Practical Entropy Accumulation for Random Number Generators with Image Sensor-Based Quantum Noise Sources.

Abstract

The efficient generation of high-quality random numbers is essential in the operation of cryptographic modules. The quality of a random number generator is evaluated by the min-entropy of its entropy source. The typical method used to achieve high min-entropy of the output sequence is an entropy accumulation based on a hash function. This is grounded in the famous Leftover Hash Lemma, which guarantees a lower bound on the min-entropy of the output sequence. However, the hash function-based entropy accumulation has slow speed in general. For a practical perspective, we need a new efficient entropy accumulation with the theoretical background for the min-entropy of the output sequence. In this work, we obtain the theoretical bound for the min-entropy of the output random sequence through the very efficient entropy accumulation using only bitwise XOR operations, where the input sequences from the entropy source are independent. Moreover, we examine our theoretical results by applying them to the quantum random number generator that uses dark shot noise arising from image sensor pixels as its entropy source.