October 1, 2024

Guide: Quantum Random Number Generator (QRNG) and How it Works?

January 12, 2024

The Context

Random numbers play a key role in science, technology, and everyday life. Different methods of generating random numbers exist today. So when high-quality random numbers are needed, choosing the right random number generator becomes imperative.

The two steps associated with randomness are: Randomness generation (entropy of source) and Randomness expansion (software-assisted)

What are random numbers?

Random numbers are a sequence of numbers or symbols that cannot be predicted other than by a random chance computed by any algorithm.

Characteristics of true randomness are:

  • Unpredictability
  • Uniform distribution of the bits in the sequence
  • Lack of patterns in the sequence

How are random numbers generated?

Two approaches can generate random numbers:

  • A software approach, termed ‘pseudo-random number generator (PRNG)’, is based on a mathematical algorithm, and
  • A hardware approach, termed ‘true random number generator (TRNG)’, extracts randomness from physical processes.

Pseudo-Random Number Generator

PRNGs use mathematical algorithms to approximate the behaviour of randomness. These algorithms produce long sequences of data that appear to be random but are completely determined by an initial state or seed. Hence, if the initial state or seed value is known, the entire sequence can be reproduced.

While computer-generated random numbers can be used for some applications, they can suffer from various problems, such as determinism due to the initial seed, periodicity, correlations, lack of uniformity, etc.

True Random Number Generator

TRNGs extract randomness from physical processes that behave in a non-deterministic way which makes them better candidates for true random number generation.

These processes can be described by classical physics. They measure some unpredictable or, at least, difficult-to-predict physical processes (chaotic systems) and use the results to create a sequence of random numbers.

Disadvantages of PRNG and TRNG

There is no true randomness with PRNG and TRNG. Any classical system admits in principle a deterministic description and thus appears random to us as a consequence of a lack of knowledge about its fundamental description.

A TRNG is an RNG that digitises the analog physical noise source to retrieve random numbers that are uniform and independent. There is a fundamental proof of complexity theory which states that it cannot be proved that a particular sequence of numbers is genuinely unpredictable.

The chaotic source of classical randomness is susceptible to initial conditions and hence makes it deterministic.

A classical TRNG can never guarantee that an adversary will not be able to obtain information and hack the system either by passive monitoring, malicious modification, or signal injection.

Introducing Quantum Randomness

Quantum physics provides randomness with inherent unpredictability based on the fundamental laws of nature. We cannot predict the outcome of certain quantum experiments, even in principle.

There are two fundamental sources of practical quantum mechanical randomness:

  • Quantum mechanics at the atomic or subatomic level, and
  • Thermal noise (some of which are quantum mechanical in origin).

Quantum mechanics states that certain physical phenomena are fundamentally random and cannot be predicted. And, because the world exists at a temperature above absolute zero, every system has some random variation in its state; for instance, molecules of gases in the air are constantly randomly bouncing off each other. This randomness is a quantum phenomenon as well.

The quantum phenomena used for random number generation include:

  • Shot noise, a quantum mechanical noise source in electronic circuits.
  • A nuclear decay radiation source.
  • Photons travelling through a semi-transparent mirror. The mutually exclusive events (reflection/transmission) are detected and associated with ‘0’ or ‘1’ bit values respectively.
  • Amplification of the signal produced on the base of a reverse-biassed transistor. The emitter is saturated with electrons and occasionally they will tunnel through the bandgap and exit via the base.
  • Spontaneous parametric down-conversion leading to binary phase state selection in a degenerate optical parametric oscillator.
  • Fluctuations in vacuum energy measured through homodyne detection.

Quantum physics is the only theory that is intrinsically random and guarantees that given identical initial conditions it will, in principle, generate random output. In other words, the quantum system will never reproduce the same output with the same given conditions.

Quantum Random Number Generator: Explained

Quantum random number generators (QRNG) are a particular case of physical TRNGs in which the data is the result of a quantum event. As opposed to other physical systems where uncertainty is a result of incomplete knowledge of the system, true randomness is an essential part of quantum mechanics. They offer a solution based on a trusted randomness source and many from the different implementations achieve fast generation rates, normally above the megabit per second.

QRNGs use very well-defined inherently random processes as the source of their bits. Also, they implement a very simple process as a source of randomness, as a result, they are easy to model and their functioning can be monitored to check its operating abilities.

Advantages of using QRNG:

  • Robustness - They reduce or remove the risk that the random data provided by the RNG is known, or partly known, in advance to some adversary. This is due to the fundamental randomness of quantum processes and because the processes at play, despite being quantum, are relatively simple and resilient against external interference.
  • Live-monitoring - Given the relative simplicity of their underlying quantum processes, they permit an almost real-time evaluation that the process is functioning properly.
  • Non-classical - Device-independent QRNGs allow validation of randomness that cannot be reproduced by multiple classical resources. They certify private randomness–random numbers that are unknown to an adversary.
  • Agility - When used in parallel with other RNGs and combined/composed in a secure manner, they offer a qualitatively different source of randomness that mitigates the risk that the other RNGs being used might have been compromised.
  • Trustworthy - Including a QRNG in platforms and tools may generate greater trust in among end-users.
classical-rng-vs-quantum-rng

TROPOS (QRNG) by QNu Labs

Tropos is a quantum random number generator that extracts the randomness from an optical quantum process. It is based on the principle of time of arrival of photons. The implied scheme consists of continuously measuring the arrival time of photons and encoding the time interval between successive photon arrivals as random bits.

tropos-qrng

How does TROPOS (QRNG) Work?

