Authentic Quantum Nonces

  • Stefan RassEmail author
  • Peter Schartner
Part of the Quantum Science and Technology book series (QST)


Random numbers are an important ingredient in cryptographic applications, whose importance is often underestimated. For example, various protocols hinge on the requirement of using numbers only once and never again (most prominently, the one-time pad), or rest on a certain minimal entropy of a random quantity. Quantum random number generators can help fulfilling such requirements, however, they may as well be subject to attacks. Here, we consider what we coin a randomness substitution attack, in which the adversary replaces a good randomness source by another one, which produces duplicate values (over time) and perhaps numbers of low entropy. A binding between a random number and its origin is thus a certificate of quality and security, when upper level applications rest on the good properties of quantum randomness.


  1. 1.
    Bach, E., & Shallit, J. (1996). Algorithmic number theory: Volume 1—efficient algorithms. MIT Press.Google Scholar
  2. 2.
    Coppersmith, D., Coron, J., Grieu, F., Halevi, S., Jutla, C., Naccache, D., et al. (2008). Cryptanalysis of ISO/IEC 9796–1. Journal of Cryptology, 21(1), 27–51. Scholar
  3. 3.
    Coron, J. S., Naccache, D., Tibouchi, M., & Weinmann, R. P. (2009). Practical cryptanalysis of ISO/IEC 9796-2 and EMV signatures. In: S. Halevi (Ed.) Advances in cryptology—CRYPTO. Lecture notes in computer science (vol. 5677, pp. 428–444). Springer. Scholar
  4. 4.
    ElGamal, T. (1984). A public key cryptosystem and a signature scheme based on discrete logarithms. In Proceedings of CRYPTO 84 on Advances in Cryptology (pp. 10–18). New York, NY, USA: Springer New York, Inc.Google Scholar
  5. 5.
    Gilbert, G., & Hamrick, M. (2000). Practical quantum cryptography: A comprehensive analysis (part one).
  6. 6.
    Giry, D. (2013) Bluecrypt—cryptographic key length recommendation. Retrieved October 18th, 2013, from
  7. 7.
    Goldreich, O. (2003). Foundations of cryptography 1, 2. Cambridge University Press.Google Scholar
  8. 8.
    Goldwasser, S., Micali, S., & Rivest, R. L. (1988). A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing, 17(2), 281–308. Scholar
  9. 9.
    ISO/IEC: ISO/IEC 7812-1:2006 Identification cards—Identification of issuers—Part 1: Numbering system (2006).
  10. 10.
    Lenstra, A. K. Hughes, J. P., Maxime, A., Bos, J. W., Thorsten, K., & Christophe, W. (2012). Ron was wrong, whit is right. Cryptology ePrint Archive, Report 2012/064.
  11. 11.
    Locke, G., & Gallagher, P. (2009). Digital signature standard (DSS). Technical report. FIPS PUB 186-3, Federal Information Processing Standards (FIPS).Google Scholar
  12. 12.
    Menezes, A., van Oorschot, P. C., & Vanstone, S. (1997). Handbook of applied Cryptography. CRC Press LLC.Google Scholar
  13. 13.
    Rivest, R. L., Shamir, A., & Adleman, L. (1978). A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2), 120–126. Scholar
  14. 14.
    Schartner, P. (2012). Random but system-wide unique unlinkable parameters. Journal of Information Security (JIS), 3(1), 1–10. ISSN Print: 2153-1234, ISSN Online: 2153-1242.
  15. 15.
    Wegman, M., & Carter, J. (1981). New hash functions and their use in authentication and set equality. Journal of Computer and System Sciences.Google Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.System Security GroupAlpen-Adria Universität KlagenfurtKlagenfurtAustria

Personalised recommendations