Hardware-Rooted Trust · Post-Quantum Attestation

Trust, architected into the silicon.

Proof of Compute as a security premise: the assurance that a computation ran on a signal that was authentic, live, and untampered, resistant to quantum attack. Post-quantum cryptography built in fabric, upstream of the cryptographic layer.

The premise is proven two ways: at the source, through Bio-Cryptographic Attestation, and in silicon, at the die-to-die boundary of multi-die systems. One thesis, one hardware-rooted cryptographic root, proven through timing closure on real silicon.

Post-quantum cryptography secures the channel. It does not attest the truth of the source. That gap is closed upstream, at the hardware root.

The Living Cipher thesis
Capabilities

A specialist practice in the trust boundaries most designs leave open.

Full-flow silicon engineering, from architecture through timing closure, with a specialization in the hardware root of trust for multi-die systems.

01

Die-to-die trust

Authentication across the interconnect between dies of mixed provenance. A die admitted to the trust domain only on cryptographic, hardware-rooted evidence, before the link carries anything that matters.

02

Post-quantum cryptography in fabric

Quantum-resistant signing built into the FPGA fabric itself, not bolted on in software. The cryptographic binding is made at the silicon root, where an adversary cannot reach it.

03

Multi-die & SoC architecture

Disaggregated systems partitioned across smaller dies for yield, the right node per function, and trust and compute made separable and independently verifiable.

04

Full-flow implementation

Concept to tapeout-ready, with no broken hand-off between architecture and implementation. RTL, verification, floorplanning, place-and-route, timing closure, bitstream. The architecture is grounded in what actually closes.

The founding work

Proof of Compute is one premise, proven two ways.

Bio-Cryptographic Attestation is Living Cipher's founding work: cryptographic proof of a signal's integrity, at the hardware root. It attests that a signal was not tampered with, not replayed, spoofed, or injected, and resistant to quantum attack; that the computation ran on this hardware, at this time, under these conditions; and that the authorized human actually initiated it.

Trust where the stakes are physical is what this enables. A medical device, a cardiac monitor, an implanted stimulator, a neural interface, acts on a signal; if that signal is spoofed, replayed, or injected, the consequences can be fatal. An autonomous system acts on a command. A defense system acts on an operator's input. Conventional signing proves a valid key was present. It cannot prove the signal was authentic and live, or that the right human originated the action. Bio-Cryptographic Attestation closes that gap. It is a dual-use primitive, defense and medical, and it generalizes to any system that must trust a signal before it acts.

Trust belongs at the hardware root, upstream, established before anything downstream relies on it, the way a secure connection is assumed rather than rebuilt each time. Provenance of the signal, and of the human who authored the computation, is the layer the rest of the system stands on. Die-to-die trust is one expression of it. Bio-Cryptographic Attestation is the founding one.

Proven two ways
  • At the source, through Bio-Cryptographic Attestation, formally verified
  • At the interconnect, in silicon, at the die-to-die boundary
  • One premise: authentic, live, untampered, upstream of the cryptographic layer
  • One root: post-quantum, hardware-bound, never on an exposed bus
Evidence, not assertion

Proven on real silicon, at the worst-case corner.

A post-quantum signature datapath, authored in RTL with no vendor core and carried the full flow by hand to a working bitstream on a production FPGA-SoC.

53.4 MHz
ML-DSA (FIPS 204) datapath, post-route fmax at the slow / low-voltage / high-temperature corner. The number that holds across process, voltage, and temperature.
Zero
vendor cryptographic cores. Every security property authored and verifiable at the register-transfer level, checked against published known-answer vectors.
End to end
Requirements to bring-up, end to end. Two independent designs carried to working silicon across two different domains.
Approach

The principle is one idea, stated plainly: authenticate the signal at the hardware root, upstream, with cryptographic proof, before anything downstream trusts it.

Conventional systems faithfully sign whatever input they receive, unable to distinguish an authentic signal from a synthetic, replayed, or injected one. The work of Living Cipher is the layer that closes that gap, and enforces it in the architecture rather than promising it in a policy.

The trust material never crosses an exposed bus as a recoverable value. That is a property built into the silicon, not asserted above it.

Engagement
  • Corp-to-corp, remote, US and international
  • Die-to-die trust and PQC-in-fabric design and implementation
  • Multi-die and SoC architecture, full flow to silicon
  • Advisory to teams standing up trust capability
  • Concept described openly; mechanism under appropriate terms
Position paper

The Unauthenticated Interconnect

Why disaggregated silicon needs trust architected into the die-to-die boundary, not bolted on after. The thesis, in full.

Read the paper

A sovereign engineering entity.

Living Cipher LLC holds its intellectual property directly and engages corp-to-corp. The work is done under clear boundaries, with trust enforced by architecture at every layer, including how we contract.

Structure
Living Cipher LLCMassachusetts
Federal
SAM.gov registeredUEI on file
Classification
WOSBWoman-Owned Small Business
Record
12 provisional patentsIACR & SSRN
Contact

If the trust boundary is on your mind,
that is the conversation to have.

Living Cipher engages selectively, corp-to-corp, in FPGA/SoC and multi-die architecture, hardware-rooted security, and post-quantum cryptography. The right problems, taken deliberately.