Secure Random Number Generation May Not be All that Secure

Interesting eavesdropping attack leaves you wondering just how secure is quantum computing?

Certainly quantum physics and quantum mechanics make observation of entangled particles immediately apparent (inherently secure). But we cannot get focused on the “super secure” shiny ball that quantum cryptography is made out to be. The interfaces of these quantum hardware and software systems may be vulnerable to eavesdropping and side-channel attacks. More recently, we are finding issues with quantum random number generation.

Though the quantumness is secure, the randomness may be pseudo-random. Worth the time to read it from the source; link is below. Because Quantum is Coming. Qubit.

An eavesdropping attack on a trusted continuous-variable quantum random number generator


+  Harnessing quantum processes is an efficient method to generate truly in-deterministic random numbers, which are of fundamental importance for cryptographic protocols, security applications or Monte-Carlo simulations.

+  Recently, quantum random number generators based on continuous variables have gathered a lot of attention due to the potentially high bit rates they can deliver  .Especially quadrature measurements on shot-noise limited states have been studied in detail as they do not offer any side information to potential adversaries under ideal experimental conditions.

+  However, they may be subject to additional classical noise beyond the quantum limit, which may become a source of side information for eavesdroppers. While such eavesdropping attacks have been investigated in theory in some detail, experimental studies are still rare.

+  [In this study], We experimentally realize a continuous variable eavesdropping attack, based on heterodyne detection, on a trusted quantum random number generator and discuss the limitations for secure random number generation that arise.

Source:  Cornell University Library.  Johannes Thewes, Carolin L ̈uders, and Marc Aßmann,  An eavesdropping attack on a trusted continuous-variable quantum random number generator [PDF]…

Content may have been edited for style and clarity.