The QAPP team developed the Qtunnel software solution used to provide a quantum-resistant connection in an unsecured network. Qtunnel intercepts unencrypted data that should have been sent to the network and encrypts it using post-quantum cryptography. The solution is a finished product and is easily integrated into the customer's infrastructure.

The solution includes 3 components
Browser Extension
A standard browser extension. It manages browser settings, i.e.enables proxy server enforcement for selected domain names.
Local Proxy Server
An app running in the background on the client side. The app performs additional quantum-secure encryption of all data before transmitting it to a trusted server. The application does not have an interface. The parameters can be set in the cfg. file.
Reverse Proxy
A service running on the customer's trusted server. The service accepts requests from clients' proxy servers, decapsulates them, and sends HTTPS requests to the target web server.

Sample Qtunnel cliet's interface
Chrome browser extension

Description of the operation principle
  1. The extension changes the browser configuration in such a way that all requests to the customer's domain names (for example, access to the personal account) will be carried out by the browser not directly, but sent to the local proxy server via the socks5 protocol.
  2. All data received by the local proxy server is encapsulated in an encrypted TLS connection based on quantum-secure algorithms.
  3. The data is transmitted via a secure channel to the reverse proxy running on the customer's servers.
  4. The reverse proxy decapsulates data from the secure channel and passes it to the web server (or another network server specified by the parameters).
  5. The web server receives data from the reverse proxy and processes it in a normal mode.
  6. The web server's response is transmitted in reverse order, also using a quantum-safe communication channel.