Fri, 3 Jul 2026 · LIVE
Updated Jun 2, 2026 · 18:36
Technology News Updated Jun 2, 2026

India's First Indigenous Quantum-Safe Algorithm Earns Historic C-SAFE Recognition

Fortytwo Labs' Ci2 algorithm has become India's first domestically built quantum-safe algorithm to receive official C-SAFE recognition from DSCI. The recognition was announced at FINSEC 2026, highlighting the algorithm's mathematical correctness and quantum resilience. This milestone addresses India's need for cryptographic sovereignty in critical sectors like banking and defence. The algorithm has been in continuous production deployment since 2018, protecting against current and future quantum threats.

India makes a quantum leap. Fortytwo Labs' indigenous Quantum-Safe Algorithm earns the first-ever C-Safe recognition from DSCI

Mumbai, June 2

For the first time in India's history, a domestically built quantum-safe algorithm has been independently evaluated and officially recognised by a national authority. The Data Security Council of India has awarded C-SAFE recognition - Certificate No. DSCI-CSAFE-01 - to Fortytwo Labs, an Indian deep-tech cybersecurity company building quantum-safe digital trust infrastructure, for its Ci2: Ring-LWE based quantum-safe key exchange algorithm - the cryptographic core of the p-Control platform, in continuous production deployment since 2018.

The recognition was announced at FINSEC 2026, the DSCI Financial Security Conclave held in Mumbai, where Fortytwo Labs participated as Quantum-Safe Infrastructure Partner. Vinayak Godse, CEO of DSCI, presented the recognition to Nilesh Dhande, Co-Founder and CEO, Fortytwo Labs.

C-SAFE - Cryptographic Security Assessment and Functional Evaluation - is India's first independent cryptographic evaluation programme, built from the ground up under DSCI leadership. The Ci2 evaluation was conducted by an expert panel of India's foremost cryptographers across multiple structured rounds covering mathematical correctness, quantum resilience, and implementation security. The evaluation encompassed 13 named statistical security tests including formal IND-CPA security proof, lattice-attack resistance analysis, decryption failure probability modelling, adversarial scenario testing, and post-quantum security margin verification against NIST security category targets. Any organisation can claim its algorithm is secure. C-SAFE recognition means someone independent, rigorous, and nationally authoritative has verified it.

An algorithm is critical infrastructure not merely a technical artefact. When the cryptographic primitives securing a nation's financial systems, government data, and communications are designed abroad, audited abroad, and controlled abroad, that nation's digital sovereignty is contingent on foreign goodwill. With C-SAFE recognition now awarded to India's only indigenously developed, deployed, and certified quantum-safe algorithm, India answers a question every nation must eventually face: whose cryptographic foundations secure your digital future?

While post-quantum cryptography remains a future roadmap item for most organisations globally, Fortytwo Labs has been operating at production scale already. The p-Control platform addresses the full spectrum of active threats facing India's critical sectors today: credential and identity attacks targeting banking workforces and customers, API-layer attacks, mobile application vulnerabilities, and the harvest-now-decrypt-later strategy through which adversaries are capturing encrypted financial records, KYC data, and communications today to decrypt once quantum computing matures.

What C-SAFE Recognition Means for Banking and Financial Services

India's banking sector faces simultaneous pressure from evolving RBI authentication mandates, rapid open banking API expansion, and long-term cryptographic vulnerability posed by quantum computing. C-SAFE recognition gives CISOs, CTOs, and boards independently validated, nationally authoritative evidence that their cryptographic foundation meets today's regulatory expectations and is certified resilient against the quantum threats.

For Indian Defence

Classified communications and sovereign data transfer cannot carry foreign cryptographic dependencies not in procurement, operations, or audit. Fortytwo Labs' Quantum-Safe Secured Data Transfer Appliance and Secured Communications platform are built on the only algorithm in India to hold C-SAFE recognition, protected by multiple granted patents in India and the United States, with zero foreign IP in the cryptographic trust layer. The company has previously received the SIDM Defence Champion Award 2023 and the BRIG SB Ghorpade Award for MSMEs in Defence Production 2026.

