Weird quantum physics is key to keeping your credit card safe

US government researchers figure out a new way to generate provably random numbers, a key foundation to modern computer security protections.

Stephen Shankland Former Principal Writer
Stephen Shankland worked at CNET from 1998 to 2024 and wrote about processors, digital photography, AI, quantum computing, computer science, materials science, supercomputers, drones, browsers, 3D printing, USB, and new computing technology in general. He has a soft spot in his heart for standards groups and I/O interfaces. His first big scoop was about radioactive cat poop.
Expertise Processors | Semiconductors | Web browsers | Quantum computing | Supercomputers | AI | 3D printing | Drones | Computer science | Physics | Programming | Materials science | USB | UWB | Android | Digital photography | Science Credentials
  • Shankland covered the tech industry for more than 25 years and was a science writer for five years before that. He has deep expertise in microprocessors, digital photography, computer hardware and software, internet standards, web technology, and more.
Stephen Shankland
2 min read

Using the bizarre rules of quantum physics, US government researchers have developed a new way to generate random numbers that play a key role in protecting sensitive information from prying eyes.

Part of NIST's system for generating provably random numbers through the weird nature of quantum physics.
Enlarge Image
Part of NIST's system for generating provably random numbers through the weird nature of quantum physics.

Part of NIST's system for generating provably random numbers through the weird nature of quantum physics.


The computing industry has a voracious appetite for random numbers that are key to keeping your credit card number secret. They secure online purchases and ensure your hotel Wi-Fi administrator can't snoop on your confidential work communications.

Obviously, rolling dice or flipping coins isn't going to satisfy that demand for random numbers, and the computer methods we use today can also have shortcomings. Shortcuts can mean predictability and therefore insecurity.

But researchers at the National Institute of Standards and Technology announced Wednesday they've harnessed quantum mechanics to not only generate truly random numbers, but to prove that they're random.

"Our quantum source and protocol is like a fail-safe. We're sure that no one can predict our numbers," NIST mathematician Peter Bierhorst said.

It's a new illustration of how the wackiest, most abstract science research can turn out to have commercial relevance years or decades later.

Quantum mechanics, pioneered in the early 20th century, offers explanations of the bizarre realm of the ultra-small, but it's famously hard to comprehend. Yet one of its weirdest aspects -- "entanglement," which link the states of two separated particles -- is key to the NIST work.

NIST plans to make its truly, certifiably random ones and zeros available to anyone who needs them. The agency already offers a service called the NIST Randomness Beacon using commercially available random numbers. Now it's planning on adding its own technology to the mix when it matures out of its prototype finickiness, Bierhorst told CNET.

"It is also currently not quite fast enough to generate bits at the rate requested by the beacon -- the beacon publishes 512 bits a minute and our reported experiment took 10 minutes to generate 1,024 bits -- but we are working to improve the rate," Bierhorst said.

In 500 years, robots haven't become any less creepy

See all photos

NIST's method starts with a laser that generates pairs of photons -- particles of light -- that are entangled. Measuring the state of each photon in a pair then comparing them lets the researchers prove they were observing quantum mechanically generated ones and zeros.

That's because the states are measured far enough apart that even the speed of light wouldn't be fast enough to coordinate the photons in each pair. And that means the data couldn't have been generated through some ordinary physics fakery.

There is one bother, though. The photons, as originally generated, aren't equally likely to be ones or zeros. So a second phase of the process extracts a random subset. That subset's one-or-zero probability is certified to be balanced to within 1 trillionth of 1 percent.

For more, check out the NIST researchers segment in the April 12 issue of the journal Nature.

CNET Magazine: Check out a sample of the stories in CNET's newsstand edition.

Rebooting the Reef: CNET dives deep into how tech can help save Australia's Great Barrier Reef.