Last year, Quantum Dice joined the sixth cohort of the UK government-backed initiative, Digital Security by Design (DSbD) Technology Access Programme, which seeks to create resilient technologies from known and emerging security threats. To learn more about their reasons for joining the programme and how they are thinking about quantum resilient solutions, IoT Insider spoke to George Dunlop, Co-Founder and Director of Partnerships.
Quantum Dice was founded in 2020 after recognising “the growing need for secure resilient randomness in critical sectors,” according to Dunlop, “such as IoT, defence, financial services and telecoms.”
These sectors are where random numbers form the basis of conventional cryptographic algorithms, which is arguably the most threatened by quantum computing and its potential capability to crack these algorithms.
The technology Quantum Dice has developed is a quantum random number generator (QRNG), powered by its patented DISC protocol. DISC stands for Source-Device Independent Self Certification.
“In a nutshell, it’s a real-time check on measuring, quantifying and then assuring the unpredictability of random numbers that are produced from our appliances,” Dunlop explained.
Random numbers make up the keys used to lock data, so by verifying these random numbers are truly random, Quantum Dice is, in essence, providing the user with the confidence that they can trust in its security.
Quantum Dice’s solutions have real-time verification protocol, meaning they are resilient to hardware failures, where a random number generator can fail unintentionally, or a threat actor can look to target hardware components and deliberately exploit vulnerabilities.
“Typically, IoT will have a component within which is a hardware random noise source, but there’s been a long history of vulnerabilities from them producing weak randomness,” stressed Dunlop, “whether [that’s] intentionally, [it has] been compromised, or not [it’s] providing visibility on the quality of numbers you expect them to produce.”
What to expect from the programme
The programme Quantum Dice joined is funded by the UK government, delivered by Digital Catapult, and provides early access to startups and companies who can use CHERI-based systems.
Capability Hardware Enhanced RISC Instructions, or, CHERI, is a research project aimed at improving design choices in hardware and software to significantly improve system security. Much like Quantum Dice acknowledges the security risks posed by insufficient randomness, CHERI acknowledges the risks that come from insecure memory.
“If 70% of vulnerabilities arise from memory exploits, a targeted intervention for an architecture that can mitigate that is a very impactful intervention,” Dunlop summarised, “what the architecture of CHERI and secure by design methods that target memory were built to address.”
Quantum Dice’s role is understanding how they can integrate their technology with systems coming to market, to support their security operations.
“But for others, it’s showing how the applications that would be used on an Intel or RISC-V architecture could be used on a CHERI-based architecture to have security at the foundation of where it’s running,” said Dunlop.
Quantum Dice have also partnered with SCI Semiconductor, which was announced in October 2024, a company out of Cambridge focusing on CHERIoT-based devices, which will see both companies develop secure solutions for sectors with high security requirements, such as critical infrastructure or aerospace and defence.
“Our role in that partnership is showing that CHERIoT systems can be supported by a high-quality, verifiable number generator source for their cryptographic applications in IoT,” said Dunlop.
DSbD Technology Access programme showcase
On the 11th February at 8 Northumberland Venue the DSbD Technology Access programme will hold a showcase where participating companies will have the opportunity to show off the tech they’ve been developing to address security issues in hardware and software – Quantum Dice included.
“You’ll see at the showcase [that] the UK government has taken a sustained investment into the development of CHERI-based systems to address memory safety,” explained Dunlop. “In the same way I talk about random number generation as being the foundational component of security, another is where your data is stored and processed.”
“The community is coming together and also advocating for being digitally secure by design,” Dunlop emphasised, “[and] also showing the direction of travel for this sphere of memory safety.”
Ultimately, Dunlop characterised the work that had been done into memory safety and security as an “opportunity” as well as a necessity.
“I do believe that we need the tools … that can best equip long-term resilience and I’m seeing that matched by an increasing awareness, year-on-year, of data security in our society,” Dunlop concluded.
There’s plenty of other editorial on our sister site, Electronic Specifier! Or you can always join in the conversation by commenting below or visiting our LinkedIn page.
