Quantum Entropy as a Service: The Security Boost of Encryption

Share on facebook
Share on twitter
Share on linkedin
Share on email

By Michael Redding, CTO Quantropi

Anyone working in cybersecurity circles is becoming accustomed to hearing the term “entropy-as-a-service.” But what do we really mean by “entropy,” and what is entropy-as-a-service all about?

Entropy is inextricably linked to cryptography. And in our digital era, cryptography has become recognized as the foundation for securing the burgeoning volumes of data flowing across the internet. Ensuring that sensitive information isn’t accessed or breached by unauthorized parties requires strong cryptography, which, in turn, depends on robust entropy.

Entropy refers to the “randomness” of the raw bytes collected by systems for use in algorithms that require random numbers. If a system lacks good entropy, it’s unable to robustly, which can render it vulnerable to compromise.

Recognizing the need to embed strong cryptography in worldwide business communications, the National Institute for Science and Technology (NIST) has recommended creating new sources of encryption entropy that are geared to today’s complex computing environments – and the ever-growing sophistication of cyber threats.

Enter entropy-as-a-service.

Entropy-as-a-service (EaaS) promises to fulfill this mandate. By leveraging the power of cloud computing, it can generate “endless” amounts of entropy with truly random characteristics. Developers can draw on this data when building and securing applications or use it as a tool to conduct cybersecurity testing.

What is Entropy?

Entropy is a scientific concept that’s typically associated with a state of disorder, randomness, or uncertainty. Entropy in cybersecurity is understood as the measure of the randomness or diversity of the binary numbers collected by an operating system or application for use in generating cryptographic keys.

If a data set has comprehensive levels of entropy, no meaningful patterns may be found in it. On the other hand, low-entropy data sets allow for the possibility that future values (cryptographic keys) created from them could be predicted.

As entropy grows – both in quality and quantity – the cryptographic keys generated from it become harder to guess or derive, and so the level of encryption improves. With that in mind, using a high-entropy source for generating cryptographic keys is critical in cybersecurity.

Why is Entropy So Important?

We now know what entropy is, but why is entropy in cybersecurity even a concern? Why is high entropy a requirement for a secure cryptographic system?

Well, pretty much any cryptographic system uses random numbers to generate its encryption and decryption keys. We take these random numbers from the so-called pseudorandom number generators, or PRNGs.

Why “pseudorandom?” That’s because the random numbers used in modern cryptography are not truly random – they are produced by special mathematical algorithms. To get a random number, you supply a PRNG algorithm with a source number called a seed. The algorithm takes the seed, does some predefined mathematical operations on it, and gives you your “random” number.

PRNG algorithms leverage a variety of sources of seeds to produce a large collection of random numbers. Sources of random seeds include the current time, keyboard or mouse input, and hardware statistics. PRNG algorithms can take these values and convert them into “random” numbers. And because the range of possible values in seed sources can be vast, PRNGs can produce a huge variety of different numbers. The sheer quantity of possible outputs makes the numbers appear random (though in reality, they are not).

We’ve successfully used PRNGs for decades, but they have a glaring problem in cybersecurity – they are deterministic, meaning that they produce the exact same “random” numbers if given the exact same seed. This means that pseudo-random numbers (and hence cryptographic keys) could potentially be predicted by an attacker.

To offset this, we can increase the entropy of our seeds by collecting them from a larger variety of sources. The more diverse our seeds are, the higher their entropy is, and the less likely it is that attackers will be able to figure out your random numbers and cryptographic keys.

Up until recently, finding new sources of encryption entropy was relatively easy. For quite a while, PRNGs were more than fine for cybersecurity, but this is about to change soon – drastically.

Sources of Entropy Are Growing Thinner and Thinner

The advent of cloud computing and other technological advancements such as the Internet of Things (IoT) has changed the way we perceive entropy in encryption. That’s because the level of interaction that people have with these devices and systems is limited (if any), so there is an insufficient supply of unpredictable behavior to leverage as a raw randomness source.

