With Quantum Entanglement And Blockchain, We Can Finally Generate Real Random Numbers

Well, no offence to Einstein, but he was dead wrong on that one. Not only has quantum theory stood the test of time, but it’s proved useful in everything from computing, to biology, to optics, to parlor games. And now, in a rather poetic twist, it may be about to revolutionize dice throws.

A random problem

“The unpredictability of random numbers is fundamental to both digital security and applications that fairly distribute resources,” begins a new paper from researchers at the University of Colorado Boulder and the National Institute of Standards and Technology, or NIST. It’s not wrong, but here’s the problem: genuine randomness? It’s pretty impossible to achieve in the real world.

“True randomness is something that nothing in the universe can predict in advance,” said Krister Shalm, a NIST physicist and one of the authors of the paper, in a statement Wednesday. That rules out the “roll of the dice” that theoretically epitomizes randomness, and it also – perhaps surprisingly – precludes a whole lot of those “random number generators” boasted by various computers.

There is a way around this stubborn predictability, and that’s to go quantum. Take the double-slit experiment, for example – a foundational demonstration in quantum physics, in which a beam of light is aimed at a solid screen with two slits cut into it, leading to a pattern of interference on a screen beyond. Precisely what that interference pattern will be is impossible to predict, however – unlike in classical mechanics, the location of where any given particle will end up is probabilistic, rather than deterministic, in nature.

Put simply: the quantum world is where we find true randomness – and it can be proven, more or less, using quite a similar setup to that same double-slit experiment. The key is in what’s called a Bell test: essentially, you run an experiment, measure the results, and remove all the bits that can be attributed to classical-level conditions. Any measurement correlations that are left over? Those almost certainly come from quantum physics.

Harness those edge correlations, and “you can turn that into the best random number generator that the universe allows,” Shalm said. But here’s a question: how would you know if you got it right?

A quantum check

It’s a simple question, with a complex solution: given a selection of supposedly “random” numbers, how would you verify their provenance? After all, it’s pretty easy to generate sequences that look random, but aren’t – computers do that all the time. Equally, true randomness rarely pings human radars as being such. How do you account for that?

Part of the answer is given by the Bell test again – or rather, a souped-up version of it, known as a loophole-free Bell test. It works by observing correlations between pairs of distant photons which have been set up specifically to remove any factors that might accidentally mimic the effects of quantum mechanics, such as a mis-sampling or interference from within the system.

In fact, NIST researchers used exactly this technique to generate certifiably random numbers back in 2018. “Our quantum source and protocol is like a fail-safe,” NIST mathematician Peter Bierhorst boasted at the time. “We’re sure that no one can predict our numbers.”

“Something like a coin flip may seem random, but its outcome could be predicted if one could see the exact path of the coin as it tumbles,” Bierhorst explained. “Quantum randomness, on the other hand, is real randomness. We’re very sure we’re seeing quantum randomness because only a quantum system could produce these statistical correlations between our measurement choices and outcomes.”

It sounds like a perfect solution, but it’s not without problems. It’s time-intensive, both to set up and to run. More worryingly, it’s just one source – meaning that if it were intercepted by some hypothetical bad actor, hell-bent on programing it with secretly predictable results, there really wouldn’t be any way of telling.

What you need, NIST physicist and paper coauthor Gautam Kavuri told Science News, is “a really paranoid way to make sure things are really random.” Something, he says, that “you would need to communicate faster than the speed of light to be able to spoof”.

And now, they have just the thing.

Democratizing unpredictability

Strength, they say, comes in numbers. With their new CURBy tool, the NIST and University of Colorado Boulder researchers have put that aphorism into practice.

“We really wanted to take [the] experiment out of the lab and turn it into a useful public service,” Shalm said. CURBy – that is, the Colorado University Randomness Beacon – does that by generating random numbers through the methods refined by NIST on a truly remarkable scale: about 15 million times across a single minute, creating a vast pool of results which is then sent on to the University of Colorado Boulder for processing. The result, a little less than seven minutes later, is 512 random bits of binary code – the equivalent of 2⁵¹² (a number 155 digits long) possible random numbers. It is, the NIST declares, “the universe’s best coin flip.”

But we’re not done yet. Generating the numbers is one thing – but checking them? That’s where the innovation comes in. 

“The solution, a protocol we call Twine, is based around the concept of intertwining different hash chains to form a hash graph,” the authors explained in the preprint version of their paper. It’s basically an extra-large blockchain: a cryptographically secure, time-ordered list of data, for which adding a new piece of information – like a single step of the random number generation procedure – is “hashed” together with the previous block. It’s especially useful for things like this, because, as the team points out, “attempting to change a block of data without detection would require rewriting the entire chain after that point.”

Now imagine that, but… bigger. See, CURBy takes this blockchain out sideways, too: “To prevent […] tampering with all the blocks on a single chain, the Twine protocol allows a block to include the hashes of blocks from multiple chains operated by different parties, creating a directed acyclic graph,” the team wrote. “If a party tries to tamper with their published records, it can be detected by other parties, as the hashes recorded on their chains will no longer be consistent.” 

“In other words, for a bad actor to go undetected, they need to surreptitiously rewrite the history of not only their own hash chain, but also of everyone else that is connected,” the paper explains. “As the number of independent parties in the network grows, such an action becomes increasingly difficult.”

So, how many people are involved in this network? Well… as many as you like, actually: CURBy broadcasts the random numbers through a website that any user can access to verify the data. It’s “a tapestry of trust,” remarked Jasper Palfree, a research assistant on the project at the University of Colorado Boulder – a “network of randomness that everyone contributes to but no individual controls.”

For a tool being touted as a way to select jury service or public lotteries, this wide network of open-source collaboration is perhaps fitting. And the fact that it’s also a novel solution to a complex quantum physics problem? That’s just the icing on the cake.

“I wanted to build something that is useful. It’s this cool thing that is the cutting edge of fundamental science,” Kavuri said. “NIST is a place where you have that freedom to pursue projects that are ambitious but also will give you something useful.”

The study is published in Nature.