Forgot your password?
typodupeerror
Math Science

Quantum Random Numbers 167

Posted by Soulskill
from the randomly-kills-cats dept.
tqft writes "What the world needs is more truly random sources of numbers. Researchers from Australian National University have found a brilliant way to make one: 'We do this by splitting a beam of light into two beams and then measuring the power in each beam. Because light is quantised, the light intensity in each beam fluctuates about the mean. Those fluctuations, due ultimately to the quantum vacuum, can be converted into a source of random numbers. Every number is randomly generated in real time and cannot be predicted beforehand.' So if you need some really random numbers, just use their generator service."
This discussion has been archived. No new comments can be posted.

Quantum Random Numbers

Comments Filter:
  • by stating_the_obvious (1340413) on Friday April 13, 2012 @10:57AM (#39673561)
    A few months ago some guy generated random numbers firing lasers at diamonds; and now we've got quantum light. Maybe someone could explain how randomness varies in non-random ways...
    • by Joce640k (829181)

      Didn't SGI solve this problem ages ago... [wikipedia.org]

      • by TheCarp (96830)

        Yet from the wiki page:
        It is covered under U.S. Patent 5,732,138, titled "Method for seeding a pseudo-random number generator with a cryptographic hash of a digitization of a chaotic system."

        I don't believe it ever became a product... and was cumbersome to setup. Hard to justify a lava lamp display in a data center, and god forbid you need multiple sources in one DC say, on every machine)

        One thing I worry about with devices like this is failure mode. if it can be made totally solid state, I would think it c

    • by AmiMoJo (196126)

      Anything that relies on Newtonian physics is predictable and measurable by others, and thus even if the numbers produced are truly random it is possible someone else might be able to replicate them. Since cryptography relies heavily on random numbers that is obviously quite bad.

      Quantum phenomena tend to be altered by measuring them, making them highly secure for random number generation. This is a bit of an extreme way of doing it though, there are in fact many easier options that can be built into a chip l

      • ... or perhaps not defeated, but blithely thrown away.

        When you are feeding everybody the same random number sequence (as this service appears to do), it doesn't matter even the slightest little bit how random the numbers are; with a little ingenuity they can still be 100% predictable in many practical situations.

        It depends on little more than how fast you get the numbers, and whether you can process them before the next guy does.
      • In other words: this looks like a clever idea, but the implementation is totally useless for many real-world applications.
  • by Anonymous Coward

    That seems pretty random after a /. post

  • by Anonymous Coward on Friday April 13, 2012 @10:59AM (#39673589)

    ..feel free to use these...

    1 1 1 1 1 1 1 1 1 1 1 1

  • by Anonymous Coward

    Random numbers are not useful in programs that need repeatable results

    • by Xiph1980 (944189)
      Unless you want to repeat randomness...
    • That's what psuedo-random generators (plus resetting the seed to the same starting point each run) are for.
    • by game kid (805301)

      The big problem with a true RNG is that you can't really "seed" a given sequence of random numbers—unless you or the server pre-record a block of them and choose that block, you'll almost certainly get a whole new one.

      If you do want a whole new block, of course, this is a wish-come-true.

    • As hard as it may be to believe with someone who grew up with Windows, it is terribly hard with normal computers to generate true randomness. These machines WILL always generate the same output for the same input (again, can the bad Windows jokes). Normal pseudo-random generators usually use something like the clock cycles since turn-on as a seed to generate numbers that seem random, but if you somehow start the program exactly after the same amount of cycles you get exactly the same "random" numbers.

      I stud

    • by Surt (22457)

      Some programs have a very specific need for non-repeatable results.

  • by ShieldW0lf (601553) on Friday April 13, 2012 @11:02AM (#39673633) Journal

    The quest to find random numbers is the quest to entangle our locality to ever more distantly related things in weirder and weirder ways... which, if you ask me, is far more interesting to think about.

    • by kipsate (314423)
      Indeed, and it would be even more interesting to see in how far the randomness of these numbers holds up when tested to extremes. It would be a huge result if these numbers can not be tested to be 100% pure random.
    • by Surt (22457)

      There's no proof of that. That's a commonly held belief, but that doesn't make it true. The bottom line is that we don't know whether there is any randomness in the universe, and there is certainly considerable evidence that there might be.

      • by radtea (464814)

        The bottom line is that we don't know whether there is any randomness in the universe, and there is certainly considerable evidence that there might be.

        What we do know is that the question is almost completely uninteresting, which is proven by the fact that it is so hard to tell the difference between "true" randomness and merely insanely-hard-to-predict non-random phenomena. If it mattered, it would be easy to tell which kind of world we lived in. We can't, so it doesn't matter.

        There may be some insanely esoteric situation where the kind of randomness the universe contains does make a difference, but why anyone would care deeply about a question whose a

  • Just keeps spitting out 503 ... >.>
  • No thanks (Score:5, Funny)

    by Anonymous Coward on Friday April 13, 2012 @11:04AM (#39673661)

    The generation of random numbers is too important to be left to chance.
    - Robert R. Coveyou, Oak Ridge National Laboratory

  • Raas!? (Score:3, Insightful)

    by turbidostato (878842) on Friday April 13, 2012 @11:12AM (#39673779)

    Randomness as a Service?

