Random numbers are important in many fields of scientific research and real-life applications, such as fundamental physical research, computer science and the lottery industry. They also serve as foundation in many security applications including encryption, authentication, signing, key wrapping and other cryptographic applications.
In cryptography, the one-time pad (OTP) is an encryption technique that cannot be cracked, but requires the use of a one-time pre-shared key the same size as, or longer than, the message being sent. In this technique, a plaintext is paired with a random secret key (also referred to as a one-time pad). If the key is truly random, is at least as long as the plaintext, is never reused in whole or in part, and is kept completely secret, then the resulting ciphertext will be impossible to decrypt or break.
Your encryption system is thus only as strong as your cryptographic key is unpredictable. Aside from its application in generating random numbers for reliable lotteries and gaming platforms, a truly random number generator will provide impenetrable encryption for communications – be they military transmissions, secure banking, or online purchasing – that underpin the modern connected world,” noted Dr. Sussman. The weakness of random number generators can be exploited by Hackers to steal or guess keys.
Software Random Number generators
Random numbers can be generated by two approaches, a software approach termed as pseudo random number generator (PRNG) is based on mathematical algorithm and a hardware approach termed as true random number generator (TRNG) that can extract randomness from physical processes. But true randomness is not easy to achieve, and current solutions can lead to predictable results, as in the case of poorly designed mathematical algorithms, or can be biased if they depend on physical devices.
Most computer systems use a software random number generator (RNG) even though they are less secure, because a dedicated hardware RNG is costly, and bulky. Although software RNGs may be useful in some applications, they fail to provide an adequate security barrier in most applications where true randomness is required. These pseudorandom-number generators use algorithms to produce sequences of numbers that look random. But again, if you know the underlying algorithm, they become completely predictable. In software approach, we cannot deny the possibility of backdoor, reapplication of seed generates same random numbers repeatedly and a weak entropy can substantially compromise the security system
Hardware Random Numer Generators
A better solution is to use hardware random number generation. A hardware random number generator is a device that generates random numbers from a physical process, rather than a computer program. Hardware random number generators or True Random Number Generator (TRNG) produce sequences of numbers that are not predictable, and therefore provide the greatest security when used to encrypt data.
However, not all of them are equally good. Many still rely on classical physics processes that run in an uncontrolled and chaotic manner. Additionally, they heavily rely on post-processing algorithms – that are deterministic thus vulnerable – to provide randomness as the quality of their entropy source is not consistent.
Quantum RNGs exploit elementary quantum optic processes that are fundamentally probabilistic to produce true randomness. It generates
random numbers as a result of measurement on a quantum system. As the quantum processes underlying the QRNG are well understood and characterized, their inner working can be clearly modelized and controlled to always produce unpredictable randomness. The quality of quantum random numbers is strongly dependent on the properties or behavior of the quantum entity and the elimination of classical noise.
True Random Number Generator (TRNG) and Quantum Random Generators (QRNG)
The physicists prefer to use quantum processes to generate random numbers. These are thought to be random in principle and fundamental in nature which is important because it means there cannot be some underlying physical process that might introduce predictability.
The Tohoku University research group of Professor Keiichi Edamatsu and Postdoctoral fellow Naofumi Abe has demonstrated dynamically and statically unpolarized single-photon generation using diamond. This result is expected to play a crucial role in hardware random number generation using single photons (quantum dice or quantum coin toss), quantum cryptography and the testing of fundamental problems in quantum mechanics.
In their paper, published in Scientific Reports, the authors present the first demonstration that single-photon emission from a specially oriented compound defect (a nitrogen vacancy center) in diamond is dynamically and statically unpolarized with intrinsic randomness.
Truly random number generators make measurements on physical systems that are inherently random – such as Shot noise, a quantum mechanical noise source in electronic circuits, a nuclear decay radiation source detected by a Geiger counter attached to a PC. Turbulence is thought to be entirely random so measuring that turbulent effects that the atmosphere has on a laser beam is another method of producing random numbers, albeit a rather slow one and one that could easily be biased by environmental factors.
