typodupeerror

## Quantum Random Numbers167

tqft writes "What the world needs is more truly random sources of numbers. Researchers from Australian National University have found a brilliant way to make one: 'We do this by splitting a beam of light into two beams and then measuring the power in each beam. Because light is quantised, the light intensity in each beam fluctuates about the mean. Those fluctuations, due ultimately to the quantum vacuum, can be converted into a source of random numbers. Every number is randomly generated in real time and cannot be predicted beforehand.' So if you need some really random numbers, just use their generator service."
This discussion has been archived. No new comments can be posted.

## Quantum Random Numbers

• #### Or just use excel (Score:3)

on Friday April 13, 2012 @10:57AM (#39673561)
A few months ago some guy generated random numbers firing lasers at diamonds; and now we've got quantum light. Maybe someone could explain how randomness varies in non-random ways...
• #### Re: (Score:3)

Didn't SGI solve this problem ages ago... [wikipedia.org]

• #### Re: (Score:3)

Yet from the wiki page:
It is covered under U.S. Patent 5,732,138, titled "Method for seeding a pseudo-random number generator with a cryptographic hash of a digitization of a chaotic system."

I don't believe it ever became a product... and was cumbersome to setup. Hard to justify a lava lamp display in a data center, and god forbid you need multiple sources in one DC say, on every machine)

One thing I worry about with devices like this is failure mode. if it can be made totally solid state, I would think it c

• #### Re: (Score:2)

Anything that relies on Newtonian physics is predictable and measurable by others, and thus even if the numbers produced are truly random it is possible someone else might be able to replicate them. Since cryptography relies heavily on random numbers that is obviously quite bad.

Quantum phenomena tend to be altered by measuring them, making them highly secure for random number generation. This is a bit of an extreme way of doing it though, there are in fact many easier options that can be built into a chip l

• #### Purpose Completely Defeated (Score:2)

... or perhaps not defeated, but blithely thrown away.

When you are feeding everybody the same random number sequence (as this service appears to do), it doesn't matter even the slightest little bit how random the numbers are; with a little ingenuity they can still be 100% predictable in many practical situations.

It depends on little more than how fast you get the numbers, and whether you can process them before the next guy does.
• #### Purpose Completely Defeated (Score:2)

In other words: this looks like a clever idea, but the implementation is totally useless for many real-world applications.
• #### Generator Service down (Score:1)

by Anonymous Coward

That seems pretty random after a /. post

• #### Re: (Score:2)

It only works if you watch. Otherwise, it doesn't exist...
• #### site is slashdotted..so... (Score:3, Funny)

by Anonymous Coward on Friday April 13, 2012 @10:59AM (#39673589)

..feel free to use these...

1 1 1 1 1 1 1 1 1 1 1 1

• #### Re:site is slashdotted..so... (Score:4, Funny)

by Anonymous Coward on Friday April 13, 2012 @11:08AM (#39673735)

I'll only use them if you can assure me that they were chosen by fair dice roll..

• #### Re: (Score:2)

No I will download their random numbers and then I can use it forever!

• #### of course (Score:1)

by Anonymous Coward

Random numbers are not useful in programs that need repeatable results

• #### Re: (Score:2)

Unless you want to repeat randomness...
• #### Re: (Score:2)

That's what psuedo-random generators (plus resetting the seed to the same starting point each run) are for.
• #### Re: (Score:2)

The big problem with a true RNG is that you can't really "seed" a given sequence of random numbers—unless you or the server pre-record a block of them and choose that block, you'll almost certainly get a whole new one.

If you do want a whole new block, of course, this is a wish-come-true.

• #### Re: (Score:2)

As hard as it may be to believe with someone who grew up with Windows, it is terribly hard with normal computers to generate true randomness. These machines WILL always generate the same output for the same input (again, can the bad Windows jokes). Normal pseudo-random generators usually use something like the clock cycles since turn-on as a seed to generate numbers that seem random, but if you somehow start the program exactly after the same amount of cycles you get exactly the same "random" numbers.

