Methods to generate the random numbers we need for secure communications are all flawed in some way, but quantum computers that exist today could produce random numbers that can't be faked.
Quantum computers can be used to generate truly random numbers that can’t be faked – which could be useful for secure communications or cryptocurrency networks like Ethereum.
 |
| Quantum computers such as Google’s Sycamore could be put to use creating numbers that are guaranteed to be truly random HANNAH BENET/Google |
The process could be run on today’s best quantum systems, such as Google’s Sycamore processor, and would be the first truly practical task that would be impossible without a quantum machine, say the researchers involved.
Random numbers are widely used in cybersecurity for applications including secure messaging and password creation, but producing random numbers you can trust is difficult. If someone knows how the algorithm creating the numbers works, then the numbers can be predicted, making them nonrandom and the system unsafe.
In 2013, for example, leaks by Edward Snowden revealed that the US government had installed a backdoor in a random number generator made by the US National Institute of Standards and Technology, so that its numbers could be predicted.
All random number generators in use today are pseudorandom – they are so hard to predict that their output seems random. But attacks are possible. A number generator that gives a truly random result, however, would be invulnerable.
Many people have looked to quantum mechanics as a source of invulnerable random numbers, because processes at the quantum scale happen according to probabilistic rules, and so it is impossible to reliably predict the outcome of a single process. A fundamental problem with this, however, is that there is no way of verifying whether a number is genuine or fake if you weren’t there to inspect the process.
Now, Scott Aaronson and Shih-Han Hung at the University of Texas at Austin have developed a protocol that can certify truly random numbers without this requirement, by asking a quantum computer to complete a test in a certain amount of time that only it can pass. “The only way for a quantum computer to pass the test is to do the quantum computation that it’s supposed to do, or something similar to it,” says Aaronson.
This test involves running a series of pseudorandom operations on a quantum computer’s quantum bits, or qubits, measuring the outputs – which serve as the truly random numbers – and trying to simulate those outputs on a classical computer. If the classical computer can’t do it, then the outputs of the quantum computer must be from quantum processes and be truly random, and so can then be used for cybersecurity applications.
As long as the quantum computer can solve certain problems faster than the best classical computers – a capability known as quantum supremacy – the method could work on current quantum machines. “The huge advantage with this proposal is that you can actually do it with devices that currently exist,” says Aaronson.
There are still several hurdles to implementing this in the real world, though, primarily in how a classical computer can verify that the process really is quantum.
Beyond a certain level of quantum computing power, the classical computer won’t be able to finish the verification calculation, and so will be unable to show that the quantum computer’s output is indeed quantum. However, if this upper limit on quantum processing power is set too low, it might not satisfy cryptographers, because the random numbers created could actually be coming from a tweaked, but very powerful, classical computer, and so still be pseudorandom. The goldilocks zone of powerful enough but not too powerful has yet to be worked out, says Aaronson.
It is an impressive piece of work, says Carlos Perez Delgado at the University of Kent, UK, and is the only workable method for verifying true randomness without having to witness the process involved.
However, many pseudorandom number generators work well enough for cybersecurity applications and aren’t straightforward to hack, so, given the large computational resources required to verify the quantum result, it might not have too many uses, he says.
One of these could be for the Ethereum cryptocurrency network, says Aaronson, given the amount of money at stake. It is worth several hundred billion dollars and uses random numbers to verify its transactions and mine new currency.
But Delgado says that for many cases, the new approach might not be necessary. “Some critics of this protocol would simply claim that it’s overkill,” says Delgado. “For pretty much any application, you don’t need to prove that a sequence of numbers is random in the deep sense that the universe considers them random.”
Reference:
0 Comments