Entropy as a Service: The Security Boost of Encryption

Share on facebook
Share on twitter
Share on linkedin
Share on email

By Michael Redding, CTO Quantropi

Anyone working in cybersecurity circles is becoming accustomed to hearing the term “entropy-as-a-service.” But what do we really mean by “entropy,” and what is entropy-as-a-service all about?

Entropy is inextricably linked to cryptography. And in our digital era, cryptography has become recognized as the foundation for securing the burgeoning volumes of data flowing across the internet. Ensuring that sensitive information isn’t accessed or breached by unauthorized parties requires strong cryptography, which, in turn, depends on robust entropy.

Entropy refers to the “randomness” of the raw bytes collected by systems for use in algorithms that require random numbers. If a system lacks good entropy, it’s unable to encrypt data robustly, which can render it vulnerable to compromise.

Recognizing the need to embed strong cryptography in worldwide business communications, the National Institute for Science and Technology (NIST) has recommended creating new sources of entropy that are geared to today’s complex computing environments – and the ever-growing sophistication of cyber threats.

Enter entropy-as-a-service.

Entropy-as-a-service (EaaS) promises to fulfill this mandate. By leveraging the power of cloud computing, it can generate “endless” amounts of entropy with truly random characteristics. Developers can draw on this data when building and securing applications or use it as a tool to conduct cybersecurity testing.

What is Entropy?

Entropy is a scientific concept that’s typically associated with a state of disorder, randomness, or uncertainty. In the context of cybersecurity, entropy is understood as the measure of the randomness or diversity of the binary numbers collected by an operating system or application for use in generating cryptographic keys.

If a data set has comprehensive levels of entropy, no meaningful patterns may be found in it. On the other hand, low-entropy data sets allow for the possibility that future values (cryptographic keys) created from it could be predicted.

As entropy grows – both in quality and quantity – the cryptographic keys generated from it become harder to guess or derive, and so the level of encryption improves.

Why is Entropy so Important?

In some traditional computing systems, people’s interactions with their devices, including their keystrokes, mouse movements, and network interactions are used as the raw input needed to create strong entropy. This unpredictable data is transformed into random numbers to be used in cryptographic functions.

However, the advent of cloud computing and other technological advancements such as the Internet of Things (IoT) has changed this paradigm. That’s because the level of interaction that people have with these devices and systems is limited (if any) so there is insufficient supply of unpredictable behavior to leverage as a raw randomness source. The alternative is to use the randomness functions available in the machine operating system or application programming language, but these machine generated data sets have been shown to have entropy below desired levels. This makes it a significant challenge to provide a sufficiently robust source of entropy to meet cryptographic needs.

As a result, we need to find new sources that can create the volumes of quality random data we need to bolster our security defenses for cloud computing environments, IoT devices, and other embedded systems.

The leading minds in our cybersecurity community have proposed that the solution to the shortage of reliable sources of true entropy may be found by tapping into other external sources of entropy based on a variety of very specialized hardware solutions dedicated to the task of generating bulk strong random numbers. Once generated from the hardware entropy source, these blocks of raw random can be used locally or distributed across a network.

What is Entropy-as-a-Service?

Entropy-as-a-service is an on-demand, cloud-based service that generates and distributes a high-quality supply of entropy for cloud platforms,  SaaS and distributed applications, IoT devices, and other embedded computer systems. EaaS gives developers the means to embed robust entropy into the cryptographic keys used by their applications or devices, thus ensuring they’re hardened to withstand any attempts on the part of cybercriminals to breach them or compromise the data they hold.

Entropy-as-a-service provides unique “seeds” that allow random numbers to be securely generated to form strong cryptographic keys.

The specialty hardware capable of generating strong entropy can be expensive, hard to acquire, or not an appropriate form factor for various deployment needs.  Entropy-as-a-service (like Software-as-a-service before it) solves many of the cost, availability, and complexity challenges involved, freeing the IT professional or Application Developer from unnecessary overhead.

Benefits of Entropy-as-a-Service (EaaS) for Developers

Entropy-as-a-service is a boon to developers seeking to bolster the quality of their encryption efforts and ultimately better protect user data. That’s because entropy-as-a-service provides them with instant and continuous access to the desired entropy.

So, instead of searching in vain for elusive or expensive entropy sources, they can focus their energies on developing applications and taking them to market swiftly – safe in the knowledge that they have based their data and communications protection on the best foundation possible.  EaaS delivers a continuous supply of new entropy that’s free from any patterns or sequences that cybercriminals can forecast and take advantage of when trying to guess or break cryptographic keys.

The Next Frontier: Quantum EaaS

While we all welcome advancements in entropy-as-a-service, there’s no time to rest on our laurels. That’s because there’s a new threat on the horizon: advances in quantum computing.

Quantum computers are one of the most notable and exciting technological advancements of recent years. But they’re also creating new exposure risks since they can quickly solve the complex math problems that form the foundation of today’s information security. Even Google has said that quantum computing could “end encryption” in the near future.

