The Device-Independent Approach and Standardization of QRNG (N23c)
Traditional hardware for random bit generation is notoriously hard to characterise and, as a consequence, bounds on the generated entropy are hard to trust. As opposed to algorithms for cryptography, which have benefited from the modernisation of security proofs, security when using hardware still mostly relies on the assumption that the devices are functioning as promised. Some advanced statistical tests have been developed in order to attempt to qualify RNG, including estimation of min-entropy, giving some standardisation to RNG useful for cryptography. However it is known that insecure RNG can easily pass the tests currently used to give the seal of approval.
On the one hand, and as opposed to the evolution of complex classical systems (e.g. chaotic ones), quantum phenomena in principle allow for simpler models and therefore better trust in the derived bounds on the entropy present in the output of an RNG. On the other hand, quantum hardware is notoriously noisy and harder to implement — leading to unavoidable implementation imperfections and hence false claims. A second aspect of quantum physics allows for so-called device-independent security proofs, in which the hardware is instead challenged to rigorously obtain entropy lower bounds — i.e. allowing to verify the hardware implementation instead of trusting it. This talk will present the device-independent approach to quantum random number generation and why current standards for RNG not only require modernisation but actually unnecessarily penalise the advent of promising new technology.