Trust Me, I’m A Random-Number Generator
SK Telecom has created a “quantum random number generator” chip <https://www.theregister.co.uk/2017/07/26/sk_telecom_makes_light_of_random_numbers_for_iot_applications/>. Seems like slapping the label “quantum” on anything is enough to make people believe you know what you are talking about. Random-number generators are notorious for being easily subverted. And hearing things like “SK Telecom hasn't specified what kind [of quantum noise source they are using]” is not exactly reassuring. You can never be sure your random numbers are truly random. But you try to stack the deck as much in your favour as you can. The Linux kernel mixes in several sources of entropy to feed /dev/random (and from there, /dev/urandom), in the hope that, as long as one of them remains unsubverted (intentionally or otherwise), the output can be trusted. This is also the principle behind the Fortuna PRNG <https://en.wikipedia.org/wiki/Fortuna_(PRNG)>, which well-known computer security guru Bruce Schneier had a hand in.
On Thu, Jul 27, 2017 at 05:04:55PM +1200, Lawrence D'Oliveiro wrote:
SK Telecom has created a “quantum random number generator” chip <https://www.theregister.co.uk/2017/07/26/sk_telecom_makes_light_of_random_numbers_for_iot_applications/>. Seems like slapping the label “quantum” on anything is enough to make people believe you know what you are talking about.
Random-number generators are notorious for being easily subverted. And hearing things like “SK Telecom hasn't specified what kind [of quantum noise source they are using]” is not exactly reassuring.
You can never be sure your random numbers are truly random.
What is "truly random" when pseudo random number generators can pass all statistical tests for randomness? If there is no known test for distinguishing "truly random" from a known deterministic process that generates a sequence of numbers that passes the tests for randomness, then how can we claim that "truly random" actually exists? Cheers Michael.
On Thu, 27 Jul 2017 19:08:31 +1200, Michael Cree wrote:
What is "truly random" when pseudo random number generators can pass all statistical tests for randomness? If there is no known test for distinguishing "truly random" from a known deterministic process that generates a sequence of numbers that passes the tests for randomness, then how can we claim that "truly random" actually exists?
Quantum theory says that, when a superposition of states collapses, you cannot know in advance which of the possible states it will collapse into. This theory has passed all known experimental tests so far. Nevertheless, a hardware chip that claims to be built on this principle still can offer no guarantee that it is foolproof. Along the path from physical effect, through hardware sensor, through encoding/decoding logic, through bus interface, through microcode firmware, through device driver, through OS kernel, through API library, through application software, to end user, there are countless opportunities for stupidity (or malice) to stuff things up, in ever so subtle ways. And you might never know that this has happened.
On Thu, Jul 27, 2017 at 07:56:29PM +1200, Lawrence D'Oliveiro wrote:
On Thu, 27 Jul 2017 19:08:31 +1200, Michael Cree wrote:
What is "truly random" when pseudo random number generators can pass all statistical tests for randomness? If there is no known test for distinguishing "truly random" from a known deterministic process that generates a sequence of numbers that passes the tests for randomness, then how can we claim that "truly random" actually exists?
Quantum theory says that, when a superposition of states collapses, you cannot know in advance which of the possible states it will collapse into. This theory has passed all known experimental tests so far.
All sorts of theories say all sorts of things. The question is how much do they actually correspond to reality. What quantum mechanics (QM) says is a little more subtle than the way you put it, but it will suffice for discussion here. Interestingly there are other theories (such as Bohm's pilot wave) that predict exactly the same results as QM. Bohm sacrifices locality (that effects cannot have distant consequences) to retain realism (the ability to predict with certainty the properties of the system given sufficient knowledge of the system at some prior time). It's only for philosophical reasons, not experimental evidence, that most scientists choose QM over Bohm's approach. And while QM has passed all known experimental tests so far, that does not necessarily mean that QM will pass all future experimental tests, and it does not mean that the tests done to date are not subject to flaw or critique. Indeed they are subject to very real problems, such as the sensors are not 100% efficient but the theorems (such as Bell's inequalities) assume perfect sensors. The theorems can be generalised to imperfect sensors but that requires extra assumptions which weakens the test and has opened them to critique. For the record, I kind of like QM and the fact that it is strong evidence demolishing reductionist, realistic and deterministic views of the universe, and, yes, I think it leaves open the door that "truly random" might well exist. But I would not yet take it as proof, particularly when there is still significant debate over the measurement problem in QM. Once again (quoting myself): If there is no known test for distinguishing "truly random" from a known deterministic process that generates a sequence of numbers that passes the tests for randomness, then how can we claim that "truly random" actually exists? Cheers Michael.
participants (2)
-
Lawrence D'Oliveiro -
Michael Cree