At Quantropi, we believe that the threat is already here and that every organization needs to harden their defences against the “quantum threat.” While many companies can generate very strong “quantum” entropy (raw data sets approaching a level of nearly pure randomness according to a number of benchmark tests published by NIST and other standards bodies), a lingering challenge has been able to distribute it in an a manner impervious to quantum attack / theft at high speed over the internet.  Much research and commercial development is focused on solving this issue with approaches such as Quantum Key Distribution (QKD), but they so far remain short of practical and scalable deployments.

Quantropi’s EaaS solution SEQUR™ enables developers, governments, and enterprises to provision and distribute quantum entropy (ultra-strong random numbers) across any network while keeping it completely secure from classical or quantum theft.

This means better data security today and peace of mind knowing that bad actors with quantum computers in the future will not be able to steal your keys and access your data.

Interested in finding out more? Visit our website and get in touch!

Share on facebook
Share on twitter
Share on linkedin
Share on email

Talk To Us

Patricio Mariaca

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vestibulum quis mauris justo. Vestibulum vel nulla vel tortor dignissim auctor. Donec porta semper lacus, id mollis metus pretium at. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Nam malesuada ullamcorper metus, eget facilisis tortor posuere sed.

Eric Chan

Eric Chan a.k.a. EEPMON is a Crypto / Digital Artist with 15 years in the industry – and Quantropi’s Creative Emissary. His hybrid fractal/digital creations have been seen in fashion, comics to museums and has exhibited worldwide. EEPMON’s collaborations include Canada Goose, MARVEL, Snoopy, Microsoft Xbox, Canada Science & Technology Museum and was a TEDx performing artist. In 2018 he represented Canada on its first Creative Industries Trade Mission led by Canada’s Minister of Heritage and serves on the Canadian Museums Association‘s Board of Directors. At the same time, he is currently completing his Master of Information Technology – Digital Media at Carleton University. 

Christopher McKenzie

With his extensive experience in software development and strong analytical skills, Chris can handle the entire end-to-end software development life cycle. Prior to Quantropi, he served as Director of Product Development at Sphyrna Security, Inc., where he managed the delivery of security compliance automation and data diode appliance products, and as Commercial Software Development Manager at Cord3, Inc., where he managed the development of an advanced data access policy management product. Chris graduated from Computer Science at Algonquin College and the Ottawa School of Arts in 1998. Read less

Dafu Lou

Dafu is Quantropi’s Director of engineering. Prior to Quantropi, he served as a technical leader at Irdeto, a world-leading provider of digital platform security software, where he was responsible for white-box cryptography, cloaked CA secure core, and iOS/android application protection services, among others. Prior to Irdeto, Dafu served as a senior software engineer at SecureNex Systems, where he led the implementation of an SSL-VPN solution and ECC-based secure data storage & PKI. He earned his Ph.D. in electrical engineering from the University of Ottawa in 2009. Dafu is also a part-time professor, teaching VLSI, Cryptography and other subjects at uOttawa.

Pauline Arnold

As James Nguyen’s EA, Pauline Arnold brings more than 40 years of experience in complementary customer service and administrative roles. Prior to Quantropi, she served 20 years as Branch Manager and an assistant in investments, and over 20 years at Metropolitan Life Canada in various aspects of the insurance sector – assisting clients, management and colleagues to complete tasks, solve problems, address questions and achieve goals. She also worked part-time for Royal Lepage Performance for 5+ years as a receptionist & admin, and for 5 years was chair of the TKFG’s charity golf tournament.

Bond Vo

Bond Vo is the Business Analyst of Quantropi. Along with Quantropi, Bond has been dynamic in accordance with a fast and evolving startup environment and is responsible in a wide range of areas including market research, funding, and more involved in the controller roles to oversee day to day accounting operation as well as build financing models and budget to achieve company’s ultimate goals/objectives. Bond has applied best practices consistently and successfully supports equity, debt, and non-dilutive funding for Quantropi since joint the team. He earned a Bachelor of Commerce concentrated in Finance from Carleton University. Outside of his professional career, Bond also participated in volunteer for the Vietnamese Immigration Student Association (VISA) to help and support students as well as newcomers in Canada.

Tina Wang

Tina develops websites and participates in a range of different projects, using new frameworks for front-end UI, along with Vuejs, Angula, Beego, Ruby on Rails, and Electron. She developed Quantropi’s desktop CipherSpace application by integrating Electron, Webassembly and Go, to ensure a good user experience, as well as perfect operating system compatibility. She is also part of the dynamic and efficient QKD-NODE project team. Tina is always looking for new ways to increase her knowledge, improve her technological proficiency and enhance her strong execution and implementation skills. Prior to Quantropi, Tina served as a full-stack web developer at Sunny Future, where she maintained a WordPress home site and managed the release of new content for the company.

