research-article

Quantum Leap and Crash: Searching and Finding Bias in Quantum Random Number Generators

Authors:

Darren Hurley-Smith,

Julio Hernandez-CastroAuthors Info & Claims

ACM Transactions on Privacy and Security (TOPS), Volume 23, Issue 3

Article No.: 16, Pages 1 - 25

https://doi.org/10.1145/3398726

Published: 12 June 2020 Publication History

Abstract

Random numbers are essential for cryptography and scientific simulation. Generating truly random numbers for cryptography can be a slow and expensive process. Quantum physics offers a variety of promising solutions to this challenge, proposing sources of entropy that may be genuinely unpredictable, based on the inherent randomness of certain physical phenomena. These properties have been employed to design Quantum Random Number Generators (QRNGs), some of which are commercially available. In this work, we present the first published analysis of the Quantis family of QRNGs (excluding AIS-31 models), designed and manufactured by ID Quantique (IDQ). Our study also includes Comscire’s PQ32MU QRNG, and two online services: the Australian National University’s (ANU) QRNG, and the Humboldt Physik generator.

Each QRNG is analysed using five batteries of statistical tests: Dieharder, National Institute of Standards and Technology (NIST) SP800-22, Ent, Tuftests and TestU01, as part of our thorough examination of their output. Our analysis highlights issues with current certification schemes, which largely rely on NIST SP800-22 and Diehard tests of randomness. We find that more recent tests of randomness identify issues in the output of QRNG, highlighting the need for mandatory post-processing even for low-security usage of random numbers sourced from QRNGs.

References

[1]

J. G. Rarity, P. C. M. Owens, and P. R. Tapster. 1994. Quantum random-number generation and key sharing. Journal of Modern Optics 41, 12 (1994), 2435--2444.

[2]

André Stefanov, Nicolas Gisin, Olivier Guinnard, Laurent Guinnard, and Hugo Zbinden. 2000. Optical quantum random number generator. Journal of Modern Optics 47, 4 (2000), 595--598.

[3]

ID Quantique. 2010. ID Quantique White Paper - Random Number Generation using Quantum Physics. (April 2010). http://www.idquantique.com/wordpress/wp-content/uploads/quantis-whitepaper.pdf.

[4]

Darren Hurley-Smith and Julio Hernandez-Castro. Quam Bene Non Quantum: Identifying Bias in a Commercial Quantum Random Number Generator. Unpublished full-text manuscript from ResearchGate. Presented at Real World Crypto 2018, Zurich, Switzerland. http://bit.ly/2AOoiGF. ([n.d.]). Accessed: 2018-11-08.

[5]

Daniel J. Bernstein, Yun-An Chang, Chen-Mou Cheng, Li-Ping Chou, Nadia Heninger, Tanja Lange, and Nicko Van Someren. 2013. Factoring RSA keys from certified smart cards: Coppersmith in the wild. In International Conference on the Theory and Application of Cryptology and Information Security. Springer, 341--360.

[6]

Xinzhe Wang, Futian Liang, Peng Miao, Yi Qian, and Ge Jin. 2016. 10-Gbps true random number generator accomplished in ASIC. In 2016 IEEE-NPSS Real Time Conference (RT). IEEE, 1--4.

[7]

Oto Petura, Ugo Mureddu, Nathalie Bochard, Viktor Fischer, and Lilian Bossuet. 2016. A survey of AIS-20/31 compliant TRNG cores suitable for FPGA devices. In 2016 26th International Conference on Field Programmable Logic and Applications (FPL). IEEE, 1--10.

[8]

Michal Varchola and Milos Drutarovsky. 2010. New high entropy element for FPGA based true random number generators. In International Workshop on Cryptographic Hardware and Embedded Systems. Springer, 351--365.

[9]

Abdelkarim Cherkaoui, Viktor Fischer, Alain Aubert, and Laurent Fesquet. 2013. A self-timed ring based true random number generator. In 2013 IEEE 19th International Symposium on Asynchronous Circuits and Systems. IEEE, 99--106.

Digital Library

[10]

R. Sivaraman, Sundararaman Rajagopalan, and Rengarajan Amirtharajan. 2020. FPGA based generic RO TRNG architecture for image confusion. Multimedia Tools and Applications (2020), 1--28.

