QNu Labs


Guide: QOSMOS – Entropy as a Service

Guide: QOSMOS - Entropy as a Service and How it Works

The guide details the concept of EaaS, its methodology, and industry applications.


The Context

Every device, especially in the hyper-connected world of today, ought to communicate securely on the internet to minimise data exposure risks. Cryptography plays a critical role in ensuring the data remains secure when idle or in transit.However, cryptography fails when devices work with weak random numbers generated from low-entropy sources and use predictable keys.

The best source of true randomness is from unpredictable physical phenomena of quantum effects. Leveraging it in individual devices is impractical because of their various limitations - form factor, hardware age, power consumption, and interface availability. To enable organisations to overcome these hurdles, QNu Labs created “QOSMOS”, a quantum-secure EaaS (Entropy as a Service), that helps organisations, developers, and security teams to get access to quantum-sourced random numbers for use with any application for cryptographic key generation.

What is Entropy as a Service?

In computing, entropy is the randomness collected by a system used in any application that requires random data. It forms the basis of cryptography in cybersecurity.

The security of a system depends on the secrecy of the keys, which should be impossible to crack. This is why randomness is important. The randomness comes from either pre-existing hardware resources or specially provided randomness generators. Entropy is a constant stream of very high-quality random numbers, which can be fused with the entropy already collected by your computer.

EaaS is a security service architecture that provides secure time and quantum entropy sources for multiple devices including IoT.

The standard deterministic computers cannot deliver appropriate randomness, especially for devices with little opportunity to build entropy locally. The best sources of true randomness are based on unpredictable physical phenomena, such as quantum effects.

QOSMOS (Entropy as a Service) solves the entropy starvation problem of systems, whether in a cloud, embedded systems, or at the edge.

The Architecture of QOSMOS


The architecture comprises three main sections:

Characteristics of QOSMOS

  • Lack of pattern: QOSMOS provides truly random numbers with a steady supply of information that cannot be predicted or exploited by hackers.
  • Proactive quantum entropy: Quantum sources power the entropy generated by QOSMOS. Clients can rest be assured that the system cannot be attacked to degrade the entropy.
  • Ease of Integration: API runtime provides a seamless integration i.e., a new module or feature of an application or hardware can be added or integrated without resulting in any errors or complications.
  • Multiple deployments: The solution can be hosted in the client data centre or the cloud. By hosting QOSMOS in their data centre, clients can benefit from extra security.
  • High Scalability:QOSMOS is designed from the ground up to be highly scalable. It is powered by multiple quantum sources to ensure redundancy. Even if one of the quantum sources fails, clients are still assured of high quantum entropy from other connected devices.
  • Minimum Latency: Dynamic load balancer ensures that the least occupied device will cater to requests. This ensures the system will not suffer latencies when receiving random numbers from QOSMOS.
  • Proof of Randomness: The random data is subjected to a battery of tests specified by standards like NIST/ENT and only after successful verification, the buffers are served. The client also has the option to download the reports offline and verify.

Applications of QOSMOS

The use cases for QOSMOS are wide and diverse. Some of the immediate applications are:

QOSMOS (EaaS) provides the highest quality randomness and a secure method of providing the seeds for entropy-starved systems or applications.


Guide: Post-Quantum Cryptography (PQC) and How it Works

Guide: Post-Quantum Cryptography (PQC) and How it Works

The guide details the concept of PQC, its methodology, and industry applications.


The Context

Technology based on quantum computers has the potential to revolutionise a wide range of fields of IT and industry—in the positive and negative sense. A significant increase in computing power delivers more capacity for analysing and processing large data quantities, opening up new findings, application areas, and business models.

Introducing Post-Quantum Cryptography (PQC)

Data sent over public communication channels are secured using cryptography. It protects all kinds of electronic communications as well as passwords, digital signatures, and health records.

As the foundation of identification, authentication, confidentiality, digital signatures, and verification, cryptography is a critical enabler of enterprise security.


There are two main types of encryption. Symmetric encryption requires a sender and a receiver to have identical digital keys to encrypt and decrypt data; asymmetric, or public-key, encryption uses a publicly available key to let people encrypt messages for a recipient who is the sole holder of the private key needed to unscramble them. Sometimes these two approaches are used together. For instance, web browsers use public-key cryptography to check websites’ validity and then establish a symmetric key to encrypt communications.

