Quantum Random Numbers 167
tqft writes "What the world needs is more truly random sources of numbers. Researchers from Australian National University have found a brilliant way to make one: 'We do this by splitting a beam of light into two beams and then measuring the power in each beam. Because light is quantised, the light intensity in each beam fluctuates about the mean. Those fluctuations, due ultimately to the quantum vacuum, can be converted into a source of random numbers. Every number is randomly generated in real time and cannot be predicted beforehand.' So if you need some really random numbers, just use their generator service."
Or just use excel (Score:3)
Re: (Score:3)
Didn't SGI solve this problem ages ago... [wikipedia.org]
Re: (Score:3)
Yet from the wiki page:
It is covered under U.S. Patent 5,732,138, titled "Method for seeding a pseudo-random number generator with a cryptographic hash of a digitization of a chaotic system."
I don't believe it ever became a product... and was cumbersome to setup. Hard to justify a lava lamp display in a data center, and god forbid you need multiple sources in one DC say, on every machine)
One thing I worry about with devices like this is failure mode. if it can be made totally solid state, I would think it c
Re: (Score:2)
Anything that relies on Newtonian physics is predictable and measurable by others, and thus even if the numbers produced are truly random it is possible someone else might be able to replicate them. Since cryptography relies heavily on random numbers that is obviously quite bad.
Quantum phenomena tend to be altered by measuring them, making them highly secure for random number generation. This is a bit of an extreme way of doing it though, there are in fact many easier options that can be built into a chip l
Purpose Completely Defeated (Score:2)
When you are feeding everybody the same random number sequence (as this service appears to do), it doesn't matter even the slightest little bit how random the numbers are; with a little ingenuity they can still be 100% predictable in many practical situations.
It depends on little more than how fast you get the numbers, and whether you can process them before the next guy does.
Purpose Completely Defeated (Score:2)
Generator Service down (Score:1)
That seems pretty random after a /. post
Re: (Score:2)
Re: (Score:2)
or at least ceases to be observable.
site is slashdotted..so... (Score:3, Funny)
..feel free to use these...
1 1 1 1 1 1 1 1 1 1 1 1
Re:site is slashdotted..so... (Score:4, Funny)
I'll only use them if you can assure me that they were chosen by fair dice roll..
Re: (Score:2)
Not so elusive... [shapeways.com]
Re: (Score:2)
No I will download their random numbers and then I can use it forever!
of course (Score:1)
Random numbers are not useful in programs that need repeatable results
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
The big problem with a true RNG is that you can't really "seed" a given sequence of random numbers—unless you or the server pre-record a block of them and choose that block, you'll almost certainly get a whole new one.
If you do want a whole new block, of course, this is a wish-come-true.
Re: (Score:2)
As hard as it may be to believe with someone who grew up with Windows, it is terribly hard with normal computers to generate true randomness. These machines WILL always generate the same output for the same input (again, can the bad Windows jokes). Normal pseudo-random generators usually use something like the clock cycles since turn-on as a seed to generate numbers that seem random, but if you somehow start the program exactly after the same amount of cycles you get exactly the same "random" numbers.
I stud
Re: (Score:2)
Linux's /dev/random is about as good as you can get without specialized hardware:
https://en.wikipedia.org/wiki//dev/random [wikipedia.org]
Re: (Score:2)
Re: (Score:2)
Some programs have a very specific need for non-repeatable results.
There's no such thing as random (Score:5, Interesting)
The quest to find random numbers is the quest to entangle our locality to ever more distantly related things in weirder and weirder ways... which, if you ask me, is far more interesting to think about.
Re: (Score:2)
Re: (Score:3)
There's no proof of that. That's a commonly held belief, but that doesn't make it true. The bottom line is that we don't know whether there is any randomness in the universe, and there is certainly considerable evidence that there might be.
Re: (Score:2)
The bottom line is that we don't know whether there is any randomness in the universe, and there is certainly considerable evidence that there might be.
