One of the hidden foundations of modern life are random numbers. If you make credit card payments over the internet, for example, you’re a serial user of random numbers which are necessary to guarantee the security of your personal details.

And with the advent of techniques such as quantum cryptography, which guarantees perfect secrecy and requires vast quantities of random numbers, the demand for these mathematical objects is set to increase dramatically.

But there’s a problem—genuine random numbers are notoriously hard to find. In particular, they cannot be generated by a deterministic process such as a computer program. That’s because a deterministic process can easily be repeated to reproduce the number, proving that it cannot be random.

So physicists have long searched for other ways to make genuinely random numbers based on physical processes that produce random outcomes. The gold standard is the quantum random number generator—a device that exploits the probabilistic nature of quantum mechanics to produce a sequence of entirely random digits.

However, quantum random number generators are complex, expensive devices. So physicists would dearly love to find a cheaper and easier way to generate quantum random numbers.

And now they’ve found it. Today, Bruno Sanguinetti and pals at the University of Geneva in Switzerland have worked out how to generate random numbers on an ordinary smartphone using genuine quantum processes. And they say their new technique can produce random numbers at the rate of 1 megabit per second, more than enough for most security applications.

The quantum process that these guys exploit is the way light sources emit photons. Because each emission is a quantum process, the instant of emission cannot be predicted. So the number of photons that a light source emits in a unit of time will always vary by an amount that is entirely random.

This is the basis of the new technique. Sanguinetti and co point out that smartphone cameras have improved so much in recent years that they are capable of detecting the quantum variations in the number of photons they detect.

They put this to the test with a Nokia N9 smartphone, which has an ordinary 8 megapixel rear-facing colour camera (and is the only phone to run Nokia’s short-lived Meego operating system). And they compared its performance against a monochrome CCD array designed for astronomical use—an ATIK 383L which also has 8 megapixels.

The set up is simple in principle. Each pixel senses the number of photons that arrive in a certain period of time. These photons are converted into electrons, which are then amplified by a factor determined by the camera’s sensitivity setting (ISO setting).

It’s straightforward to calculate the average number of electrons this process should produce, given the probabilistic nature of photon emission. But the actual number of electrons should differ by a number that is random. That produces a single random digit. And since a light-sensitive array consists of many pixels working in parallel, it is possible to generate a large quantity of random digits from each image.

In practice, the first step is to characterise the light sensitivity of the camera by shining a green LED at it. That allows the team to work out the number of photons that saturate a pixel and ensure this does not happen while the random numbers are being generated (otherwise the results are no longer random).

Sanguinetti and co determined that they should illuminate each pixel in the Nokia camera with enough light to generate about 410 electrons and each pixel in the ATIK camera with enough light to generate about 15,000 electrons, quantities that are easily controlled by limiting the exposure time for each image.

So the process of generating random numbers consists of pointing the camera at a green LED that evenly illuminates all the pixels and pressing the shutter button. A simple program then extracts the random digits.

An important question for any random number generator is whether the resulting numbers are genuinely random. This is a notoriously difficult problem because it is impossible to prove beyond doubt that any given number really is random.

But Sanguinetti and co calculate that their numbers are pretty close to random. They say that the process would have to be repeated 10^118 times before any deviation from randomness might be observed. “If everybody on earth used such a device constantly at 1Gbps, it would take 10^80 times the age of the universe for one to notice a deviation from a perfectly random bit string,” they say.

That’s not bad. There are also various standard tests that mathematicians have devised that look for specific weaknesses in random numbers. Sanguinetti and co put their device through a number of these. “The random number generator passed all tests,” they say.

That’s an exciting result. It means that with the appropriate app, anybody with a standard smartphone can generate an almost unlimited quantity of random digits. “We believe that the

simplicity and performance of this device will make the widespread use of quantum random numbers a reality,” say Sanguinetti and co.

The security implications of this are important. In cryptography, there is a well known idea called Kerckhoffs’s principle that states that the security of a cypher should lie entirely in the key. So while every other aspect of a security system can be public, the information it carries will remain secure as long as the key is also secure.

And applications? Secure credit card transactions are only the beginning. A quantum random number generator that works at 1 Mbps can also secure emails and even phone calls.

There ought to be significant demand for this kind of service given the wholesale eavesdropping that various states have indulged in recently. So it’s not beyond the realms of possibility that some governments will want to regulate the use of this kind of technology.

Be warned: there may be a battle brewing here.

Ref: arxiv.org/abs/1405.0435 : Quantum Random Number Generation On A Mobile Phone