Topic: [survey] What are the ideal properties of a quantum RNG? (Read 5322 times)

Will do.  Thank you.

This is an open source. The more details developers will learn the better for market. This is different from "a black box"  in that anyone with an electronics hobby can scrutinize it. This has been answered already:

You don't have to reveal exactly how it works - that might be your core IP that needs protecting later on.

Just treat it like a black box at this stage and tell us what it can do, why that's useful, who needs it, how much it'll cost them, how much profit you'll make. That's what business people care about - not the details of the technology.

I learned a LOT

Next post will have more details of how it works and what is needed.

What are the news from BTCMiami? 

Noise is not necessarily random at all.  So he is saying "take something that is not random and hash it."

My solution would offer random numbers.  And you can hash those if you feel like it.

This also is not open source and has generally none of the properties I described that are desireable. This solution may seem to work now but is not guaranteed to be random.  Prepared magnetic states are guaranteed to be random and it will work forever, regardless of the progress of cryptanalysis.

It's likely that  there is no market of such devices currently

Noise is a signal which is irrelevant and comes from many or no source in particular.  It is very difficult to tease apart actual random noise from noise that is decisively NOT random.

Quantum transitons are random, and predictably so.  They are also louder than the noise, which the scientist knows little about.  In general, one does not know or care of the sources of noise.  S/N in NQR is good enough to disregard possibly non-random noise in favor of something that is guaranteed to behave randomly in a specified manner.

It's predictably random.  It behaves perfectly and cannot be mistaken for for other signal.  Noise however, could be a nearby radio station - this is not so random.

Knowledge > lack thereof = "noise"

Also BTW, chaotic systems are subject to sudden non-randomness as they fall into attractors.  There is no better RNG than a two level controlled quantum system.

And why is this an advantage? (i.e. why would I invest in this) - I want Altoidnerd to explain his 'value proposition' - what makes his solution unique and valuable in the current market.

This is digital random.

It is analog random that is proposed in this topic; its work is based on such phenomena as nuclear resonance serving as  a source of quantum entropy.

Please correct me if I was mistaken.

Good point - Altoidnerd, what does your solution offer that these don't?

This sounds like a lot of chemical jibberjabber for something that can be done with webcam noise or lava lamps.

One solution I would have is to take a software defined radio such as http://spectrum.ieee.org/geek-life/hands-on/a-40-softwaredefined-radio

Take the 3 million raw I/Q samples per second of background radio and send the data through about 10000 XORed SHA hashes to get 512 bits a second. Random.

You're correct I'm a graduate student.  I'm at the convention in Miami....hopefully I will receive some guidance as to how to proceed.

I'm guessing you're at a university or other institution if you have access to a few US$100,000s of lab equipment. I would strongly advise you to look for local business plan competitions, or speak with someone at the business school about building a team to take this forwards.

I suspect if you're right, you have the potential to affect a large number of fields beyond bitcoin.

Altoidnerd, thanks!

I wonder how we could explain to consumers that generating keys with end-user product will safeguard them from attacks. For this we need to explain to them how the usage of this analog RNG device will fix the general problem of ECC caused by many instance of repeated public keys which correspond to different owners.

I gave a rough estimate of 256 bits in a few seconds above. I cannot give a precise speed comparison, except to surmise that optical phenomena are at least an order of magnitude faster than nuclear resonance as a general rule

I should say though that I did propose a method using resonance multiple species to speed up acquisition.  So its not that goals cannot be met using nuclear resonance, but I have displayed clear data for the 1x speedup - the up to 8x speedup would need to be investigated further to determine feasibility.

This in fact the speed of optical phenomena is why they seem to use computer algorithms for selection of relevant bits, because their data is coming at them a lot faster than mine would be. I instead would be using a small RLC circuit with a transistor amplifier and level detector. There would be really no software or digital circuitry involved at all. So the implementations are fundamentally different, but the mathematics (of QM) is really the same.

