Quantum mechanics provides inherent unpredictability, enabling the creation of truly random numbers that are certifiable based on measurement observations and minimal assumptions. While measuring a qubit in a superposition offers a simple approach, its reliability depends on trusting the state preparation and measurement processes (device-dependent). Device-independent schemes, eliminating this trust, are challenging to implement efficiently due to the requirement of loophole-free Bell tests, resulting in extremely low generation rates and high latency. This research aims to bridge this gap by developing a practical scheme that reduces the level of trust required while avoiding the complexities of device-independent approaches. The proposed method utilizes a simple scheme inspired by entanglement-based quantum key distribution (QKD), employing one basis for random bit generation and another for state verification. This approach leverages the ability to bound correlations between the prepared state and adversary side information, enabling randomness certification. However, to achieve practical implementation, imperfections such as non-ideal single-photon sources, imprecise measurements, and non-perfectly known basis selection probabilities must be addressed. The current work introduces a method to certify randomness despite these adversarial imperfections, offering a semi-device-independent approach.

Existing literature extensively explores ideal scenarios for quantum random number generation (QRNG) [19, 20]. However, practical QRNG implementations require considering imperfections. Device-dependent QRNGs rely on trusting the device's internal workings [2, 3], while device-independent QRNGs, although offering superior security, suffer from low generation rates and high latency due to the need for loophole-free Bell tests [4–15]. Source-independent QRNGs attempt to address device imperfections, but existing approaches don't fully consider all sources of adversarial imperfection [20, 32–34]. This study builds upon the foundational work on probability estimation and quantum probability estimation for randomness certification [25–28], extending these frameworks to incorporate the complexities of real-world QRNG implementations with adversarial imperfections.

The proposed QRNG uses measurements on photonic time-bin states, encoding quantum information in the superposition of two time bins. The experiment involves a sequence of n trials, each characterized by an input (basis choice, I_k) and output (measurement outcome, O_k). The randomness is quantified by the smooth conditional min-entropy, considering both classical and quantum side information from an adversary (Eve). The goal is to lower-bound the min-entropy, accounting for adversarial imperfections: a lower bound δ on single-photon probability, an upper bound θ on measurement basis misalignment, and bounds on the imbalance between basis selection probabilities (P_X and P_Z) given by r = (P_XP_Z)/2. The method employs probability estimation factors (PEFs) and quantum estimation factors (QEFs) to bound the min-entropy in the presence of classical and quantum side information, respectively. These factors are functions of input and output, and their products bound the smooth conditional min-entropies. PEFs and QEFs are constructed to account for adversarial imperfections, and the TMPS extractor [29] is used for randomness extraction. Simulations illustrate the advantage a quantum adversary gains over a classical adversary, demonstrating a reduction in randomness generation rate. The experimental setup (Fig. 2) utilizes a weak optical pulse source, unbalanced Mach-Zehnder interferometer (MZI), and superconducting nanowire single-photon detectors (SSPDs). The MZI passively selects the measurement basis (X or Z), with imperfections in splitting ratios and detector efficiencies being incorporated into the security analysis. Calibration data determines bounds for adversarial imperfections, and the expected number of certifiable random bits is estimated as a function of the soundness error (Fig. 3). The experiment consists of 4200 instances, each using a 0.1s data block, generating 8192 (or 2 × 8192) random bits with a soundness error bounded by 2⁻⁶⁴, demonstrating the low-latency real-time performance (Fig. 4). The security analysis considers both classical and quantum side information and accounts for imperfections in the state source and measurement apparatus, offering superior robustness compared to previous work.

The research successfully demonstrates a low-latency, real-time certifiable QRNG. The key findings include: 1. Development of a method to certify randomness despite adversarial imperfections in state preparation and measurement. This semi-device-independent approach improves upon previous methods by comprehensively addressing adversarial imperfections. 2. Experimental generation of 8192 certifiable random bits every 0.12 seconds, with an error bounded by 2⁻⁶⁴. This exceptionally low error rate and high speed represent a significant advancement in QRNG technology. 3. Quantification of the advantage a quantum adversary has over a classical adversary, revealing a critical security aspect often overlooked. 4. Successful experimental validation of the QRNG’s real-time performance over 4200 instances, confirming the efficacy of the method. The system achieves a high success probability (1 − 2⁻³⁸⁰ or 1 − 2⁻⁴⁷⁸) for fulfilling requests for 8192 or 2 × 8192 bits, respectively, with the specified soundness error. The randomness extraction process adds only 0.02 s or 0.04 s to the overall latency, preserving the real-time characteristic. Fig 1 shows the asymptotic randomness generation rates against classical and quantum adversaries. The rates decrease with increasing depolarization noise, with quantum adversaries achieving lower rates than classical adversaries. Fig 3 illustrates the trade-off between the soundness error and the number of certifiable random bits, demonstrating robustness against varying error levels. Fig 4 displays the histograms of the number of certifiable random bits for multiple instances of the QRNG, demonstrating consistent performance above the success threshold.

The presented QRNG addresses a critical need for high-speed, high-security random number generation in various applications. The low latency achieved is particularly significant for time-sensitive applications requiring continuous streams of certified random numbers. The method's robustness against adversarial imperfections enhances its practicality and security. The results highlight the importance of considering quantum side information in security analysis and provide a quantitative assessment of the advantage a quantum adversary may have. The finite-data efficiency demonstrated in this work suggests potential applications in enhancing the efficiency of quantum key distribution (QKD). The semi-device-independent nature of the QRNG provides a balance between security and practical implementation, paving the way for more secure and efficient quantum random number generators in the future.

This research successfully demonstrates a simple, low-latency, real-time certifiable QRNG based on photonic time-bin states. The developed method robustly certifies randomness despite adversarial imperfections, achieving high speeds and exceptional security. Future work will explore extending this methodology to improve finite-data efficiency in QKD.

The current implementation assumes certain bounds on adversarial imperfections (misalignment, imbalance, single-photon probability). While these bounds are estimated from experimental calibration, more sophisticated characterization methods could further enhance the security analysis. The success probability of the QRNG is based on estimations from a finite set of calibration data, therefore there is a potential for inaccuracy in the security estimates. The assumption that the trials with detector clicks are a fair sample of all trials is also a potential limitation, though justified given the physical processes and the use of weak optical pulses. The use of weak laser pulses introduces multiphoton emission events and subsequent device-independent analysis limits the contribution to the certified randomness from such events.