Compliance & Standards
QuantorPhone is engineered for operators who cannot tolerate compromise. Every cryptographic choice, every data handling decision, and every infrastructure decision is driven by compliance with the world's most demanding security standards.
NATO STANAG Compatible
QuantorPhone and SmartScan are designed to operate within NATO communication security frameworks. From cryptographic primitives to forensic chain of custody, every layer meets the interoperability and evidentiary standards required by NATO member states.
Compliance Framework
| Standard | Scope | QuantorPhone Coverage |
|---|---|---|
| NATO STANAG 4774 | Confidence metadata for intelligence products | SmartScan provides per-alert confidence scoring with engine attribution; multi-engine correlation produces weighted confidence levels compatible with STANAG metadata schema |
| NATO STANAG 4778 | Metadata binding for information sharing | SmartScan exports STIX 2.1 with metadata binding for NATO-compatible intelligence platforms (MISP, OpenCTI, Splunk) |
| NIST SP 800-86 | Forensic techniques in incident response | Full forensic pipeline: capture → preserve → analyze → report with cryptographic hash provenance (SHA-256) at every step |
| NSA CNSA 2.0 | Cryptographic profile for classified systems | TLS 1.3/mTLS with P-384/P-521, SHA-384, AES-256-GCM for all signaling. ZRTP PQC (ML-KEM-1024) for media. No legacy fallback. |
| NIST FIPS 203 | Post-quantum KEM standard | ML-KEM-1024 (Level 5) for media key exchange via ZRTP PQC — highest assurance against quantum-enabled adversaries |
| EU NIS2 Directive | Network security for essential entities | Sovereign deployment model, GDPR Art. 32 encryption, automated incident detection and reporting capabilities |
| MITRE ATT&CK Mobile v18.1 | Adversary tactic & technique knowledge base | SmartScan maps 138 techniques across 12 engines; machine-readable TTP correlation for SOC integration |
| NATO CCDCOE | Cooperative Cyber Defence Centre (Tallinn) | Operational methodology aligned with CCDCOE best practices for mobile device forensic examination and cyber threat assessment |
Why NATO Compliance for Secure Communications?
NATO member states and partner organizations increasingly require communication security tools to meet interoperability and forensic integrity standards originally designed for military intelligence. QuantorPhone meets these requirements from the ground up:
Chain of Custody
Every communication session and every SmartScan analysis produces a cryptographic provenance chain: device ID → session/scan timestamp → hash chain → report hash. This is legally admissible in NATO military courts, allied judicial systems, and civilian criminal proceedings.
Zero Third-Party Leakage
No data ever leaves our infrastructure to external cloud APIs, AI services, or analytics platforms. No telemetry, no usage tracking, no CDN dependencies. Satisfies NATO INFOSEC requirements for classified-adjacent data handling.
Sovereign Infrastructure
Dedicated infrastructure under client sovereignty. On-premise or private cloud deployment options. No data processed or stored by third parties — full operational control for NATO member states and allied organizations.
Encryption at Every Layer
Encrypted VPN (ChaCha20-Poly1305) for SmartScan transport, P-384/P-521 TLS 1.3/mTLS for signaling, ML-KEM-1024 for media keys, AES-256-GCM for storage. All primitives align with FIPS 140-2 and NSA Suite B.
Interoperable Intelligence
SmartScan exports in STIX 2.1 with full MITRE ATT&CK TTP mappings. Direct ingestion into NATO-compatible SIEM/SOAR platforms: Splunk, Elastic, OpenCTI, MISP.
Post-Quantum Ready
NIST FIPS 203 ML-KEM-1024 (Level 5) deployed today — not a roadmap item. Protects all sessions against store-now/decrypt-later attacks by quantum-enabled adversaries.
NIST PQC Level 5 — Post-Quantum Cryptography
- ML-KEM-1024: IND-CCA2 KEM selected for FIPS 203, mapped to NIST Level 5 for high-assurance confidentiality.
- Coverage: Media keying (ZRTP PQC) and relay media paths use ML-KEM-1024 with ephemeral key material.
- Quantum risk: Protects against store-now/decrypt-later adversaries. Key material is ephemeral — even if future quantum computers break classical key exchange, captured sessions remain secure.
CNSA 2.0 Alignment
- TLS 1.3 + mTLS: CNSA 2.0 profile (P-384/P-521 for ECDHE/certs, SHA-384, AES-256-GCM); CA pinning on secp384r1 or secp521r1 (FIPS 186-5).
- Media: ZRTP PQC (ML-KEM-1024) with ephemeral keys; no long-term media key material.
- Revocation: CRL and OCSP stapling checked on every TLS session. Failed checks block session by policy.
- Retention: No server message retention; no metadata logging; keys remain client-side and ephemeral.
Mutual TLS (mTLS) — Why It Matters
- SIP/SIPS over mTLS: CNSA 2.0 profile; cert revocation closes the window for stolen endpoints.
- TURNS over TLS 1.3 + mTLS: Relay path uses CNSA 2.0 with the same revocation controls; media still negotiates PQC keys via ZRTP.
- Tenant and role isolation: Cert profiles encode roles/realms; unauthorized UAs are dropped before SIP parsing.
- Operational assurance: Certificate rotation and CRL distribution automated; no manual key management required.
mTLS Control Plane Flow
Official Standard References
- NATO STANAG 4774 / 4778: NATO Standardization Office (NSO) — Confidence metadata and metadata binding for intelligence sharing
- NIST FIPS 203 (ML-KEM): csrc.nist.gov/pubs/fips/203/final
- NSA CNSA 2.0: Commercial National Security Algorithm Suite 2.0 FAQ (PDF)
- NIST SP 800-86: Guide to Integrating Forensic Techniques into Incident Response
- MITRE ATT&CK Mobile: attack.mitre.org — Mobile Techniques v18
- NATO CCDCOE: Cooperative Cyber Defence Centre of Excellence (Tallinn)