Mumbai: For the first time in India's history, a domestically built quantum-safe algorithm has been independently evaluated and officially recognised by a national authority. The Data Security Council of India (DSCI) has awarded C-SAFE recognition to Fortytwo Labs, an Indian deep-tech cybersecurity company. The recognition was announced at FINSEC 2026, the DSCI Financial Security Conclave held in Mumbai, where Fortytwo Labs participated as Quantum-Safe Infrastructure Partner. Vinayak Godse, CEO of DSCI, presented the recognition to Nilesh Dhande, Co-Founder and CEO, Fortytwo Labs.
C-SAFE - Cryptographic Security Assessment and Functional Evaluation - is India's first independent cryptographic evaluation programme, built by DSCI. The Ci2 evaluation was conducted by an expert panel across multiple structured rounds covering mathematical correctness, quantum resilience, and implementation security. The evaluation encompassed 13 named statistical security tests including formal IND-CPA security proof, lattice-attack resistance analysis, decryption failure probability modelling, adversarial scenario testing, and post-quantum security margin verification against NIST security category targets.
An algorithm is critical infrastructure, not merely a technical artefact. When the cryptographic primitives securing a nation's financial systems, government data, and communications are designed, audited, and controlled abroad, that nation's digital sovereignty is contingent on foreign goodwill. With C-SAFE recognition now awarded to India's only indigenously developed, deployed, and certified quantum-safe algorithm, India answers a question every nation must eventually face: whose cryptographic foundations secure your digital future?
What C-SAFE Recognition Means for Banking and Financial Services
India's banking sector faces simultaneous pressure from evolving RBI authentication mandates, rapid open banking API expansion, and long-term cryptographic vulnerability posed by quantum computing. C-SAFE recognition gives CISOs, CTOs, and boards independently validated, nationally authoritative evidence that their cryptographic foundation meets today's regulatory expectations and is certified resilient against the quantum threats.
For Indian Defence
Classified communications and sovereign data transfer cannot carry foreign cryptographic dependencies not in procurement, operations, or audit. The company has previously received the SIDM Defence Champion Award 2023 and the BRIG SB Ghorpade Award for MSMEs in Defence Production 2026.
Speaking about the recognignition, Nilesh Dhande, Co-Founder and CEO, Fortytwo Labs said, "Cryptographic sovereignty is not a preference. It is a strategic imperative and for India, it is long overdue. India's critical infrastructure cannot be secured on algorithms we did not build, standards we did not set, and trust frameworks that answer to foreign authorities. An Atmanirbhar India cannot outsource its cryptographic foundation. That conviction drove us to build the quantum-safe algorithm from first principles Indian ingenuity, Indian cryptographers, Indian authority. Today, DSCI's C-SAFE programme recognised it and made that conviction official. Cryptographic sovereignty India doesn't need to adopt a standard. We built one."
Vinayak Godse, CEO, Data Security Council of India (DSCI) said, "With the rapid evolution of quantum technologies, it is important to establish credible alternative mechanisms for evaluating emerging cryptographic algorithms, being built in India. C-SAFE was created to provide a structured, expert and researcher led assessment framework at the national level that helps independently validate the mathematical design, security considerations of such innovations.
The Data Security Council of India (DSCI) is India's premier industry body for data protection and cybersecurity, established by NASSCOM.
According to company information, Fortytwo Labs is a Pune based deep-tech cybersecurity company building quantum-safe digital trust infrastructure and India's first and only C-SAFE recognised organisation. Its π-Control platform delivers Identity Fabric, Mutual Authentication, Key Exchange, Encryption, and Access Control across web applications, mobile apps, APIs, and digital services on a single quantum-safe cryptographic foundation.
