrases or whatever needed for things that can’t be protected by PQC for whatever reason yet to prevent the risk of any kind of handshake that will be vulnerable. That’s another way to look at it: You have to send an email through traditional means that’s not ready yet for PQC. Well, great. Then you just have some password-protected file, and this is the way you send the password.

Anurag Lal: That’s why we’ve seen an interesting shift, now that you mentioned email, that a lot of traffic originally on email is now moving on to NetSfere because NetSfere is closed by nature and that keeps people away from all those phishing attacks that come on email. At the same point, it’s now encrypted through PQC, and email is not necessarily. Here’s an environment they feel that much more comfortable engaging in. You see a lot of that traffic just move over.

We’ve never gone out and pushed and said, “Email is dead. Only use NetSfere.” That’s not for us to figure out. That’s for the end users to decide. People, in the past, would transition the traffic because NetSfere allowed people to be brief and get a quicker reaction and response because it’s mobile messaging. But now, from that security promise, they’re moving over because they say, “I want to be able to send these files out, and I want to make sure they’re secure.”

The other thing NetSfere does is, we don’t have file-size limitations like emails do. We can go up to gigabytes, and that can be set by the sysadmin at the enterprise level. They can set whatever threshold they want to set, and most people keep it open. Because there is no file-size limit, people want to be able to send it securely on NetSuite, and they feel that much more comfortable than sending it by email.

Konstantinos Karagiannis: That web interface we talked about earlier, would that also work for a third party?

Anurag Lal: Absolutely.

Konstantinos Karagiannis: I need to send you a 1-gigabyte report.

Anurag Lal: Absolutely. Healthcare people are sending scans and MRIs, and these are high-def images that need the definition in order to make sure the diagnosis is right. These are big files, and they go back and forth seamlessly.

Konstantinos Karagiannis: I’m glad we bounced around a little on that. I was trying to think of some other potential use cases and ways this could blend in. Even if email is always there, we see it now. I send something big. We need to establish some kind of secure file transfer or whatever when we do a report for a client or whatever. Sometimes, we have to get tricky about how they receive it, depending on their requirements or whatever. This is an interesting approach.

Anurag Lal: In this case, you would not have to go to a third-party platform and say, “I’m going to send you a link to XYZ platform.” It’s all integrated into this. Your clients also get used to it because they see the same requests coming from the same platform again and again for everything. It makes it that much more seamless from an end user perspective.

Konstantinos Karagiannis: Anurag, thank you so much. I wanted to include some other versions of this journey to becoming post-quantum-ready. I hope the platform continues to evolve.

Anurag Lal: Thank you for taking the time. I appreciate it.

Konstantinos Karagiannis: Now, it’s time for Coherence, the quantum executive summary, where I take a moment to highlight some of the business impacts we discussed today in case things got too nerdy at times. Let’s recap.

NetSfere is bringing something new to enterprise communication with a mobile-first, quantum-proof platform. Think WhatsApp, but with corporate controls, regulatory friendliness and post-quantum cryptography running under the hood. NetSfere can handle voice, video and file sharing. Rather than go hybrid, as tech giants like Apple and AWS have done, NetSfere fully implemented NIST finalist ML-KEM, claiming no noticeable performance difference. Its customers were interested in being quantum-ready out of the gate on installation for phones, tablets and laptops. One major client is a large hospital in Indonesia, still reeling from a ransomware attack, that was happy to protect against what it sees as future attacks. Healthcare secrets do have a long lifetime — literally, a lifetime.

Being able to securely send gigabyte-size MRI scans didn’t hurt either. Third-party recipients can access a web portal to receive files and messages if they’re not in the ecosystem. Unlike as with some other secure messaging apps, you can access entire conversations on different devices, which is no doubt important for business threads. Anurag says the application is crypto-agile, so future rounds of NIST-standardized PQC ciphers may be added.

That does it for this episode. Thanks to Anurag Lal for joining to discuss NetSfere’s PQC-enabled corporate messaging, and thank you for listening. If you enjoyed the show, please subscribe to Protiviti’s The Post-Quantum World and leave a review to help others find us. Be sure to follow me on all socials @KonstantHacker. You’ll find links there to what we’re doing in Quantum Computing Services at Protiviti. You can also DM me questions or suggestions for what you’d like to hear on the show. For more information on our quantum services, check out Protiviti.com, or follow Protiviti Tech on X and LinkedIn. Until next time, be kind, and stay quantum-curious.