What we do know is that the question is almost completely uninteresting, which is proven by the fact that it is so hard to tell the difference between "true" randomness and merely insanely-hard-to-predict non-random phenomena. If it mattered, it would be easy to tell which kind of world we lived in. We can't, so it doesn't matter.
There may be some insanely esoteric situation where the kind of randomness the universe contains does make a difference, but why anyone would care deeply about a question whose a
Re: (Score:1)
This itself may be fundamentally wrong. QM could itself be built on a deterministic substrait, but that would be an even greater violation of Einstein's concept of reality, AKA there exist real objects out there with real, measurable properties. Basically our reality would be pushed off two levels deeper to below QM, rather than just one, to QM.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
SHOT LADS who were out by the lean-to, inspecting the LATH SODS.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Somehow Penrose made a conceptual leap from quantum probability to a completely deterministic consciousness, but personally I think he stumbled in his attempted leap from physics to metaphysics.
Conceivably, circumstances forced his fully-deterministic brain to come to that conclusion. Maybe that is a tautology, but then so is the idea of a full
Re:There's no such thing as random (Score:4, Interesting)
There is no such thing is the "collapse" of the wavefunction. The observer just gets entangled with the experiment.
Re: (Score:2)
please mod up parent. possibly the best explanation I've seen so far.
Re: (Score:2)
Mod up. The whole idea of collapse is that somehow quantum mechanics apply to particles but not to macro scale objects, it's violates Occam's razor.
Re: (Score:2)
Yep. Notice that physicists can not tell the difference between a particle with a "collapsed" wave function and an "uncollapsed" one. If they could tell the difference, then streams of entangled photons or particles going in opposite directions could be used for faster-than-light communication. The guy at one end either "observes" his photons or lets them pass by. The guy at the other end read
Re: (Score:2)
Re:There's no such thing as random (Score:4, Interesting)
The modern view of quantum mechanics is that the wavefunction never collapses. This isn't purely a matter interpretation (as many people claim): theoretical work over the last ~20 years on decoherence [wikipedia.org] has shown that you can explain everything in QM with a deterministic wavefunction and no ad-hoc collapse axiom. Experimental work has been demonstrating quantum superposition of ever-large systems: there is no experimental evidence for collapse, which suggests that arbitrary large systems (cats, people, galaxies, the entire universe) can be in superpositions. Of course, when you're 'inside' a superposition, you cannot get information from the other branches. Thus the simplest available theory that fits experimental data is consistent with the Everett ('many-worlds') interpretation [wikipedia.org].
In this paradigm, the evolution of the total wavefunction is deterministic and there is no global randomness. There is randomness at the level of the individual observer, since they lack the information/correlations necessary to probe other branches of the wavefunction. Whether or not you consider this 'true randomness' or just 'ignorance randomness' is as much a definitional and philosophical question as anything.
Re: (Score:2)
So your claim is that in order to avoid the complexity of wavefunctio
Re: (Score:2)
Is it true randomness, or have we just failed to recognize the pattern yet?
Re: (Score:3)
The fact that there was a singularity in the first place makes it pretty obvious that entropy does not only go one way. Abiogenesis will eventually be accepted as fact, and this will provide strong evidence that the "heat death of the universe" hypothesis is wrong.
I wrote a rambling essay that I think relates and threw it in my journal for the trolls to rip apart... maybe it will provoke something.
http://slashdot.org/journal/281071 [slashdot.org]
So much for random (Score:2)
Re: (Score:2)
Re: (Score:1)
Obligatory Dilbert comic strip [dilbert.com]
Re: (Score:1)
You spelled XKCD wrong, and the number was wrong too.
http://xkcd.com/221/ [xkcd.com]
I know, I know, the one predates the other. So what!
Re: (Score:2)
XKCD: 2007-2-9
Dilbert: 2001-10-25
Guess who's stealing ideas from whom?
Re: (Score:2)
Like I said...
"I know, I know, the one predates the other. So what!"