However, existing measurement techniques tend to be either very expensive or too slow to be of practical use. Securing your mobile phone, for example, needs a generation rate of about 1 kbit/s.
Quantum random numbers can be generated from several sources, for example, radioactive decay, the quantum mechanical noise
in electronic circuits known as shot noise, measuring and digitizing photon arrival times, quantum vacuum fluctuations, laser phase fluctuations, optical parametric oscillators, amplified spontaneous emission etc.
Hybrid QNRGs for post-quantum cryptography
Scientists have been pursuing two possible avenues to protecting data and networks from the threat of a large-scale quantum computer which would render current cryptography obsolete. One is post-quantum cryptography, i.e. developing the complex algorithms scientists and cryptographers believe will resist a future quantum computer using Shor’s algorithm to break software-based key exchange methods. This has been the dominant approach at NIST and the National Security Agency for advancing quantum security for the government, and for America.
The other is employing Quantum Random Number Generators (QRNG) which integrate the randomness of quantum physics itself to generate truly random numbers for encrypting messages and data in ways that are truly hack-proof. We can think of them as the equivalent of a spymaster’s one-time pad that no codebreaker can crack. QRNG also forms the backbone of Quantum Key Distribution (QKD), the technology that uses the principles of quantum mechanics to distribute those random keys to users.
Some companies have now taken hybrid approach combining quantum physics hardware with post-quantum cryptographic algorithms and software. Quantum eMotion, for example, a Canada-based company, has taken the QRNG route without relying on QKD for deployment. Instead, their random number generator is embedded in a portable USB-type key or microprocessor chip, so that it can be literally a plug-and-play solution for protection against cyber hackers. Based in Montreal and relying on decades of research at Sherbrooke University by physics professor Bertrand Reulet, Quantum eMotion’s goal is to expand the advantages of quantum randomness to mobile phones, computers, the Internet of Things (IoT), blockchain, and the cloud, without having to rely on the often-expensive infrastructure and design architecture QKD requires.
Qrpt will use ORNL’s QRNG based on collective statistics of photons for post-quantum cryptography
Qrypt will incorporate ORNL’s quantum random number generator, or QRNG, into the company’s existing encryption platform, using inherent quantum randomness to create unique and unpredictable encryption keys enabling virtually impenetrable communications.
The advent of quantum computing offers a fundamentally new approach to solving some of the world’s most difficult and pressing problems. However, quantum computing will also render current encryption methods obsolete and require a reimagined, quantum-based approach to protecting data. “The cryptography we have developed is based on true quantum sources of entropy and is mathematically proven to be unbreakable–even in theory,” said Denis Mandich, Qrypt’s chief technology officer at the company’s New York City office.
“Until recently, this class of technology was unavailable at the scale required to encrypt Internet-sized datasets,” Mandich said. “Simply relying on increasing the complexity of cryptographic algorithms has again proven to be a failing bet.” ORNL’s research is integral to Qrypt’s hybrid approach: combining quantum physics hardware with post-quantum cryptographic algorithms and software.
To harness quantum’s perfect randomness, ORNL coinventor Raphael Pooser and his colleagues from the lab’s quantum sensing, computing, and communications teams developed a quantum random number generator that detects the presence and characteristics of electro-magnetic waves, called photons, streaming from a light source.
“A field of quadrillions of photons are produced and pass through a beam splitter,” Pooser said. “Different from other QRNG technologies, our method does not require that we wait for a single photon to appear, but allows us to use the collective statistics of large numbers of them.” The ORNL device can detect and measure the quantum statistics of photons present in the field and use each one as the basis for creating truly unique encryption keys that are impossible to decipher or predict.
ORNL’s scientific achievement can be proven based on quantum entropy, a purely probabilistic effect, he said. “Many competing technologies advertise true randomness and pass modern statistical testing, yet there is no guarantee they do not have a pattern discoverable in the future,” said Mandich.
