A stateless hierarchical key derivation and token exchange protocol for high-security point-of-sale and transactional systems, built on NIST-standardised post-quantum primitives (SHA-3/SHAKE/KMAC).

• Overview
• Protocol Design
• Key Derivation Chain
• Test Suite
• Project Structure
• Building
  • Prerequisites
  • Windows (MSVC)
  • macOS / Ubuntu (Eclipse)
  • Compiler Flag Reference
• Documentation
• License

HKDS is a Hierarchical Key Derivation System that provides secure key management and token exchange between constrained client devices (e.g., POS terminals) and a centralised transaction processing server. The protocol is designed for environments where devices operate with limited connectivity, where each transaction must use a unique key, and where compromise of any single device must not expose the wider device fleet.

HKDS is built exclusively on primitives standardised by NIST:

The SHAKE variant is selected at compile time, scaling security levels across the entire key hierarchy from root material through to transaction keys.

HKDS uses a stateless server architecture inspired by DUKPT. The server re-derives any transaction key on demand from the received Key Serial Number (KSN) and the master key set — no per-device state is stored server-side. This makes the protocol suitable for load-balanced and redundant server deployments.

Every transaction key is uniquely determined by the combination of:

• Device identity (DID embedded in EDK and the epoch customisation string)
• Epoch index (counter / CACHE_SIZE) — changes the epoch token tok, producing a completely independent key cache
• Cache slot (counter % CACHE_SIZE) — selects a non-overlapping slice of the epoch keystream

The 32-bit KSN counter is the nonce of the system and is the sole authoritative source of per-message uniqueness. The server always reads the current counter directly from the KSN supplied with each received packet.

The server delivers each epoch token encrypted and authenticated:

CTOK  = BE32(counter / CACHE_SIZE) ‖ algorithm_name ‖ DID
tok   = SHAKE(CTOK ‖ STK)
ks    = SHAKE(CTOK ‖ EDK)
etok  = ks XOR tok
mac   = KMAC(key=EDK, msg=etok, custom=KSN‖mac_name)
send  = etok ‖ mac

The client verifies the KMAC tag using its EDK before decrypting the token. A token exchange is required once per epoch (every CACHE_SIZE messages).

BDK ──────────────────────────────────────────────────────► (server only)
 │
 └─ SHAKE(DID ‖ BDK) ──────────────────────────────────► EDK  (on device)
                                                            │
STK ──────────────────────────────────────────────────────►│
 │                                                          │
 └─ SHAKE(CTOK ‖ STK) ────────────────────────────────► tok  (delivered encrypted)
                                                            │
                                        SHAKE(tok ‖ EDK) ──┘
                                                │
                          ┌─────────────────────┴──────────────────────┐
                         TK[0]   TK[1]   TK[2]  ...  TK[CACHE_SIZE-1]
                       (each slot used once and erased)

Security properties of the chain:

• Compromise of EDK alone is insufficient to compute any TK (STK is also required, held only server-side).
• Compromise of tok exposes only the current epoch's key cache; other epochs are unaffected.
• Past cache slots cannot be recovered — each slot is securely erased immediately after use.

The HKDSTest project provides comprehensive validation across seven test categories:

HKDS/
├── hkds_client.h / .c      Client-side key management, encryption, and token handling
├── hkds_server.h / .c      Server-side key derivation, token generation, and decryption
├── hkds_config.h           Protocol parameters, key sizes, and compile-time mode selection
├── hkds_queue.h / .c       Message queuing for asynchronous batch operations
├── hkds_benchmark.h / .c   Performance benchmarking for primitives and protocol operations
├── hkds_test.h / .c        Functional correctness and performance test suite
└── keccak.h / .c           SHAKE / KMAC / SHA-3 primitive implementations

1. Extract the repository so that the HKDS library folder and the HKDSTest folder are siblings at the same directory level.
2. Open the HKDSTest Visual Studio solution.
3. Verify that HKDSTest → Project Properties → C/C++ → General → Additional Include Directories points to the HKDS library folder ($(SolutionDir)HKDS by default).
4. Verify that HKDSTest → References includes the HKDS library project.
5. Set both the HKDS library and HKDSTest to the same AVX instruction set in:
   Configuration Properties → C/C++ → All Options → Enable Enhanced Instruction Set
   Do this for both Debug and Release configurations.
6. Right-click the HKDS library and select Build.
7. Right-click HKDSTest, select Set as Startup Project, then run.

HKDS supports AVX, AVX2, and AVX-512. Both projects must use the same instruction set family.

1. Locate the Eclipse/Ubuntu or Eclipse/MacOS subfolder in the repository.
2. Copy the .project, .cproject, and .settings files from that subfolder directly into the folder containing the corresponding source files (do this for both the HKDS library and HKDSTest).
3. In Eclipse, create a new C/C++ → Empty Project with the same name as each source folder (e.g., HKDS, HKDSTest). Eclipse will detect and load the copied project settings automatically.
4. Repeat for the HKDSTest project, selecting the correct OS-specific files.

Default project files target AVX2 with AES-NI and RDRAND enabled. Select the Ubuntu or macOS files as appropriate — compiler settings differ between GCC and Clang.

-msse2 -mavx -maes -mpclmul -mrdrnd -mbmi2

-msse2 -mavx -mavx2 -maes -mpclmul -mrdrnd -mbmi2

-msse2 -mavx -mavx2 -mavx512f -mavx512bw -mvaes -mpclmul -mrdrnd -mbmi2 -maes

QRCS is currently seeking a corporate investor for this technology.
Parties interested in licensing or investment should contact us at contact@qrcscorp.ca
For a full inventory of our products and services, visit qrcscorp.ca.

One or more patent applications (provisional and/or non-provisional) covering aspects of this software have been filed with the United States Patent and Trademark Office (USPTO). Unauthorized use may result in patent infringement liability.

This repository contains cryptographic reference implementations, test code, and supporting materials published by Quantum Resistant Cryptographic Solutions Corporation (QRCS) for the purposes of public review, cryptographic analysis, interoperability testing, and evaluation.

All source code and materials in this repository are provided under the Quantum Resistant Cryptographic Solutions Public Research and Evaluation License (QRCS-PREL), 2025–2026, unless explicitly stated otherwise.

Permitted use:

• Public access, non-commercial research, evaluation, and testing

Not permitted without a separate written commercial agreement:

• Production deployment or operational use
• Incorporation into any commercial product or service
• Certified or supported builds

The public availability of this repository is intentional and is provided to support cryptographic transparency, independent security assessment, and compliance with applicable cryptographic publication and export regulations.

For commercial licensing, supported implementations, or integration inquiries, contact: licensing@qrcscorp.ca

Quantum Resistant Cryptographic Solutions Corporation — All rights reserved, 2026.