today JP Morgan Chase announced that, together with Quantinuum and DoE labs, they’ve experimentally demonstrated the protocol I proposed in 2018, and further developed in a STOC’2023 paper with Shih-Han Hung, for using current quantum supremacy experiments to generate certifiable random bits for use in cryptographic applications. See here for our paper in Nature—the JPMC team was gracious enough to include me and Shih-Han as coauthors.Bloomberg reports:
JPMorgan Chase & Co. has generated and certified so-called truly random numbers using a quantum computer, in a world-first that the bank hopes will have applications for security and trading.Computers are not really deterministic. They have a CPU with a built-in hardware random number generator. Those numbers are as genuinely random as anything else. The advantage of Aaronson's method is that the numbers are certifiably random.Researchers created the sequence using a quantum computer built by Honeywell’s Quantinuum, according to a paper published in the scientific journal Nature on Wednesday. JPMorgan researchers, alongside Argonne and Oak Ridge national laboratories and the University of Texas at Austin, then became the first to prove mathematically that they had produced “genuine randomness.”
Most so-called random number generators, which are important for encrypting sensitive data, aren’t actually random. They’re pre-determined sequences. Computers run on a set of programmed mathematical operations that will always return the same answer, raising the risk that hackers with access to increasingly sophisticated computing power could crack encryption codes.
Aaronson admits that the method is not really practical, and it is hard to imagine a use for it. If you want to generate a private cryptographic key, there are much easier ways. Eg, you could record a video of yourself and hash it. You could use the CPU generator. You could use the generator that comes with password and bitcoin apps.
There are also public random number generators, such as here and here. It is a little tricky for multiple parties to agree on a fair lottery, but there are many ways that are a whole lot easier than using a quantum computer.
One way is to agree on a lottery for a particular day is to agree to has (with sha256, say) of the NY Times front page that day, or the stock market trades, or the baseball scores. A drawback is that if a lot of money were at stake, maybe someone would bribe a NY Times editor to drop a story or a baseball player to throw a game in order to influence the hash. Such attacks would be extremely improbable.
Quantum random number generation ISN'T new. I recall reading about it back in the 90s. There are references to it in Tom Clancy novels, where they use "quantum background nose" from "cosmic sources" as the basis for random numbers for a OTP cipher. Also, wikipedia says: "Quantum random number generation technology is well established with 8 commercial quantum random number generator (QRNG) products offered before 2017" so it appears JP Morgan, Quantinuum, and Scott Aaronson are a little late to the party! That being said, "quantum randomness" is only ARGUABLY better than standard sources of randomness.
ReplyDeleteYes, Aaronson et al are aware of quantum random number generation. They claim that their random numbers are certifiably random, so you do not have to trust the person reading the data from the equipment. They do have to make a bunch of other assumptions.
ReplyDelete