I stud

• #### Re: (Score:2)

Linux's /dev/random is about as good as you can get without specialized hardware:

https://en.wikipedia.org/wiki//dev/random [wikipedia.org]

• #### Re: (Score:2)

The nice thing about /dev/random is that when you do add hardware or when hardware random numbers become standard, then everything that needs is already using it.
• #### Re: (Score:2)

Some programs have a very specific need for non-repeatable results.

• #### There's no such thing as random (Score:5, Interesting)

on Friday April 13, 2012 @11:02AM (#39673633) Journal

The quest to find random numbers is the quest to entangle our locality to ever more distantly related things in weirder and weirder ways... which, if you ask me, is far more interesting to think about.

• #### Re: (Score:2)

Indeed, and it would be even more interesting to see in how far the randomness of these numbers holds up when tested to extremes. It would be a huge result if these numbers can not be tested to be 100% pure random.
• #### Re: (Score:3)

There's no proof of that. That's a commonly held belief, but that doesn't make it true. The bottom line is that we don't know whether there is any randomness in the universe, and there is certainly considerable evidence that there might be.

• #### Re: (Score:2)

The bottom line is that we don't know whether there is any randomness in the universe, and there is certainly considerable evidence that there might be.

What we do know is that the question is almost completely uninteresting, which is proven by the fact that it is so hard to tell the difference between "true" randomness and merely insanely-hard-to-predict non-random phenomena. If it mattered, it would be easy to tell which kind of world we lived in. We can't, so it doesn't matter.

There may be some insanely esoteric situation where the kind of randomness the universe contains does make a difference, but why anyone would care deeply about a question whose a

• #### So much for random (Score:2)

Just keeps spitting out 503 ... >.>
• #### Re: (Score:2)

doesn't mean it's not random.
• #### Re: (Score:1)

by Anonymous Coward
• #### Re: (Score:1)

You spelled XKCD wrong, and the number was wrong too.

http://xkcd.com/221/ [xkcd.com]

I know, I know, the one predates the other. So what!

• #### Re: (Score:2)

XKCD: 2007-2-9
Dilbert: 2001-10-25

Guess who's stealing ideas from whom?

• #### Re: (Score:2)

Like I said...

"I know, I know, the one predates the other. So what!"

• #### Re: (Score:2)

Sorry, the placement made my eyes skim that, I thought it was your sig. ;-)

• #### No thanks (Score:5, Funny)

by Anonymous Coward on Friday April 13, 2012 @11:04AM (#39673661)

The generation of random numbers is too important to be left to chance.
- Robert R. Coveyou, Oak Ridge National Laboratory

• #### Re: (Score:2)

This. Why, if you really needed actual random numbers, would you leave the generation of them to someone else?

• #### Raas!? (Score:3, Insightful)

on Friday April 13, 2012 @11:12AM (#39673779)

Randomness as a Service?

I don't know if out will work, but I know it certainly shouldn't.

In two words: MiM attack.

• #### Re: (Score:3, Insightful)

The random service alone as cryptographic source raises questions about thrust. But if you use it as an additional source to mix into you entropy pool, it won't hurt and probably improve the quality and data rate of your random source.

~Andy

• #### actually, I'm NOT referring to /b/ (Score:2)

That's a fine idea, until you get sued [google.com] because the "random" numbers you're providing turn out to be inadequately random.
• #### Memory quota warning (Score:1)

by Anonymous Coward

If you guys keep entangling shit in there, the simulator will run out of memory.

Is that what you want?

• #### Radioactive decay (Score:4, Interesting)

on Friday April 13, 2012 @11:22AM (#39673943)

This was done using radioactive decay to generate random numbers (i.e., something like counting geiger counter clicks), I believe first in the 1950's.

