Equipments Details
Description
The Quantum Security Testbed consists of multiple banking grade security systems leveraging quantum technologies that industry can utilise and manipulate to create novel identity and data protection solutions. These include:
• Quantum Random Number Generators (QRNGs),
• Firewalls with VPN capabilities (encryptors),
• Hardware Security Modules (HSMs),
• Quantum Key Distribution (QKD) systems.
The QRNGs lay the first building blocks to providing high quality, truly random entropy to generate encryption keys. The keys (or crypto assets) will then be stored in HSMs, providing a tamper proof, reliable, and highly secure repository for the keys that end devices will use. The keys will never be stored on the end devices and therefore cannot be lost or leaked through theft or remote access. The encryptors will use the keys stored in the HSMs to create site-to-site VPNs. Lastly, a QKD system when deployed between two sites (data centres) ensures non-refutably secure transmission of keys or other crypto assets between two locations, for backup or digital asset custody.
The main strength of this testbed lies in the strict separation between the three elements: key and asset generation, asset storage, and access to assets. By combining several cryptosystems (QRNG, HSM, and QKD) with cryptoprotocols (one time pad, secret sharing schemes), it ensures that the safe storage of private keys (the proof of a digital asset’s ownership) is “Information-Theoretically Secure” (ITS), meaning that such a system cannot be hacked by an external adversary even with unlimited computing power.
• Quantum Random Number Generators (QRNGs),
• Firewalls with VPN capabilities (encryptors),
• Hardware Security Modules (HSMs),
• Quantum Key Distribution (QKD) systems.
The QRNGs lay the first building blocks to providing high quality, truly random entropy to generate encryption keys. The keys (or crypto assets) will then be stored in HSMs, providing a tamper proof, reliable, and highly secure repository for the keys that end devices will use. The keys will never be stored on the end devices and therefore cannot be lost or leaked through theft or remote access. The encryptors will use the keys stored in the HSMs to create site-to-site VPNs. Lastly, a QKD system when deployed between two sites (data centres) ensures non-refutably secure transmission of keys or other crypto assets between two locations, for backup or digital asset custody.
The main strength of this testbed lies in the strict separation between the three elements: key and asset generation, asset storage, and access to assets. By combining several cryptosystems (QRNG, HSM, and QKD) with cryptoprotocols (one time pad, secret sharing schemes), it ensures that the safe storage of private keys (the proof of a digital asset’s ownership) is “Information-Theoretically Secure” (ITS), meaning that such a system cannot be hacked by an external adversary even with unlimited computing power.
Details
Name | Clavis 3 QKD Platform |
---|---|
Acquisition date | 09/12/2021 |
Manufacturers | id Quantique SA |
Name | 2 x Quantis QRNGs |
---|---|
Acquisition date | 23/11/2020 |
Manufacturers | id Quantique SA |
Name | 2 x Thales A700 HSMs |
---|---|
Manufacturers | Thales |
Fingerprint
Explore the research areas in which this equipment has been used. These labels are generated based on the related outputs. Together they form a unique fingerprint.