The alternative is to use the randomness functions available in the machine operating system or application programming language, but these machine generated data sets have been shown to have entropy below desired levels. This makes it a significant challenge to provide a sufficiently robust source of entropy to meet cryptographic needs.

The quantum threat makes the issue even more serious. Quantum computers will be so powerful that our current sources of entropy may turn out to be not random enough. Quantum computers might be able to easily derive the output of PRNGs, entirely defeating their purpose.

We have to find new entropy sources that can create the volumes of quality random data we need to bolster our security defenses for cloud computing environments, IoT devices, and other embedded systems.

The leading minds in our cybersecurity community have proposed that the solution to the shortage of reliable sources of true entropy may be found by tapping into other external sources of entropy based on a variety of very specialized hardware solutions dedicated to the task of generating bulk strong random numbers. Once generated from the hardware entropy source, these blocks of raw random can be used locally or distributed across a network. And here’s where quantum entropy comes into play.

The Next Frontier: Quantum Entropy

Quantum computers are one of the most notable and exciting technological advancements of recent years. But while they will bring a lot of good to the world, they will also create new exposure risks since they can quickly solve the complex math problems that form the foundation of today’s information security. Even Google has said that quantum computing could “end encryption” in the near future. And as we mentioned above, one of the ways in which quantum machines could defeat encryption is by predicting the output of PRNGs.

Quantum entropy is the answer to the vulnerability of traditional PRNGs to future quantum computers. Quantum-based encryption entropy can leverage the randomness of physical processes at quantum levels to generate truly random numbers that never repeat and cannot be predicted. You can then use these true random numbers to generate robust cryptographic keys.

Now, some people consider the quantum threat to be at least a decade away, so why even bother with quantum entropy? At Quantropi, we believe that the threat is coming sooner rather than later and that every organization needs to harden its defense against the quantum threat as soon as possible. To this end, businesses can adopt one of the many quantum services available on the market – however, they are more often than not far from ideal.

While many companies can generate very strong “quantum” entropy (raw data sets approaching a level of nearly pure randomness, according to a number of benchmark tests published by NIST and other standards bodies), a lingering challenge has been able to distribute it in a manner impervious to quantum attack/theft at high speed over the internet.

Much research and commercial development is focused on solving this issue with approaches such as Quantum Key Distribution (QKD), but they so far remain short of practical and scalable deployments. Quantum entropy might remain unattainable for the vast majority of businesses for quite a while because of its technological and budget requirements. With that said, even if you can’t afford to have on-premises quantum protection, quantum entropy-as-a-service can help you reap the benefits of ultra-high entropy without completely revamping your infrastructure.

What is Quantum Entropy-as-a-Service?

Entropy-as-a-service (EaaS) is an on-demand, cloud-based service that generates and distributes a high-quality supply of entropy for cloud platforms, SaaS and distributed applications, IoT devices, and other embedded computer systems. Entropy-as-a-service provides unique “seeds” that allow random numbers to be securely generated to form strong cryptographic keys.

Quantum entropy-as-a-service (QEaaS) enhances standard EaaS with quantum sources of entropy. QEaaS gives developers the means to embed robust, quantum-ready entropy into the cryptographic keys used by their applications or devices, thus ensuring they’re hardened to withstand any attempts on the part of cybercriminals to breach them or compromise the data they hold.

What’s the value of EaaS for businesses looking for better, more high-quality sources of entropy? Well, the specialty hardware capable of generating strong entropy can be expensive, hard to acquire, or have the wrong form factor for various deployment needs. Embedding strong sources of entropy into IoT devices, laptops, or cell phones can be impractical or even impossible because of the cost and size constraints of special entropy-generating hardware.

Entropy-as-a-service (like Software-as-a-Service before it) solves many of the cost, availability, and complexity challenges involved, freeing the IT professional or Application Developer from unnecessary overhead. Quantum entropy-as-a-service takes EaaS one step further and introduces truly random seeds to dramatically enhance the security of your cryptographic keys.