I also seem to remember that the first units weren't entirely random, due to dead times in the counters or something similar. Random in theory does not mean random in practice, and I am not sure I would trust a billion dollar deal relying on a one-time-pad generated by the ANU quantum random number generator, at least until it had been through a lot of testing.

• #### Re: (Score:2)

I also seem to remember that the first units weren't entirely random, due to dead times in the counters or something similar. Random in theory does not mean random in practice, and I am not sure I would trust a billion dollar deal relying on a one-time-pad generated by the ANU quantum random number generator, at least until it had been through a lot of testing.

Having build my own random generator I can confirm this discrepancy between theory and practice. You have to be very cautious to eliminate externals noise and oscillation of the random source. As it's not possible to measure the true randomness but only guess it, additional filtering like bias elimination and mixing may improve the entropy, but may be still not true random.

• #### A cheap non-quantum option (Score:1)

When I needed some very random numbers, I read the low bit of samples from my soundcard without a source connected. Connecting a mic may have better, to use ambient rather than electrical noise, but it worked well for me, and always had a "fair" average (but that was the only criteria I knew how to test). I'd be interested to hear what's wrong with doing it that way from those more knowledgeable than myself.
• #### Re:A cheap non-quantum option (Score:5, Informative)

on Friday April 13, 2012 @01:07PM (#39675891)

But a Mersenne Twister does quite well on Testu01, so you have to ask yourself why a software generator can't possibly be sufficient.

As for the mechanical "what's wrong" side of things, if you don't know the physical mechanism, you can't know what conditions are required for your tests to remain valid. Where is the line noise coming from? Just noise from the physical components, or is there a radio wave factor? Will a new tower broadcasting alter the behavior of the noise in a meaningful way? What about wifi devices? I know of sound cards that pick up the signal sent when a cellphone rings so you can tell moments before it actually rings. (You can get a TARDIS for your keychain that lights up when a nearby cellphone is being rung, which works by the same mechanism but on purpose).

I read somewhere that twitter feeds were being used as seeds for random number generators. Found the page here http://pyevolve.sourceforge.net/wordpress/?p=631 [sourceforge.net] This seems like a great approach. Could someone explain the benefits of this over the above, why it is needed and how can we be sure they are truly random.
• #### Re: (Score:1)

Just read the abstract..."We demonstrate up to 2 Gbps of real time random number generation that were verified using standard randomness tests". A twitter RNG could not do this :)
• #### There is no need for this new method at all (Score:5, Informative)

on Friday April 13, 2012 @12:03PM (#39674595)

Zener-noise at 5V6 or NPN transistor EB noise is already about half quantum effect noise. Just use that, plenty of recipes on the web. Cost is at a few USD/EUR for the raw generator and you can get it as an USB stick.

Examples:
http://www.cryogenius.com/hardware/isarng/ [cryogenius.com]
http://www.tonbandstimmen.de/evpmaker/random-bit-generator/index_e.htm [tonbandstimmen.de]
http://www.entropykey.co.uk/ [entropykey.co.uk]

Seems to me the quantum folks are getting a bit desperate to prove they actually are doing something worthwhile.

• #### Re: (Score:2)

Right, I was going to mention this. Hot resistors can work, too. Anyway, one can remove hidden order from the signal by using multiple diode sources and XORing them together, then running it through a "whitening" process, usually a bit-shift register with specific patterns of feedback taps (a pseudorandom number generator, PNR) which gives the pseudorandom part a repeat period of greater than the age of the universe, while its seed changes thousands or millions of times a second.

This is more than good enou

• #### Re: (Score:2)

Hot resistors are not quantum noise, they are Brownian noise (AFAIK), which is deterministic. (Not that it matters at all in practice.) The "whitening" is best done by simply running the input though a crypto-hash with a pool. (use, say 10KB pool, xor 128 bit input to pool, hash, repeat) You _can_ use xor directly, but a small residual skew will remain. Most modern crypto is immune to that though.

As Zener/EB-noise is about half quantum noise, it is already the best noise theoretically available if you colla

• #### Why bother (Score:1)

There's an app for that!

