SKIP TO CONTENT
001 · Why Now

The clock is already running.

Adversaries · Harvest Now, Decrypt Later
NIST mandate · FIPS 203 / 204
CRQC estimate · 2029–2031
2024 NIST finalizes ML-KEM & ML-DSA Migration mandate begins TODAY Adversaries recording encrypted traffic Every byte stored for future decryption 2029–2031 Quantum computers arrive Harvested data instantly decrypted AFTER Every unprotected network retroactively compromised
Most

of defence and critical-infrastructure networks still run quantum-vulnerable encryption. (CSE ITSM.40.001; NSA CNSA 2.0 migration guidance, 2024–2025.)

TRL 4

demonstrated on tactical-class Cortex-M7 hardware, April 2026.

Sovereignty Requirement

Five Eyes nations require Canadian-owned, Canadian-developed quantum-safe technology. Foreign-owned IP cannot serve DND/CAF — by policy.

002 · The Nirvair Suite

Two products.
One sovereign platform.

Nirvair is the umbrella platform. CipherMesh encrypts. AetherMesh moves. Tessara — AetherMesh's trust engine subsystem — verifies every fragment on the way through.

01 · Encrypt

CipherMesh

Authenticated Fragmentation

Post-quantum signatures are 3,309 bytes. Tactical radio packets are 512 bytes. CipherMesh fragments signatures into authenticated pieces that survive packet loss and adversarial injection.

TRL 4 · Hardware
02 · Move

AetherMesh

Byzantine Fault-Tolerant Routing

Secures tactical mesh networks against compromised relay nodes using Bayesian trust scoring and a three-state trust model: trusted, quarantined, revoked.

TRL 2–3 · Research
Trust Engine · Subsystem of AetherMesh

Tessara

Anomaly Detection

Monitors fragment delivery patterns, authentication failure rates, and cryptographic timing in real time — feeding signals into AetherMesh's Bayesian trust scoring.

Integrated · AetherMesh
003 · Platform Architecture

Encrypt. Move.
Trust every hop.

Nirvair is the integrated platform. Each product handles a distinct layer. Tessara is a subsystem of AetherMesh — always shipping together.

Encryption Standard
ML-KEM-768
ML-DSA-65
Hardware Demonstrated
Cortex-M7
NUCLEO-F767ZI
NIST Algorithms
FIPS 203
FIPS 204
Target Market
Five Eyes
Allied Defence

NETWORK VULNERABLE — RSA ENCRYPTION EXPOSED TO QUANTUM HARVEST

What this stage is

Operations proceed normally, but all encrypted traffic is at risk. Adversaries are actively recording communications for future decryption. The threat is total, invisible, and immediate.

What it means operationally

Every network on RSA or ECC is already compromised in the adversarial sense — data captured today will be decrypted the moment quantum-capable hardware is available. Waiting is not an option.

TRL 2–3 · Research Stage
Nirvair · Product 02 · Move

AetherMesh

Byzantine Fault-Tolerant Mesh Routing

Secures tactical mesh networks against compromised relay nodes using Bayesian trust scoring and a three-state trust model. Nodes are continuously evaluated and reclassified as trusted, quarantined, or revoked — isolating threats without disrupting operations.

Patent-pending · AetherMesh · Bayesian Trust · BFT Consensus

Why Byzantine Fault Tolerance?

Tactical mesh networks operate in contested environments where any node may be compromised. AetherMesh uses Bayesian trust scoring to continuously evaluate node behavior — detecting routing-layer compromise and identity attacks without requiring a trusted central authority.

How Trust Is Managed

Nodes are classified as trusted, quarantined, or revoked. Suspicious nodes are isolated for observation rather than immediately expelled, allowing recovery from transient failures while containing genuine threats.

TRL 4 · Hardware Demonstrated
Nirvair · Product 01 · Encrypt

CipherMesh

Authenticated Fragmentation for Tactical Networks

Post-quantum signatures (3,309 bytes) are roughly 6× larger than tactical radio packet sizes (512 bytes). CipherMesh fragments signatures into authenticated pieces that survive packet loss and adversarial injection, without interrupting operations.

Patent-pending · ML-DSA-65 · Authenticated Fragmentation

The Problem

ML-DSA-65 post-quantum signatures are 3,309 bytes. Tactical HF radio links carry 512-byte packets. You cannot transmit a post-quantum signature over tactical radio without fragmentation — and fragmentation without authentication creates an attack surface.

Recovery From Packet Loss

CipherMesh uses erasure-coded recovery to reconstruct signatures even when fragments are lost in transit. The receiving node doesn't need all fragments — designed for contested, degraded, actively-jammed environments.

CIPHERMESH · MESH INTEGRITY TERMINAL NOMINAL
00:00:00[SYS]CipherMesh online · Authenticated fragmentation engine armed
00:00:01[NET]HF Radio link · 512-byte MTU · ML-DSA-65 sig 3,309 bytes detected
00:00:02[SEC]Fault-tolerant fragmentation active · 7-fragment mode ready · Auth layer armed
Mesh Health
100%
Traffic Load
12%
Fragments Auth
0/7
STATUS: STANDBY · AUTHENTICATION: ACTIVE · FRAGMENTATION: ARMED

Resource Calculator

Estimate pipeline latency, fragmentation overhead, and bandwidth utilization for your MTU and signature size.

