May 16, 2014
Do you feel nervous when you make a credit-card transaction using your mobile phone? Your worries could soon be a thing of the past, thanks to a low-cost device that could bring powerful cryptography to portable devices. That's the aim of Bruno Sanguinetti and colleagues at the University of Geneva in Switzerland, who have created a quantum random-number generator (QRNG) that uses low-cost electronic components including a mobile-phone camera.
Modern cryptographic protocols require the rapid generation of sequences of truly random numbers. These are used to create the "keys" that allow individuals to encrypt and decrypt sensitive information such as passwords and bank details. Coming up with these numbers is a significant technological challenge because computers are completely deterministic and are therefore not capable of creating truly random numbers. Cryptography systems tend to rely on "pseudo random-number" generators that output sequences of numbers that are nearly random. While some of these generators are very good, a cryptography system based on pseudo random numbers is easier to hack than a system that uses random numbers.
Truly random numbers can be generated by making measurements on physical systems that are inherently random – such as the radioactive decay of nuclei or noise in an electronic circuit. However, existing measurement techniques tend to be either very expensive or too slow to be of practical use. Securing your mobile phone, for example, needs a generation rate of about 1 kbit/s.
Now Sanguinetti and colleagues Anthony Martin, Hugo Zbinden and Nicolas Gisin have used an eight-megapixel camera from a Nokia N9 smartphone to create a device that can deliver random numbers at 1.25 Gbit/s. The system exploits the fact that the camera is so sensitive that it can be used to count the number of photons that impinge on each of its individual pixels. The light is supplied by a conventional LED, in which electrons and holes combine to create photons. This is a quantum mechanical process and therefore the number of photons produced in a fixed period of time is not fixed, but is random.
The camera and LED are adjusted so that each pixel detects about 400 photons in a short exposure time. The photon numbers of all the camera pixels are combined in an "extractor" algorithm that outputs a sequence of random numbers. In the Swiss experiment, the camera was used to create a 1.25 Gbit/s stream of random numbers.
One worry about any random-number generator is that the numbers could be influenced in a predictable way by non-quantum (classical) effects in the system. This could lead to a measurement bias, for example, which could favour certain numbers over others. If a potential eavesdropper knows everything about the generator, they could in principle predict the classical component of its output. This would make it easier to crack the system.
However, when such biases are factored in, the team reckons that a user would have to generate a mindboggling 10118 random numbers before they would notice a deviation from a perfectly random sequence.
Sanguinetti told physicsworld.com that all of the components of his team's QRNG could be integrated on a chip that would cost a few dollars and could be easily integrated in portable electronic devices, including mobile phones. "If there is a quantum technology that everyone will soon have, this is it," he says. Sanguinetti also works for the technology company ID Quantique, which was co-founded in 2001 by Gisin and makes equipment for quantum and classical encryption systems. He says that the company is looking at commercializing the QRNG.
Anthony Laing of the University of Bristol described the technique as a "nice way to generate random numbers as it makes use of technology already embedded in the phone". However, he cautioned, "It might be possible to design certain hacks based on quantum states of light that have different noise characteristics, and the authors of this work will no doubt have methods for dealing with these."
Laing also believes that the technology could be used in quantum cryptography systems, which in principle are unbreakable: "A QRNG can also be a key component for quantum key distribution protocols, where the communicating parties must be careful to choose their measurements in a genuinely random way."
The QRNG is described in a preprint on arXiv.