Benefits of Quantum Entropy-as-a-Service for Developers

QEaaS and EaaS in general is a boon to developers seeking to bolster the quality of their encryption efforts and ultimately better protect user data. That’s because entropy-as-a-service provides them with instant and continuous access to the desired entropy.

So, instead of searching in vain for elusive or expensive entropy sources, they can focus their energies on developing applications and taking them to market swiftly – safe in the knowledge that they have based their data and communications protection on the best foundation possible. QEaaS delivers a continuous supply of new entropy that’s free from any patterns or sequences that cybercriminals can forecast and take advantage of when trying to guess or break cryptographic keys.

Quantum Entropy-as-a-Service with Quantropi’s SEQUR™

The SEQUR™quantum service embodies the QEaaS offering of Quantropi. One of Quantropi’s three TrUE quantum data protection technologies, SEQUR™ enables developers, governments, and enterprises to provision and distribute quantum entropy across any network while keeping it completely secure from classical or quantum theft.

This means better data security today and peace of mind knowing that bad actors with quantum computers in the future will not be able to steal your keys and access your data.

With SynQK synchronized quantum key distribution, SEQUR™ can deliver quantum entropy to any network-connected device, be it an on-premises desktop computer or an employee’s personal device. SynQK offers digital QKD functionality and can deliver true random numbers over the wire and wirelessly at distances up to 15,000 kilometers.

SEQUR™ and the whole line of Quantropi’s quantum-secure cryptographic solutions are available in QiSpace™ – a quantum-secure SaaS cybersecurity platform.

Interested in finding out more? Visit our website and get in touch!

Quantum-secure any application, product, network, or device with the QiSpace™ platform — without having to sacrifice performance or make major investments in new technology or infrastructure. See for yourself how only QiSpace™ offers TrUE quantum security via all three essential cryptographic functions. Leverage asymmetric encryption algorithms (the “Trust” or “Tr” of “TrUE”) via MASQ™, symmetric encryption (“U” for “Uncertainty”) via QEEP™ and strong random numbers (“E” for “Entropy”) via SEQUR™.  Make it TrUE with QiSpace™ — and protect your business, brand, and customer promise. Now and forever. 

To learn more about our quantum-secure solutions, don’t hesitate to get in touch with our experts!

Share on facebook
Share on twitter
Share on linkedin
Share on email

Timothy Stapko

Timothy Stapko is a senior software engineer at Microsoft with 20+ years of experience in the information technology industry specializing in embedded systems, IoT security, security (SSL/TLS), and 9+ years of experience leading projects and a team of engineers on two commercially successful implementations of TLS for resource-constrained embedded systems (including cryptography, X.509, DTLS, HTTPS, etc.). Tim also has experience with US federal information standards (e.g., FIPS) and other standards and certifications (e.g., Common Criteria/EAL) and specializes in C, C++, FIPS 140-2, Linux, SSL, TLS, TCP/IP

Bond Vo

Bond Vo is the Business Analyst of Quantropi. Along with Quantropi, Bond has been dynamic in accordance with a fast and evolving startup environment and is responsible in a wide range of areas including market research, funding, and more involved in the controller roles to oversee day to day accounting operation as well as build financing models and budget to achieve company’s ultimate goals/objectives. Bond has applied best practices consistently and successfully supports equity, debt, and non-dilutive funding for Quantropi since joint the team. He earned a Bachelor of Commerce concentrated in Finance from Carleton University. Outside of his professional career, Bond also participated in volunteer for the Vietnamese Immigration Student Association (VISA) to help and support students as well as newcomers in Canada.