Nick Kuang

As VP Corporate Services, Nick plans, directs and coordinates a wide range of activities aimed at achieving Quantropi’s vision of the Quantum Internet. He has a keen interest in transformative technologies and the possibilities they offer for bettering our everyday lives. A pharmacist by training, Nick nurtures teams with a focus on integrity and collaborative effort, coupled with strong attention to detail. With prior experience in a successful biotech start-up developing point-of-care test kits, he enjoys the fast pace and challenge of the start-up environment.

Alex He

Alex is a product-oriented project manager who bridges the gaps between the company’s engineering and commercial teams. He has over ten years of experience in the analysis, design and development of enterprise-class applications, with a particular focus on creating optimal user experiences (UX). Ever passionate about cybersecurity solutions that can deliver solid security without unreasonably sacrificing customer convenience, Alex is the lead inventor of a registered patent on user interface security. He is committed to helping ensure that the Agile software engineering team at Quantropi delivers consistently high-quality, high crypto-agility cybersecurity solutions for next-generation communications.

Michael Redding

Before joining Quantropi, Mike was Managing Director and co-founder of Accenture Ventures, where he grew a global portfolio of strategic partnerships and 38 equity investments in emerging technology startups.

During his nearly 30 years with Accenture, he incubated and launched technology innovations for enterprises across multiple geographies and industries. Ever-passionate about bold ideas with game-changing results, he speaks frequently on the impact of emerging technology on large organizations.

With a bachelor’s degree in Electrical Engineering and Computer Science from Princeton, and a Master’s in Biomedical Engineering from Northwestern, Mike is a former member of the Board of Directors for the Accenture Foundation and Board Observer for startups Maana and Splice Machine.

Raj Narula, P.Eng.

Raj is a seasoned technology executive who has worked with companies as an advisor, business builder and active angel investor. Raj is a seasoned technology executive who has worked with companies as an advisor, business builder and active angel investor. He has held operational and advisory roles in Recognia (Trading Central ), Belair Networks ( Ericsson) , March Networks ( Infinova) , Sandvine ( Procera ), Neurolanguage ( ADEC) ,Bridgewater Systems (Amdocs), Vayyoo ( Cafex ) TenXc ( CCI ),1Mobility ( Qualys ) and others. He has been dividing his time between North America, EMEA, and the Asia Pacific region for over 20 years and speaks multiple languages. He grew up in Asia, Europe, South America and Canada. Raj is also the co-founder and Charter Member of the Ottawa chapter of TiE (the Indus Entrepreneur). Raj holds a B.Eng degree in Mechanical Engineering from the University of Ottawa, Canada.

Ken Dobell

Ken leads marketing strategy at Quantropi. In high demand as a consultant with 25 years’ experience in performance media and an award- winning creative background, he has completed successful transformations, (re)branding and product development mandates with KPMG, Keurig, Fidelity, Eddyfi, Coveo, and more, and provides digital advice to the CMA. Previously, Ken pivoted an offline advertising brokerage to a leading-edge, data-driven performance agency as President of DAC Digital, held a progression of international leadership roles with Monster.com, pioneered a range of multi-channel initiatives as VP Marketing with a global franchisor, and introduced a mobile-first programmatic media offering to Canada within WPP.

Cory Michalyshyn

Cory brings a breadth of experience to the Quantropi team, working fractionally with multiple SaaS technology companies as CFO, and as the CFO with Celtic House Venture Partners. Prior to these roles, Cory was CFO and COO at Solink, and played a lead role in the metrics-led pivot to a direct-sales SaaS model, followed by multiple VC-backed funding rounds and their recognition as one of the fastest growing start-ups in Canada. He qualified as a CPA while serving technology, VC & PE-fund clients at Deloitte, and earned his Bachelor of Commerce at Queen’s University.

Dr. Randy Kuang

Randy holds a doctorate in quantum physics. His research findings have been published in top international journals and named “Kuang’s semi-classical formalism” by NASA in 2012. With a career spanning IT, including with Nortel as senior network researcher & developer, he co-founded inBay Technologies in 2009, serving as CTO of the cybersecurity platform. As the first recipient of a patent for two-level authentication (2011), Randy is a prolific inventor, with 30+ U.S. patents in broad technology fields, such as WiMAX, optical networks, multi-factor identity authentication, transaction authorization, as well as concepts, technologies and industrial applications for quantum key distribution.

James Nguyen

Prior to leading Quantropi, James was Chief Investment Officer & VP Asia Operations for a group of private and public real estate, mining, energy storage, graphene technologies and manufacturing interests, where, in his responsibilities for strategy, banking and global expansions, he secured large-scale investments and partnerships for commercializing graphene applications across multiple industries. A graduate of Carleton in Economics, he previously achieved success managing a mid-market portfolio (professional services, public sector, Asian markets) at RBC for over a decade. James has been on the HKCBA board, held advisory positions with technology start-ups and gives back as volunteer, fundraiser and mentor.