Quantum computers use the principles of quantum physics, such as superposition, to compute data much faster than conventional computers. Without ‘quantum-safe’ cryptography defences in place, applications ranging from autonomous vehicles to military hardware, online financial transactions, and communications could be targeted by hackers with access to quantum computers.

Any business or government planning to store data for decades needs to evaluate the risks of this technology because the encryption could be compromised later. Robust defences on historical data take many years, so it would be better to apply these now. A big push to develop post-quantum cryptography is warranted.

PQC methods are encryption systems (cryptosystems) that can be used on conventional computers, such as PCs and mobile devices, and can withstand attacks by quantum computers.

Even though quantum systems are not expected to be available to everyone for ten to 15 years, IT managers and managing directors have to put the issue of “post-quantum cryptography” on their agenda now. One reason is that it takes time to put existing encryption methods on a new foundation.


A further point is that data encrypted with older methods is prone to quantum attacks. As a result, attackers can gain access to such data. Therefore, companies and public institutions must ensure that all confidential data at risk is protected against such attacks by PQC methods. That involves a lot of time and effort—from capturing and categorising such information resources to encrypting it again using PQC solutions. A cryptography solution has to be adaptive to new requirements, such as post-quantum encryption solutions. That’s only possible at acceptable cost and effort if a cryptography environment is agile, i.e., it supports crypto agility.


Crypto agility Explained

Crypto agility means that applications, end-user devices, and Hardware Security Modules in the field of encryption should use flexible, “agile” protocols and update methods that enable a switchover to post-quantum cryptographic primitives, for example. That has to be quick and easy to reduce the attack surface and limit the time and effort involved for users.

Crypto agility offers another advantage: It bridges the gap between encryption techniques that are not yet “quantum-safe” and those that already meet the new requirements. That goes for chips, secrets, and software code. Initial hybrid approaches that use PQC and common cryptography methods to date are being developed. Google has chosen this approach for its PQC algorithm New Hope.


Expectations from PQC

The new cryptography method has to integrate with existing protocols. A new cryptosystem must weigh:

The proposed cryptosystems also require careful cryptanalysis to determine the weaknesses that an adversary could exploit.

The National Institute of Standards and Technology (NIST), an American agency, prepared a cybersecurity framework laying out the ground rules for PQC.

The algorithms are designed for two main tasks for which encryption is typically used: general encryption, used to protect information exchanged across a public network; and digital signatures, used for identity authentication.

For general encryption, used to access secure websites, NIST selected the CRYSTALS-Kyber algorithm. The advantages are comparatively small encryption keys that two parties can exchange easily, as well as the speed of operation.

For digital signatures, often used to verify identities during a digital transaction or to sign a document remotely, NIST selected three algorithms.

Three of the selected algorithms are based on a family of maths problems called structured lattices, and one uses a hash function.


QNu’s HODOS-PQC is a quantum-resilient public key cryptography-based software that is a hard problem for large-scale quantum computers to solve.

HODOS is developed with NIST PQC studies as a reference. It is the next generation of protocols that will help replace today’s RSA-based systems with an improved quantum-resistant transport layer.

It is based on NIST-selected mathematical functions, which are far harder to backtrack as compared to the prime factorization and elliptic curve functions on which the current PKI is based.

Upon measurement, it collapses to one of these states, which is intrinsically random and there is no way to predict which state the photon will collapse to. This gives the inherent randomness from the photons, which any external parameters cannot influence.


Tropos (QRNG) addresses this issue without changing how tokens are currently used.

The Time is Now

Data is the most valuable asset for any organisation. Sensitive data has a shelf life exceeding 10 years, while critical data can be stored for over 25 years.

This shows that today’s encryption still poses a risk in the coming years. Moving to HODOS-PQC will help secure your data and reduce the risk of data theft for today and tomorrow.


Guide: Quantum Random Number Generator (QRNG) and How it Works?

Guide: Quantum Random Number Generator (QRNG) and How it Works?

The guide details the concept of QRNG, its methodology, and industry applications.


The Context

Random numbers play a key role in science, technology, and everyday life. Different methods of generating random numbers exist today. So when high-quality random numbers are needed, choosing the right random number generator becomes imperative.

The two steps associated with randomness are: Randomness generation (entropy of source) and Randomness expansion (software-assisted)

What are random numbers?

