QuantumCloud™ enables organisations to simplify and strengthen their encryption on a global basis, appliance-free. You can move from a complex PKI infrastructure, and the need to trust third parties, to an encryption platform designed for the cloud and a world of connected devices.
Registering and provisioning a new device
All endpoints that use QuantumCloud™ must be registered and provisioned, meaning they are known to QuantumCloud™ and have been given the correct permissions to use its services. Registration relies on the secure delivery of a root key, which we call the bootstrap key, to every device. This can be done manually or over-the-air. Once the bootstrap key is installed a device registers with QuantumCloud™ via a simple API call.
Once an endpoint has its bootstrap key it can authenticate with QuantumCloud™. We use a zero-trust approach that requires an endpoint to re-authenticate every time and whose permissions are validated in real-time. We use a strong, symmetric form of authentication that’s quantum safe and preserves forward secrecy due to our novel ratcheting process that transforms the key every time an endpoint authenticates.
Symmetric key agreement
When two or more devices want to create a symmetric key they first authenticate and establish a quantum-safe tunnel with the QuantumCloud™ cloud service. Each endpoint then takes part in a novel protocol to receive high-quality key material from QuantumCloud™ over the quantum-safe link. This key material is shared with other endpoints and is used to synthesize the final key in a way that isn't known to QuantumCloud™, meaning the cloud service never knows or stores the final key. This shared symmetric key can now be used in many ways to secure the data passing between endpoints, e.g. in an IPsec tunnel, or at the application level to encrypt data with AES.
Manage your network
QuantumCloud™ lets you control which devices have access to your network and manage permissions across endpoints and users. This ensures full control over your private network, stopping malicious or compromised devices from gaining access to privileged information. Devices can be logically separated into groups to ease management and treat similar devices in the same way.
The symmetric keys are used inside that algorithm to now encrypt and decrypt data which is shared across the internet. We prefer AES256 but any other symmetric cipher will work. There are many sovereign ciphers in use with governments around the world and new algorithms to come, but Arqit is not opinionated about which algorithm we use as long as it's secure.
What we have now is a situation where any group of devices, from the tiniest of IoT sensors to the largest of systems, can create and use symmetric encryption across the public internet to generate security which is zero trust and computationally secure.
Easy to implement
QuantumCloud™ is easy to implement with globally standardised and validated algorithms (e.g. AES256) and can be used together with existing Public Key Cryptography.
QuantumCloud™ uses only symmetric cryptography for authentication and key agreement making it extremely fast and efficient, meaning it works well on devices of any size.
With QuantumCloud™ it is easy to add and delete devices from a network and control which devices can speak to each other through security policy.
QuantumCloud™ uses cloud-based symmetric key agreement to keep your information absolutely safer.
QUANTUMCLOUD™ IN USE
Whether you’re securing regional networks, mobile devices, IoT deployments or blockchains, QuantumCloud™ is a scalable, policy-based solution. It’s quick to deploy and requires zero infrastructure.
State actors and organised criminals are already establishing quantum capabilities and targeting financial services firms.
Government & Defence
Securing connections to and from government and military clouds is critical for national security.
The speed of digital growth in the telecommunications industry has led to a need for modern encryption methods to keep pace.
Internet of Things
The vast amount of endpoints coupled with size, weight and power requirements means that IoT often lacks security.