    I don't know if out will work, but I know it certainly shouldn't.

    In two words: MiM attack.

    • Re: (Score:3, Insightful)

      by rapidmax (707233)

      The random service alone as cryptographic source raises questions about thrust. But if you use it as an additional source to mix into you entropy pool, it won't hurt and probably improve the quality and data rate of your random source.

      ~Andy

    • That's a fine idea, until you get sued [google.com] because the "random" numbers you're providing turn out to be inadequately random.
  • by Anonymous Coward

    If you guys keep entangling shit in there, the simulator will run out of memory.

    Is that what you want?

  • Radioactive decay (Score:4, Interesting)

    by mbone (558574) on Friday April 13, 2012 @11:22AM (#39673943)

    This was done using radioactive decay to generate random numbers (i.e., something like counting geiger counter clicks), I believe first in the 1950's.

    I also seem to remember that the first units weren't entirely random, due to dead times in the counters or something similar. Random in theory does not mean random in practice, and I am not sure I would trust a billion dollar deal relying on a one-time-pad generated by the ANU quantum random number generator, at least until it had been through a lot of testing.

    • by rapidmax (707233)

      I also seem to remember that the first units weren't entirely random, due to dead times in the counters or something similar. Random in theory does not mean random in practice, and I am not sure I would trust a billion dollar deal relying on a one-time-pad generated by the ANU quantum random number generator, at least until it had been through a lot of testing.

      Having build my own random generator I can confirm this discrepancy between theory and practice. You have to be very cautious to eliminate externals noise and oscillation of the random source. As it's not possible to measure the true randomness but only guess it, additional filtering like bias elimination and mixing may improve the entropy, but may be still not true random.

  • When I needed some very random numbers, I read the low bit of samples from my soundcard without a source connected. Connecting a mic may have better, to use ambient rather than electrical noise, but it worked well for me, and always had a "fair" average (but that was the only criteria I knew how to test). I'd be interested to hear what's wrong with doing it that way from those more knowledgeable than myself.
    • by canajin56 (660655) on Friday April 13, 2012 @01:07PM (#39675891)

      How "very random" do you need, that a Mersenne Twister is not good enough, but an untested signal is? And if you only looked at the 1 bit word mean, you basically didn't test it at all. If you don't care about specifics, you can just use the Testu01 [umontreal.ca] suite of tests. If you care about specifics and want to do your own tests...you should do the same bias test for various word lengths. So besides making sure the 0 and 1 appear about 50% of the time, you should make sure that 00,01,10,11 appear about 25% of the time, 000,001,etc are all uniform for 3 bit words, and so on until at least several hundred bit words (yes, it will take you a long time to sample enough words!) Besides those simple "fair dice" tests, you can also pick a dimension, (2 or more) and sample a lot of points (using whatever bit words you like) and then find the minimum distance between two points. With repeated tests this minumum distance should follow an exponential distribution, with the parameters describing that distribution depending on the range of possible values and the number of dimensions. Similarly, if you treat your n bit words as floats from [0,1) (by dividing by 2^n), then sampling a large number and adding them together should get you a normal variable, where the mu and sigma depend on n and how many you are adding together. There's also a 'pigeon hole' test where you have 2^n bins and sample n bit words and put them in the bin, and then take the maximum occupancy. Again, statistically this value should have a known distribution and you can test against that. A related one is called a "parking lot" test, where you sample in 2 dimensions and treat points as circles of some radius, and you only place a circle if it doesn't overlap with other circles already placed. After 10,000 samples you should have less than 10,000 placed, and the number you actually placed should be normally distributed, with the mu and sigma depending on the size of the lot, the number of attempts, and the radius of the circles used. There are plenty of such tests. They all revolve around using your generator to simulate a simple statistical system where the distribution of the result is known by you, so you can see how consistent your repeated simulations are with the expected distribution. A 1-bit mean test is just simulating coin tosses, while a 2-bit mean test is simulating 4 sided die tosses, etc.

      But a Mersenne Twister does quite well on Testu01, so you have to ask yourself why a software generator can't possibly be sufficient.

      As for the mechanical "what's wrong" side of things, if you don't know the physical mechanism, you can't know what conditions are required for your tests to remain valid. Where is the line noise coming from? Just noise from the physical components, or is there a radio wave factor? Will a new tower broadcasting alter the behavior of the noise in a meaningful way? What about wifi devices? I know of sound cards that pick up the signal sent when a cellphone rings so you can tell moments before it actually rings. (You can get a TARDIS for your keychain that lights up when a nearby cellphone is being rung, which works by the same mechanism but on purpose).

  • I read somewhere that twitter feeds were being used as seeds for random number generators. Found the page here http://pyevolve.sourceforge.net/wordpress/?p=631 [sourceforge.net] This seems like a great approach. Could someone explain the benefits of this over the above, why it is needed and how can we be sure they are truly random.
    • by baynham (874879)
      Just read the abstract..."We demonstrate up to 2 Gbps of real time random number generation that were verified using standard randomness tests". A twitter RNG could not do this :)
  • by gweihir (88907) on Friday April 13, 2012 @12:03PM (#39674595)

    Zener-noise at 5V6 or NPN transistor EB noise is already about half quantum effect noise. Just use that, plenty of recipes on the web. Cost is at a few USD/EUR for the raw generator and you can get it as an USB stick.