[11]

IQ Quantique. 2017. IDQ Random Number Generation. IQ Quantique, http://www.idquantique.com/random-number-generation/.

[12]

Bundesamt fur Sichterheit in der Informationstechnik. 2013. Evaluation of Random Number Generators Version 0.10. Technical Report. Bundesamt fur Sichterheit in der Informationstechnik.

[13]

Krister Sune Jakobsson. 2014. Theory, Methods and Tools for Statistical Testing of Pseudo and Quantum Random Number Generators. Dissertation.

[14]

Pierre L’Ecuyer and Richard Simard. 2007. TestU01: A C library for empirical testing of random number generators. ACM Transactions on Mathematical Software (TOMS) 33, 4 (2007), 22.

Digital Library

[15]

Scott A. Wilber. 2020. Entropy Analysis and System Design for Quantum Random Number Generators in CMOS Integrated Circuits. [White Paper] Retrieved on 3 June, 2020 from https://coreinvention.com/files/papers/Pure_Quantum_White_Paper.pdf.

[16]

M. Reznikov, R. De Picciotto, M. Heiblum, D. C. Glattli, A. Kumar, and L. Saminadayar. 1998. Quantum shot noise. Superlattices and Microstructures 23, 3–4 (1998), 901--915.

[17]

Michael Wahl, Matthias Leifgen, Michael Berlin, Tino Röhlicke, Hans-Jürgen Rahn, and Oliver Benson. 2011. An ultrafast quantum random number generator with provably bounded output bias based on photon arrival time measurements. Applied Physics Letters 98, 17 (2011), 171105.

[18]

Thomas Symul, S. M. Assad, and Ping K. Lam. 2011. Real time demonstration of high bitrate quantum random number generation with coherent laser light. Applied Physics Letters 98, 23 (2011), 231103.

[19]

Robert G. Brown, Dirk Eddelbuettel, and David Bauer. 2018. Dieharder: A random number test suite version 3.31. 1.

[20]

National Institute of Standards and Technology. NIST SP800-22 Revision 1a A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications. Retrieved from https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-22r1a.pdf 16:53 21/05/2018.

[21]

George Marsaglia and Wai Wan Tsang. 2002. Some difficult-to-pass tests of randomness. Journal of Statistical Software 7, 3 (2002), 1--9.

[22]

J. Y. Haw, S. M. Assad, A. M. Lance, N. H. Y. Ng, V. Sharma, P. K. Lam, and T. Symul. 2015. Maximization of extractable randomness in a quantum random-number generator. Physical Review Applied 3, 5 (2015), 054004.

[23]

John Walker. 2018. Ent. A Pseudo-random Number Sequence Testing Program. Retrieved from https://www.fourmilab.ch/random/ 16:52 07/08/2018.

[24]

Ziyong Zheng, Yichen Zhang, Weinan Huang, Song Yu, and Hong Guo. 2019. 6 Gbps real-time optical quantum random number generator based on vacuum fluctuation. Review of Scientific Instruments 90, 4 (2019), 043105.

[25]

Saptadeep Pal, K. K. Soundra Pandian, and Kailash Chandra Ray. 2014. FPGA implementation of stream cipher using Toeplitz Hash function. In 2014 International Conference on Advances in Computing, Communications and Informatics (ICACCI). IEEE, 1834--1838.

[26]

Bingjie Xu, Ziyang Chen, Zhengyu Li, Jie Yang, Qi Su, Wei Huang, Yichen Zhang, and Hong Guo. 2019. High speed continuous variable source-independent quantum random number generation. Quantum Science and Technology 4, 2 (2019), 025013.

[27]

Kinga Marton and Alin Suciu. 2015. On the interpretation of results from the NIST statistical test suite. Science and Technology 18, 1 (2015), 18--32.

[28]

Walter Anderson. 2018. A Study of Entropy. Retrieved from https://sites.google.com/site/astudyofentropy/background-information/the-tests 13:30 09/07/2018.

[29]

Darren Hurley-Smith and Julio Hernandez-Castro. 2018. Certifiably biased: An in-depth analysis of a common criteria EAL4+ certified TRNG. IEEE Transactions on Information Forensics and Security 13, 4 (2018), 1031--1041.

