Here's how to generate a truly random number with quantum physics
Very little in this life is truly random. A coin flip is influenced by the flipper's force, its surrounding airflow, and gravity. Similar variables dictate rolling a pair of dice or shuffling a deck of cards, while even classical computing's cryptographic algorithms are theoretically susceptible to outside influence or bias.
'True randomness is something that nothing in the universe can predict in advance,' explained Krister Shalm, a physicist at the National Institute of Standards and Technology (NIST).
So how does someone achieve true randomness? For that, you need to peer into the quantum realm. The task once required years of study and access to vast research facilities, but thanks to an ingenious new project from Shalm and his colleagues, now anyone can access a 'factory for random numbers.' And it's free to use.
Designed by NIST in collaboration with the University of Colorado Boulder, the Colorado University Randomness Beacon (CURBy) is a first-of-its-kind system that relies on headspinning quantum mechanics concepts to offer truly random number generation.
More specifically, CURBy's foundation rests on a task known as the Bell test. Named after the famed physicist John Stewart Bell, the test measures pairs of entangled photons with properties that remain correlated even after separating across huge distances. While the outcome is always random when measuring a single particle, a pair's properties are more correlated than classical physics dictates. This allows experts to verify the randomness at a quantum level.
Albert Einstein previously described this 'quantum nonlocality' as 'spooky action as a distance,' and he wasn't a fan of the idea. Unfortunately for him, NIST proved its existence back in 2015. Three years later, they developed methodologies to use Bell tests in order to construct the world's first true randomness generators.
These initial random results necessitated months of refinement and only ran for a few hours in total. Even then, the physicists and engineers only generated 512 bits of true randomness. Since then, researchers expanded and automated their experiment, thus offering random numbers whenever needed.'We really wanted to take that experiment out of the lab and turn it into a useful public service,' said Shalm.
Their finalized protocol served up randomness 7,454 times over its first 40 days of existence. Researchers then recorded 7,434 cases of randomness—a success rate of 99.7 percent.
But how do you actually generate true randomness? For that, you need a system that relies on a bespoke nonlinear crystal to generate entangled photon pairs. The particles then speed away in an optical fiber to separate laboratories at opposite ends of a hallway at NIST. Once they reach the two labs, researchers measure their subsequent polarizations. This relay race is then repeated a headspinning 250,000 times per second.
All that data needs to be processed, so NIST sends off its millions of quantum coin flips to a specially designed computer program built by engineers at UC Boulder. The program then translates the measurements into 512 random bits of binary code that can then be parsed by anyone.
But utilizing CURBy is much simpler than the dizzying quantum computations required to generate true randomness. All a user needs to do is head to its website and key in the list of items you want shuffled. CURBy then will rearrange the entries based on any given day's quantumly determined randomness. The outcome is decades in the making, and would have certainly given Einstein something to think about.
'I am at all events convinced that [the Creator] does not play dice,' he famously wrote to Max Born in 1926 regarding the concepts of quantum theory.
'If God does play dice with the universe, then you can turn that into the best random number generator that the universe allows,' Shalm said.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Forbes
18 hours ago
- Forbes
Quantum-Safe Payments: Hype, Hope Or Just Headline Insurance?
Quantum investment is growing - when will it impact payments? (Photo by Thomas Niedermueller/Getty ... More Images) When a Europol-backed working group warned in February that banks should 'start their post-quantum migrations now,' it triggered a familiar ripple through boardrooms: Is Q-Day finally close enough to budget for? The Quantum Safe Financial Forum, whose members include the Fed, the ECB, and half a dozen global systemically important banks, framed the threat in stark terms: criminals are already stockpiling today's encrypted payment traffic, betting they can decrypt it tomorrow. Card networks, instant-payment switches, and mobile wallets rely on public-key cryptography: the RSA and elliptic-curve algorithms that every ISO 8583 or ISO 20022 message depends on. A fault-tolerant quantum computer could, in theory, break those keys in hours. Visa's global head of fraud services told PYMNTS that threat actors are 'steal-now-decrypt-later' harvesting card data already, waiting for quantum horsepower to catch up. Central bankers are equally blunt. In a speech titled Technology as a New Frontier for Macro-Prudential Policy, ECB board member Piero Cipollone called quantum risk 'a serious threat to our encryption-based financial system' and urged an early transition. For a decade, the answer to the quantum threat was to wait for NIST. That wait ended on 13 August 2024, when the U.S. standards body finalised its first three post-quantum encryption algorithms: CRYSTALS-Kyber for key exchange and CRYSTALS-Dilithium and SPHINCS+ for digital signatures. NIST urged system administrators to 'begin transitioning as soon as possible.' Those standards are now the reference set for every card scheme, processor, and bank writing 'quantum-safe' into a roadmap. Mastercard, for example, launched a Quantum Security & Communications project in 2021 and says the NIST selections will 