UK startup Crypto Quantique is launching a universal IoT quantum security platform for semiconductor manufacturers and systems integrators that use root-of-trust (RoT).
The QuarkLink platform was originally designed to work with Crypto Quantique’s own quantum-derived root-of-trust IP, called QDID, but can be used with RoT systems from other vendors.
QDID generates random, unforgeable cryptographic keys on-demand in silicon by measuring the quantum effects in chips manufactured on standard CMOS processes. The keys do not need to be stored and can be used independently by multiple applications on demand.
QuarkLink handles provisioning, including secure firmware and cryptographic keys, automated secure onboarding, and security monitoring, including firmware encryption, signing and secure updates over-the-air, and certificate and key renewal and revocation. With some RoTs, including QDID, QuarkLink eliminates the need for hardware security modules (HSMs) and key injection, saving cost and time, while increasing security.
QuarkLink can be set up in minutes by engineers without specialist IoT security knowledge. End-point devices are then connected to servers through cryptographic APIs, using just a few keystrokes to initiate an automated process capable of onboarding thousands of devices in seconds to a server platform, or to multiple platforms simultaneously. AWS, Microsoft and Mosquito are among the cloud services currently supported; more are following.
“Making QuarkLink available for use with root-of-trust solutions other than our own enables engineers to rapidly and securely scale IoT deployments for their existing devices. It also creates a seamless path for upgrading to our own unforgeable root-of-trust IP, QDID, in future designs,” said Shahram Mossayebi, CEO of Crypto Quantique
The London-based company was co-founded by Mossayebi, an expert in cryptosystems, and Dr Patrick Camilleri (CTO), a semiconductor designer with significant experience in complex parallel computer systems.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.