Groowe Groowe BETA / Newsroom
⏱ News is delayed by 15 minutes. Sign in for real-time access. Sign in

Qrypt and PANTHEON.tech Bring Quantum-Safe Keyless Encryption to SONiC Networks

businesswire.com
MSFT Microsoft's SONiC is mentioned as a key networking OS underlying data center infrastructure for Azure, indicating its relevance in the quantum-safe networking development. NVDA NVIDIA is listed as a member of the SONiC Foundation and its hardware (Jetson edge devices, BlueField-3 DPUs) is mentioned as benefiting from Qrypt's BLAST protocol for securing AI inference traffic, indicating its involvement in the AI and networking security space. INTC Intel is mentioned as a member organization of the SONiC Foundation, indicating its participation in the broader networking ecosystem where quantum-safe solutions are being developed. DELL Dell is listed as a member organization of the SONiC Foundation, indicating its presence in the networking infrastructure market that could adopt quantum-safe technologies. NOK Nokia is mentioned as a member organization of the SONiC Foundation, indicating its involvement in the networking sector where quantum-safe solutions are relevant. MRVL Marvell is mentioned as a member organization of the SONiC Foundation, indicating its role in the semiconductor and networking infrastructure space. AMZN Amazon Web Services (AWS) is mentioned as a cloud platform where Qrypt's solution is available via Marketplace, indicating its role in cloud infrastructure adoption of new security technologies. GOOG Google Cloud is mentioned as a user of SONiC, indicating its involvement in the cloud infrastructure space where quantum-safe networking is becoming relevant. PANW Palo Alto Networks is mentioned as participating in Qrypt's QRNG Open API initiative, indicating its engagement with quantum-safe technologies for next-generation firewalls.

Qrypt and PANTHEON.tech Bring Quantum-Safe Keyless Encryption to SONiC Networks NEW YORK--( BUSINESS WIRE)--Qrypt and PANTHEON.tech today published qp-vpp, an open-source integration of Qrypt’s BLAST protocol with VPP, the high-performance data plane underlying SONiC deployments worldwide. This is the latest example of what quantum entropy makes possible: a WireGuard tunnel running in SONiC-VPP networks where the session key is never transmitted. Leveraging Qrypt’s BLAST protocol, both endpoints derive the same key independently, from quantum entropy sourced through exclusive agreements with Oak Ridge National Laboratory and Los Alamos National Laboratory.

"This is just the latest example of what you can do with quantum entropy." — Kevin Chalker, Founder and CEO, Qrypt

Two threats make this urgent. The first is already active: a Keyfactor study of 175 million RSA certificates found that 1 in 172 were vulnerable due to weak entropy during key generation, breakable for under $3,000 in cloud compute.¹ The second is approaching: “harvest now, decrypt later” attacks, where adversaries capture encrypted traffic today and decrypt it once quantum computing matures. NIST’s post-quantum cryptography standards and CISA’s quantum readiness guidance name this as an active procurement concern, not a future one. BLAST addresses both threats. Strong entropy means strong keys. Keys that never travel mean nothing to intercept and nothing to retroactively decrypt.

SONiC is the open networking operating system created by Microsoft, now a Linux Foundation project, running the data center infrastructure of Microsoft Azure, Alibaba Cloud, and Google. Its Foundation counts more than 100 member organizations, including Cisco, NVIDIA, Intel, Dell, Nokia, Arista, and Marvell. PANTHEON.tech, a SONiC Foundation member and leading contributor, highlights qp-vpp integration as a key enabler for projects like SONiC-VPP.

“This is just the latest example of what you can do with quantum entropy. SONiC networking. AI inference. Air-gapped government infrastructure. Cloud, on-prem, or fully disconnected. The entropy and the protocol are the same in every case. Every new environment we add is another layer of proof.”

— Kevin Chalker, Founder and CEO, Qrypt

“VPP runs in production across carrier and enterprise networks worldwide. Most quantum-safe approaches we evaluated still transmit key material. BLAST doesn’t. As a leading contributor to Linux Foundation projects, PANTHEON.tech has always been committed to the open-source ecosystem, and we published this code to continue that mission of building open networking standards for the community.”

— Miroslav Miklus, PANTHEON.tech

Qrypt Co-Founder Denis Mandich is presenting at the ONUG AI Networking Summit in Dallas this week, where he will demonstrate the integration live. His session, “Quantum Networking for Quantum-Safe Data Center Connectivity in Enterprise-Scale Environments,” runs May 14. Mandich has presented on quantum-safe AI infrastructure at every major ONUG event since 2023. The release targets the SONiC Foundation’s membership directly.

The use cases are immediate. Any WireGuard tunnel on VPP gets quantum-safe key generation with no changes to the underlying infrastructure: site-to-site links between corporate locations, data centers, or cloud regions; east-west traffic inside a SONiC-based data center; branch-to-data-center connections. For AI infrastructure teams, BLAST already secures inference traffic on NVIDIA Jetson edge devices and BlueField-3 DPUs; qp-vpp extends that protection to the SONiC switching fabric those workloads run on. The GPU and the network are now on the same security layer. Agent-to-agent communications across distributed AI systems face the same harvest now, decrypt later exposure as any other network traffic. BLAST closes that at the network layer with no key transmission. For network security teams, Qrypt participates in Palo Alto Networks’ QRNG Open API initiative, which brings quantum entropy into next-generation firewalls. For air-gapped environments, the Quantum Entropy Appliance generates keys with no external network dependency.

qp-vpp is an open-source reference implementation demonstrating quantum-safe key injection into a VPP WireGuard tunnel. The full threat model and production deployment requirements are documented in SECURITY.md in the repository.

“BLAST protocol allows the generation of secure, yet reproducible, keys to remote participants, without this key ever transmitted over a traditional computational channel, such as TLS. Breaking such keys requires an incredible amount of capabilities and coordination on behalf of the attacker, and becomes completely impossible after a short window of time. Indeed, BLAST realizes a very strong type of everlasting security not achieved by the traditional solutions.”

— Yevgeniy Dodis, Qrypt Chief Cryptographer, IACR Fellow, Professor of Computer Science, NYU

A free 14-day trial is available now at qrypt.com. No procurement required.

¹ Keyfactor, “Factoring RSA Keys in the IoT Era,” December 2019.

About Qrypt

Qrypt provides quantum-safe encryption and key generation technology to enterprise, government, and defense organizations. Its BLAST protocol generates symmetric keys independently at each endpoint from quantum entropy, with no key transmitted between them. Qrypt’s entropy is sourced through exclusive licensing agreements with Oak Ridge National Laboratory and Los Alamos National Laboratory, NIST ESV certified. The only quantum security company in NVIDIA Inception. Qrypt’s technology is protected by multiple issued U.S. patents, including Nos. 11,831,764, 12,058,237, and 11,997,200. Available via cloud (AWS Marketplace), on-premises appliance, and air-gapped deployment. Headquartered in New York, NY. qrypt.com

About PANTHEON.tech

PANTHEON.tech is a software engineering firm specializing in open-source networking technologies including VPP, DPDK, and SONiC. A member of the SONiC Foundation and a leading contributor to SONiC-VPP integration, PANTHEON.tech serves tier-1 carriers, hyperscalers, and enterprise network operators globally. Headquartered in Bratislava, Slovakia. pantheon.tech