'directly inform future network designs.' Card giants are still piloting. Visa has job listings for researchers 'who will directly influence how Visa and the broader payments industry evolve in the age of quantum computing,' hinting at an internal prototype network that swaps RSA for lattice-based keys. Mastercard runs quantum-threat drills inside its Cybersecurity Fusion Centers and has already swapped post-quantum algorithms into some internal message pipes. While U.S. firms talk pilots, China is stringing satellites. In March, the Chinese Academy of Sciences announced the first 12,800-kilometre quantum key-distribution (QKD) link between Beijing and South Africa—an experiment that leapfrogs fibre-based QKD and shows how a global, satellite-borne network might one day shield cross-border payment traffic from interception. The geopolitical implication is clear: if Beijing controls an orbital quantum backbone, it could offer 'unhackable' payment messaging to Belt-and-Road partner banks long before Visa or SWIFT finish their ground-based migrations. The payments stack is layered. Updating SSL/TLS in an API gateway is trivial compared with swapping out hardware security modules (HSMs) that live in PCI-DSS cages. Most production HSMs cannot run Kyber or Dilithium; vendors are still shipping beta firmware. Network-level revamps run into liability rules: if a post-quantum algorithm fails in the wild, who reimburses the retailer? That's why many CISOs treat quantum-safe upgrades as headline insurance—announce a pilot, reassure the board, but keep the RSA fallback until regulators force a cut-over. The Europol forum tried to puncture that complacency: it wants banks to map every cryptographic dependency by end-2025 and publish transition timetables. Sceptics argue fault-tolerant quantum machines are at least a decade away. Yet the harvest now strategy is real. Payments data—PANs, CVVs, CVCs—retain value for at least seven years, the typical validity window of a card. If quantum decryption arrives sooner than expected, terabytes of archived traffic could be replayed against tokenisation systems, revealing plaintext PANs that feed synthetic-identity fraud. Visa's fraud researchers estimate cyber-crime will cost the global economy $10.5 trillion by 2025; post-quantum vulnerabilities could add a multiplier. Small wonder regulators view proactive migration as cheaper than retrospective cleanup. QKD satellites grab headlines because they sound like Star Wars for banking. Yet QKD only solves key exchange, not bulk message encryption, and current satellites handle kilobit-per-second links—fine for diplomatic traffic, useless for VisaNet's 65,000 TPS. Most experts see satellite QKD as a niche overlay that protects the 'seed keys' used to bootstrap terrestrial networks. Still, China's leapfrogging matters. A bank that can route high-value settlement messages via an entanglement-based channel gets an edge in geopolitical trust—especially in regions where 'quantum-proof' becomes a marketing label as powerful as PCI Level 1 was in 2005. Quantum-safe payments sit at the awkward intersection of science and risk. Hype sells satellite demos and billion-dollar quantum-computer SPACs. Hope anchors R&D agendas for Google, IBM and Alibaba. But audit proof, evidence that a network will still work when Shor's algorithm becomes practical, is what regulators, auditors and cyber-insurers increasingly demand. Visa, Mastercard, and China's quantum satellite engineers are converging on the same conclusion: the time for headline insurance pilots is closing. The following compliance cycle will ask not if you have a quantum-safe plan but how far along you are on the three-phase roadmap. For payments executives, the cheapest answer is to start migrating before Q-Day headlines hit the front page—and before stolen 2024 card data meets a 2030-grade quantum decryptor. In other words, the smartest move might be to treat quantum-safe payments less like distant science fiction and more like EMV circa 2000: a heavy lift today, but table stakes tomorrow — because nobody wants their brand on the first un-quantum-proof breach.
Yahoo
a day ago
- Yahoo
Patton Unveils Second-Generation, US-Made, Commercial-Grade, FIPS-140 Ultra-Secure SIP Phone with Enhanced NG911 Compliance
US-designed and manufactured, Patton's new commercial SIP-Phone is ultra-secure, FIPS 140-2 validated, and NG911-enabled. Providing POE and Fiber-to-the-Desk, the Tone Commander TC7110 delivers network and source-of-supply security. Patton... Let's Connect! GAITHERSBURG, Md., June 12, 2025 (GLOBE NEWSWIRE) -- Patton—world leader and US manufacturer of secure telephony, UC, and networking gear—announces today the new Tone Commander TC7110 ultra-secure SIP phone is now available for pre-order. Tone Commander products are designed and manufactured in the USA, ensuring source-of-origin and supply-chain security. 'The TC7110 combines security, flexibility, and ease-of-use in a modern SIP phone platform,' said Robert R. Patton, CEO of Patton. 'This launch reinforces our commitment to delivering trusted, U.S.