Random numbers are a sequence of numbers or symbols that cannot be predicted other than by a random chance computed by any algorithm.

Characteristics of true randomness are:

How are random numbers generated?

Two approaches can generate random numbers:

Pseudo-Random Number Generator

PRNGs use mathematical algorithms to approximate the behaviour of randomness. These algorithms produce long sequences of data that appear to be random but are completely determined by an initial state or seed. Hence, if the initial state or seed value is known, the entire sequence can be reproduced.

While computer-generated random numbers can be used for some applications, they can suffer from various problems, such as determinism due to the initial seed, periodicity, correlations, lack of uniformity, etc.

True Random Number Generator

TRNGs extract randomness from physical processes that behave in a non-deterministic way which makes them better candidates for true random number generation.

These processes can be described by classical physics. They measure some unpredictable or, at least, difficult-to-predict physical processes (chaotic systems) and use the results to create a sequence of random numbers.

Disadvantages of PRNG and TRNG

There is no true randomness with PRNG and TRNG. Any classical system admits in principle a deterministic description and thus appears random to us as a consequence of a lack of knowledge about its fundamental description.

A TRNG is an RNG that digitises the analog physical noise source to retrieve random numbers that are uniform and independent. There is a fundamental proof of complexity theory which states that it cannot be proved that a particular sequence of numbers is genuinely unpredictable.

The chaotic source of classical randomness is susceptible to initial conditions and hence makes it deterministic.

A classical TRNG can never guarantee that an adversary will not be able to obtain information and hack the system either by passive monitoring, malicious modification, or signal injection.

Introducing Quantum Randomness

Quantum physics provides randomness with inherent unpredictability based on the fundamental laws of nature. We cannot predict the outcome of certain quantum experiments, even in principle.

There are two fundamental sources of practical quantum mechanical randomness:

Quantum mechanics states that certain physical phenomena are fundamentally random and cannot be predicted. And, because the world exists at a temperature above absolute zero, every system has some random variation in its state; for instance, molecules of gases in the air are constantly randomly bouncing off each other. This randomness is a quantum phenomenon as well.

The quantum phenomena used for random number generation include:

Quantum physics is the only theory that is intrinsically random and guarantees that given identical initial conditions it will, in principle, generate random output. In other words, the quantum system will never reproduce the same output with the same given conditions.

Quantum Random Number Generator: Explained

Quantum random number generators (QRNG) are a particular case of physical TRNGs in which the data is the result of a quantum event. As opposed to other physical systems where uncertainty is a result of incomplete knowledge of the system, true randomness is an essential part of quantum mechanics. They offer a solution based on a trusted randomness source and many from the different implementations achieve fast generation rates, normally above the megabit per second.

QRNGs use very well-defined inherently random processes as the source of their bits. Also, they implement a very simple process as a source of randomness, as a result, they are easy to model and their functioning can be monitored to check its operating abilities.

Advantages of using QRNG:



Tropos is a quantum random number generator that extracts the randomness from an optical quantum process. It is based on the principle of time of arrival of photons. The implied scheme consists of continuously measuring the arrival time of photons and encoding the time interval between successive photon arrivals as random bits.


How does TROPOS (QRNG) Work?

A laser produces a stream of elementary particles (photons). The photons generated from the laser are used to generate the random numbers.

These photons, unlike classical objects, are unpredictable under certain situations. When they are incident on a semi-transparent mirror, the photon has a 50/50 chance of being reflected or transmitted. The photon is then in a superposition of both the states (reflected and transmitted), i.e. the photon exists in both states simultaneously.

Upon measurement, it collapses to one of these states, which is intrinsically random and there is no way to predict which state the photon will collapse to. This gives the inherent randomness from the photons, which any external parameters cannot influence.

Key Characteristics of Tropos:

Industry Applications

Wireless Quantum Safe VPN

Wireless networks are expanding rapidly, posing security challenges, especially in national security contexts. While VPNs enhance security, they often lack sufficient randomness.

Tropos introduces randomness to bolster encryption security and employs post-quantum cryptography for post-quantum security.

Identity Management

QRNG technology applied to ID card systems generates random numbers with each use, allowing precise personnel tracking, particularly in defence facilities, to reduce unnecessary movement.

Quantum Secure Data Storage

Data needs to be stored without any lapses for vulnerabilities and latency. QNu aims to improve security by having a quantum layer that integrates with the present infrastructure and provides much-needed security. Tropos QRNG solves the problem of randomness.