[30]

Darren Hurley-Smith and Julio Hernandez-Castro. 2016. Bias in the mifare DESFire EV1 TRNG. In Radio Frequency Identification: 12th International Workshop, RFIDsec 2016, Hong Kong, China, November 30-December 2, 2016. Springer International Publishing.

[31]

Mario Rütti. 2004. A random number generator test suite for the C++ standard. Institute for Theoretical Physics ETH Zurich, Diploma Thesis March 10 (2004).

[32]

Pierre L’Ecuyer and Richard Simard. 2001. On the performance of birthday spacings tests with certain families of random number generators. Mathematics and Computers in Simulation 55, 1–3 (2001), 131--137.

[33]

George Marsaglia and Arif Zaman. 1993. Monkey tests for random number generators. Computers 8 Mathematics with Applications 26, 9 (1993), 1--10.

[34]

Wolfgang Killmann and Werner Schindler. 2011. A proposal for: Functionality classes for random number generators. ser. BDI, Bonn (2011).

[35]

Meltem Sönmez Turan, Elaine Barker, John Kelsey, Kerry McKay, Mary Baish, and Michael Boyle. 2016. Recommendation for the Entropy Sources Used for Random Bit Generation. Technical Report. National Institute of Standards and Technology.

[36]

Shuangyi Zhu, Yuan Ma, Tianyu Chen, Jingqiang Lin, and Jiwu Jing. 2017. Analysis and improvement of entropy estimators in NIST SP 800-90B for Non-IID entropy sources. IACR Transactions on Symmetric Cryptology (2017), 151--168.

[37]

Pierre L’Ecuyer, Richard Simard, and Stefan Wegenkittl. 2002. Sparse serial tests of uniformity for random number generators. SIAM Journal on Scientific Computing 24, 2 (2002), 652--668.

Digital Library

[38]

Damian Twerendol and Philippe Richard. 2010. Certificate of Conformity No 151-04687. (May 2010). http://marketing.idquantique.com/acton/attachment/11868/f-0043/1/-/-/-/-/Metas%20Certificate.pdf.

[39]

Compliance Testing Laboratory. 2011. Certificate of Compliance. (March 2011). http://www.idquantique.com/wordpress/wp-content/uploads/CTL-Compliance-Certificate.pdf.

Cited By

Hurley-Smith DDroop ALyon RTeodor R(2024)Extracting Randomness from Nucleotide Sequencers for use in a Decentralised Randomness BeaconProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3664480(1-12)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3664480
Luis Crespo JGonzález-Villa JGutiérrez JValle A(2024)Assessing the quality of random number generators through neural networksMachine Learning: Science and Technology10.1088/2632-2153/ad56fb5:2(025072)Online publication date: 20-Jun-2024
https://doi.org/10.1088/2632-2153/ad56fb
Soler DCillero IDafonte CFernández-Veiga MVilas ANóvoa F(2024)QKDNetSim+: Improvement of the quantum network simulator for NS-3SoftwareX10.1016/j.softx.2024.10168526(101685)Online publication date: May-2024
https://doi.org/10.1016/j.softx.2024.101685
Show More Cited By

Index Terms

Quantum Leap and Crash: Searching and Finding Bias in Quantum Random Number Generators
1. Security and privacy
  1. Cryptography
    1. Mathematical foundations of cryptography
  2. Formal methods and theory of security
    1. Security requirements

Recommendations

A New Randomness Test for Bit Sequences

Generating sequences of random numbers or bits is a necessity in many situations (cryptography, modeling, simulations, etc…). Those sequences must be random in the sense that their behavior should be unpredictable. For example, the security of many ...
When Can Limited Randomness Be Used in Repeated Games?