-manufactured communications solutions to public and private sectors.' Innovation. Patton has incrementally innovated the original Tone Commander military-grade SIP-Phone. Enhancements to the commercial grade version include Gigabit, PoE, and fiber connectivity, modern E911 features sets, and updated security modules. Secure FIPS-140-2/3 Encryption. The TC7110 offers robust SIP support with TLS and SRTP encryption using FIPS-140-2/3 validated crypto modules. FIPS 140 is the U.S. standard that defines security requirements for hardware, software, and firmware that perform cryptographic functions. The standard is managed by the National Institute of Standards and Technology (NIST), overseen and validated by the Cryptographic Module Validation Program (CMVP). Enhanced NG911. NG911 system enhancements include Specific Location Information Server (LIS) interactions via RFC 5985 (HTTP Enable Location Delivery HELD protocol), storing and relaying location by reference and location by value. The system includes geodetic coordinates (latitude, longitude, and ellipsoidal height) and E911 Gateway functions within the NG911 environment. E911 Compliance. The TC7110 supports legislated E911 standards including Kari's Law for direct 911 calling and Ray Baum's Act for specific location information. Additional E911 protocols supported include: Automatic Location Information (ALI) Automatic Number Identification (ANI) Compliance with the National Emergency Number Association (NENA) regulations RFC 5962 – Location Object represented in a SIP Header (PIDF-LO) Key Features of the TC7110 SIP Phone: Security – TLS and SRTP encryption with FIPS-140-2/3 validated crypto and IPv4/IPv6 support. Customizable Interface – Ten programmable, desi-less multifunction keys and 320x240 color display. Cloud Orchestration – Automatically provision, manage, monitor, secure, alert, troubleshoot, analyze and optimize services using the Patton Cloud. Remotely and securely access and control phones, LANs, and over-the-top (OTT) services. Flexible Power Options – Supports Power over Ethernet (PoE) and includes external power supply. For more information about the Tone Commander IP Phone TC7110, go to In related news, Patton recently announced the new Tone Commander TC7910 secure SIP Phone that offers three switched gigabit Ethernet ports. About Patton Patton is a world-renowned manufacturer of networking and communications technology, offering a wide range of solutions including VoIP, Ethernet extension, wireless, and fiber optic products. Founded in 1984 and headquartered in Gaithersburg, MD, Patton has a strong global presence and a reputation for delivering reliable and innovative solutions to a diverse customer base. Let's Connect! Media Contact: Glendon Flowers | +1 301 975 1000 | press@ A video accompanying this announcement is available at in to access your portfolio
Yahoo
a day ago
- Yahoo
Here's how to generate a truly random number with quantum physics
Very little in this life is truly random. A coin flip is influenced by the flipper's force, its surrounding airflow, and gravity. Similar variables dictate rolling a pair of dice or shuffling a deck of cards, while even classical computing's cryptographic algorithms are theoretically susceptible to outside influence or bias. 'True randomness is something that nothing in the universe can predict in advance,' explained Krister Shalm, a physicist at the National Institute of Standards and Technology (NIST). So how does someone achieve true randomness? For that, you need to peer into the quantum realm. The task once required years of study and access to vast research facilities, but thanks to an ingenious new project from Shalm and his colleagues, now anyone can access a 'factory for random numbers.' And it's free to use. Designed by NIST in collaboration with the University of Colorado Boulder, the Colorado University Randomness Beacon (CURBy) is a first-of-its-kind system that relies on headspinning quantum mechanics concepts to offer truly random number generation. More specifically, CURBy's foundation rests on a task known as the Bell test. Named after the famed physicist John Stewart Bell, the test measures pairs of entangled photons with properties that remain correlated even after separating across huge distances. While the outcome is always random when measuring a single particle, a pair's properties are more correlated than classical physics dictates. This allows experts to verify the randomness at a quantum level. Albert Einstein previously described this 'quantum nonlocality' as 'spooky action as a distance,' and he wasn't a fan of the idea. Unfortunately for him, NIST proved its existence back in 2015. Three years later, they developed methodologies to use Bell tests in order to construct the world's first true randomness generators. These initial random results necessitated months of refinement and only ran for a few hours in total. Even then, the physicists and engineers only generated 512 bits of true randomness. Since then, researchers expanded and automated their experiment, thus offering random numbers whenever needed.'We really wanted to take that experiment out of the lab and turn it into a useful public service,' said Shalm. Their finalized protocol served up randomness 7,454 times over its first 40 days of existence. Researchers then recorded 7,434 cases of randomness—a success rate of 99.7 percent. But how do you actually generate true randomness? For that, you need a system that relies on a bespoke nonlinear crystal to generate entangled photon pairs. The particles then speed away in an optical fiber to separate laboratories at opposite ends of a hallway at NIST. Once they reach the two labs, researchers measure their subsequent polarizations. This relay race is then repeated a headspinning 250,000 times per second. All that data needs to be processed, so NIST sends off its millions of quantum coin flips to a specially designed computer program built by engineers at UC Boulder. The program then translates the measurements into 512 random bits of binary code that can then be parsed by anyone. But utilizing CURBy is much simpler than the dizzying quantum computations required to generate true randomness. All a user needs to do is head to its website and key in the list of items you want shuffled. CURBy then will rearrange the entries based on any given day's quantumly determined randomness. The outcome is decades in the making, and would have certainly given Einstein something to think about. 'I am at all events convinced that [the Creator] does not play dice,' he famously wrote to Max Born in 1926 regarding the concepts of quantum theory. 'If God does play dice with the universe, then you can turn that into the best random number generator that the universe allows,' Shalm said.
