Arqit SKA Platform™
Introducing our symmetric key agreement platform
Arqit SKA Platform™, formerly known as Quantum Cloud™, enables organisations to simplify and strengthen encryption on a global basis. You can move from a complex PKI infrastructure, and the need to trust third parties, to an encryption platform designed for the cloud and a world of connected devices.
Arqit SKA Platform is available as Platform as a Service and as a private instance.
Step 01
Registering & provisioning
All endpoints that use SKA Platform™ must be registered and provisioned, meaning they are known to SKA Platform and have been given the correct permissions to use its services. Registration relies on the secure delivery of a root key, which we call the bootstrap key, to every device. This can be done manually or over-the-air. Once the bootstrap key is installed a device registers with SKA Platform via a simple API call.
Step 02
Authentication
Once an endpoint has its bootstrap key it can authenticate with SKA Platform. We use a zero-trust approach that requires an endpoint to re-authenticate every time and whose permissions are validated in real-time. We use a strong, symmetric form of authentication that’s quantum-safe and preserves forward secrecy due to our novel ratcheting process that transforms the key every time an endpoint authenticates.
Step 03
Symmetric key agreement
When two or more devices want to create a symmetric key they first authenticate and establish a quantum-safe tunnel with the SKA Platform cloud service. Each endpoint then takes part in a novel protocol to receive high-quality key material from SKA Platform over the quantum-safe link. This key material is shared with other endpoints and is used to synthesize the final key in a way that isn't known to SKA Platform, meaning the cloud service never knows or stores the final key. This shared symmetric key can now be used in many ways to secure the data passing between endpoints, e.g. in an IPsec tunnel, or at the application level to encrypt data with AES.
Step 04
Manage your network
SKA Platform lets you control which devices have access to your network and manage permissions across endpoints and users. This ensures full control over your private network, stopping malicious or compromised devices from gaining access to privileged information. Devices can be logically separated into groups to ease management and treat similar devices in the same way.
Step 05
Symmetric encryption
The symmetric keys are used inside that algorithm to now encrypt and decrypt data which is shared across the internet. We prefer AES256 but any other symmetric cipher will work. There are many sovereign ciphers in use with governments around the world and new algorithms to come, but Arqit is not opinionated about which algorithm we use as long as it's secure.
Step 06
The result
What we have now is a situation where any group of devices, from the tiniest of IoT sensors to the largest of systems, can create and use symmetric encryption across the public internet to generate security which is zero trust and computationally secure.
Why Arqit SKA Platform?
Easy to implement
SKA Platform is easy to implement with globally standardised and validated algorithms (e.g. AES256) and can be used together with existing Public Key Cryptography.
Lightweight cryptography
SKA Platform uses only symmetric cryptography for authentication and key agreement making it extremely fast and efficient, meaning it works well on devices of any size.
Policy enforcement
With SKA Platform it is easy to add and delete devices from a network and control which devices can speak to each other through security policy.
Symmetric keys
SKA Platform uses cloud-based symmetric key agreement to keep your information absolutely safer.
ARQIT SKA PLATFORM™ IN USE
Whether you’re securing regional networks, mobile devices, IoT deployments or blockchains, SKA Platform™ is a scalable, policy-based solution. It’s quick to deploy and requires zero infrastructure.
Financial Services
State actors and organised criminals are already establishing quantum capabilities and targeting financial services firms.
Government & Defence
Securing connections to and from government and military clouds is critical for national security.
Telecommunications
The speed of digital growth in the telecommunications industry has led to a need for modern encryption methods to keep pace.
Internet of Things
The vast amount of endpoints coupled with size, weight and power requirements means that IoT often lacks security.