Fragments Required
7
for reassembly
Overhead
266
bytes total
Pipeline Latency
537
ms · 216MHz
Bandwidth Util.
82
% capacity

Pipeline Execution Timeline (CPU Cycles)

Integrated · AetherMesh Subsystem
AetherMesh · Trust Engine

Tessara

Anomaly Detection · Trust Engine

Tessara is AetherMesh's anomaly detection subsystem. It monitors fragment delivery patterns, authentication failure rates, and cryptographic operation timing in real time. When an attacker injects, replays, or withholds fragments, Tessara identifies the threat and feeds the signal into AetherMesh's Bayesian trust scoring — rerouting traffic away from compromised paths.

Patent-pending · Integrated into AetherMesh · Trust Engine Subsystem

What does it detect?

Fragment-layer attacks (injection, replay, withholding), cryptographic timing anomalies, and delivery-ratio degradation across mesh paths.

How does it respond?

Anomaly signals feed directly into AetherMesh's Bayesian trust scoring. Compromised paths are automatically deprioritised, and Tessara signals adjust CipherMesh's recovery profile in response to link conditions.

004 · April 2026 Hardware Demo

Demonstrated on
real hardware.

Two Cortex-M7 development boards (NUCLEO-F767ZI) running CipherMesh. ML-DSA-65 verify. Tamper detection. Replay detection. All PASS.

PASS

Baseline Verification

ML-DSA-65 signature fragmented, transmitted over 512-byte MTU link — the standard tactical radio constraint — reassembled, verified. 29.5ms verify time on 216MHz Cortex-M7.

PASS

Tamper Detection

Single-bit flip injected into transmitted fragment. AEAD authentication failed at receiver. Fragment discarded. Reassembly halted. Attack detected.

PASS

Replay Detection

Previously transmitted fragment replayed by adversary. Cryptographic replay protection rejected the replay. Signature verified only with fresh fragments.

Performance Baseline

Our measurements use non-optimized pqm4. Reference baseline: Abdulrahman et al. 2025 (SLOTHY-optimized, same hardware). We're targeting 4× performance improvement through Carleton/Mitacs optimization partnership (July 2026).

Measured on NUCLEO-F767ZI (Cortex-M7 @ 216MHz) · April 2026

005 · Positioning

Where
Quantegra sits.

Between academic research and deployed systems — a gap few Canadian companies address.

Academic
Research
Quantegra
TRL 4
Defence
Primes
Deployed
Systems

Quantegra bridges the gap between laboratory research and field deployment

Regulatory Timeline

2024

NIST FIPS 203/204 finalised

2026

UK NCSC post-quantum migration guidance

2027

US NSA CNSA 2.0 migration deadline

2029–31

Cryptographically relevant quantum computer (CRQC) estimate

Sovereignty Requirement

Foreign-owned post-quantum alternatives exist, but Five Eyes defence procurement requires sovereign technology. Canadian policy mandates domestic ownership for critical defence infrastructure.

Quantegra is among the first Canadian-owned companies to demonstrate authenticated post-quantum fragmentation on tactical-class hardware.

Key Differentiator

TRL 4 hardware demonstration with real performance data on Cortex-M7 target hardware — not simulation, not theoretical.

006 · About

Built for what
Canada needs.

Gurp Nijjer — Founder & CEO, Quantegra Technologies
GN

GURP NIJJER

Founder & CEO · Quantegra Technologies

Quantegra
Technologies

Gurp Nijjer built his career on Canadian critical infrastructure — power substations, industrial facilities, telecommunications systems. He spent 15 years working on the networks that Canada depends on, watching their cybersecurity vulnerabilities compound.

The December 2022 ransomware attack on SickKids Hospital made clear what he already understood: Canada's critical systems are not prepared for the threats they face today — let alone the threats arriving within a decade.

He founded Quantegra to build what Canada needs. Quantum-safe, Canadian-owned, designed from the ground up for the post-quantum era that has already begun.

Founded

2025
Metro Vancouver, BC

IP Portfolio

Patent
filed

Research

Multi-university
research network

Programs

NRC IRAP eligible
IDEaS eligible

Stage

CipherMesh: TRL 4
AetherMesh: TRL 2–3

Ownership

100% Canadian-owned
& developed

Development Stage CipherMesh: TRL 4 · AetherMesh: TRL 2–3
007 · Contact

Request a technical briefing.

For defence programme discussions, research partnerships, government programme inquiries, or to learn more about the Nirvair platform.

General Inquiriesinfo@quantegra.ca
Partnershipspartnerships@quantegra.ca

Metro Vancouver, British Columbia, Canada

Canadian-owned. Canadian-developed. Designed for the post-quantum era.