Re: (Score:2)
Sorry, the placement made my eyes skim that, I thought it was your sig. ;-)
Re: (Score:2)
There's a subtle difference between learning and selling.
No thanks (Score:5, Funny)
The generation of random numbers is too important to be left to chance.
- Robert R. Coveyou, Oak Ridge National Laboratory
Re: (Score:2)
This. Why, if you really needed actual random numbers, would you leave the generation of them to someone else?
Raas!? (Score:3, Insightful)
Randomness as a Service?
I don't know if out will work, but I know it certainly shouldn't.
In two words: MiM attack.
Re: (Score:3, Insightful)
The random service alone as cryptographic source raises questions about thrust. But if you use it as an additional source to mix into you entropy pool, it won't hurt and probably improve the quality and data rate of your random source.
~Andy
actually, I'm NOT referring to /b/ (Score:2)
Re: (Score:2)
SSL handshake requires a pseudo-random nonce[...]
FTFY
Re: (Score:2)
"who tells you that nobody had introduced some trojan on their system which reads all the bits sent to you and sends them to the attacker as well?"
Who tells you that the service provider itself is not sending perfectly random data... generated one week ago?
Memory quota warning (Score:1)
If you guys keep entangling shit in there, the simulator will run out of memory.
Is that what you want?
Radioactive decay (Score:4, Interesting)
This was done using radioactive decay to generate random numbers (i.e., something like counting geiger counter clicks), I believe first in the 1950's.
I also seem to remember that the first units weren't entirely random, due to dead times in the counters or something similar. Random in theory does not mean random in practice, and I am not sure I would trust a billion dollar deal relying on a one-time-pad generated by the ANU quantum random number generator, at least until it had been through a lot of testing.
Re: (Score:2)
I also seem to remember that the first units weren't entirely random, due to dead times in the counters or something similar. Random in theory does not mean random in practice, and I am not sure I would trust a billion dollar deal relying on a one-time-pad generated by the ANU quantum random number generator, at least until it had been through a lot of testing.
Having build my own random generator I can confirm this discrepancy between theory and practice. You have to be very cautious to eliminate externals noise and oscillation of the random source. As it's not possible to measure the true randomness but only guess it, additional filtering like bias elimination and mixing may improve the entropy, but may be still not true random.
A cheap non-quantum option (Score:1)
Re:A cheap non-quantum option (Score:5, Informative)
How "very random" do you need, that a Mersenne Twister is not good enough, but an untested signal is? And if you only looked at the 1 bit word mean, you basically didn't test it at all. If you don't care about specifics, you can just use the Testu01 [umontreal.ca] suite of tests. If you care about specifics and want to do your own tests...you should do the same bias test for various word lengths. So besides making sure the 0 and 1 appear about 50% of the time, you should make sure that 00,01,10,11 appear about 25% of the time, 000,001,etc are all uniform for 3 bit words, and so on until at least several hundred bit words (yes, it will take you a long time to sample enough words!) Besides those simple "fair dice" tests, you can also pick a dimension, (2 or more) and sample a lot of points (using whatever bit words you like) and then find the minimum distance between two points. With repeated tests this minumum distance should follow an exponential distribution, with the parameters describing that distribution depending on the range of possible values and the number of dimensions. Similarly, if you treat your n bit words as floats from [0,1) (by dividing by 2^n), then sampling a large number and adding them together should get you a normal variable, where the mu and sigma depend on n and how many you are adding together. There's also a 'pigeon hole' test where you have 2^n bins and sample n bit words and put them in the bin, and then take the maximum occupancy. Again, statistically this value should have a known distribution and you can test against that. A related one is called a "parking lot" test, where you sample in 2 dimensions and treat points as circles of some radius, and you only place a circle if it doesn't overlap with other circles already placed. After 10,000 samples you should have less than 10,000 placed, and the number you actually placed should be normally distributed, with the mu and sigma depending on the size of the lot, the number of attempts, and the radius of the circles used. There are plenty of such tests. They all revolve around using your generator to simulate a simple statistical system where the distribution of the result is known by you, so you can see how consistent your repeated simulations are with the expected distribution. A 1-bit mean test is just simulating coin tosses, while a 2-bit mean test is simulating 4 sided die tosses, etc.