I envision something inherently simple to build and use. My device would be completely accessible to make at home, just by looking up the schematics and having skill in analog design, which would be a major difference that sums up the above points.

This may also have a side effect of furthering research in zero field NMR, since MRI machines in hospitals are using only high field 1H NMR.  Zero field is sort of a black art in magnetic resonance, which I think could be used cleverly in the medical industry. Much of the reason an MRI costs so much is the utilization of a superconducting magnet, wheres as the spectroscopic method I am employing here is used without external fields - no magnet necessary.  This technique has been largely ignored in the NMR and MRI communities, which aggravates me to no end, but we shant go there...but it is receiving attention again in the industry of explosives/landmine detection.

"Zero field NMR" is synonymous with "NQR" though this wording is misleading.

Thank you for comments.
But what would be a performance of your device compared with their optical one? End-user would measure it in say keys-per-second. Or keys/$

Thanks! Yes a lot of the mathematics will be very similar if I post a whitepaper.  This will be a good resource.  Some comments:

• This is optical - which as I noted above, is a bit above the scope of hobbyists
• They didn't really show me how to do it; moreover, their detectors are expensive
• Not at all to discredit their work - just to point out the need for a cheaper, more accessible solution

I like Microsoft research a lot.  It's spot on, it looks.  I can take hints from this for I/O.

This is a very nice a rigorous proof of some of the quantum phenomena I implicitly implied will work in my case, here with magnetization in crystals (but its physics...its always the same thing in a different can).

concerning RNG on the market: there was proposed Quantum Random Number Generator by Microsoft:

http://academic.research.microsoft.com/Publication/27622219/a-quantum-random-number-generator-certified-by-value-indefiniteness

RNG's today operate on thermal fluctuations and alternatively current "shot noise." These methods are in principle sources of quantum entropy.  However, they work on integrated circuits so nobody knows whats really going on inside of it.  One can perhaps test the legitimacy of the outputs, but I do not like the idea of ICs used in open source technology since they can always be backdoored - one must trust the IC manufacturer to use the IC.

This is different in that anyone with an electronics hobby can scrutinize it; these electronics presented are completely analog. One can also feel free to exchange the (sodium chlorate?) sample with their own if they believe I have doctored mine.  It's simple physics, rather than black-box electronics.



Anyone who is worried about keys generated by deterministic algorithms.  They are not guaranteed to be random, and if an attack is found, the bitcoins are gone (https://www.google.com/search?q=android+vulnerability+stolen+bitcoins&rlz=1C1CHFX_enUS565US565&oq=android+vulnerability+stolen+bitcoins&aqs=chrome..69i57j0l5.5858j0j7&sourceid=chrome&espv=210&es_sm=93&ie=UTF-8).  Perhaps it would be intended for large holders of coins or by servers who tend to generate a lot of keys...or advanced users.  

Or even hardware developers who want to offer a bitcoin product, but are afraid they will create something that doesn't offer enough entropy, making their customers lose all their bitcoins, and bringing a lot of heat upon themselves.

I would make my design open source so they can modify it as they please, asking only that their version's build characteristics can also be documented properly.



I have done much of the research already.  The exact details like this would come after I have community input on what features are actually desired.  How small do I need to make it to be desirable?  How do you guys think it should output the random bits?  Desired speeds?

Once I have answers to these questions, I can make concrete statements about dev cost and a timeline.

In short, I can make this work on my lab equipment already.  That isn't satisfactory of course; I'm using a $100,000 signal generator, and a few $30,000 oscilloscopes.  

But if I specialize the device to work for only a certain chemical, and function only in such a way as to be used in conjunction with bitcoin...it doesn't need to be made from expensive lab equipment.  So once we decide the properties, I can choose an operating frequency, and really make a nice parts list.

For a rough estimate, for the type of device I have in mind...to buy the raw electronics for a one-time build...the parts would cost under $20.  In the course of devlopment one should expect many failed attempts so the dev cost is much higher than the unit cost.

I already have most of the test equipment I would like or need to finish the job.