    Examples:
    http://www.cryogenius.com/hardware/isarng/ [cryogenius.com]
    http://www.tonbandstimmen.de/evpmaker/random-bit-generator/index_e.htm [tonbandstimmen.de]
    http://www.entropykey.co.uk/ [entropykey.co.uk]

    Seems to me the quantum folks are getting a bit desperate to prove they actually are doing something worthwhile.

    • Right, I was going to mention this. Hot resistors can work, too. Anyway, one can remove hidden order from the signal by using multiple diode sources and XORing them together, then running it through a "whitening" process, usually a bit-shift register with specific patterns of feedback taps (a pseudorandom number generator, PNR) which gives the pseudorandom part a repeat period of greater than the age of the universe, while its seed changes thousands or millions of times a second.

      This is more than good enou

      • by gweihir (88907)

        Hot resistors are not quantum noise, they are Brownian noise (AFAIK), which is deterministic. (Not that it matters at all in practice.) The "whitening" is best done by simply running the input though a crypto-hash with a pool. (use, say 10KB pool, xor 128 bit input to pool, hash, repeat) You _can_ use xor directly, but a small residual skew will remain. Most modern crypto is immune to that though.

        As Zener/EB-noise is about half quantum noise, it is already the best noise theoretically available if you colla

  • There's an app for that!

  • Just don't let Commonwealth Scientific and Industrial Research Organization [zdnet.com] patent this, or we'll be paying royalties for turning on our lights.

  • by Iniamyen (2440798) on Friday April 13, 2012 @12:28PM (#39675069)
    I tell my dog to go get a toy. I've preassigned a numerical value between 1 & 10 to each of her toys. Whichever one she brings me, I cube the resulting number, and then divide by today's date (1 thru 31), and then floor the result. I get my yellow pages and turn to this page. I take the time of day as a percentage of 24-hour time (so 0700 would be 29.2%) and go that percentage down either the left or right column on that page, depending on the phase of the moon (left column for waxing, right column for waning.) Whichever phone number is there, I call. I then ask whoever picks up to think of a number.
    • by atisss (1661313)

      As the rest of variables are known for each individual point in time, your choice is limited by 1/10 preference of dog (your precision to measure percentage in page is cancelled out by fact that dog probably has some favourite toys is probably ).

      Given call centre with 50 employees I could constantly dial to the numbers you have chance to choose and ask if you have called and what number have the person told you. That would give 2/3 advantage to find out the number (If the person would lie, or hangup, he pro

  • Creating a random number generator is even easier than designing useful circuits. Just ignore your noise margins. There is no need for quantum laser bullshit.

  • Some way to generate random numbers is really important, for certain applications. Intel's next generation of CPUs, based on Ivy Bridge [wikipedia.org] and due out within a month, addresses that. The CPUs support a new instruction: RdRand [wikipedia.org]. RdRand generates random numbers based on noise in the hardware. For almost all purposes, it should be adequate.
    • To be sure that no misunderstands your post, RdRand doesn't just use noise in the general hardware, it has its own dedicated hardware to generate that noise and the subsequent random numbers.

      From one of Intel's software blogs [intel.com]:

      Mostly, Bull Mountain follows the Cascade Construction RNG model, using a processor resident entropy source to repeatedly seed a hardware-implemented CSPRNG. Unlike software approaches, it includes a high-quality entropy source implementation which can be sampled quickly to repeatedly

  • by gestalt_n_pepper (991155) on Friday April 13, 2012 @01:07PM (#39675885)

    If not random, they at least have a minimal correlation with reality.

    • It's not random, in fact the trend is predictable - by November the numbers will be much lower than they are today.

  • What if it turns out that quantum randomness is only pseudo-random?

    What if our entire reality is just a carrier wave for some other civilization's spread-spectrum communications network?

    (Completely pointless speculation, I know. Still, I have to do something with my first coffee buzz of the morning.)
    • by Jamu (852752)
      If we can work out how to generate those numbers we can send messages backwards in time!
    • Well, try not to introduce too much noise or they'll shut us off. So, please just sit there. Quietly.

  • I came across this site a long while back

    http://www.idquantique.com/true-random-number-generator/quantis-usb-pcie-pci.html [idquantique.com]

    They sell hardware that sends a single photon at a time. The photon's polarity is random. It hits a mirror/prism or something, and if it's one polarity, it goes to sensor A, if it's the other polarity, to goes to sensor B.

    Truly random. About $2.1k for the PCIe card.
    • by gweihir (88907)

      Far too fragile. Zener noise and NPN-transitor EB noise is about half quantum tunneling noise and about half Brownian noise. Hash it together a bit and you are done. DIY from components is 10USD/EUR. Chip-integrated is almost for free.

Work is the crab grass in the lawn of life. -- Schulz

Working...