The central result of classical game theory states that every finite normal form game has a Nash equilibrium, provided that players are allowed to use randomized (mixed) strategies. However, in practice, humans are known to be bad at generating random-...
Enhancing the Randomness of a Combined True Random Number Generator Based on the Ring Oscillator Sampling Method
RECONFIG '11: Proceedings of the 2011 International Conference on Reconfigurable Computing and FPGAs

An efficient method for generating number sequences that pass all statistical tests is combining numbers produced by many independent generators. Excellent statistical properties are very important in many applications but they are not sufficient in ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Privacy and Security

ACM Transactions on Privacy and Security Volume 23, Issue 3

August 2020

158 pages

ISSN:2471-2566

EISSN:2471-2574

DOI:10.1145/3403643

Editor:
David Basin
ETH Zurich, Switzerland

Issue’s Table of Contents

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 June 2020

Online AM: 16 May 2020

Accepted: 01 May 2020

Revised: 01 May 2020

Received: 01 February 2019

Published in TOPS Volume 23, Issue 3

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Funding Sources

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

15
Total Citations
View Citations
418
Total Downloads

Downloads (Last 12 months)70
Downloads (Last 6 weeks)9

Reflects downloads up to 15 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Hurley-Smith DDroop ALyon RTeodor R(2024)Extracting Randomness from Nucleotide Sequencers for use in a Decentralised Randomness BeaconProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3664480(1-12)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3664480
Luis Crespo JGonzález-Villa JGutiérrez JValle A(2024)Assessing the quality of random number generators through neural networksMachine Learning: Science and Technology10.1088/2632-2153/ad56fb5:2(025072)Online publication date: 20-Jun-2024
https://doi.org/10.1088/2632-2153/ad56fb
Soler DCillero IDafonte CFernández-Veiga MVilas ANóvoa F(2024)QKDNetSim+: Improvement of the quantum network simulator for NS-3SoftwareX10.1016/j.softx.2024.10168526(101685)Online publication date: May-2024
https://doi.org/10.1016/j.softx.2024.101685
Soler DDafonte CFernández-Veiga MVilas ANóvoa F(2024)A privacy-preserving key transmission protocol to distribute QRNG keys using zk-SNARKsComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2024.110259242:COnline publication date: 1-Apr-2024
https://dl.acm.org/doi/10.1016/j.comnet.2024.110259
Biswas RRoy Talukdar DRoy U(2024)Verifying the Reliability of Quantum Random Number Generator: A Comprehensive Testing ApproachSN Computer Science10.1007/s42979-023-02323-w5:1Online publication date: 3-Jan-2024
https://dl.acm.org/doi/10.1007/s42979-023-02323-w
Foreman CWright SEdgington ABerta MCurchod F(2023)Practical randomness amplification and privatisation with implementations on quantum computersQuantum10.22331/q-2023-03-30-9697(969)Online publication date: 30-Mar-2023
https://doi.org/10.22331/q-2023-03-30-969
Quirce AValle AValle-Miñón MGutiérrez J(2023)Characterization of the polarization fluctuations in gain-switched VCSELs for quantum random number generationJournal of the Optical Society of America B10.1364/JOSAB.50661141:1(240)Online publication date: 20-Dec-2023
https://doi.org/10.1364/JOSAB.506611
Keshavarzian PRamu KTang DWeill CGramuglia FTan STng MLim LQuek EMandich DStipčević MCharbon E(2023)A 3.3-Gb/s SPAD-Based Quantum Random Number GeneratorIEEE Journal of Solid-State Circuits10.1109/JSSC.2023.327469258:9(2632-2647)Online publication date: Sep-2023
https://doi.org/10.1109/JSSC.2023.3274692
Li ZFeng BCui LWang HBian YPiao GZhou X(2023)Quantify Randomness of Quantum Random Number with Transformer Network2023 3rd International Conference on Intelligent Power and Systems (ICIPS)10.1109/ICIPS59254.2023.10405286(17-22)Online publication date: 20-Oct-2023
https://doi.org/10.1109/ICIPS59254.2023.10405286
Soler DDafonte CNóvoa FFernández-Veiga MVilas ADíaz-Redondo R(2023)Qerberos: A Protocol for Secure Distribution of QRNG Keys2023 IEEE International Conference on Cyber Security and Resilience (CSR)10.1109/CSR57506.2023.10224969(36-41)Online publication date: 31-Jul-2023
https://doi.org/10.1109/CSR57506.2023.10224969
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Media

Figures

Other

Tables

View Issue’s Table of Contents