Between quantum physics and blockchain: a cheat-proof quantum random number generator

There are processes in which guaranteeing randomness is essential to ensure the legitimacy of the results, such as the lottery, the selection of polling station members, or the beneficiaries of a social housing development. This randomness is also crucial to shielding the security of the network, especially since Peter Shor, a mathematician at the Massachusetts Institute of Technology, demonstrated 30 years ago that a quantum computer can efficiently solve a factorization problem (the decomposition of an algebraic expression into a product). The cryptography that underpins everything from the most common banking transactions to conversations on messaging platforms depends on this factorization. Research published in Nature this Wednesday provides a solution that straddles quantum physics and blockchain , the system of cryptocurrencies and other processes : a cheat-proof random number generator.

Dozens of websites and apps offer programs for generating random numbers. They can be used to solve home games of chance or to generate key proposals. “However,” explain the researchers, led by physicist Gautam Kavuri of the University of Colorado, “current random number generators that rely on existing hardware require a level of confidence that the system hasn’t been hacked or tampered with at some point during the process, and therefore there’s no clear way to certify whether a particular generator is truly random.”

Kavuri and the other scientists, including Spaniard Carlos Abellán , propose a system that draws on the nature of quantum mechanics to “offer random numbers characterized by both uniformity and unpredictability.”

The system, called the Colorado University Randomness Beacon (CURBy), measures two photons simultaneously at a distance of 110 meters. Each step of the measurement process is recorded in a data sequence called a " hash chain," a blockchain- inspired model that makes any attempt to manipulate the process detectable and any attempt to alter it also makes it virtually impossible to manipulate all the links in the chain.

During system testing, 7,434 certified random numbers were generated from 7,454 attempts over 40 days, yielding a success rate of 99.7%. The low error rate is largely attributed to "programming errors during data collection."

Existing random number generators are "auditable" (process examination), but they cannot guarantee that their results are unpredictable, given that the source is known or can be manipulated. "An attacker who discovers the initial inputs can perfectly predict their outputs," they warn.

However, CURBy, “can be fully traced, audited, and certified as unpredictable, extracting results from the randomness of unpredictable nonlocal quantum correlations and using intertwined hash chains to cryptographically trace and verify the extraction process,” the researchers explain.

“Being able to verify and audit random numbers to detect potential manipulation and demonstrate unpredictability is vital to establishing public trust in these applications,” explains the CURBy team, which points to potential use cases such as public resource drawings, lotteries, random selections, parameter selection in public cryptographic schemes, and electronic electoral processes.

The quantum nature of the system guarantees the unpredictability of the results. The traceability of the entire process is based on a model similar to blockchain , a system proposed in classical computing as one of the most secure. “Instead of a single party controlling the entire randomness generation process, we distribute the protocol among several independent parties who must work together to produce it. Every action taken by each party must be recorded in a way that is tamper-evident and can be independently verified or audited,” the researchers explain about the protocol, which they have dubbed “Twine,” based on the hash chain cryptographic technique.

“Each block of data includes a hash , or fingerprint, of the previous block. This means, first, that any subsequent block in the chain must have been created before the previous ones. Second, any subsequent changes to a given block of data would result in an inconsistency unless each subsequent block is also modified,” the authors argue.

“In other words,” the researchers explain, “for a malicious actor to remain undetected, they need to surreptitiously rewrite the history not only of their own hash chain, but also of the hash chains of all other connected parties. As the number of independent parties in the network grows, such an action becomes increasingly difficult.”

Professor Peter Brown, a professor of quantum information technology, who was not involved in the study and insists on this point in an article associated with the Nature publication: “For a third party to control the final output of the random number generator [CURBy] without being detected, the records of the entanglement measurements and all the hash chains would have to be compromised in multiple geographic locations.”

The incorporation of quantum computing into the security of digital society is fundamental. Its capabilities are extraordinary for creating, but also for breaching, as Shor warned in 1994. In this regard, Jay Gambetta, head of quantum development at IBM and unrelated to the study published this Tuesday, warned during Starling's presentation of the need for the development and security race to run parallel: "Current encryption will be broken by quantum computing, so we need to transition as an industry to secure quantum algorithms. There are algorithms that are already quantum, and IBM has a long history of developing some that we don't believe a quantum computer will crack. A big part of encryption is about this."