A team that included researchers at a US bank says it has created a protocol that can generate certified truly random numbers, opening the possibility that current generation quantum computers can be used for secure applications in finance, cryptography, cybersecurity, and privacy.
However, an industry analyst is cautious.
“The JPMorgan team’s findings are interesting, but won’t be applicable in the near term for most CSOs, unless they are responsible for high security environments,” said Sandy Carielli, a principal analyst at Forrester Research.
“Quantum random number generation has been around for a while,” she pointed out, “and some CSOs may already be using products in that area. The certification could be a nice extra for highly regulated environments.”
Why this could be important
Why is this research important? Practical quantum computers capable of breaking current encryption may be five to 10 years away, but to protect current solutions and create new ones with quantum computers, applications will be needed that can generate random numbers for encryption keys that are unpredictable and can’t be cracked by quantum machines.
“Random number generation is an underpinning of effective cryptography because you need randomness to generate keys effectively,” said Carielli. “If a lack of randomness reduces the number of potential keys by a significant factor, an attacker can use brute force or guess a key.”
She added, “over the years, there have been issues of poor random number generation that have hampered cryptographic implementations. There are also many reputable random number generation methods available. Using a quantum computer for random number generation is certainly an option, though there may be questions about cost or scalability.”
Could be used on near-term quantum machines
The authors of the paper, published in Nature, said research shows quantum computers have the potential to solve problems better than classical computing techniques, but the resource requirements of known quantum algorithms for these problems put them far out of reach of quantum machines that exist now or in the near term.
However, the researchers, who were from JPMorganChase, Quantinuum, Argonne National Laboratory, Oak Ridge National Laboratory, and the University of Texas at Austin, said their solution shows current and near term gate-based quantum computers can perform at least one practically useful task: Creating truly random numbers.
The team did it by creating a protocol that ran over the internet on a 56-qubit trapped-ion quantum computer from US-based Quantinuum.
According to a statement from JPMorganChase, the researchers leveraged a task originally designed to demonstrate quantum advantage, known as Random Circuit Sampling (RCS), to perform a certified-randomness-expansion protocol, which outputs more randomness than it takes as input. This task, they said, is unachievable by classical computation.
Certified randomness
The ideal kind of randomness would have the following three characteristics, JPMorganChase said in a blog post:
- It comes from a verifiably trusted source.
- It comes with rigorous mathematical guarantees.
- It could not have been manipulated by a malicious adversary.
It is known as Certified Randomness. And, said the post, “as it turns out, such a protocol is impossible to realize using conventional computers but can be accomplished using a quantum computer.”
The team’s protocol consisted of two steps. First, it generated challenge random circuits (quantum programs are called circuits) and sent them to the untrusted remote quantum computer, which was then asked to return the resulting “random” numbers. This methodology was also tested against the best currently known techniques for simulating random circuits on the world’s most powerful conventional supercomputers; while the quantum run time per challenge was about two seconds, the team estimated that the challenge circuits could only be simulated classically in about 100 seconds.
Then, to verify that true random numbers had been generated, the randomness of the results was mathematically certified to be genuine using classical supercomputers at the US Department of Energy.
“When I first proposed my certified randomness protocol in 2018, I had no idea how long I’d need to wait to see an experimental demonstration of it,” Scott Aaronson, Schlumberger Centennial Chair of Computer Science and director of the Quantum Information Center at the University of Texas at Austin, said in a statement. “I’m thrilled that JPMorganChase and Quantinuum have now built upon the original protocol and realized it. This is a first step toward using quantum computers to generate certified random bits for actual cryptographic applications.”