Authentication and IAM

Digital certificates are vital for authentication and identity management. Tropos bolsters security for better randomness without infrastructure changes.


QRNGs can be applied to the random routing of military weapons, equipment, and supplies thereby preventing enemies from pinning the locations of the used routes. This randomisation of routing can be used in land, air, and water transportation routes between nodal points, as well as randomisation of routes between the nodes.

Wireless Network for Security Monitoring

The secure wireless network enables the integration of IoT sensors, wireless cameras, and IR sensors to capture and transmit data to a central monitoring location. It also offers mobility to sensor-equipped vehicles within the directional antenna's range.


OTPs are crucial for applications like payments and banking. Existing random number generators often lack the needed randomness, making them weak for OTP generation.

Tropos ensures true randomness and high throughput, supporting up to a million OTPs per second.


Tokenization is crucial for securing and masking customer PAN (Personal Account Number) data, especially in the banking sector. With the rise in digital adoption, the demand for tokens has increased, leading to repetition and correlation in token generation.

Tropos (QRNG) addresses this issue without changing how tokens are currently used.

Exams and Certifications

Tropos creates unique academic values like Certificate IDs to prevent fraud through randomness and assigns each student a unique Project ID to avoid duplication. It can also be applied in university labs to allocate test samples randomly, enhancing learners' opportunities to experiment with unique samples and fostering independent thinking.


Today, a digitally connected world requires higher levels of security to maintain the confidentiality of personal and institutional data. This is achieved by relying on cryptography, for which, one of the critical elements is the unpredictability of the encryption keys generated and used for securing data. Additionally, authentication applications like identity & access management also require a strong cryptographic foundation based on unique tokens to verify the user or application access to the secured data.

Tropos ensures the creation of truly random encryption keys and unique digital tokens for highly secure crypto operations for maintaining data security and confidentiality.

Data Centre

Data centres act as the processing, storage, and recovery points of critical data for any organisation. Therefore, they are also prone to the wholesale theft of an organisation's digital assets. QNu's solutions are built to ensure a high level of data security for data in transit and at rest in data centres.


The strength of sampling is in selecting random inputs. This can be applied in statistical analysis to select random samples to optimise the study of the hypothesis with a high degree of sample randomness. This approach is also applicable in randomising test variables in R&D as it shortens the time frame in selecting inputs. QRNG can generate the inputs randomly and run tests at a higher speed. Though this is mainly used for black-box testing where the output is known, researchers, too, can apply it to know the responsible inputs.


V2X (vehicle-to-everything) refers to a smart, holistic ecosystem where all vehicles and their surrounding infrastructure is interconnected.

QNu's quantum-safe security solutions are specifically designed to protect data in motion across V2X ecosystems from existing and emerging threats, as well as those posed by quantum computing.


Telecommunication networks underpin the communication, collaboration, and media channels that service millions of organisations and billions of individuals every day. QNuʼs range of quantum-safe security solutions is designed to secure data in motion across telecommunication networks against existing and emerging threats. QNu’s solutions enable carriers to guarantee security while offering an additional revenue stream–security as a service.

Gaming and Lotteries

Online gaming and lotteries must provide outstanding randomness quality to secure customer transactions. In games of chance, a player should not increase their probability of winning by discovering a bias towards certain outcomes in the game.

Tropos (QRNG) has become the reference hardware random number generator for industries that require high security and regulatory compliance.


Guide: Quantum Key Distribution (QKD) and How it Works

Guide: Quantum Key Distribution (QKD) and How it Works

The guide explains the concept of QKD in detail along with its workings and applications.

Quantum computing and supermacy may still be a race, but quantum cryptography is a reality and is here to stay


The research on quantum mechanics was path-breaking a century ago. The applications of quantum mechanics are disruptive technologies of this century. One of the most anticipated and probably the most talked about applications is quantum computing. Quantum computing uses fundamental principles of quantum mechanics to perform complex processing.

The potential benefits of quantum computing, from advances in cancer research, and gene studies to unlocking the mysteries of the universe, are limitless. But that same computing power can be used to unlock secrets - from one’s finances, and health records, to corporate research projects and classified government intelligence.

We live in a highly digitised global society and data is the backbone of the digital economy. Data has virtually become the new oil. The value of confidential data is tempting enough for malicious hackers to harvest this data today. Even if they decrypt the data at some point in the future, the benefits reaped will surpass the efforts of harvesting.

