At a time when economic and digital sovereignty are at the heart of concerns, at Seald we are proud to announce that our product is in the process of being certified by ANSSI for a CSPN.

When Seald was created in 2016, we already had the will to have our solutions certified to demonstrate the seriousness of our solutions. At the end of 2019, we took the decision to start this process, and today we are starting the certification audit.

Scope

This process begins with the selection of the scope to be assessed. At Seald, our solutions are many and varied to cover a maximum of use cases. It would therefore be unrealistic to certify everything, especially since the certification is only valid for a given version and not the updates that follow.

So we decided to certify the so-called Seald-SDK which is a Javascript code library that is used in all our solutions, including the desktop application, the mobile application and the command line version of Seald.

Target

Once the perimeter was established, we formally defined which threats we wanted to guard against: the security target. On this subject, we offer our off-the-shelf solutions, but they are all based on a server, which is offered in Cloud or on-demand.

To be very strict, we therefore decided to consider this server as potentially compromised and to prove that, despite this hypothesis, the confidentiality of the elements protected with Seald was not compromised. This is why the certification only concerns the "client" part of the Seald technology: the Seald-SDK.

This target includes most of the cryptographic mechanisms associated with the Seald technology for which we have provided a cryptographic supply document detailing the algorithms used and the way Seald manages keys, the addition of a posteriori rights, multi-devices, etc.

It was written in collaboration with a CESTI, which we commissioned to evaluate the product: Synacktiv, whom we thank very much for their professionalism and availability.

Where are we?

As of July 1st, the security target for the Seald SDK in version 2.1 has been validated by ANSSI and registered, allowing us to officially announce that the Seald-SDK is in the process of certification!

The audit certifying the Seald-SDK starts today, 15 July 2020, we will keep you informed!

Contact our teams for a demonstration.

Better Seald than sorry.