“Historically, patterns, predictability and repetition are a critical flaw for many crypto systems, allowing them to fall to basic cryptanalysis,” he added. Qrypt will incorporate ORNL’s technology into a suite of quantum-resistant encryption techniques and technologies, including a card or chip enabling quick encryption of vast datasets. Data protected by this technology will be secure against attack by quantum computers or any future computational device and developments in the mathematics of cryptanalysis.
Hybrid software-based approach
QuSecure uses what they call Quantum Transport Layer Security (QTLS), which allows quantum-resistant algorithms to protect data no matter where it sits on the network. In other words, instead of having to rip out and replace legacy PKI systems one by one, QuSecure’s approach enables every layer in the network to enjoy the encryption protection offered by the company’s software.
QuSecure’s system is also designed to work with quantum random number generators for creating genuinely random keys within the software-based application. Its website also states it can generate up to 60,000 keys per second, which means less latency or what is called “handshake time,” meaning authenticating the users at each end of the secure link.
Commercial Quantum random number generators
EYL has developed a micro quantum random bit generator by extracting unpredictable randomness which naturally comes from radioactive isotopes inserted into a 5mm device, instead of using optical methods which are commercialized but prohibitively expensive and bulky. Since internally emitted alpha particles in the device are completely random, we can get perfect randomness from natural phenomena.
Using this technology, EYL provides not only USB, PCIe and server type quantum random number generator for security systems, but also it provides complimentary related hardware/software applications. This is the world s first patented technology of its kind, and can be deployed on security systems for diverse purposes with affordable pricing.
Quantum Dice is commercializing the world’s first compact and completely embedded, self-certified quantum random number generator (QRNG) to provide quantum security for any encryption system. Our unique technology assures the end-user of the reliability of the entropy output, even if the QRNG device itself was physically compromised. It ensures a cryptographically secure source of randomness whilst also protecting the QRNG device against external influences. This assurance is crucial when the random numbers are to be used to encrypt highly sensitive data or for research requiring the most precise results.
QuintessenceLabs qStream™ QRNG quantum number generator reaches speed of 1Gbits/second
The strength of your encryption is heavily dependent on the quality of your cryptographic keys. Our true quantum random number generator (QRNG) qStream™ provides encryption keys with full entropy, i.e. that are truly random. These keys are derived from a quantum source which is unpredictable by nature and are of the highest quality. With a rate of 1 Gbit/sec, the qStream QRNG is the world’s fastest commercial true random number generator cost-effectively meeting the need for high throughput, quality random for commercial applications whether in enterprise, cloud or shared environments.
QLabs launched its “first generation” of the qStream device in 2015, using lasers as the source of its quantum random number generation before switching to quantum tunnelling. The company said tunnel diodes can generate full entropy random numbers at the same rate as the first generation, but without the need of laser and photo-detector, which results in what QLabs explained as a “more compact and cost-effective” product, cutting the size of the QRNG hardware to a quarter, while delivering the same quality and speed.
Quantum cybersecurity firm QuintessenceLabs (QLabs) has announced developing a full-entropy quantum random number generator (QRNG), by leveraging a “flaw” in diodes. QLabs said the flaw, a quantum property in diodes known as quantum tunnelling, is a phenomenon in which a particle travels across a barrier that — according to classical mechanics — it should not be able to cross
As a result, quantum tunnelling results in random fluctuations in the current flowing through the tunnel diode, since there is no way to determine beforehand how many charge carriers would ‘tunnel’ through at any instant time,” the company explained. For the latest release of its quantum random number generator qStream, QLabs has developed a way to measure and digitally process these fluctuations to generate “full-entropy” random numbers at a rate of 1Gbps.
The qStream QRNG delivers random numbers for the generation of cryptographic keys and other security parameters, deterministic RNG seeding, initialization vectors, nonces, random challenges, authentication and DSA signing. Other applications include Entropy as a Service (EaaS), simulations, modeling and computer gaming.
