Device-Independent Randomness Certification

Updated 28 October 2025

Device-independent randomness certification is a quantum protocol that leverages Bell inequality violations to guarantee intrinsic, irreducible randomness independent of device details.
The approach maps observed nonlocal correlations to certified randomness via quantifiable metrics like conditional min-entropy and robust statistical bounds.
Advanced implementations employ tailored POVMs and network-based protocols to enable scalable, secure quantum random number generation even under experimental imperfections.

Device-independent randomness certification refers to the task of certifying the presence of intrinsic, irreducible randomness in the outcomes of quantum measurements, relying solely on observed measurement statistics and without making detailed assumptions about the internal workings of the physical devices used. This approach underpins foundational developments in quantum information theory and forms the basis for cryptographically robust quantum random number generators and protocols in secure communication.

1. Fundamental Principles and Theoretical Framework

Device-independent (DI) randomness certification leverages the violation of a Bell inequality as a sufficient statistical witness of randomness. If measurement outcomes from spatially separated, entangled quantum systems violate a Bell inequality, it is provable that the outcomes cannot be predetermined by any classical local hidden variable model—thereby certifying intrinsic randomness. Crucially, this certification is independent of specific models for the quantum state, measurements, or technical details of the devices; they are treated as opaque “black boxes” (Pironio et al., 2011).

The DI approach quantitatively binds the adversary's probability of correctly guessing outcomes by relating the observed Bell violation to a maximum conditional probability. Given a Bell expression $I[P]$ , the maximal probability for any output $x$ is bounded: $\max_{x} P(x|v) \leq g(I[P])$ where $g$ is a monotonically decreasing, concave function of the Bell parameter. The conditional min-entropy $H_{\min}(X|v) = -\log_2 g(I[P])$ quantifies the certified randomness per measurement outcome.

Security analyses distinguish between classical and quantum side-information. In typical practical settings, it suffices to certify randomness against classical adversaries, but theoretical frameworks also extend to quantum adversaries, where the adversary may hold a purification of the entire experimental process.

2. Certification Protocols and Randomness Extraction

A prototypical DI randomness expansion protocol operates as follows:

A source distributes entangled quantum states between two or more measurement devices.
The devices receive randomly chosen classical inputs (settings) according to an initial random seed.
The measurement outputs are collected for multiple rounds; a subset of rounds is used as “test rounds” for estimating Bell violation, and the remaining as “generation rounds” for extracting randomness (Shalm et al., 2019, Bamps et al., 2017).
The degree of Bell violation is estimated and mapped to a lower bound on the min-entropy of the outputs.
Randomness extractors (often requiring a short uniform seed) are applied to the raw outputs to produce nearly uniform random bits with a provable soundness error, quantified by trace distance or other suitable norms.

Theoretical analysis ensures composable security: the output string is provably close (in total variation or trace distance) to an ideal uniform string, even in the presence of adversaries with side information.

Randomness expansion, where the output contains more random bits than consumed in the input seed, has been experimentally demonstrated with photonic systems and spot-checking protocols, achieving net positive randomness rates and quantified soundness errors (Shalm et al., 2019).

3. Role of Measurement Types and Maximally Random POVMs

Traditional protocols used projective measurements, which on qubits can certify at most one bit of local randomness or two bits globally per entangled bit (Acín et al., 2015). However, general positive-operator-valued measures (POVMs) surpass this limit. For instance, self-testing a three-outcome extremal POVM in the $XZ$ -plane of the Bloch sphere allows certification of approximately 1.58 bits of local randomness, surpassing the projective measurement cap. Global randomness, combining two such self-tested POVMs, can reach 2.27 bits—exceeding the projective limit (Wang et al., 16 Dec 2024).

These results are formalized by constructing carefully tailored Bell inequalities that are maximally violated only when the measurement being “self-tested” is the unique extremal POVM. Device-independent certification is thus not only a question of “how much” nonlocality is observed, but “what” measurement settings are self-tested by the violation.

For higher-dimensional systems, similar approaches can yield even higher randomness rates: for two-qutrit maximally entangled states and a suitable nine-outcome POVM, the maximal certifiable randomness reaches $2\log_2 3$ bits (Borkała et al., 2022).

4. Network and Advanced Causal Scenarios

Beyond the standard bipartite Bell scenario, DI randomness certification has been generalized to quantum networks (bilocality, triangle) and instrumental causal scenarios (Alañón et al., 23 Oct 2025, Agresti et al., 2019). In these cases, inflation techniques and computationally tractable causal compatibility tests are used to bound guessing probabilities for individual outputs or joint outputs across the network.

