The last design modality offered by ORQESTRA leverages cloud computing capabilities for establishing PQ data security and sharing resources in the edge-cloud continuum: It brings the PQC asaservice” model, supporting different end-to-end data security services (e.g., application-to-application, device-to-device, device-to-server), for delivering the computationally secure benefits of PQC to all and any connected devices with limited resources that disrupt the integration of possible (SW) optimizations and (HW) accelerators.

PQCaaS is a cloud-based solution, that is set to operate in the Zero Trust (ZT) paradigm – as it does not require any specialized hardware to be installed on the devices– and enables application-layer and/or attribute-based encryption for user data that are managed as cloud (microservice) workloads. The controls of ZT are tightly integrated with data in the applications, user identities and/or user attributes, thus enabling policy-based management of encrypted data at rest. This is exactly the uniqueness of this modality rooted in the seamless combination of advanced PQ cryptosystems as an extra layer of key management and authentication safeguard.

Alternative Chapter 3:

Techs

New cryptographic building blocks

  • ORQESTRA develops building blocks that are designed to remain secure even in the presence of quantum computers.
  • ORQESTRA cryptographic building blocks are combined into security functions that replace today’s public-key infrastructure, covering tasks such as identity verification, secure key exchange, access control, and protection of stored and transmitted data.
  • Attention is given on solutions that can actually be deployed in operational environments, including systems with limited computing power or strict certification constraints.

Quantum communication technologies

  • Future secure communications will not rely on a single technology. Alongside software-based quantum-resistant cryptography, quantum communication technologies are emerging that can distribute encryption keys with very strong security guarantees.
  • ORQESTRA works on making these two approaches work together. It designs network mechanisms that allow quantum links and conventional networks to coexist, ensuring secure communication even when some network elements cannot be fully trusted.

Trust and verification.

  • Defence systems operate in environments where physical access, tampering, or interception are real threats.
  • ORQESTRA introduces mechanisms that continuously check whether devices and network nodes remain in a known and trusted state.
  • ORQESTRA allows secure communication paths to be established dynamically, without assuming that all intermediate systems are safe by default.

Testing and Validation

  • All solutions are tested in realistic defence-oriented scenarios across land, maritime, and air domains.
  • ORQESTRA provides practical tools that help defence organisations understand which parts of their existing systems are most exposed to future quantum threats and how to prioritise their transition.
  • ORQESTRA supports informed planning, risk reduction, and long-term resilience of defence communications in the post-quantum era.