From the Army to Banks: The Indian Startup Building Tomorrow’s Cyber Defences Today

From the Army to Banks: The Indian Startup Building Tomorrow’s Cyber Defences Today

From securing the Indian Army and Navy to preparing banks and public infrastructure for the quantum era, QNu Labs is developing homegrown cybersecurity solutions for a post-quantum world.

Updated on: 15 July 2026

sector

Sector

Space, Defence & Security
education

Solution

Cybersecurity
Healthcare

Technology

Digital Platform
space

State of Origin

Karnataka

Impact Metrics

1,000-km quantum-secure network

over existing telecom fibre, demonstrating large-scale, real-world quantum-safe communication.

99.3% network uptime

Maintained over 15 continuous days on the 1,000-km QKD network, independently validated for reliability on existing telecom infrastructure.

Protecting India's defence communications

Quantum-safe encryption systems deployed by the Indian Army and Navy to secure mission-critical military networks against future cyber threats.

Real-world deployment beyond research labs

Demonstrated that quantum-safe communication can operate reliably across long-distance commercial telecom networks, not just controlled laboratory environments.

 

Here’s a simple (albeit farsighted) question. 

What will protect India’s data in the age of quantum computing?

It’s a question two engineers, Sunil Gupta and Srinivasa Rao Aluri, asked in 2016. 

This was still a time when quantum technology was largely confined to research laboratories, but the duo recognised that today’s encryption methods could eventually become vulnerable to quantum computers. 

They set out to build technologies that could secure India’s digital future. Incubated at IIT Madras before moving to Bengaluru, QNu Labs has since evolved into one of the country’s only full-stack quantum cybersecurity companies, developing indigenous hardware, software, and secure applications for defence, banking, government, and critical infrastructure.

At the heart of QNu Labs’ innovation is its focus on quantum-safe communication. 

Unlike conventional cybersecurity systems that concentrate on detecting attacks after they occur, the company aims to prevent attacks by fundamentally strengthening encryption. Its flagship technology, Armos, uses Quantum Key Distribution (QKD), which generates encryption keys without transmitting them over the communication network. 

Since the keys are never sent, they cannot be intercepted, and any attempt to eavesdrop is immediately detected using the laws of quantum physics. This provides a level of security that relies on the principles of nature rather than computational complexity alone.

The company has also developed Tropos, a Quantum Random Number Generator (QRNG) that creates truly unpredictable random numbers derived from quantum processes instead of computer algorithms. These random numbers form the basis of stronger encryption keys that are significantly harder to predict or compromise. 

Complementing these technologies is the company’s post-quantum cryptography, designed to remain secure even when powerful quantum computers become capable of breaking many of today’s encryption systems. 

Together, these innovations are integrated into QShield, a platform that combines QKD, QRNG, post-quantum cryptography, and secure applications into a single ecosystem. A major advantage is that organisations can deploy QShield over their existing telecom fibre and digital infrastructure without replacing entire networks, making adoption practical and cost-effective.

The company’s 1,000-kilometre Quantum Key Distribution network established over existing telecom fibre achieves 99.3 percent uptime, proving that large-scale quantum-safe networks are commercially viable. 

Beyond product development, QNu Labs is strengthening India’s quantum ecosystem through indigenous patents, collaborations, and QNu Academy, which trains students and engineers in quantum technologies. Together, these innovations position the startup as a key contributor to India’s National Quantum Mission and the country’s long-term cybersecurity preparedness.

Exploring the need for advanced encryption

“The encryption protecting your world is already expiring.” With this belief in mind, QNu sets out to explore quantum cybersecurity. 

Quantum computing will break every system built on RSA and ECC.

RSA (Rivest–Shamir–Adleman) and ECC (Elliptic Curve Cryptography) are two of the world’s most widely used public-key encryption systems. They form the backbone of modern digital security, protecting everything from online banking and digital payments to email, messaging apps, government communications, and websites. 

Their security depends on mathematical problems that are extremely difficult for conventional computers to solve, which is why they have remained reliable for decades.

RSA works by using two very large prime numbers to generate encryption keys. While multiplying these numbers together is relatively easy, reversing the process to identify the original prime numbers from their product is extraordinarily difficult for today’s computers. ECC, on the other hand, is based on a different branch of mathematics involving points on elliptic curves. Instead of relying on the difficulty of factoring numbers, it depends on the elliptic curve discrete logarithm problem, which is also considered computationally infeasible for classical computers. 

The technology protecting your data today may not be enough tomorrow.

The reason experts are concerned about quantum computing is that it changes the rules of the game. Powerful quantum computers can run a specialised algorithm which can efficiently solve both the integer factorisation problem used by RSA and the elliptic curve discrete logarithm problem used by ECC. In other words, a sufficiently advanced quantum computer could calculate the secret keys that today’s computers cannot, allowing encrypted information to be decrypted far more quickly than is currently possible.