Dr. Randy Kuang

Randy holds a doctorate in quantum physics. His research findings have been published in top international journals and named “Kuang’s semi-classical formalism” by NASA in 2012. With a career spanning IT, including with Nortel as senior network researcher & developer, he co-founded inBay Technologies in 2009, serving as CTO of the cybersecurity platform. As the first recipient of a patent for two-level authentication (2011), Randy is a prolific inventor, with 30+ U.S. patents in broad technology fields, such as WiMAX, optical networks, multi-factor identity authentication, transaction authorization, as well as concepts, technologies and industrial applications for quantum key distribution.

Cory Michalyshyn

Cory brings a breadth of experience to the Quantropi team, working fractionally with multiple SaaS technology companies as CFO, and as the CFO with Celtic House Venture Partners. Prior to these roles, Cory was CFO and COO at Solink, and played a lead role in the metrics-led pivot to a direct-sales SaaS model, followed by multiple VC-backed funding rounds and their recognition as one of the fastest growing start-ups in Canada. He qualified as a CPA while serving technology, VC & PE-fund clients at Deloitte, and earned his Bachelor of Commerce at Queen’s University.

Ken Dobell

Ken leads marketing strategy at Quantropi. In high demand as a consultant with 25 years’ experience in performance media and an award- winning creative background, he has completed successful transformations, (re)branding and product development mandates with KPMG, Keurig, Fidelity, Eddyfi, Coveo, and more, and provides digital advice to the CMA. Previously, Ken pivoted an offline advertising brokerage to a leading-edge, data-driven performance agency as President of DAC Digital, held a progression of international leadership roles with Monster.com, pioneered a range of multi-channel initiatives as VP Marketing with a global franchisor, and introduced a mobile-first programmatic media offering to Canada within WPP.

Raj Narula, P.Eng.

A seasoned technology executive, business builder and angel investor, Raj has held operational and advisory roles in Recognia (Trading Central), Belair Networks (Ericsson), March Networks (Infinova), Sandvine (Procera), Neurolanguage (ADEC), Bridgewater Systems (Amdocs), Vayyoo (Cafex), TenXc (CCI), 1Mobility (Qualys) and others. Having divided his time among North America, EMEA and Asia-Pac for over 20 years, Raj speaks several languages. He grew up in Asia, Europe, South America and Canada, and holds a B.Eng degree in Mechanical Engineering from the University of Ottawa. He is also a co-founder and Charter Member of the Ottawa chapter of TiE (the Indus Entrepreneur).

Michael Redding

Before joining Quantropi, Mike was Managing Director and co-founder of Accenture Ventures, where he grew a global portfolio of strategic partnerships and 38 equity investments in emerging technology startups.

During his nearly 30 years with Accenture, he incubated and launched technology innovations for enterprises across multiple geographies and industries. Ever-passionate about bold ideas with game-changing results, he speaks frequently on the impact of emerging technology on large organizations.

With a bachelor’s degree in Electrical Engineering and Computer Science from Princeton, and a Master’s in Biomedical Engineering from Northwestern, Mike is a former member of the Board of Directors for the Accenture Foundation and Board Observer for startups Maana and Splice Machine.

Alex He

Alex is a product-oriented project manager who bridges the gaps between the company’s engineering and commercial teams. He has over ten years of experience in the analysis, design and development of enterprise-class applications, with a particular focus on creating optimal user experiences (UX). Ever passionate about cybersecurity solutions that can deliver solid security without unreasonably sacrificing customer convenience, Alex is the lead inventor of a registered patent on user interface security. He is committed to helping ensure that the Agile software engineering team at Quantropi delivers consistently high-quality, high crypto-agility cybersecurity solutions for next-generation communications.

Nick Kuang

As VP Corporate Services, Nick plans, directs and coordinates a wide range of activities aimed at achieving Quantropi’s vision of the Quantum Internet. He has a keen interest in transformative technologies and the possibilities they offer for bettering our everyday lives. A pharmacist by training, Nick nurtures teams with a focus on integrity and collaborative effort, coupled with strong attention to detail. With prior experience in a successful biotech start-up developing point-of-care test kits, he enjoys the fast pace and challenge of the start-up environment.

