• United States



Quantum random number generator set to transform internet security

Jul 03, 20183 mins

The world’s first practical quantum random number generator (QRNG) will reportedly overcome weaknesses of current encryption, revolutionizing internet security.

The true randomness of numbers from random number generators (RNG) is not as random as many people believe, but that might change thanks to the world’s first practical quantum random number generator (QRNG).

Random numbers are, after all, needed for the security and privacy of electronic communications. RNGs are used for online security, cryptography, gaming, and so much more. Quantum Base claims that electronic communication can be truly secure thanks to the company inventing and developing “true quantum random number generator (QRNG) using quantum tunneling in a simple semiconductor structure, namely a resonant tunneling diode (RTD).”

The company says the “simple” nanoscale electronic quantum device “can mitigate the weaknesses of current key generation, allowing blockchain to be implemented using simple, accessible, and unbreakable quantum security.”

Yes, there are other QRNGs, but most are reportedly slow and expensive. According to the press release, the QRNG by Quantum Base, a spin-off company from Lancaster University, can be embedded in “any electronic device without increasing cost or complexity and with a very high maximum speed.” It is only a thousandth the width of a human hair and can be added to new or existing microelectronics.

QRING mitigates encryption weaknesses

But wait, there’s more hype for this QRNG, which was selected for the Royal Society Summer Science Exhibition 2018. The impact will be “revolutionary, making attacks based on predicting ‘random’ events a thing of the past.” Quantum Base’s QRNG “will overcome the weaknesses of current encryption, allow blockchain to be implemented with unbreakable quantum security, and will be vital in sensitive areas such as banking, finance, defense and social media.”

“Random numbers are the basis of security and privacy for any electronic communication,” reads the press release. “From lotteries and gambling to encryption algorithms in every message sent over the internet, a trustworthy source of random numbers is required. But true randomness is not easy to achieve, and current solutions can lead to predictable results, as in the case of poorly designed mathematical algorithms, or can be biased if they depend on physical devices.”

Online security “relies on ‘pseudo’ random number generators that are vulnerable to attack.”

We are then reminded of the security flaw in the mandatory national ID cards issued to Estonian citizens. The flaw, which was discovered in 2017, made it possible for attackers to impersonate or steal the identities of 750,000 Estonians.

That problem, as well as all the vulnerability woes caused by faulty RNGs, “has now been solved with the creation of the world’s first practical true random number generator based on quantum physics.”

True random number generators are systems whose outputs cannot be determined, even if their internal structure and previous behavior are known. Subatomic particles do not obey the laws of classical physics but are totally unpredictable in behavior so they are the ideal source of randomness. This makes the Quantum Random Number Generator developed by Quantum Base and Lancaster University unbreakable because it is based on their intrinsic uncertainty.

Just a little FYI: If you are gamer, and if and when Quantum Base’s “true” QRNG is implemented, that doesn’t necessarily mean the RNGesus will suddenly smile upon you.

ms smith

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.