Chinese Scientists develop World’s fastest real-time quantum random number generator with a photonic integrated chip, reported in June 2021
In Applied Physics Letters, by AIP Publishing, scientists from China present the fastest real-time QRNG to date to make the devices quicker and more portable. The device combines a state-of-the-art photonic integrated chip with optimized real-time postprocessing for extracting randomness from quantum entropy source of vacuum states.
“Recently, the technology of integrated quantum photonics has exhibited significant advantages in terms of size reduction,” said author Jun Zhang. “In this work, we further prove that such technology could be used for ultrafast, real-time quantum random number generation.”
Most QRNGs today use discrete photonic and electronic components, but integrating such components within a chip remains a technical challenge.
“Quantum random numbers are unpredictable, irreproducible and unbiased, whose randomness comes from the intrinsic indeterministic nature of quantum physics,” Zhang said. The group’s chip uses indium-germanium-arsenide photodiodes and a transimpedance amplifier integrated onto a silicon photonics chip that includes several couplers and attenuators. Combining these components allows the QRNG to detect signals from a quantum entropy source with significantly improved frequency response.
“The surprising point in our work is that the high-frequency response performance of the final photonic integrated chip is better than expected,” Zhang said. Once randomness signals are detected, they are processed by a field programmable gate array, which extracts truly random numbers from the raw data. The resulting device can generate numbers at nearly 19 gigabits per second, which is a new world record. The random numbers can then be sent to any computer via a fiber optic cable. To boot, the group’s chip measures only 15.6 by 18.0 millimeters, significantly smaller than most of current QNRG modules or instruments.
Lancaster University’s quantum random number generator that can be embedded into any smart device.
The first practical quantum random number generator (QRNG) has been created by Quantum Base and Lancaster University, an invention set to revolutionize cybersecurity. The generator will provide 100% provable quantum security for authentication and communication when integrated into microelectronic products.
The generator known as the Quantum Base QRNG defeats the current problems with standard QRNGs which are often expensive and slow. This latest QRNG can be embedded within any electronic device with no additional cost or complexity and can operate with really high speeds.
Online security currently relies on “pseudo” random number generators which are vulnerable to attack. Any flaw can have catastrophic results, as when 750,000 national ID cards and e-residency smart cards were compromised in Estonia in 2017. The problem has now been solved with the creation of the world’s first practical true random number generator based on quantum physics.
Professor Rob Young, Director of Lancaster’s Quantum Technology Centre, said: “The technology we have created here is exciting not only because it solves an important problem, but it also represents the best possible solution to that problem. Flaws in the way current electronic devices produce random numbers weakens their security and makes them less efficient. Our solution fixes this, but it’s also incredibly small and efficient, which is very important.”
Phillip Speed, CEO of Quantum Base said: “At Quantum Base we have created a small, low power device that produces pure random numbers. It can be incorporated into any electronic product with little or no incremental cost once volume production is achieved.”
True random number generators are systems whose outputs cannot be determined, even if their internal structure and previous behaviour are known. Subatomic particles do not obey the laws of classical physics but are totally unpredictable in behaviour so they are the ideal source of randomness. This makes the Quantum Random Number Generator developed by Quantum Base and Lancaster University unbreakable because it is based on their intrinsic uncertainty.
Phillip Speed, CEO of Quantum Base said:“Our simple electronic device uses the intrinsic uncertainty inherent within quantum mechanics to create a game changing product applicable to a vast array of volume markets such as the Internet of Things and the Industrial Internet of Things where size, cost and power consumption are critical factors that have inhibited the proliferation of quantum random number generators.
“We look forward to helping secure many sectors going forward with this great British technology.”
QUANTIS QRNG – delivering true randomness with quantum random number generation
One of the most popular is to send a stream of photons through a beam splitter, which transmits or reflects them with a 50 percent probability. Simply counting the photons that are reflected or transmitted produces a random sequence of 0s and 1s. That’s exactly how the world’s only commercially available quantum random number generator works. Quantis produces random numbers at a bite rate up to 16Mbps. That’s because single photon detectors cannot count any faster than this.