The need for safeguarding data seeks immediate attention and governments, corporations, healthcare providers, and financial institutions are actively looking for solutions.

Even with heavy investments in cybersecurity, avoiding breaches has become difficult. The number of breaches is increasing every passing year and the economic impact of these breaches has exploded.

The Looming Threat

The greatest impact of the quantum revolution will be felt in cryptography. A sufficiently large quantum computer running the existing Shor’s algorithm can crack RSA or Diffie Hellman system of encoding in minutes as opposed to millions of years by brute force method today.

Symmetric key systems such as AES, 3DES, etc. which are used for end-to-end bulk encryptors are more resilient, however, even these can be cracked in relatively quicker time frames by running Grover’s algorithm on a quantum computer. Even these systems use Diffie Hellman for key exchange which will become completely insecure.


The threat of a quantum attack on our existing communication channels looms large. Quantum cryptography is the only possible solution to this problem. Quantum cryptography is a process of encryption using properties of quantum mechanics to transmit data securely, making it hack-proof.

Why is Quantum Cryptography Important?

Experts agree it would take a 2,000-qubit fully fault-tolerant system to be theoretically capable of breaking some public-key cryptography algorithms, such as the 1,024-bit RSA or 256-bit ECC.

That might be a step down into the future. But, the impact of quantum computing is not restricted to public encryption alone. A company’s encryption system is layered. Various layers above the public infrastructure will play a role in overall data security. It can be best explained with a pyramid structure.

quantum pyramid structure

Conventional encryption methods will not contribute to building quantum-safe cryptography. Quantum physics equips us not only with the required principles to battle with future quantum computers but also equips us to make the whole crypto-system unbreakable.

Quantum physics by its very nature is very different from classical physics. Using these new laws, the keys in cryptography attain perfection with unconditional security.

What is QKD?

QKD works on the quantum principle of entanglement. The two quantum particles are correlated such that the state of one particle affects the state of the other particle, even when they are separated by a large distance. In QKD, the two parties, Alice and Bob, use a pair of entangled particles to establish a secure communication channel.

Photos are the quantum particles used in the shared key. Any attempt to intercept or measure the photons during the transmission would disturb their state, and the disturbance would be detected by Alice and Bob, alerting them to the presence of an eavesdropper.


In the whole communication, the key is never transacted which makes the probability of the eavesdropper accessing the key equal Zero. The symmetric key always remains as a shared secret between the QKD at both ends.

The key is securely transferred to the appliances/applications that need the key for secure communication. QKD does not provide encryption or key management. The key is generated in real time and this mechanism does not use a stored key. The key can be used directly for encryption or as an input to seed which will generate a key.

How Does QKD Work?

The QKD mechanism allows organisations to generate and manage their quantum keys. In their base model, this allows an organisation to implement an architecture to communicate and transmit secure keys over traditional channels. It enables organisations to secure the keys in use while still leveraging the standard communication channels. In this way even if the standard channel is compromised the keys are still secure.

The concept of QKD is similar to that of symmetric key cryptography except for the fact that the key is shared over a quantum channel and the data is shared over a public channel. One of the challenges for QKD is the distance over which the photons can travel, which is typically around 100 KMS.

Several organisations globally have circumvented this restriction and shared keys for up to 500 KMS using newer protocols such as Sending-or not-Sending Twin Field (SNS-TF).

Applications of QKD

QKD provides a secure communication channel that is immune to cyber-attacks. Some of the industries in which QKD applies are:

How can QNu Labs Help?

Armos is a state-of-the-art QKD device engineered using the principles of quantum mechanics by the experienced team at QNu Labs. It is a highly sophisticated engineering innovation that involves the power of complex deep-tech technologies (such as semiconductors, optoelectronics, high-precision electronics, complex software algorithms, and quantum physics) that work together to create unconditional security.

Armos uses a series of randomly generated photons in a quantum state to exchange quantum information. They produce the same key at both ends of the cable. An attempt to read the quantum state of a photon causes the keys to collapse. Subsequent key generation stops and the admin is notified of a possible attack on the channel. The simultaneous generation of keys at both ends makes eavesdropping a futile exercise. Armos fully encapsulates quantum principles and provides a robust technology you can trust.

QNu has the Quantum Umbrella ready!