A laser produces a stream of elementary particles (photons). The photons generated from the laser are used to generate the random numbers.

These photons, unlike classical objects, are unpredictable under certain situations. When they are incident on a semi-transparent mirror, the photon has a 50/50 chance of being reflected or transmitted. The photon is then in a superposition of both the states (reflected and transmitted), i.e. the photon exists in both states simultaneously.

Upon measurement, it collapses to one of these states, which is intrinsically random and there is no way to predict which state the photon will collapse to. This gives the inherent randomness from the photons, which any external parameters cannot influence.

Key Characteristics of Tropos:

  • Perfect Random Keys
  • High Rate of Entropy
  • High Throughput Key Rates
  • Multiple Application Usage

Industry Applications

Wireless Quantum Safe VPN

Wireless networks are expanding rapidly, posing security challenges, especially in national security contexts. While VPNs enhance security, they often lack sufficient randomness.

Tropos introduces randomness to bolster encryption security and employs post-quantum cryptography for post-quantum security.

Identity Management

QRNG technology applied to ID card systems generates random numbers with each use, allowing precise personnel tracking, particularly in defence facilities, to reduce unnecessary movement.

Quantum Secure Data Storage

Data needs to be stored without any lapses for vulnerabilities and latency. QNu aims to improve security by having a quantum layer that integrates with the present infrastructure and provides much-needed security. Tropos QRNG solves the problem of randomness.

Authentication and IAM

Digital certificates are vital for authentication and identity management. Tropos bolsters security for better randomness without infrastructure changes.

Routing

QRNGs can be applied to the random routing of military weapons, equipment, and supplies thereby preventing enemies from pinning the locations of the used routes. This randomisation of routing can be used in land, air, and water transportation routes between nodal points, as well as randomisation of routes between the nodes.

Wireless Network for Security Monitoring

The secure wireless network enables the integration of IoT sensors, wireless cameras, and IR sensors to capture and transmit data to a central monitoring location. It also offers mobility to sensor-equipped vehicles within the directional antenna's range.

OTP

OTPs are crucial for applications like payments and banking. Existing random number generators often lack the needed randomness, making them weak for OTP generation.

Tropos ensures true randomness and high throughput, supporting up to a million OTPs per second.

Tokenization

Tokenization is crucial for securing and masking customer PAN (Personal Account Number) data, especially in the banking sector. With the rise in digital adoption, the demand for tokens has increased, leading to repetition and correlation in token generation.

Tropos (QRNG) addresses this issue without changing how tokens are currently used.

Exams and Certifications

Tropos creates unique academic values like Certificate IDs to prevent fraud through randomness and assigns each student a unique Project ID to avoid duplication. It can also be applied in university labs to allocate test samples randomly, enhancing learners' opportunities to experiment with unique samples and fostering independent thinking.

Cryptography

Today, a digitally connected world requires higher levels of security to maintain the confidentiality of personal and institutional data. This is achieved by relying on cryptography, for which, one of the critical elements is the unpredictability of the encryption keys generated and used for securing data. Additionally, authentication applications like identity & access management also require a strong cryptographic foundation based on unique tokens to verify the user or application access to the secured data.

Tropos ensures the creation of truly random encryption keys and unique digital tokens for highly secure crypto operations for maintaining data security and confidentiality.

Data Centre

Data centres act as the processing, storage, and recovery points of critical data for any organisation. Therefore, they are also prone to the wholesale theft of an organisation's digital assets. QNu's solutions are built to ensure a high level of data security for data in transit and at rest in data centres.

IoT

The strength of sampling is in selecting random inputs. This can be applied in statistical analysis to select random samples to optimise the study of the hypothesis with a high degree of sample randomness. This approach is also applicable in randomising test variables in R&D as it shortens the time frame in selecting inputs. QRNG can generate the inputs randomly and run tests at a higher speed. Though this is mainly used for black-box testing where the output is known, researchers, too, can apply it to know the responsible inputs.

Automotive

V2X (vehicle-to-everything) refers to a smart, holistic ecosystem where all vehicles and their surrounding infrastructure is interconnected.

QNu's quantum-safe security solutions are specifically designed to protect data in motion across V2X ecosystems from existing and emerging threats, as well as those posed by quantum computing.

Telecommunications

Telecommunication networks underpin the communication, collaboration, and media channels that service millions of organisations and billions of individuals every day. QNuʼs range of quantum-safe security solutions is designed to secure data in motion across telecommunication networks against existing and emerging threats. QNu’s solutions enable carriers to guarantee security while offering an additional revenue stream–security as a service.

Gaming and Lotteries

Online gaming and lotteries must provide outstanding randomness quality to secure customer transactions. In games of chance, a player should not increase their probability of winning by discovering a bias towards certain outcomes in the game.