Recently, physicists have begun to utilize a new technique based on ways photons are generated inside lasers. There are two different ways photons are generated inside lasers. The first is by stimulated emission, which is a predictable process producing photons that all have the same phase. The second is spontaneous emission, an entirely random quantum process. These photons are usually treated as noise and are in any case swamped when the laser is operating at full tilt.
World’s Fastest QRNG developed by China measure the fluctuations in the phase of photons
The spontaneous emission is dominant when the laser operates at its threshold level, before stimulated emission really takes hold. If it is possible to measure these photons, then it may be possible to exploit their random nature. You-Qi and co have done exactly that. These guys have created a highly sensitive interferometer that converts fluctuations in the phase of photons into intensity changes. That’s important because intensity changes can be easily measured using conventional photodetectors that work at much higher rates than single photon detectors.
That has allowed the team to measure these random changes and digitize them at a rate of 80 Gbps. This data stream then has to be cleaned up in various ways to remove any biases introduced by the measurement process. But after this, the team is still able to produce random numbers at the rate of 68 Gbps. “Our demonstration shows that high-speed quantum random number generators are ready for practical usage, say You-Qi and co. “Our quantum random number generator could be a practical approach for some specific applications such as QKD systems with a clock rate of over 10 GHz.”
DRDO and QuLabs develops Quantum Random Number Generator (QRNG) reported in 2020
The DRDO Young Scientist Laboratory for Quantum Technologies (DYSL-QT), a DRDO facility based in Mumbai, has developed a QRNG which has the ability to detect random quantum events and convert those into a stream of binary digits, reported in Dec 2020.
In general, genuine random number generation is a rather impossible task when using classical means. “Quantum Mechanics has the inherent potential of providing true random numbers and thus has become the preferred option for the scientific applications requiring randomness”, an official statement said.
The developed QRNG is based on fiber optic branch path. Branch path based QRNG is based on the principle that “if a single photon is incident on a balanced beam splitter, it will take either of the beam-splitter output paths randomly. As the path chosen by photon is random, the randomness is translated to sequence of bits.”
As per the Defence Ministry, The QRNG system developed by the laboratory (DYSL-QT) has passed the global randomness testing standards of NIST and Die-harder Statistical Test Suites at the speed of around 150 kbps after post-processing. The generated random numbers are also evaluated and verified using DRDO’s indigenously developed Randomness Testing Statistical Test Suite of SAG.
In 2020, QuNu Labs Pvt Ltd., Bangalore, India reported to have generated highquality quantum random numbers from a weak coherent source at telecommunication wavelength. The arrival time of photon is considered as a quantum random variable and it can generate n random bits where, n depends on the precision of time measurement. They have reported their work on QRNG based on time of arrival (ToA) principle using an external time reference. We have implemented the scheme using InGaAs detectors. The entropy is based on time of arrival of quantum states within a predefined time interval. The detection of photons by the InGaAs single-photon detectors and high precision time measurement of 5 ps enables us to generate 16 random bits per arrival time which is the highest reported to date.
SKT Develops World’s First Ultra-Small Quantum Random Number Generator
It is difficult to mass-produce current QRNG due to its expensive price. Also it is not suitable for Smartphones and IoT products due to its size. SK Telecom succeeded in making QRNG as same side as a fingernail and also lowered QRNG’s price. SK Telecom is going to release IoT product that is equipped with chips that optimize performance and stability within this year and is going to expand areas of application of QRNG towards entire IoT fields such as self-driving cars and Smart Meters. If it succeeds in commercializing small chips that can be mass-produced, it will be recorded as the first ever QRNG that can be mass-produced.
“We have implemented ‘QRNG (Quantum Random Number Generator’, which is one of major technologies of quantum information communication, and are planning to produce prototypes in March at the earliest.” said a representative for SK Telecom. It is predicted that QRNG will have huge impact on entirety of ICT (Information Communication Technology) industries as it has better abilities to prevent possibilities of hacking than current coding systems.
SK Telecom invested about $2.13 million (2.5 billion KRW) into IDQ (ID Quantique) that holds major patents for QRNG and has acquired rights to use IDQ’s patents exclusively.
