The consortium looking to make quantum random number generation faster, cheaper and more secure

QRANGE is working on a three devices to extend the benefits of true randomness

Random numbers are vital in many different fields. Scientists and statisticians use them to increase the accuracy of sampling; games of chance depend on the unpredictability produced by the digital roll of the dice and, and in the field of IT security encryption algorithms rely on them to produce keys that are very difficult to reverse-engineer.

Computer-generated random numbers are pseudo-random rather than truly random. That's because computers are deterministic. Pseudo-random numbers are perfectly adequate for surveys, computer games and many scientific analyses, but problems arise when they are employed in encryption. In a famous case, the US NSA was able to ‘backdoor' RSA encryption products by weakening the randomness of a widely used computer security system called Bsafe. Indeed there exists a whole class of exploits known collectively as random number generator attacks. More recently, researchers found that weaknesses in RSA certificates were leaving IoT devices vulnerable to attack, the result of poor randomness in the key generation process.

To create truly random numbers you need specialised hardware, such as a quantum random number generator which use statistically random quantum mechanical effects such as phase fluctuations in semiconductor lasers to ensure high entropy. However, many are large and expensive and limited in their commercial use cases.

With backing from the EU's Quantum Flagship fund, a consortium called QRANGE is developing three prototypes prototype quantum random number generators (QRNGs), designed to be more secure, faster and cheaper. QRANGE includes a number of quantum device manufacturers, such as ID Quantique, Quside and Bosch, as well as academic establishments including the University of Geneva and Fondazione Bruno Kessler in Trento, Italy.

More secure

In operation, sometimes even the most carefully manufactured QRNG devices can become vulnerable because of interference from the environment. This can be a problem in situations requiring the highest possible levels of security.

"For most use cases a standard trusted device is sufficient," said project co-ordinator Prof Hugo Zbinden. "The advantage of self-testing is that you can you can clearly determine the entropy you generate on the fly and this makes it really secure. This is at the level of extreme paranoia, but if you can do it at around the same price then this is a direction we should be going in."

The device, housed in a shoebox-sized unit, is designed for situations where security is of paramount concern, such as in systems that protect national critical infrastructure. It works by firing pulses of light which can be in one of two quantum states (represented by zero or 1) at a detector. The zeros and ones arriving at the detector are compared with the order in which they were emitted, and statistical analysis provides a measure of the entropy and thus proof that the generated key is sufficiently random.

The self-testing mechanism has an added benefit that the device requires fewer checks for the many factors that can reduce randomness during production.

"With a normal device you make a worst-case scenario and say, okay, even if this, this and this goes wrong, I can expect to have a certain amount of entropy," said Zbinden "Then you just hope that all devices are within this margin you set. But with self-testing, we don't need to do that. You just run your device and it tells you how much entropy it generates."

QRANGE's remit is to produce prototypes rather than finished products, but the self-testing QRNG will likely be manufactured by the Spanish company Quside, a member of the QRANGE consortium. The price is likely to be in the low thousands of euros.

Faster

For most QRNGs, the main issue will be speed rather than ensuring perfect randomness so a similar-sized device is being developed based on phase diffusion in semiconductor lasers. This is designed to have a throughput of more than 10 Gigabits per second (the self-testing device is limited to 100 Mb/s or so) for use cases in general cryptography, quantum key distribution (QKD) and high-performance computing. The price when it emerges onto the market will be about the same as the high-security model.

Smaller

Existing QRNGs tend to be large and expensive, so QRANGE's third device is a low-cost (1€) SPAD (Single Photon Avalanche Diode) that can be integrated with standard CMOS technology. The resulting chip can be incorporated in IoT devices, cameras, cars and mobile phones, for example, to generate secure keys for ecommerce transactions.

"[Currently] the key is made inside the processor," said Zbinden "People have hacked this kind of system because the random key that was generated was bad. So now, if you can manage to make a device where quality is much, much better, and the price is one euro then of course that's interesting."

Zbinden expects commercial versions of these products to be available within the next two years.