Less than a minute into my phone call with QuintessenceLabs’ CTO John Leiseboer, he goes silent. There’s a click, a bleep, and he’s back on the line.
“We’ll assume it was a random event,” he jokes.
Truly random occurrences are harder to come by, but demand for this enigmatic commodity is growing every day.
Random numbers are the building blocks of encryption, authentication, signing, key wrapping, one-time codes, nonces, and other cryptographic applications. They are also crucial in modelling and gaming.
Applications that need a steady supply usually use algorithms to generate small ‘seeds’ of random numbers, and work them into much bigger ones. These pseudo-random numbers, however, are not truly unpredictable.
“It’s a relatively dangerous thing to do,” says Leiseboer. “Because computers and algorithms are deterministic it’s always possible, given that you know what the input is and you know what the algorithm is, to predict the output.”
True random number generators, on the other hand, use a real-world source to create seeds – like mouse movements, temperature, or the time between keystrokes on a keyboard. But sources like those provide only trickles of true random numbers.
“A modern day true random number generator might be able to generate random bit streams at a few bits per sec, and if they’re really good maybe a few kilobits per second,” says Leiseboer. “It takes a lot of time to gather enough entropy, to gather enough uncertainty.”
QuintessenceLabs’ technology supplies a full-entropy random bit generation rate of at least 1 gigabit per second, opening up potential applications never before possible. How do they do it? By measuring what Leiseboer calls the “fundamental crackle in the universe”.
The Canberra-based company’s qStream product is about the size of a pack of playing cards. Within its grey casing, a laser beam is split in two and one beam is ‘subtracted’ from the other.
“In a classical world…I end up with nothing. A vacuum,” explains Leiseboer. “At the quantum level I end up with a quantum vacuum. The interesting thing about that is – there’s actually activity occurring. There’s creation and destruction, this fundamental crackle in the universe that just exists.
“Then it’s simply a case of taking that signal, amplifying it, digitising it and converting it to numbers in a computer.”
The result is a gushing, inexhaustible flow of full-entropy.
“What that means in the real world is that we can generate keys more quickly. We can generate more keys in a shorter period of time,” says Leiseboer. “It means we can rotate keys, so keys that have been used for cryptographic purposes are exposed to potential compromise for a much shorter period of time.”
The technology was conceived by QuintessenceLabs’ founder and CEO Vikram Sharma at the Australia National University in 2006 and first offered commercially in 2011.
It’s on this foundation technology that QuintessenceLabs has built a suite of security products which include key management solutions; encryption modules for file systems, databases, cloud and mobile; storage devices with automatic zeroisation and secure key storage.
Currently in late stage development is what the company calls ‘Second Generation Quantum Key Distribution’. It works by encoding keys onto a continuous beam of laser light, which can be transmitted from point to point via commercial off-the-shelf telecommunications components and existing fibre optic cable.
“We can start thinking about how to take advantage of that in new, cryptographic applications,” says Leibeboer.
Westpac Group are too. Last year, the banking group took an 11 per cent stake in QuintessenceLabs. It said in an announcement it would “utilise this world-leading technology to boost our security capabilities, as well as cut down the time and costs associated with encrypting confidential data held by the bank”.
The bank works closely with QuintessenceLabs (Westpac group GM technology and architecture, Robert Wilson, sits on the board of directors as does former Westpac chief strategy officer Jon Nicholson), using its solutions while guiding future research. Other customers include the US government and military, IBM, NetDocuments, Boeing, Lockheed Martin and VMWare.
In the future, Leiseboer predicts the quantum random number generation technology to be ubiquitous and even more compact.
“We have a technology that solves many of the difficult problems that are out there today,” he says. “We have a technology that has a very strong role to play in the future protection of information.“We’re working on improvements in performance, and slight variations on the technique we’re using for random number generation. Still using quantum effects but using quantum effects that allow us to reduce that pack of cards down to a grain of sand.”