This is why researchers believe quantum computing could break encryption systems built on RSA and ECC. Although large-scale quantum computers capable of doing this do not yet exist, governments, cybersecurity experts, and companies are already preparing for that future by developing quantum-resistant technologies, such as post-quantum cryptography and Quantum Key Distribution, which are designed to remain secure even in the presence of quantum computers.

The impending Q-Day 

In an article authored for Forbes, Arthur Herman, a Pulitzer Prize finalist historian who writes on computing, speaks about Q-Day. It’s a term experts use to describe the day large-scale quantum computers are able to factorise the large prime numbers that underlie our public encryption systems, such as the ones that are supposed to protect our bank accounts, financial markets, and most vital infrastructure. 

While there’s a growing consensus that this quantum threat is real, there’s no agreement on how long it will take before a quantum computer has the 4000 or so stable qubits it will need to meet the requirements of Shor’s algorithm for cracking those encryption systems. 

Herman exemplifies this, saying that if it were to take a classical computer 300 trillion years to crack an RSA-2048-bit encryption key, a quantum computer could do the same in just 10 seconds with 4099 stable qubits. He emphasises the need for a system that can protect our vulnerable data. He underscores the urgency with an example: in 2019, researchers from Google and the Royal Institute of Technology at Stockholm published a paper showing how to crack 2028-bit RSA integers in 8 hours using 20 million noisy qubits. “Given the fact that in 2012 scientists speculated that it would take 1 billion qubits to perform this feat, it won’t be long before researchers show they can get there with a lot fewer than 20 million qubits,” Herman writes. 

Are we looking at a possible quantum revolution?

According to a study by the World Economic Forum (WEF), quantum computing has the potential to transform industries such as healthcare, finance, logistics, and scientific research. However, alongside these opportunities comes a major cybersecurity challenge. As quantum computers become more powerful, they could eventually break many of the encryption systems that currently protect digital communications, banking transactions, healthcare records, and government data. 

Although experts estimate that this threat may materialise within the next decade, migrating to new security standards can itself take around 10 years. This makes early preparation essential. The report explains that quantum computing is built on the principles of quantum mechanics, which studies how matter behaves at the smallest scales. While the first quantum revolution gave rise to technologies such as semiconductors, lasers, and MRI machines, the second quantum revolution focuses on processing and storing information using quantum systems. 

If Q-Day does indeed arrive, the study says, the consequences extend far beyond cybersecurity. The report warns that quantum computers could expose sensitive financial and healthcare data by decrypting confidential records, leading to large-scale privacy breaches and reputational damage. Secure internet communications and encrypted messaging services could also become vulnerable, allowing attackers to intercept information that is currently protected.

Quantum computing could further undermine the integrity of digital identities, electronic documents, and digital signatures by making them easier to forge. Cryptocurrencies, which rely heavily on cryptographic algorithms for transaction verification and ownership, may also face significant risks if their underlying encryption is broken.

One of the report’s biggest concerns is the possibility of ‘harvest now, decrypt later’ attacks. In this scenario, attackers collect encrypted data today and store it until powerful quantum computers become available, allowing them to decrypt sensitive information years later. For governments, defence organisations, banks, and healthcare providers that must protect data over long periods, this presents an immediate strategic risk. The WEF concludes that organisations must begin adopting quantum-safe cryptography now to ensure that today’s confidential information remains secure in the quantum era.

Scaling the potential of the QNu model

QNu’s technology has already demonstrated its value in some of India’s most demanding security environments. In 2022, the Indian Army placed its first procurement order for QNu Labs’ Quantum Key Distribution (QKD) systems under the iDEX programme. A year later, the Indian Navy ordered 28 quantum encryption systems, one of the country’s largest quantum security procurements. These deployments showed that quantum-safe communication had moved beyond laboratory research and could protect real-world defence networks where secure communication is mission-critical.

However, the founders always viewed defence as a starting point rather than the end goal. The same quantum-safe technologies that secure military communications can also be scaled across sectors that handle highly sensitive information, including banking, healthcare, telecommunications, digital payments, and government services. Since QNu Labs’ integrated platform, QShield, works on existing fibre-optic infrastructure, organisations do not need to rebuild their networks from scratch, making adoption both practical and cost-effective. 

As quantum computing advances and threats such as ‘harvest now, decrypt later’ attacks become more pressing, scaling such innovations could help future-proof India’s digital infrastructure, ensuring that the systems millions of citizens rely on every day remain secure against next-generation cyber threats.

Share Your Story Today, Shape Viksit Bharat Tomorrow

Got an idea, innovation, or experience that's making a difference? Share your story now and ignite India's transformation because your voice can drive the future forward!

Resources to Replicate This Idea

faq-msg-icon

BUILD YOUR OWN

Do you want to know how this innovator scaled their idea, how much it cost them, and what resources/partnerships they deployed?


    Funding/cost details: How much funding did the innovator deploy? How did they go from pilot to scaling? What schemes supported the funding?Tech partners: How did the innovators choose their tech partners?Contact information: For other queriesOther