Page 121 - Kaleidoscope Academic Conference Proceedings 2021
P. 121
STRENGTHEN THE SECURITY OF CYBERSPACE WITH DEVICE-INDEPENDENT
QUANTUM RANDOMNESS
1
Ming-Han Li and Qiang Zhang 2
1
CAS Quantum Network Co.,Ltd., Shanghai, P. R. China
2
Jinan Institute of Quantum Technology, Jinan, China
ABSTRACT quantum coherence. In turn, quantum coherence can be
quantified by inherent randomness [2]. Quantum randomness
With the advancement of the information age, the risk of based on this intrinsic property of quantum physics is
information security keeps increasing. Randomness is the considered as a truly unpredictable random resource, unlike
core of network and information system security, and it is classical random numbers.
the basic support of the entire network trust system. In
There are many kinds of Quantum Random Number
this paper, we introduce the concept of Device-Independent
Generators (QRNGs) based on different mechanisms and
Quantum Random Number Generator (DIQRNG), which
implementation methods. In general, a good quantum random
provides randomness with the highest security level. To better
number generator should have a low cost and achieve a
integrate with Information and Communications Technology
high random number generation rate. However, only the
(ICT) systems, we propose the principle and architectural
device of the random number generator can be trusted, the
framework of a randomness beacon based on DIQRNG. It is a
output random number sequence can only have randomness of
public service that can be applied in multiple scenarios, such
"information theory security". If the device is manipulated
as contract signing and confidential disclosure. Its related
by an eavesdropper, the output may not be truly random.
application cases are also currently being studied in the ITU
For example, when a quantum random number generator
QIT4N focus group.
is supplied by a malicious manufacturer, copies a long
random string to a large hard disk, and outputs the numbers
Keywords - Device-independent, randomness, security,
sequentially from the hard disk, the manufacturer can always
trust.
predict the output of the device. In practice, it is not easy to
prove whether the quantum process is working as one would
1. INTRODUCTION
expect. Noise or faults may easily interrupt the process,
Random numbers are the cornerstone of modern causing the actual internal working state to deviate from the
cryptography-based information security systems. In modern ideal situation. Therefore, it is difficult to assess whether
cyberspace, where encryption algorithms and access policies sufficient entropy is being generated.
are public information, encryption devices may need to be The quantum theory provides us with a reasonable solution
trusted. The security of the entire system depends heavily on to obtain certified randomness without making any a priori
the efficiency and quality of Random Number Generation assumptions about the internal workings of the device, which
(RNG). Randomness is critical to many aspects of life, is the implementation of the "loophole-free" Bell test [3, 4].
ranging from lotteries to digital cryptography. All these For this reason, random number generators based on this
applications rely on the unpredictability of random numbers. technique are called device-independent quantum random
However, this property cannot be guaranteed in the course number generators. Even if the physical device is controlled
of classical mechanics. For example, in computer science, by others, we can still generate real and unpredictable
random numbers are generated by a certain algorithm and random numbers. Due to the violation of the loophole-free
a string of random number seeds [1]. They only appear Bell’s inequality, we can estimate a lower bound on the
to conform to a uniform distribution, when in fact they are true randomness, even if the output of this random number
highly autocorrelated and predictable. Such pseudo-random generator is mixed with classic noise. This kind of highly
numbers can cause security risks in the above-mentioned secure random source can be regarded as an important
applications. Although classical random numbers are difficult resource in modern cyberspace security
to predict, they essentially follow the laws of classical physics This paper is organized as follows. Section 2 introduces
and are deterministic processes. As long as you know the the related work. Section 3 introduces the concept
initial state of the system, coupled with powerful computing of device-independent quantum random number generator,
power, the result of a classical random number generator is including the technical principle and the protocol. Section
theoretically computable, which means it is not unpredictable. 4 presents randomness beacon, which is an application of
In quantum mechanics, the measurement process can break DIQRNG. It also describes in detail its working architecture
the coherence of the quantum state on a certain measurement and two different use cases. Section 5 concludes this paper
basis vector, thus producing a randomness equivalent to and discusses the future standardization on DIQRNG.
978-92-61-33881-7/CFP2168P @ ITU 2021 – 59 – Kaleidoscope
