{"slug": "show-hn-aegis-post-quantum-cyberdefense-proxy-471-attacks-0-breaches", "title": "Show HN: Aegis – post-quantum cyberdefense proxy (471 attacks, 0 breaches)", "summary": "A new open-source cyber-defense system called Aegis has been deployed in production, using NIST-standardized post-quantum cryptography to protect network services against both current and quantum-era threats. The autonomous, nine-layer proxy has blocked 471 attacks with zero security breaches, implementing algorithms such as ML-KEM-1024 and ML-DSA-87 to defend against the cryptographic vulnerabilities that quantum computers will exploit. The system, which operates without human intervention, is designed to address the estimated 2030-2033 \"Q-Day\" when quantum computers are expected to break current encryption standards.", "body_md": "**AEGIS** is an autonomous, nine-layer post-quantum cyber-defense system deployed in production. It protects network services against modern and quantum-era threats using NIST-standardized post-quantum cryptography, without human intervention.\n\n\"We do not wait for Q-Day. We defend against it today.\"\n\nThe cryptographic infrastructure of the internet (RSA, ECC, Diffie-Hellman) is mathematically broken by quantum computers running Shor's algorithm. The Q-Day, estimated 2030-2033, is not a theory: it is an active geopolitical race between the US, China, and the EU.\n\nAEGIS implements the NIST post-quantum standards (FIPS 203, 204, 205) in a fully autonomous defense stack that adapts, detects, isolates, and learns without requiring a security team.\n\n```\nIncoming traffic\n       |\n  [C0]   Crypto Foundation   -- ML-KEM-1024, ML-DSA-87, SPHINCS+\n  [C0.5] Shield              -- Decoy ports, disuasion layer\n  [C1]   Digital Twin        -- Immutable forensic chain, signed jump log\n  [C2]   Minefield           -- Honeypots, canary tokens\n  [C3]   Detector            -- Anomaly detection (fire-and-forget)\n         | threat detected\n  [C4]   Lockdown            -- Atomic isolation, session sealing\n  [C5]   AMTD                -- Adaptive Moving Target Defense\n  [C6]   Bubble              -- Attacker containment, interaction recording\n  [C7]   Forensic            -- Automated post-incident analysis\n  [C8]   Learning            -- Collective intelligence, pattern update\n       |\n  Protected service (proxy :8080 -> :8000)\n```\n\nThreat flow: Detection (C3) -> Atomic lockdown (C4) -> Twin jump (C1) -> Forensic (C7) -> Learning (C8)\n\n| Algorithm | Standard | Role |\n|---|---|---|\n| ML-KEM-1024 | NIST FIPS 203 | Key encapsulation (Kyber) |\n| ML-DSA-87 | NIST FIPS 204 | Digital signatures |\n| SPHINCS+ | NIST FIPS 205 | Hash-based signatures |\n\n**100% defensive**-- no active reconnaissance, no counterattacks** Single process**-- pure Python asyncio, no threading, no microservices** Stateless restart**-- clean systemd restart with no undesired persistent state** Minimal surface**-- status API bound to 127.0.0.1 only, never 0.0.0.0** Immutable forensics**-- digital twin jumps are signed and immutable after registration\n\n| Metric | Result |\n|---|---|\n| Unit tests | 611 passing (100%) |\n| Red team scenarios | 946 / 1,000 (94.6%) |\n| Security breaches | 0 |\n| Known limit (E1) | Latency >50% at >250 RPS sustained |\n\nThe 54 E1 failures are latency degradation under extreme load, not security failures. Detection remains functional at any load. This is a documented architectural limit of a single Python async process on a general-purpose VPS.\n\n- Production:\n[https://aegis-pq.com](https://aegis-pq.com) - Dashboard:\n[https://aegis-pq.com/dashboard](https://aegis-pq.com/dashboard)(auto-refresh 5s) - Quantum demo:\n[https://aegis-pq.com/quantum-demo](https://aegis-pq.com/quantum-demo)(Shor N=15, Qiskit Aer, ~155ms)\n\n```\npython3.12+\npip install -r requirements.txt\n# Protect a local service on port 8000\npython main.py --daemon --mace --mace-port 8080 --mace-target http://localhost:8000\n\n# With Telegram alerts\nAEGIS_TG_TOKEN=your_bot_token AEGIS_TG_CHAT=your_chat_id \\\npython main.py --daemon --mace\n```\n\n| Variable | Description | Required |\n|---|---|---|\n| AEGIS_TG_TOKEN | Telegram bot token | No |\n| AEGIS_TG_CHAT | Telegram chat ID | No |\n| AEGIS_ENLIL_TOKEN | ENLIL orchestrator token | No |\n| AEGIS_INCIDENTS_DIR | Path to incident reports | No |\n\n```\n[Service]\nWorkingDirectory=/path/to/aegis\nEnvironment=\"AEGIS_TG_TOKEN=your_token\"\nEnvironment=\"AEGIS_TG_CHAT=your_chat_id\"\nExecStart=/usr/bin/python3 main.py --daemon --mace --mace-port 8080 --mace-target http://localhost:8000\nRestart=always\nRestartSec=5\npytest tests/test_suite.py -v\n```\n\n611 tests covering all nine layers, forensic chain integrity, cryptographic primitives, and lockdown mechanics.\n\nRegistered with the Spanish Intellectual Property Registry.\n\n- Expediente: 8NT20260502456 (admitted 27 April 2026)\n- Author: Miguel Angel Concha Estrada\n- Name: AEGIS -- Sistema Autonomo de Ciberdefensa Post-Cuantica\n\nGPL v3: free to use, study, modify, and distribute. Derivative works must remain open source under the same license.\n\n- Web:\n[https://aegis-pq.com](https://aegis-pq.com) - Email:\n[contacto@aegis-pq.com](mailto:contacto@aegis-pq.com)\n\nAEGIS is open to contributions. Priority areas:\n\n- New detection vectors for C3 (Detector layer)\n- Additional honeypot types for C2 (Minefield)\n- Adapters for different deployment environments\n- Performance improvements for the E1 known limit\n- Translations and documentation\n\nTwo architectural constraints are non-negotiable: fire-and-forget on C3 (never block the proxy path), and immutability on C1 (twin jumps are forensic evidence).", "url": "https://wpnews.pro/news/show-hn-aegis-post-quantum-cyberdefense-proxy-471-attacks-0-breaches", "canonical_source": "https://github.com/conchaestradamiguelangel-droid/aegis", "published_at": "2026-06-06 21:52:07+00:00", "updated_at": "2026-06-06 22:16:28.512620+00:00", "lang": "en", "topics": ["ai-safety", "ai-infrastructure", "ai-products"], "entities": ["AEGIS", "NIST", "US", "China", "EU", "ML-KEM-1024", "ML-DSA-87", "SPHINCS+"], "alternates": {"html": "https://wpnews.pro/news/show-hn-aegis-post-quantum-cyberdefense-proxy-471-attacks-0-breaches", "markdown": "https://wpnews.pro/news/show-hn-aegis-post-quantum-cyberdefense-proxy-471-attacks-0-breaches.md", "text": "https://wpnews.pro/news/show-hn-aegis-post-quantum-cyberdefense-proxy-471-attacks-0-breaches.txt", "jsonld": "https://wpnews.pro/news/show-hn-aegis-post-quantum-cyberdefense-proxy-471-attacks-0-breaches.jsonld"}}