## Quantum Random Numbers Generator

Random Number Generators (RNG) produce sequences of random numbers. Random numbers are essential for a number of applications: encrypted data transmission uses random numbers as secret keys, gambling machines need them, some numerical methods rely on them, and Quantum Key Distribution also requires them. Note that these applications have different requirements for the random numbers. In all applications, the random numbers have to be unpredictable and uni-formly distributed. If the random numbers are known, this is not a problem for some applications but certainly if they are used as secret keys. Unpredictability refers to the fact that if you know the past and the current state of a RNG, you are still unable to predict anything about the next pro-duced random number. To certify that an RNG produces an unpredictable random number se-quence is very challenging. Given a finite-length output of an RNG, such a proof (by statistical means) is impossible. A model of the internal function principle of an RNG is more effective.
There are three distinct types of random number generators (RNG): Pseudo-RNGs, True RNGs, and Quantum RNGs.
Pseudo-RNGs are deterministic mathematical algorithms that basically “expand” a given random seed to a much longer sequence of random numbers. The random seed is supposed to be “real randomness” and in a PC for instance obtained from mouse movement. In comparison to the other RNG types, a Pseudo-RNG is very cheap. However, the origin of the random seed is not standard-ized (and therefore of questionable reliability), not portable, and, hence, not suitable for high-quality cryptography. Pseudo-RNGs are gradually being replaced by True RNGs or QRNGs.
Both, TRNGs and QRNGs produce random numbers from the results of physical processes. Random number sequences gained in this way always have a particular level of predictability, they are not ideal. Applying randomness extraction to a non-ideal random num-ber sequence produces an ideal (albeit shorter) random number sequence. To apply randomness extraction, an upper bound for the amount of predictability has to be estimated. There are basically three methods to achieve this. First, a sophisticated model of the device, including all relevant non-idealities (like detectors with limited efficiency), which is difficult. An alternative are the self-testing QRNGs or device-independent QRNGs which on-line can determine the bound.