Nav: Home

Random numbers: Hard times ahead for hackers

May 31, 2017

Whenever we need to communicate in secret, a cryptographic key is needed. For this key to work, it must consist of numbers chosen at random without any structure - just the opposite of using the birthdate of our favourite pet. But, for a human, it is extremely difficult to choose without creating any bias, even by hitting the keyboard chaotically. To solve this problem, researchers from the University of Geneva (UNIGE), Switzerland, have developed a new random numbers generator based on the principles of quantum physics. This physical theory, full of phenomena that run counter to our common sense, shows that certain physical events occur perfectly at random, making them impossible to predict. Unlike previous methods, the new system allows the user to verify the reliability of the random numbers it generates in real time. This work, to appear in the scientific journal Physical Review Applied, will greatly complicate the tasks of hackers who can no longer exploit bias resulting from human fallibility or possible imperfections in existing devices.

To generate a good cryptographic key, one must alternate randomly between 0's and 1's, the values of the so-called bits which form the basic unit of information in digital devices like computers. However, when we humans try to generate a sequence of numbers which we believe to be random, it always ends up being partly predictable, as revealed by behavioural studies and statistics. In addition, apart from having a poor grasp on randomness, the human brain is also much slower than machines, which can output millions of numbers per second. This gives hackers an opportunity to crack passwords, which the user thought to be safe.

Quantum physics as key to security

For the past twenty years, researchers have turned to quantum physics, characterised by its completely random and unpredictable processes, for developing new cryptographic techniques, and in particular the generation of random numbers. "Send a photon (a particle of light) onto a semi-transparent mirror. Either it gets transmitted through the mirror, or it gets reflected. But it is impossible, even in principle, to predict beforehand which of these two behaviours it will adopt. This is the basic idea behind quantum random number generation" explains Nicolas Brunner, professor at the Department of Applied Physics at the Faculty of Science of UNIGE and responsible for the theoretical aspects of the new research.

Powerful quantum random number generators are today available commercially. However, one limitation of existing devices is that it is impossible for the user to independently verify that the numbers generated are in fact genuinely random and not, for example, composed of digits of π. The user must trust the device (and so its manufacturer) to function correctly, even after years of use. So, it makes sense to ask if current systems could be improved from this point of view.

A new self-testing random number generators

"We wanted to create a device which can be continuously tested to ensure it functions correctly at all times and thus guarantee that the random numbers generated are reliable" says Nicolas Brunner. To achieve this, the UNIGE physicists have developed a "self-testing" quantum random number generator, which allows the user to verify in real time that the apparatus performs optimally and delivers unbiased random numbers. "The generator should solve a tasks for which we have calibrated it. If the tasks is solved correctly, the output numbers are guaranteed to be random. If the apparatus does not find the correct solution, randomness is not guaranteed, and the user should then recalibrate the device. This avoids the risk of using numbers with little (or no) randomness for example to generate passwords, which hacker could then crack" professor Hugo Zbinden enthusiastically points out. He has been responsible for the experimental aspects of the research. Indeed, the new generator allows to measure precisely the quality of the output random numbers. Perfectly random numbers can then be distilled and used for security applications, such as generating passwords which are safe against hacking.

The self-testing quantum random number generator will allow the security of passwords and cryptographic protocols to be increased yet another notch. Here, security is guaranteed by the laws of physics themselves, and not by the hackers' technological limitations. This research, conducted by physicists at the UNIGE allows for a better understanding of quantum randomness as well as its use in information technology.
-end-


Université de Genève

Related Quantum Physics Articles:

In atomic propellers, quantum phenomena can mimic everyday physics
In molecules there are certain groups of atoms that are able to rotate.
Testing quantum field theory in a quantum simulator
Quantum field theories are often hard to verify in experiments.
Diamonds coupled using quantum physics
Researchers at TU Wien have succeeded in coupling the specific defects in two such diamonds with one another.
Quantum physics offers insight into music expressivity
Scientists at Queen Mary University of London (QMUL) are bringing us closer to understanding the musical experience through a novel approach to analysing a common musical effect known as vibrato.
More than 100,000 people challenge Einstein in a unique worldwide quantum physics experiment
On Nov. 30, more than 100,000 people participated in the BIG Bell Test, a global experiment to test the laws of quantum physics.
More Quantum Physics News and Quantum Physics Current Events

Best Science Podcasts 2019

We have hand picked the best science podcasts for 2019. Sit back and enjoy new science podcasts updated daily from your favorite science news services and scientists.
Now Playing: TED Radio Hour

Erasing The Stigma
Many of us either cope with mental illness or know someone who does. But we still have a hard time talking about it. This hour, TED speakers explore ways to push past — and even erase — the stigma. Guests include musician and comedian Jordan Raskopoulos, neuroscientist and psychiatrist Thomas Insel, psychiatrist Dixon Chibanda, anxiety and depression researcher Olivia Remes, and entrepreneur Sangu Delle.
Now Playing: Science for the People

#537 Science Journalism, Hold the Hype
Everyone's seen a piece of science getting over-exaggerated in the media. Most people would be quick to blame journalists and big media for getting in wrong. In many cases, you'd be right. But there's other sources of hype in science journalism. and one of them can be found in the humble, and little-known press release. We're talking with Chris Chambers about doing science about science journalism, and where the hype creeps in. Related links: The association between exaggeration in health related science news and academic press releases: retrospective observational study Claims of causality in health news: a randomised trial This...