Quotes

Speaking about the recognignition, Nilesh Dhande, Co-Founder and CEO, Fortytwo Labs said, "Cryptographic sovereignty is not a preference. It is a strategic imperative and for India, it is long overdue. India's critical infrastructure cannot be secured on algorithms we did not build, standards we did not set, and trust frameworks that answer to foreign authorities. An Atmanirbhar India cannot outsource its cryptographic foundation. That conviction drove us to build the quantum-safe algorithm from first principles Indian ingenuity, Indian cryptographers, Indian authority. Today, DSCI's C-SAFE programme recognised it and made that conviction official. Cryptographic sovereignty India doesn't need to adopt a standard. We built one."

Vinayak Godse, CEO, Data Security Council of India (DSCI) said, "With the rapid evolution of quantum technologies, it is important to establish credible alternative mechanisms for evaluating emerging cryptographic algorithms, being built in India. C-SAFE was created to provide a structured, expert and researcher led assessment framework at the national level that helps independently validate the mathematical design, security considerations of such innovations.\

The successful completion of the C-SAFE evaluation by Fortytwo Labs' Ci2 algorithm marks an important milestone for the programme and demonstrates the growing maturity of post-quantum cryptographic research and development in India. Fortytwo Labs' Ci2 is the first algorithm to earn that recognition."

The Data Security Council of India (DSCI) is India's premier industry body for data protection and cybersecurity, established by NASSCOM. Under the leadership of Vinayak Godse, DSCI established C-SAFE: Cryptographic Security Assessment and Functional Evaluation India's first independent cryptographic evaluation programme. C-SAFE conducts formal threat modelling, rigorous mathematical scrutiny, and quantum resilience verification across multiple evaluation stages. A C-SAFE recognition tells user organisations and their auditors that an algorithm has been cleared for production use by the country's most credible cryptographers not by its creator. Certificate DSCI-CSAFE-01 is the first ever issued under the programme.

According to company information, Fortytwo Labs is a Pune based deep-tech cybersecurity company building quantum-safe digital trust infrastructure and India's first and only C-SAFE recognised organisation. Its p-Control platform delivers Identity Fabric, Mutual Authentication, Key Exchange, Encryption, and Access Control across web applications, mobile apps, APIs, and digital services on a single quantum-safe cryptographic foundation. The platform is protected by granted patents in India and the United States. In building India's first independently certified quantum-safe algorithm, Fortytwo Labs has established that India's digital future can rest on Indian cryptographic foundations.

— ANI

Reader Comments

Jessica F

Impressive achievement, but I'm curious about the practical implementation costs for small banks and startups. The article mentions RBI mandates and defence applications, but will this technology be affordable and accessible for Tier-2 cities and smaller financial institutions? Quantum-safe security shouldn't be a luxury reserved for the elite.

Vikram M

Finally, some real Atmanirbhar Bharat in action! Not just manufacturing chips or phones, but securing our very digital identity. The point about "harvest-now-decrypt-later" attacks is terrifying - adversaries capturing our financial data today to decrypt later with quantum computers. This is exactly the kind of forward-thinking innovation we need. Kudos to the team at Fortytwo Labs!

Kavya N

As someone working in cybersecurity, I can't stress enough how monumental this is. C-SAFE recognition from DSCI means these algorithms have been rigorously tested by India's best cryptographers. The 13 named statistical tests sound exhaustive. But I hope there's ongoing evaluation and transparency about any potential vulnerabilities discovered post-deployment. Security is a journey, not a destination.

Michael C

Excellent development, but I wonder about interoperability with global quantum-safe standards (NIST, etc.). India's sovereignty is important, but if we create a completely isolated cryptographic ecosystem, international transactions and collaborations could face friction. Hopefully, the Ci2 algorithm is designed to be compatible with evolving international standards while maintaining Indian control.

Priya S

This is exactly what we need - India building its own digital trust infrastructure. The quote "An Atmanirbhar India cannot outsource its cryptographic foundation" really resonates. With so

We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.

Reader Voices

Leave a comment

Be kind. Add to the conversation. 0/50
Thank you — your comment has been submitted.
JS blocked