• #### Next wave of Australian Patent Trolls (Score:2)

Just don't let Commonwealth Scientific and Industrial Research Organization [zdnet.com] patent this, or we'll be paying royalties for turning on our lights.

• #### My RNG algorithm... (Score:5, Funny)

on Friday April 13, 2012 @12:28PM (#39675069)
I tell my dog to go get a toy. I've preassigned a numerical value between 1 & 10 to each of her toys. Whichever one she brings me, I cube the resulting number, and then divide by today's date (1 thru 31), and then floor the result. I get my yellow pages and turn to this page. I take the time of day as a percentage of 24-hour time (so 0700 would be 29.2%) and go that percentage down either the left or right column on that page, depending on the phase of the moon (left column for waxing, right column for waning.) Whichever phone number is there, I call. I then ask whoever picks up to think of a number.
• #### Re: (Score:2)

As the rest of variables are known for each individual point in time, your choice is limited by 1/10 preference of dog (your precision to measure percentage in page is cancelled out by fact that dog probably has some favourite toys is probably ).

Given call centre with 50 employees I could constantly dial to the numbers you have chance to choose and ask if you have called and what number have the person told you. That would give 2/3 advantage to find out the number (If the person would lie, or hangup, he pro

• #### Calculator as a service (Score:2)

Creating a random number generator is even easier than designing useful circuits. Just ignore your noise margins. There is no need for quantum laser bullshit.

• #### Little need now (Score:2)

Some way to generate random numbers is really important, for certain applications. Intel's next generation of CPUs, based on Ivy Bridge [wikipedia.org] and due out within a month, addresses that. The CPUs support a new instruction: RdRand [wikipedia.org]. RdRand generates random numbers based on noise in the hardware. For almost all purposes, it should be adequate.
• #### Re: (Score:2)

To be sure that no misunderstands your post, RdRand doesn't just use noise in the general hardware, it has its own dedicated hardware to generate that noise and the subsequent random numbers.

From one of Intel's software blogs [intel.com]:

Mostly, Bull Mountain follows the Cascade Construction RNG model, using a processor resident entropy source to repeatedly seed a hardware-implemented CSPRNG. Unlike software approaches, it includes a high-quality entropy source implementation which can be sampled quickly to repeatedly

• #### I use government employment numbers (Score:3)

on Friday April 13, 2012 @01:07PM (#39675885)

If not random, they at least have a minimal correlation with reality.

• #### Re: (Score:2)

It's not random, in fact the trend is predictable - by November the numbers will be much lower than they are today.

• #### What if (Score:2)

What if it turns out that quantum randomness is only pseudo-random?

What if our entire reality is just a carrier wave for some other civilization's spread-spectrum communications network?

(Completely pointless speculation, I know. Still, I have to do something with my first coffee buzz of the morning.)
• #### Re: (Score:2)

If we can work out how to generate those numbers we can send messages backwards in time!
• #### Re: (Score:3)

Well, try not to introduce too much noise or they'll shut us off. So, please just sit there. Quietly.

• #### Random quantum genertor (Score:2)

I came across this site a long while back

http://www.idquantique.com/true-random-number-generator/quantis-usb-pcie-pci.html [idquantique.com]

They sell hardware that sends a single photon at a time. The photon's polarity is random. It hits a mirror/prism or something, and if it's one polarity, it goes to sensor A, if it's the other polarity, to goes to sensor B.

Truly random. About \$2.1k for the PCIe card.
• #### Re: (Score:2)

Far too fragile. Zener noise and NPN-transitor EB noise is about half quantum tunneling noise and about half Brownian noise. Hash it together a bit and you are done. DIY from components is 10USD/EUR. Chip-integrated is almost for free.

#### Related LinksTop of the: day, week, month.

...when fits of creativity run strong, more than one programmer or writer has been known to abandon the desktop for the more spacious floor. - Fred Brooks, Jr.

Working...