A “beyond-quantum adversary,” limited only by the assumed causal structure (not quantum mechanics), is considered for ultimate security. Certification proceeds by formulating a linear or semi-definite program that maximizes adversarial guessing probability under the constraints implied by the observed statistics and the network’s causal structure.

A unique aspect is certifying not only presence but also absence of randomness: finding operational criteria (e.g., the construction of classical parent causal models) that demonstrate some observed nonclassical correlations are, in fact, predictable by adversaries and thus not genuinely random. This addresses the subtlety of “bound randomness” (Alañón et al., 23 Oct 2025).

5. Practical Implementations and Relaxed Requirements

Initial DI protocols required near-perfect, isolated devices, limiting the practicality for large-scale deployment (Silman et al., 2012). More recent advances relax isolation requirements by tolerating small, bounded “cross-talk” (or unwanted signaling) and incorporating it explicitly in the randomness bounds. For instance, even with weak cross-talk ( $\chi \sim 0.003$ ), robust certification remains possible, extending DI randomness generation to high-rate experimental systems such as Josephson phase qubits on a chip (Silman et al., 2012).

Further, networked quantum protocols (such as the Device-Independent Private Quantum Randomness Beacon, DIPQRB (Primaatmaja et al., 14 Jul 2025)), distribute trust asymmetrically: high-performance (possibly untrusted) server devices distribute entangled states to clients, with the randomness and privacy being certified by observed nonlocal correlations and the physical distribution of device requirements.

Spot-checking protocols (Shalm et al., 2019) address another practical hurdle: minimizing the cost in initial random input bits while maintaining a favorable expansion ratio, thereby making DI randomness generation more scalable and efficient.

6. Advanced Scenarios: Unbounded and Seedless Randomness

Protocols have been developed for unbounded randomness expansion through recursive or sequential measurements, particularly in one-sided device-independent (steering) scenarios (Coyle et al., 2018, Coyle et al., 2020). By leveraging sequences of non-projective measurements, it is possible to extract an unbounded number of random bits from a single entangled resource, contingent on the ability to self-test the measurement sequence and to bound adversarial knowledge at each step.

Recent theoretical constructions even allow for private randomness certification in scenarios without a random seed—using only the structure of quantum networks with multiple independent sources and fixed measurements. Self-testing shows, for specific protocols, that certified Bell basis measurements on two maximally entangled qubit pairs suffice for certifying two bits of randomness, with no seed required (Sarkar, 2023).

7. Comparative Performance and Optimization

The amount of certifiable randomness depends sensitively on the choice of Bell inequality, measurement scenario, and experimental realization. Using the Navascués–Pironio–Acín (NPA) hierarchy and recently optimized Bell inequalities (such as extensions of the chained inequality $\mathcal{C}_3$ ), sharp lower bounds are established on the min-entropy as a function of the observed Bell violation (Wang et al., 16 Dec 2024).

For high degrees of violation, tailored chained inequalities and elegant Bell inequalities (EBI) certify more randomness than standard CHSH-type tests. These methods are not only theoretically optimal for their corresponding measurement strategies but also provide guidance for experiment design and the tightness of the randomness certification under practical conditions.

Table: Comparison of Core Randomness Certification Protocols

Scenario / Protocol	Max Local Randomness (bits)	Max Global Randomness (bits)	Security Assumptions
Qubit projective (CHSH)	1	2	Device-independent, projective
Qubit 3-outcome POVM (XZ)	1.58	2.27	Device-independent, extremal POVM
Qutrit 9-outcome POVM	3.17	≥3.17	Device-independent, POVM
Sequential measurements	>2 (e.g., 2.3–2.5)	>2.3	Device-independent, sequential
Steering (1SDI, no seed)	2 (w/ two Bell pairs)	2	1SDI, swap-steering, no seed

8. Open Problems and Future Directions

Several open technical and conceptual challenges remain in device-independent randomness certification:

Developing efficient, robust, and scalable protocols that tolerate higher experimental imperfection rates and lower the threshold for secure randomness generation.
Extending certification (and associated self-testing) to large quantum networks, multipartite systems, and arbitrary-dimensional systems for maximal randomness extraction.
Quantifying and leveraging "bound randomness," i.e., understanding scenarios where nonlocality exists but does not translate into certifiable randomness.
Integrating randomness certification with advanced cryptographic primitives, such as private randomness beacons and network-based protocols with composable multi-client security (Primaatmaja et al., 14 Jul 2025).
Refining computational tools (inflation technique, NPA hierarchy adaptations) to efficiently handle complex causal structures and broader classes of adversaries, including those with beyond-quantum knowledge (Alañón et al., 23 Oct 2025).

Device-independent randomness certification continues to drive progress in quantum information science, underpinning both practical applications in cryptography and fundamental investigations into the nature of quantum unpredictability.