Tina Wang

Tina develops websites and participates in a range of different projects, using new frameworks for front-end UI, along with Vuejs, Angula, Beego, Ruby on Rails, and Electron. She developed Quantropi’s desktop CipherSpace application by integrating Electron, Webassembly and Go, to ensure a good user experience, as well as perfect operating system compatibility. She is also part of the dynamic and efficient QKD-NODE project team. Tina is always looking for new ways to increase her knowledge, improve her technological proficiency and enhance her strong execution and implementation skills. Prior to Quantropi, Tina served as a full-stack web developer at Sunny Future, where she maintained a WordPress home site and managed the release of new content for the company.

Pauline Arnold

As James Nguyen’s EA, Pauline Arnold brings more than 40 years of experience in complementary customer service and administrative roles. Prior to Quantropi, she served 20 years as Branch Manager and an assistant in investments, and over 20 years at Metropolitan Life Canada in various aspects of the insurance sector – assisting clients, management and colleagues to complete tasks, solve problems, address questions and achieve goals. She also worked part-time for Royal Lepage Performance for 5+ years as a receptionist & admin, and for 5 years was chair of the TKFG’s charity golf tournament.

Renato Pontello

Renato has 30 + years of experience as a trusted legal advisor and strategist. As an executive he has assisted numerous companies and their Boards of Directors to plot out and implement significant growth, diversification and reorganization plans in challenging circumstances. He was lead counsel on the sale of Zarlink Semiconductor’s $680 million dollar business as part of a takeover bid. At Zarlink he negotiated significant development, manufacturing, supply, distribution and IP licensing agreements with leading suppliers (eg Cisco, Nokia, Ericsson, Medtronic, Starkey, TSMC, Global Foundries, etc.). Renato has been involved in M&A, restructuring, financings and commercial contracts for dozens of companies. He also provides legal support in regards to intellectual property, securities, real estate leasing and employment law. He represents clients mostly in the SaaS, wireless, proptech, quantum, renewables, e-commerce, engineering and real estate conversion space.

Dafu Lou

Dafu is Quantropi’s Director of engineering. Prior to Quantropi, he served as a technical leader at Irdeto, a world-leading provider of digital platform security software, where he was responsible for white-box cryptography, cloaked CA secure core, and iOS/android application protection services, among others. Prior to Irdeto, Dafu served as a senior software engineer at SecureNex Systems, where he led the implementation of an SSL-VPN solution and ECC-based secure data storage & PKI. He earned his Ph.D. in electrical engineering from the University of Ottawa in 2009. Dafu is also a part-time professor, teaching VLSI, Cryptography and other subjects at uOttawa.

Christopher McKenzie

With his extensive experience in software development and strong analytical skills, Chris can handle the entire end-to-end software development life cycle. Prior to Quantropi, he served as Director of Product Development at Sphyrna Security, Inc., where he managed the delivery of security compliance automation and data diode appliance products, and as Commercial Software Development Manager at Cord3, Inc., where he managed the development of an advanced data access policy management product. Chris graduated from Computer Science at Algonquin College and the Ottawa School of Arts in 1998. Read less

Eric Chan

Eric Chan a.k.a. EEPMON is a Crypto / Digital Artist with 15 years in the industry – and Quantropi’s Creative Emissary. His hybrid fractal/digital creations have been seen in fashion, comics to museums and has exhibited worldwide. EEPMON’s collaborations include Canada Goose, MARVEL, Snoopy, Microsoft Xbox, Canada Science & Technology Museum and was a TEDx performing artist. In 2018 he represented Canada on its first Creative Industries Trade Mission led by Canada’s Minister of Heritage and serves on the Canadian Museums Association‘s Board of Directors. At the same time, he is currently completing his Master of Information Technology – Digital Media at Carleton University. 

Patricio Mariaca

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vestibulum quis mauris justo. Vestibulum vel nulla vel tortor dignissim auctor. Donec porta semper lacus, id mollis metus pretium at. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Nam malesuada ullamcorper metus, eget facilisis tortor posuere sed.

