NIST logo
*
Bookmark and Share

NIST Randomness Beacon

Summary:

NIST is implementing a prototype source of public randomness. The prototype (at https://beacon.nist.gov/home) uses two independent commercially available sources of randomness, each with an independent hardware entropy source and SP 800-90-approved components.

The Beacon is designed to provide unpredictability, autonomy, and consistency. Unpredictability means that users cannot algorithmically predict bits before they are made available by the source. Autonomy means that the source is resistant to attempts by outside parties to alter the distribution of the random bits. Consistency means that a set of users can access the source in such a way that they are confident that they all receive the same random string.

Description:

The Beacon will broadcast full-entropy bit-strings in blocks of 512 bits every 60 seconds. Each such value is time-stamped and signed, and includes the hash of the previous value to chain the sequence of values together. This prevents all, even the source, from retroactively changing an output packet without being detected. The beacon keeps all output packets and makes them available online. 

DRBG Beacon System Diagram
Uses:

Tables of random numbers have probably been used for multiple purposes at least since the Industrial Revolution. The first published table appears to be by the English statistician L.H.C. Tippett. In the digital age, algorithmic random number generators have largely replaced these tables. The NIST Randomness Beacon expands the use of randomness to multiple scenarios in which the latter methods cannot be used. The extra functionalities stem mainly from three features. First, the Beacon-generated numbers cannot be predicted before they are published. Second, the public, time-bound, and authenticated nature of the Beacon allows a user application to prove to anybody that it used truly random numbers not known before a certain point in time. Third, this proof can be presented offline and at any point in the future. For example, the proof could be mailed to a trusted third party, encrypted and signed by an application, only to be opened if needed and authorized.

NIST encourages the community at large to research and publish novel ways in which this tool can be used. A few examples of applications are described below:

A Quantum Source:

Commercially available physical sources of randomness are adequate as entropy sources for currently envisioned applications of the Beacon. However, demonstrably unpredictable values are not possible to obtain in any classical physical context. Given this fact, our team established a collaboration with NIST physicists from the Physical Measurement Laboratory (PML). The aim is to use quantum effects to generate a sequence of truly random values, guaranteed to be unpredictable, even if an attacker has access to the random source. In August 2012, this project was awarded a multi-year grant from NIST's Innovations in Measurement Science (IMS) Program. IMS awards highly competitive projects designed to explore high-risk, leading-edge research concepts that anticipate future measurement and standards needs of industry and science. For more information on this collaboration see http://www.nist.gov/pml/div684/random_numbers_bell_test.cfm

Locality-Loophole-Free Bell Test
A space-time diagram illustrating a locality-loophole-free Bell test. In this test, entangled photons are verified to have correlations that exceed the maximum level possible with any predetermined (or classical) states. To demonstrate this unequivocally, it is important to make sure that the measurements performed on one photon cannot, by any means within the bounds of physics, influence the measurement of the other photon. Such an influence, if it were to exist, could allow fully predetermined states to appear to share quantum correlations. Conducting the two measurements outside of each other's light cones ensures this measurement independence. In the space-time diagram above, the speed of light is depicted by rays at ±45 degrees, and also represents the maximum speed at which information about any event could (conceivably) propagate away from the origin of the event. Therefore, positions outside the cone formed by the rays from any event represent locations and times that could not possibly have received any information from the event. In the loophole-free test illustrated above, entangled photons are emitted from the source and propagate in opposite directions towards receivers Alice and Bob. At some point in time, indicated by "i" and "j," Alice and Bob each independently choose how to measure the properties of the photon each will receive. To conduct a locality-loophole-free Bell test, Alice and Bob must complete their chosen measurements (Ai,and Bj, determining results a and b, respectively.) before any information about the other's choice could possibly reach their location; Alice must complete her measurement before the rays emanating from the event "j" intersect her location, similarly Bob must complete his measurement outside the light cone of event "i." Closing this and other loopholes in the Bell test provide certification that no information about the state of the photons could have been available prior to its observation, assuring that the correlations could not have been predetermined. That guarantee of no predetermination of the photon system and its measurement results, will ultimately be used to produce random bits that can be assured to be both random and unknown to anyone before a certain time.

End Date:

ongoing

Lead Organizational Unit:

itl

Staff:

Rene Peralta
301-975-8702
rene.peralta@nist.gov

Mike Bartock
Larry Bassham
Joshua Bienfang
Harold Booth
Prof. Michael Fischer 
(Yale University Computer Science Dept)
Scott Glancy
Dr. Michaela Iorga
Stephen Jordan
John Kelsey
Emanuel Knill
Paulina Kuo
Yi-Kai Liu
Alan Migdall
Sae Woo Nam
Andrew Rukhin
Murugiah Souppaya
Xiao Tang

WARNING:
DO NOT USE BEACON GENERATED
VALUES AS SECRET
CRYPTOGRAPHIC KEYS.