v1.0

Cryptography

Cryptography algorithms are widely used on the internet for secure communication and authentication. Some commonly used applications include Transport Layer Security (TLS), WebAuthn, Secure Messaging, and Blockchain Security. These applications generally use one or more of the following cryptographic methods:

Symmetric Encryption : The same key is used for both encryption and decryption. The Advanced Encryption Standard (AES) is one of the symmetric schemes widely used in TLS encryption.
Asymmetric Encryption : Different keys are used for encryption and decryption, namely the public key for encryption and the private key for decryption. Elliptic Curve Cryptography (ECC) schemes are used in various end-to-end encryption scenarios.
Message Authentication Codes (MACs) : This involves taking a message and a seed as input and generating a fixed byte tag for the message. It is used to ensure the integrity of the message sent across the internet. The Hash Message Authentication Code (HMAC) is initialized using a hashing algorithm like SHA256, which is used in TLS.
Key Exchange : This algorithm generates symmetric shared keys. Both parties generate random fixed bit keys on their sides and exchange these values to compute a shared key. This method is used to exchange AES or HMAC keys among two parties.
Digital Signatures : Digital signatures are widely used on the internet for authentication. They use public/private key pairs to sign digital documents and are widely used in WebAuthn for user authentication.

All of the above methods rely on the quality of random numbers for either seed generation (in symmetric and MACs) or key generation in public key cryptography (digital signatures, ECC encryption, key exchange). The quality of random numbers significantly affects the security of the underlying scheme. A predictable random number generator could lead to private key theft, thus breaking the underlying scheme.

The use of Quantum Random Number Generators (QRNGs) could be crucial in the field of cryptography due to their ability to produce truly random numbers, derived from quantum mechanical phenomena. This capability is vital for several reasons:

True Randomness : QRNGs utilize inherent quantum processes such as photon polarization, electron spin, or radioactive decay to generate numbers, which are unpredictable by nature.
Cryptographic Security : Randomness is essential for the security of cryptographic keys and protocols, which depend on unpredictability to thwart potential attackers.
Security Against Quantum Threats
- As quantum computing evolves, traditional cryptographic systems become vulnerable. QRNGs provide a layer of security that is quantum-safe, essential for post-quantum cryptography.
Non-Determinism
- Essence of Quantum Measurements. Quantum phenomena ensure that outcomes are fundamentally non-deterministic, crucial for tasks like secure key generation and cryptographic nonce generation in cryptography.
Enhanced Privacy and Anonymity
- Application in anonymizing techniques. QRNGs can improve the privacy of communications by providing true randomness necessary for data obfuscation and other privacy-enhancing technologies.

The potential of QRNGs in cryptography leads to their application in various specific use cases in cryptography:

Application in Cryptography	Description	Key Benefits
Key Generation	Using QRNGs to produce cryptographic keys for encryption and decryption processes.	Ensures that keys are truly random and secure, reducing the risk of predictable keys.
Digital Signatures	Generating random numbers necessary for creating unique digital signatures in various protocols.	Increases security in verifying user identities and document authenticity.
One-Time Pad (OTP) Systems	Facilitating the generation of truly random one-time pads that are provably secure if used correctly.	Provides unbreakable encryption when implemented properly.
Random Nonces	Creating random nonces for use in protocols like SSL/TLS during the handshake process.	Helps prevent replay attacks and ensures fresh session keys.
Secure Multi-Party Computation	Generating random seeds required in protocols that enable parties to jointly compute a function privately.	Enhances privacy and security in collaborative computational tasks.
Quantum Key Distribution (QKD)	Utilizing QRNGs to enhance Quantum Key Distribution systems, which use quantum mechanics to secure shared keys.	Guarantees the security of keys exchanged over potentially insecure channels.
Zero-Knowledge Proofs	Employing random numbers in the construction of zero-knowledge proofs that validate data without revealing it	Protects sensitive information during verification processes.

Integrating QRNG in Cryptographic Algorithms

Any cryptographic algorithm consists of a security parameter ( k ). This parameter is used to define the number of bits of security it can provide. It is most commonly used during the key generation phase of any cryptographic algorithm. The key is obtained from a randomness source in the form of bytes and then used in the encryption/signing of data. To utilize randomness from QRNG, the key generation phase of the cryptographic algorithm must fetch bytes of randomness.

Quantum eMotion can be utilized for fetching randomness for the key generation phase by calling the QxEaaS platform and specifying the bytes of data that will be needed. The following table provides the number of bytes of quantum entropy that should be fetched for each of the cryptographic algorithms:

Cryptographic Algorithm	Key Size (bytes)	Nonce/IV Size (bytes)	Other Requirements (bytes)	Total QRNG Bytes Needed
AES-128	16	16	-	32
AES-256	32	16	-	48
RSA-2048	256	-	-	256
RSA-4096	512	-	-	512
ECC (P-256)	32	-	-	32
ECC (P-521)	66	-	-	66
ChaCha20	32	12	-	44
Quantum Key Distribution	Variable	-	Random basis selection	Variable
Digital Signatures (ECDSA)	32 (for P-256)	-	Random nonce for signing	32 + Nonce Size
Post-Quantum (Kyber-512)	32	32	-	64
Post-Quantum (NewHope)	32	32	-	64

Example applications for ECDSA and RSA using QRNG API can be found in this document below in the Quick Start section.