Talk To Us

Marco Pagani

Marco Pagani began his long and successful career as a senior executive in Ottawa’s high-tech sector in 1985, with Nortel Networks (then Bell-Northern Research). He rose across two decades to become president of several Nortel Business Units, managing more than 2,000 employees and over $1 billion in revenue. Having gone on to advise numerous organizations, as well as guide a range of companies through complex, critically necessary turnarounds, he is particularly respected for placing a strong emphasis on ethics and corporate governance in building the culture of the corporate and not-for-profit organizations he leads and supports.

Lawrence O’Brien

Lawrence O’Brien is a founder of Calian Group and former Mayor of Ottawa. Larry founded Calian Technology Ltd. in 1982 with a $35 investment and built it into a $200M/ year profitable, dividend-paying public company by 2006. As the CEO of Calian, Larry executed an IPO in 1993, completed five significant acquisitions, and managed the overall strategic growth of Calian from 1982 until 2006. After retirement from Calian in 2006, Larry served as the 58th mayor of Ottawa and proceeded to push forward four major economic development projects, including a Light Rail Transit tunnel in the core of the city, a new Convention Centre, now known as the Shaw Centre and a new trade show facility and a major urban renewal project that rebuilt 40 acres of dilapidated downtown Ottawa called Lansdowne Park into a vibrant, destination for citizens and tourist.

Dat Nguyen

Dat Nguyen has executive experience with top global consultancies such as IBM, Accenture, Ernst & Young (EY), and decacorn start-up Grab at C-Level roles.

During 20 years of consulting, Dat has worked with multiple companies across Canada, the USA, the Caribbean, and the Asia Pacific with CEO roles and leadership such as CEO for Accenture Vietnam, CEO of Grab Vietnam, and Partner of EY Consulting leading the technology practice (including Cybersecurity) in Indochina (Vietnam, Laos, Cambodia).

Dat is a tech entrepreneur, a co-founder, and a digital ecosystem builder. He is passionate about new and innovative technologies and is involved in multiple companies across verticals such as AI, Blockchain, Web3, Cybersecurity, InsurTech, and FinTech. Dat is currently a member of the ASIA CEO Club.

Dat earned the Executive Education at Harvard University, John F. Kennedy School, and received the Executive Certificate in Public Leadership in 2018.

Tanya Woods

Tanya Woods brings more than a decade of successful strategic advocacy experience to her role at the Chamber of Digital Commerce Canada. Tanya most recently served as the Interim Executive Director for the Blockchain Association of Canada and is a champion for Canada’s digital innovation ecosystem, domestically and globally. Tanya has held senior-level positions in the industry, representing national and multinational organizations in the telecommunications, technology, and entertainment sectors, including BCE Inc., Microsoft, Hut 8 Mining, and Nintendo. She has also advised and represented the Government of Canada in global trade negotiations and on the growth of the country’s blockchain ecosystem. Tanya is a global public speaker and published author with degrees from the London School of Economics, Ottawa University, and American University Washington College of Law. She was named among the top 10 “Leading TechWomen in Canada” by the Government of Canada, a “Trailblazer” by the Canadian Broadcasting Corporation, and a “Top 40 under 40” in Canada’s Capital by the Ottawa Chamber of Commerce and the Ottawa Business Journal.

James Nguyen

Prior to leading Quantropi, James was Chief Investment Officer & VP Asia Operations for a group of private and public real estate, mining, energy storage, graphene technologies and manufacturing interests, where, in his responsibilities for strategy, banking and global expansions, he secured large-scale investments and partnerships for commercializing graphene applications across multiple industries. A graduate of Carleton in Economics, he previously achieved success managing a mid-market portfolio (professional services, public sector, Asian markets) at RBC for over a decade. James has been on the HKCBA board, held advisory positions with technology start-ups and gives back as volunteer, fundraiser and mentor.