But a Mersenne Twister does quite well on Testu01, so you have to ask yourself why a software generator can't possibly be sufficient.
As for the mechanical "what's wrong" side of things, if you don't know the physical mechanism, you can't know what conditions are required for your tests to remain valid. Where is the line noise coming from? Just noise from the physical components, or is there a radio wave factor? Will a new tower broadcasting alter the behavior of the noise in a meaningful way? What about wifi devices? I know of sound cards that pick up the signal sent when a cellphone rings so you can tell moments before it actually rings. (You can get a TARDIS for your keychain that lights up when a nearby cellphone is being rung, which works by the same mechanism but on purpose).
Twitter Feeds (Score:1)
Re: (Score:1)
There is no need for this new method at all (Score:5, Informative)
Zener-noise at 5V6 or NPN transistor EB noise is already about half quantum effect noise. Just use that, plenty of recipes on the web. Cost is at a few USD/EUR for the raw generator and you can get it as an USB stick.
Examples:
http://www.cryogenius.com/hardware/isarng/ [cryogenius.com]
http://www.tonbandstimmen.de/evpmaker/random-bit-generator/index_e.htm [tonbandstimmen.de]
http://www.entropykey.co.uk/ [entropykey.co.uk]
Seems to me the quantum folks are getting a bit desperate to prove they actually are doing something worthwhile.
Re: (Score:2)
Right, I was going to mention this. Hot resistors can work, too. Anyway, one can remove hidden order from the signal by using multiple diode sources and XORing them together, then running it through a "whitening" process, usually a bit-shift register with specific patterns of feedback taps (a pseudorandom number generator, PNR) which gives the pseudorandom part a repeat period of greater than the age of the universe, while its seed changes thousands or millions of times a second.
This is more than good enou
Re: (Score:2)
Hot resistors are not quantum noise, they are Brownian noise (AFAIK), which is deterministic. (Not that it matters at all in practice.) The "whitening" is best done by simply running the input though a crypto-hash with a pool. (use, say 10KB pool, xor 128 bit input to pool, hash, repeat) You _can_ use xor directly, but a small residual skew will remain. Most modern crypto is immune to that though.
As Zener/EB-noise is about half quantum noise, it is already the best noise theoretically available if you colla
Re: (Score:2)
Excluding environmental interference including power-supply noise is commonly done by post-processing, e.g. crypto-hashing. Physical processes alone can never eliminate environmental influences. Also, while absolutely nobody needs 2Gbps true-randomness, a) the generators listed can generate a noise-spectrum of a few 100MHz, potentially more with HF transistors. I measured 10M zero-crosses on an experimental set-up with NF transistors. And b) they are so dirt cheap, that you can just put 100 or 1000 in para
Re: (Score:2)
There is no market for such a device, as nobody needs 100Mbps true randomness rates. The entropy key (http://www.entropykey.co.uk/) has the commercial segment covered very well and very cheaply.
As to under $1000, I will not buy the article to check. But usually the optical bench and mountings alone run you over $10'000, that is without the actual experiment. In order to capture the data at 2Gbps, you will likely spend something >$10'000 again for the measurement equipment. And so on. As there is zero nee
Why bother (Score:1)
There's an app for that!
Next wave of Australian Patent Trolls (Score:2)
Just don't let Commonwealth Scientific and Industrial Research Organization [zdnet.com] patent this, or we'll be paying royalties for turning on our lights.
My RNG algorithm... (Score:5, Funny)
Re: (Score:2)
As the rest of variables are known for each individual point in time, your choice is limited by 1/10 preference of dog (your precision to measure percentage in page is cancelled out by fact that dog probably has some favourite toys is probably ).
