Qosmos (Entropy as a Service) solves the entropy starvation problem of systems, whether in a cloud, embedded systems or at the edge. Qosmos provides the highest quality randomness and a secure method of providing the seeds for entropy starved systems or applications.
API runtime environment provides a seamless integration
Host the entire solution in your data center or client location
Dramatically increases true entropy using quantum-based encryption keys
QNu Tropos is quantum entropy device which is the root of randomness. The random numbers are generated from a quantum source and then transferred to applications as a service through Qosmos architecture. Tropos generates continuous stream of random bits which is fed to EaaS Server.
EaaS (Entropy as a Service) server acts as a bridge between Tropos and client application. EaaS server accesses the random number stream Tropos which is signed, encrypted, and sent along with timestamp to the client application. EaaS server architecture is scalable and can include many of the servers across the world. NIST recommends access from multiple EaaS servers to increase the security of the seed.
HRT (Hardware Root of Trust) is a classical computing device with secure hardware component for storing, seeding and generation of cryptographic keys. HRT would normally be TPM, Intel IPT, ARM TrustZone, HSM or any encryption key generation device. It can also be combined with a client software application which enables communication between EaaS server and client hardware. It is not required for the client system to have dedicated hardware, but the hardware availability will make the process more secure.
Zeblok Computational and QNu Labs have partnered to provide MSSPs with Qosmos, a robust solution for providing high-quality entropy, which complies with NIST recommendations. Qosmos uses the encryption key seed generated by QNu Tropos. The QNu Tropos is a quantum random number generator, based on quantum mechanics, rather than an algorithmic/mathematical random number generator. The solution uses Zeblok’s cloud native AI Platform-as-a-Service foundational utilities to provide the API runtime to easily integrate the solution with the external world.
Ease of Integration - API runtime environment provides a seamless integration
Multiple Deployment Options- Host the entire solution in your data center or subscribe to QNu/Zeblok’s Entropy-as-a-Service.
Proactively Quantum Entropy- Dramatically increases true entropy using quantum-based encryption keys
Traditional sources of entropy no longer viable for today’s cryptographic need.
Do your applications have sufficient entropy?
Entropy is a measure of the randomness or unpredictability of information that’s collected by an operating system or application to use in generating cryptographic keys that require random data.
Encryption keys, especially the RSA keys are at risk of compromise when using deterministic number generation. Many weak keys can efficiently be discovered and subsequently compromised by finding reused prime factors in a large data set. When a high level of entropy is used for encryption, user data can be securely protected against attacks both in transit over the network and at rest on storage devices.
Assures high throughput required for digital devices such as IoT, embedded systems, cloud, 5G and other applicationsLack of Patterns Being a step ahead in cybersecurity threats is the need of the hour. Qosmos provides steady supply of new information, free of patterns that hackers cannot predict and exploit.
Being a step ahead in cybersecurity threats is the need of the hour. Qosmos provides steady supply of new information, free of patterns that hackers cannot predict and exploit
The applications are transparent to random numbers required for security purposes. Any application that uses TLS will automatically get the random numbers via Qosmos, through the TLS library. This way, no application needs to be changed to use random numbers.
The SSL handshake used in the https connection of a website will use digital certificated based on PKI. Now as the whole infrastructure is moving to TLS 1.3 for more security, the master secret key generated from client and server random should be obtained from Qosmos for higher security. This essentially replaces the PRF (Pseudo Random Function) which generates deterministic randomness.
Apart from using a https -encrypted tunnel, emails are encrypted using a public and private key pair generated from randomness of system (key strokes, mouse movements etc.,). Instead we can use a TLS encryption based on Qosmos supported by Google, Microsoft, and Virtu etc., and making data exchange more secure.
With video conferencing becoming a medium to share secret information, the security need also has increased. Introduction of random seed from Qosmos to generate initial authentication keys and then using Qosmos OTP for continuous authentication will continuously provide security.
The PKI keys like RSA are created in firewall to allow only the right user into the network. The firewalls do not typically have enough entropy to create unpredictable keys making them vulnerable to attacks. Integrating Qosmos to generate the keys will increase security of firewalls by many folds.
Data at rest and motion are important for data backup & recovery. Qosmos will be used for continuous authentication for each data transfer to maintain the security in motion. Clients have already adopted HSM or KMS for data at rest whose security will increase when they use Qosmos random numbers as seed to generate the keys.
RMM software continuously collects and monitors data logs from Servers and desktops that is critical. Qosmos will help in generating OTP keys for present PKI keys used for encryption and continuous authentication for security between different data collection points.
Digital signatures are a crucial part of PKI infrastructure and with increase in demand due to digital adoption, the randomness generated now becomes deterministic. Integrating Qosmos to present certificate generation systems will increase the security and start the organization journey towards quantum-safe security.
Turnkey cloud-native AI PaaS provides instant usability and seamless scalability, with flexibility to enable additional services
Qosmos uses NIST architecture to establish a standard way of accepting keys
Flexibility to deploy composable foundational components of Zeblok AI PaaS within the MSSP’s data center or within third party cloud service providers like AWS, GCP, Azure or IBM.
The laws of quantum physics assures 100% randomness and cannot be predicted
Qosmos can be easily integrated into client architecture without any disruption and working as an additional layer providing the required security