Low cost QRNG that uses photon counting of mobile phone camera
Bruno Sanguinetti and colleagues Anthony Martin, Hugo Zbinden andNicolas Gisin have used an eight-megapixel camera from a Nokia N9 smartphone to create a device that can deliver random numbers at 1.25 Gbit/s.
Colleagues at the University of Geneva in Switzerland, have created a quantum random-number generator (QRNG) that uses low-cost electronic components including a mobile-phone camera. Their device can deliver powerful cryptography and secure credit card transactions using mobile phone only.
The system exploits the fact that the camera is so sensitive that it can be used to count the number of photons that impinge on each of its individual pixels. The light is supplied by a conventional LED, in which electrons and holes combine to create photons. This is a quantum mechanical process and therefore the number of photons produced in a fixed period of time is not fixed, but is random.
The camera and LED are adjusted so that each pixel detects about 400 photons in a short exposure time. The photon numbers of all the camera pixels are combined in an “extractor” algorithm that outputs a sequence of random numbers. In the Swiss experiment, the camera was used to create a 1.25 Gbit/s stream of random numbers.
One worry about any random-number generator is that the numbers could be influenced in a predictable way by non-quantum (classical) effects in the system. This could lead to a measurement bias, for example, which could favour certain numbers over others. If a potential eavesdropper knows everything about the generator, they could in principle predict the classical component of its output. This would make it easier to crack the system.
However, when such biases are factored in, the team reckons that a user would have to generate a mind boggling 10 **118 random numbers before they would notice a deviation from a perfectly random sequence.
Sanguinetti told physicsworld.com that all of the components of his team’s QRNG could be integrated on a chip that would cost a few dollars and could be easily integrated in portable electronic devices, including mobile phones. “If there is a quantum technology that everyone will soon have, this is it,” he says.
Laing also believes that the technology could be used in quantum cryptography systems, which in principle are unbreakable: “A QRNG can also be a key component for quantum key distribution protocols, where the communicating parties must be careful to choose their measurements in a genuinely random way.”
Researchers from the University of Geneva have developed a self-testing quantum method for generating random numbers
Powerful quantum random number generators are today available commercially. However, one limitation of existing devices is that it is impossible for the user to independently verify that the numbers generated are in fact genuinely random and not, for example, composed of digits of π. The user must trust the device (and so its manufacturer) to function correctly, even after years of use. So, it makes sense to ask if current systems could be improved from this point of view.
“We wanted to create a device which can be continuously tested to ensure it functions correctly at all times and thus guarantee that the random numbers generated are reliable” says Nicolas Brunner. To achieve this, the UNIGE physicists have developed a “self-testing” quantum random number generator, which allows the user to verify in real time that the apparatus performs optimally and delivers unbiased random numbers.
“The generator should solve a tasks for which we have calibrated it. If the tasks is solved correctly, the output numbers are guaranteed to be random. If the apparatus does not find the correct solution, randomness is not guaranteed, and the user should then recalibrate the device. This avoids the risk of using numbers with little (or no) randomness for example to generate passwords, which hacker could then crack” professor Hugo Zbinden enthusiastically points out.
Indeed, the new generator allows to measure precisely the quality of the output random numbers. Perfectly random numbers can then be distilled and used for security applications, such as generating passwords which are safe against hacking.
Some of the companies in Quantum Random Number Generator are BSI, BT, Cambridge Quantum Computing, Crypta Labs, Defense Research and Development Organization, DIEHARD, EITCI Quantum Standards Group, Hudson Institute, ID Quantique, InfiniQuant,
Interoute, JPMorgan Chase, KETS, Mt Pelerin, NetDocuments, NIST, NS&I, Oak Ridge National Laboratory, PokerStars, QRANGE and the EU Quantum Technology Flagship, Qrypt, Quantum Dice, Quantum Numbers Corp., QuintessenceLabs, Quside, Robert Bosch, Samsung
SK Telecom, Sterci, Toshiba Europe, Vsmart, Westpac Bank