QOSMOS - Entropy as a Service (EaaS)
Qosmos (EaaS) provides the highest quality randomness and a secure method of providing the seeds for entropy starved systems or applications.
What is Qosmos - Entropy as a Service (EaaS)?
Qosmos (Entropy as a Service) solves the entropy starvation problem of systems, whether in a cloud, embedded systems or at the edge. Qosmos provides the highest quality randomness and a secure method of providing the seeds for entropy starved systems or applications.
Ease of Integration
API runtime environment provides a seamless integration
Multiple Deployment Options
Host the entire solution in your data center or client location
Proactively Quantum Entropy
Dramatically increases true entropy using quantum-based encryption keys
Qosmos - Entropy as a Service Architecture
Qosmos solves the “Entropy Starvation” problem of the systems irrespective of their presence in cloud, embedded or an IOT devices. Qosmos provides the highest randomness, enables secure method of providing the keys ensuring unconditional security.
There are 3 main parts in the architecture
Tropos (QRNG)
QNu Tropos is quantum entropy device which is the root of randomness. The random numbers are generated from a quantum source and then transferred to applications as a service through Qosmos architecture. Tropos generates continuous stream of random bits which is fed to EaaS Server.
EaaS (Entropy as a Service) Server
EaaS server acts as a bridge between Tropos and client application. EaaS server accesses the random number stream Tropos which is signed, encrypted, and sent along with timestamp to the client application. NIST recommends accessing multiple EaaS servers to increase seed security, and the EaaS server architecture is scalable and can span servers worldwide.
Client HRT or Application
HRT (Hardware Root of Trust) is a classical computing device with secure hardware component for storing, seeding and generation of cryptographic keys. HRT would normally be TPM, Intel IPT, ARM TrustZone, HSM or any encryption key generation device. It can also be combined with a client software application which enables communication between EaaS server and client hardware. It is not required for the client system to have dedicated hardware, but the hardware availability will make the process more secure.
"At Urban Matrix, we have leveraged QNu's encryption APIs for our multiple communication channels. We are also collaborating with QNu Labs for the joint development of quantum secure communication for our UAVs targeting the Indian defence. We are pleased to be working with a pioneer in quantum encryption technology."
Rishabh Verma | Co-Founder and CEO
Applications of Qosmos - Entropy as a Service
Qosmos solves the “Entropy Starvation” problem of the systems irrespective of their presence in cloud, embedded or an IOT devices. Qosmos provides the highest randomness, enables secure method of providing the keys ensuring unconditional security.
The SSL handshake used in the https connection of a website will use digital certificated based on PKI. Now as the whole infrastructure is moving to TLS 1.3 for more security, the master secret key generated from client and server random should be obtained from Qosmos for higher security. This essentially replaces the PRF (Pseudo Random Function) which generates deterministic randomness.
Apart from using a https -encrypted tunnel, emails are encrypted using a public and private key pair generated from randomness of system (key strokes, mouse movements etc.,). Instead we can use a TLS encryption based on Qosmos supported by Google, Microsoft, and Virtu etc., and making data exchange more secure.
With video conferencing becoming a medium to share secret information, the security need also has increased. Introduction of random seed from Qosmos to generate initial authentication keys and then using Qosmos OTP for continuous authentication will continuously provide security.
The PKI keys like RSA are created in firewall to allow only the right user into the network. The firewalls do not typically have enough entropy to create unpredictable keys making them vulnerable to attacks. Integrating Qosmos to generate the keys will increase security of firewalls by many folds.
Data at rest and motion are important for data backup & recovery. Qosmos will be used for continuous authentication for each data transfer to maintain the security in motion. Clients have already adopted HSM or KMS for data at rest whose security will increase when they use Qosmos random numbers as seed to generate the keys.
RMM software continuously collects and monitors data logs from Servers and desktops that is critical. Qosmos will help in generating OTP keys for present PKI keys used for encryption and continuous authentication for security between different data collection points.
Digital signatures are a crucial part of PKI infrastructure and with increase in demand due to digital adoption, the randomness generated now becomes deterministic. Integrating Qosmos to present certificate generation systems will increase the security and start the organization journey towards quantum-safe security.