Open-Source qp-vpp Project Brings Keyless Encryption to High-Performance Networking Environments
Qrypt and PANTHEON.tech have released qp-vpp, an open-source integration that combines Qrypt’s BLAST protocol with VPP, the packet-processing framework widely used in SONiC-based networking deployments.
The project introduces a WireGuard implementation where session keys are never transmitted across the network. Instead, both endpoints independently derive identical keys using quantum entropy sourced through agreements with Oak Ridge National Laboratory and Los Alamos National Laboratory.
The announcement reflects a wider shift taking place across enterprise infrastructure environments as organizations rethink how they manage trust, resilience, and operational efficiency in increasingly distributed systems. Alongside post-quantum security planning, many enterprises are also modernizing internal service management environments to reduce complexity and improve response coordination across technology teams. Platforms such as Zendesk are seeing increased adoption among organizations looking to unify employee support workflows, simplify IT service delivery, and reduce operational friction through AI-driven automation. Enterprise IT leaders evaluating modernization strategies are increasingly turning to Zendesk’s employee service guide to understand how organizations such as GitHub, Calendly, and DuPage County have streamlined support operations while reducing tool sprawl.
According to Qrypt, the new integration is intended to address two growing concerns facing infrastructure and security teams: weak entropy during key generation and future “harvest now, decrypt later” attacks tied to quantum computing advancements.
“This is just the latest example of what you can do with quantum entropy,” said Kevin Chalker, Founder and CEO of Qrypt. “SONiC networking. AI inference. Air-gapped government infrastructure. Cloud, on-prem, or fully disconnected. The entropy and the protocol are the same in every case.”
Weak Cryptographic Entropy Remains an Ongoing Security Concern
The release arrives as organizations continue reassessing how encryption keys are generated and protected across modern infrastructure environments.
Researchers Warn Poor Entropy Can Undermine Encryption Strength
Qrypt referenced a Keyfactor study involving 175 million RSA certificates that found a portion of keys vulnerable because of weak entropy during the creation process.
According to the study, some certificates could potentially be broken using relatively inexpensive cloud computing resources.
At the same time, security agencies and standards bodies have been warning enterprises about the long-term risks associated with encrypted traffic being captured today and decrypted later once quantum computing becomes more practical.
Both the National Institute of Standards and Technology and the Cybersecurity and Infrastructure Security Agency have highlighted quantum readiness as an active planning issue for enterprises and government agencies.
Qrypt said BLAST was developed to reduce those risks by eliminating traditional key exchange processes entirely. Since the cryptographic material is never transmitted, there is no session key available for interception or retrospective decryption attempts.
SONiC Ecosystem Continues Expanding Beyond Traditional Networking
The integration also highlights how quantum-safe networking concepts are beginning to move from theoretical discussions into production-oriented infrastructure environments.
Open Networking Platforms Draw Increased Security Attention
SONiC, originally developed by Microsoft and now managed through the Linux Foundation, has become widely adopted across cloud and enterprise networking deployments.
Its ecosystem includes companies such as Cisco, NVIDIA, Intel, Dell Technologies, Nokia, Arista Networks, and Marvell Technology.
PANTHEON.tech, which contributes to several Linux Foundation networking projects, described qp-vpp as a practical example of how quantum-safe cryptography can operate inside existing networking environments without requiring major architectural redesign.
“Most quantum-safe approaches we evaluated still transmit key material,” said Miroslav Miklus of PANTHEON.tech. “BLAST doesn’t.”
AI Infrastructure and Edge Systems Add New Encryption Demands
The companies also pointed to growing demand for stronger protection around AI networking environments and distributed computing infrastructure.
Quantum-Safe Networking Extends Into AI Workloads
According to Qrypt, BLAST is already being used to secure inference traffic on NVIDIA Jetson devices and BlueField-3 DPUs. The qp-vpp integration extends that protection into SONiC-based switching environments supporting those workloads.
That matters as AI deployments increasingly depend on high-speed communication between GPUs, edge systems, inference engines, orchestration layers, and distributed agents operating across multiple environments.
For many infrastructure teams, the concern is not only protecting current traffic, but also ensuring sensitive AI-related communications cannot be decrypted years later as quantum capabilities advance.
Qrypt said the integration allows organizations to secure those communications at the network layer without relying on conventional key exchange models.
The company also noted its participation in Palo Alto Networks’ QRNG Open API initiative, which focuses on integrating quantum entropy into firewall environments.
For isolated deployments, Qrypt said its Quantum Entropy Appliance can generate cryptographic material locally without requiring external connectivity.
Open-Source Release Targets Practical Quantum-Safe Adoption
The qp-vpp project is being positioned as a reference implementation intended to demonstrate how quantum-safe key injection can function inside VPP WireGuard tunnels.
Qrypt Co-Founder Denis Mandich is scheduled to demonstrate the integration during the ONUG AI Networking Summit in Dallas as part of a presentation focused on quantum-safe data center networking.
Yevgeniy Dodis, Qrypt’s Chief Cryptographer and Professor of Computer Science at New York University, said the BLAST protocol was designed to support a stronger long-term security model than traditional cryptographic exchange methods.
“BLAST protocol allows the generation of secure, yet reproducible, keys to remote participants, without this key ever transmitted over a traditional computational channel,” Dodis said.
As enterprises continue planning for post-quantum security transitions, projects such as qp-vpp are beginning to show how quantum-safe networking models may eventually fit into real-world cloud infrastructure, AI environments, carrier networks, and government systems without forcing organizations to rebuild their existing architecture stacks from scratch.
Research and Intelligence Sources: Qrypt
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