Given call centre with 50 employees I could constantly dial to the numbers you have chance to choose and ask if you have called and what number have the person told you. That would give 2/3 advantage to find out the number (If the person would lie, or hangup, he pro
Re: (Score:2)
Calculator as a service (Score:2)
Creating a random number generator is even easier than designing useful circuits. Just ignore your noise margins. There is no need for quantum laser bullshit.
Little need now (Score:2)
Re: (Score:2)
To be sure that no misunderstands your post, RdRand doesn't just use noise in the general hardware, it has its own dedicated hardware to generate that noise and the subsequent random numbers.
From one of Intel's software blogs [intel.com]:
I use government employment numbers (Score:3)
If not random, they at least have a minimal correlation with reality.
Re: (Score:2)
It's not random, in fact the trend is predictable - by November the numbers will be much lower than they are today.
What if (Score:2)
What if our entire reality is just a carrier wave for some other civilization's spread-spectrum communications network?
(Completely pointless speculation, I know. Still, I have to do something with my first coffee buzz of the morning.)
Re: (Score:2)
Re: (Score:3)
Well, try not to introduce too much noise or they'll shut us off. So, please just sit there. Quietly.
Random quantum genertor (Score:2)
http://www.idquantique.com/true-random-number-generator/quantis-usb-pcie-pci.html [idquantique.com]
They sell hardware that sends a single photon at a time. The photon's polarity is random. It hits a mirror/prism or something, and if it's one polarity, it goes to sensor A, if it's the other polarity, to goes to sensor B.
Truly random. About $2.1k for the PCIe card.
Re: (Score:2)
Far too fragile. Zener noise and NPN-transitor EB noise is about half quantum tunneling noise and about half Brownian noise. Hash it together a bit and you are done. DIY from components is 10USD/EUR. Chip-integrated is almost for free.
Re: (Score:3)
The site and its images randomly (appropriately enough) bobble between working and 503 at the moment. Not quite down, but taking heavy fire.
Re:dead link (Score:4, Funny)
But does the decision whether to return a 503 or data use true randomness?
Re: (Score:3)
The site and its images randomly (appropriately enough) bobble between working and 503 at the moment. Not quite down, but taking heavy fire.
Probably the cleaning lady using the left beam of light to read the instructions on the detergent bottle, thereby generating a whole string of identical 503 numbers.
Re:dead link (Score:4, Funny)
Re: (Score:2)
Re: (Score:2)
Must be due to the "quantum vacuum"- which is about as real as the sub-ether explanation for waves that behave as particles.
Re: (Score:3, Informative)
Re: (Score:2)
Re: (Score:2)
They need a networked version, USB and PCI don't play well in a modern virtualized datacenter.
It's what, a 25-line perl script to hook up a character device to ZeroMQ?
(hurry, somebody release it before the patent is filed!)
Re: (Score:2)
Re: (Score:1)
The term is 'gyp' as in 'gypsy' as in 'That dirty gypsy ripped me off again. What a gyp!'
Re: (Score:1)
Re: (Score:3, Informative)
In this case, it doesn't matter. Random number generation is in itself interesting and a very important part of computer science... or better said, the problem that with a finite state machine, like a computer, we cannot generate truly random numbers. Computers can generate pseudorandom numbers, but they are only random within the constraints set, are repeatable and will have a periodicity. Getting "true" random numbers only is possible from physical processes.
There have been several articles about ran
Re: (Score:2)
Indirectly. The choice of stories seems to be purely random.
Re: (Score:2)
I reckon you used a loaded dice for that, you didn't specify otherwise.
Re: (Score:2)
That's incorrect. For true randomness, it need only be possible (and equally probable), that the prior number can be generated as a series of smaller numbers glued together, as that 424242424242..... (a string of equal length) would be generated.
Re: (Score:2)
Which are of course perfectly random! But if you need a lot of randomness, it is obviously better to just periodically wget slashdot and hash it together a bit.