Researchers in Switzerland laboured for 10 years on a project that cost $12 million. The end result, published in Nature last month, were some really, really random numbers.
Random numbers are the guardians of digital information that moves through the Internet via a system of public and private keys. Private keys consist of hundreds of bits (zeros or ones that encode extremely large numbers) generated by a computer. Computers can come very close to achieving true randomness but they are driven by process.
A process can be complex but not truly random. “If you knew what the computer was calculating, you would be able to predict it,” said Morgan W. Mitchell, quantum physicist at the Institute of Photonic Sciences in Barcelona, Spain.
Hackers have become adept at using maths to probe encrypted systems for signs of weak randomness, which can give them access to private keys. The Swiss researchers tried to solve this problem through a process called randomness amplification, which boosts lower-grade random numbers via quantum physics. The published result is random numbers that are “effectively perfect” said Mitchell, who was not part of the research.
Other researchers have also recently attained impressive results in random number generation, but with more reliance on computers. The Swiss research comes with an intrinsically elegant validation independent of processing power.
The resulting paper “represents the most convincing demonstration to date that high-quality randomness can be produced from quantum processes,” said Roger Colbeck, professor of quantum information theory at King’s College London and a pioneer in the field of quantum randomness.
The study, conducted at the university ETH Zurich, called for two connected refrigerators humming along at just above absolute zero, at 15 millikelvin, which is roughly 180 times colder than deep space. These cryostats cooled superconducting circuits called qubits, which behave according to quantum mechanics.
The challenge was to harvest the randomness of the supercooled qubits without contaminating the experiment with classical physics. Pure quantum conditions are exceptionally difficult to maintain. Inevitably, non-quantum reality seeps in, degrading the quality of the random numbers.
“It takes randomness to make randomness,” said Krister Shalm, professor of quantum physics at the University of Colorado, US, who was not involved in the study.
The pivotal innovation of the new experiment was the placement of the two qubits in a tight bond known as entanglement, which is possible only under quantum conditions. “We create entanglement at a high enough quality and at a high enough rate, so it’s practically feasible to actually create random numbers through it,” said Andreas Wallraff, a physicist and co-author of the Swiss paper.
Over nine hours, the researchers used their experimental setup to measure the entangled qubits 1.34 billion times. Taking the results of those quantum measurements, an extractor algorithm transformed 5.4 billion bits sourced from a somewhat less sophisticated random number generator into 45 million bits of extremely high-quality randomness.
In 2012, researchers used Euclid’s algorithm to find that 0.2 per cent of public keys in a database were not random enough. This was seen as a huge security lapse, considering that the database contained 7.1 million keys.
Mitchell said that the Swiss team was “able to generate randomness that even a paranoid user can trust”. Paranoia seems, justifiably enough, to be a common sentiment in quantum cryptography.
In 2010, PlayStation 3 had its defences breached by hackers who discovered that Sony was recycling its random numbers. In a 2023 attack, hackers exploited the generation of weak private keys by the cryptocurrency tool Libbitcoin Explorer. They stole $9,00,000.
“If you take the most pure source of randomness you can get,” Wallraff said, “you can fix that problem.”