QNu Labs

cancel

Our products Armos (QKD) and Tropos (QRNG) are available to Governments and Defence through

Gem-logo
QOSMOS (Entropy as a Service)

“Random Keys“ as a service for Applications in Virtual Environments

What is Qosmos?

Qosmos solves the entropy starvation problem of systems, whether in a cloud, embedded systems or at the edge. Qosmos provides the highest quality randomness and a secure method of providing the seeds for entropy starved systems or applications. ​

Main advantages that Qosmos bring to the table

Ease of Integration

API runtime environment provides a seamless integration

Multiple Deployment Options

Host the entire solution in your data center or client location

Proactively Quantum Entropy

Dramatically increases true entropy using quantum-based encryption keys

Qosmos Architecture

Qosmos solves the “Entropy Starvation” problem of the systems irrespective of their presence in cloud, embedded or an IOT devices. Qosmos provides the highest randomness, enables secure method of providing the keys ensuring unconditional security.

There are 3 main parts in the architecture

QNu Tropos is quantum entropy device which is the root of randomness. The random numbers are generated from a quantum source and then transferred to applications as a service through Qosmos architecture. Tropos generates continuous stream of random bits which is fed to EaaS Server.

EaaS Server

EaaS (Entropy as a Service) server acts as a bridge between Tropos and client application. EaaS server accesses the random number stream Tropos which is signed, encrypted, and sent along with timestamp to the client application. EaaS server architecture is scalable and can include many of the servers across the world. NIST recommends access from multiple EaaS servers to increase the security of the seed.

Client HRT or Application

HRT (Hardware Root of Trust) is a classical computing device with secure hardware component for storing, seeding and generation of cryptographic keys. HRT would normally be TPM, Intel IPT, ARM TrustZone, HSM or any encryption key generation device. It can also be combined with a client software application which enables communication between EaaS server and client hardware. It is not required for the client system to have dedicated hardware, but the hardware availability will make the process more secure.

arch

Unconditional Quantum Security on World-class AI
Zeblok + QNu

Zeblok Computational and QNu Labs have partnered to provide MSSPs with Qosmos, a robust solution for providing high-quality entropy, which complies with NIST recommendations. Qosmos uses the encryption key seed generated by QNu Tropos. The QNu Tropos is a quantum random number generator, based on quantum mechanics, rather than an algorithmic/mathematical random number generator. The solution uses Zeblok’s cloud native AI Platform-as-a-Service foundational utilities to provide the API runtime to easily integrate the solution with the external world.

Main advantages that Qosmos bring to the table :

Ease of Integration- API runtime environment provides a seamless integration

Multiple Deployment Options- Host the entire solution in your data center or subscribe to QNu/Zeblok’s Entropy-as-a-Service. 


Proactively Quantum Entropy- Dramatically increases true entropy using quantum-based encryption keys

Usecase_Zeblok_Qosmos-new@2x

Traditional sources of entropy no longer viable for today’s cryptographic need.

Do your applications have sufficient entropy?

Key Features and Capabilities

Randomness

Entropy is a measure of the randomness or unpredictability of information that’s collected by an operating system or application to use in generating cryptographic keys that require random data.

Encryption keys, especially the RSA keys are at risk of compromise when using deterministic number generation. Many weak keys can efficiently be discovered and subsequently compromised by finding reused prime factors in a large data set. When a high level of entropy is used for encryption, user data can be securely protected against attacks both in transit over the network and at rest on storage devices.

Speed

Assures high throughput required for digital devices such as IoT, embedded systems, cloud, 5G and other applicationsLack of Patterns Being a step ahead in cybersecurity threats is the need of the hour. Qosmos provides steady supply of new information, free of patterns that hackers cannot predict and exploit.

Lack of Patterns

Being a step ahead in cybersecurity threats is the need of the hour. Qosmos provides steady supply of new information, free of patterns that hackers cannot predict and exploit

Applications

The applications are transparent to random numbers required for security purposes. Any application that uses TLS will automatically get the random numbers via Qosmos, through the TLS library. This way, no application needs to be changed to use random numbers.​

Web Browser Security

The SSL handshake used in the https connection of a website will use digital certificated based on PKI. Now as the whole infrastructure is moving to TLS 1.3 for more security, the master secret key generated from client and server random should be obtained from Qosmos for higher security. This essentially replaces the PRF (Pseudo Random Function) which generates deterministic randomness.


Encrypted E-Mail

Apart from using a https -encrypted tunnel, emails are encrypted using a public and private key pair generated from randomness of system (key strokes, mouse movements etc.,). Instead we can use a TLS encryption based on Qosmos supported by Google, Microsoft, and Virtu etc., and making data exchange more secure.


Secure Video Conferencing

With video conferencing becoming a medium to share secret information, the security need also has increased. Introduction of random seed from Qosmos to generate initial authentication keys and then using Qosmos OTP for continuous authentication will continuously provide security.


Firewall Security

The PKI keys like RSA are created in firewall to allow only the right user into the network. The firewalls do not typically have enough entropy to create unpredictable keys making them vulnerable to attacks. Integrating Qosmos to generate the keys will increase security of firewalls by many folds.


Data Backup & Recovery​

Data at rest and motion are important for data backup & recovery. Qosmos will be used for continuous authentication for each data transfer to maintain the security in motion. Clients have already adopted HSM or KMS for data at rest whose security will increase when they use Qosmos random numbers as seed to generate the keys.


Remote Monitoring & Management Software​

RMM software continuously collects and monitors data logs from Servers and desktops that is critical. Qosmos will help in generating OTP keys for present PKI keys used for encryption and continuous authentication for security between different data collection points.


Digital Signatures

Digital signatures are a crucial part of PKI infrastructure and with increase in demand due to digital adoption, the randomness generated now becomes deterministic. Integrating Qosmos to present certificate generation systems will increase the security and start the organization journey towards quantum-safe security.


Want to Know how Our EaaS Performs over Virtual Environments?

Benefits of Qosmos

Mitigate Potential Attacks

Message reply​
Man-in-the-Middle​
DNS Poisoning​

Cloud Native, Scalable Architecture

Turnkey cloud-native AI PaaS provides instant usability and seamless scalability, with flexibility to enable additional services

NIST Reference Architecture

Qosmos uses NIST architecture to establish a standard way of accepting keys

Multicloud Deployment

Flexibility to deploy composable foundational components of Zeblok AI PaaS within the MSSP’s data center or within third party cloud service providers like AWS, GCP, Azure or IBM.

Quantum-Safe

The laws of quantum physics assures 100% randomness and cannot be predicted

Integration

Qosmos can be easily integrated into client architecture without any disruption and working as an additional layer providing the required security