Papers

Topics

Authors

Recent

View all

Assistant

AI Research Assistant

Well-researched responses based on relevant abstracts and paper content.

Custom Instructions Pro

Preferences or requirements that you'd like Emergent Mind to consider when generating responses.

Gemini 2.5 Flash

Gemini 2.5 Flash 78 tok/s

Gemini 2.5 Pro 52 tok/s Pro

GPT-5 Medium 24 tok/s Pro

GPT-5 High 26 tok/s Pro

GPT-4o 120 tok/s Pro

Kimi K2 193 tok/s Pro

GPT OSS 120B 459 tok/s Pro

Claude Sonnet 4.5 36 tok/s Pro

2000 character limit reached

MDI-QRNG: Measurement-Device-Independent Quantum RNG

Updated 9 October 2025

MDI-QRNG is a quantum random number generation protocol that leverages a trusted source and an untrusted detector to certify randomness using real-time measurement tomography.
It uses rigorous min-entropy bounds and decoy-state methods to mitigate imperfections and achieve high-generation rates, often reaching Mbps speeds.
The protocol offers robust protection against loss and side-channel attacks, making it ideal for secure cryptographic randomness beacons and quantum network applications.

Measurement-Device-Independent Quantum Random Number Generator (MDI-QRNG) protocols exploit quantum mechanical uncertainty to produce certifiably random bit streams even when the measurement apparatus is untrusted or poorly characterized. The security of MDI-QRNGs is based on rigorous bounds derived from the observed statistics and quantum mechanical models, typically using well-characterized sources and real-time measurement tomography. This approach facilitates high-generation rates and robustness against loss, side-channel attacks, and adversarial manipulation.

1. Conceptual Framework and Classification

MDI-QRNGs belong to a broader taxonomy of quantum random number generation protocols, determined by the degree of trust assigned to system components (Ma et al., 2015):

Category	Trusted Component	Randomness Certification	Typical Generation Rate
Practical QRNGs	Both	Device modeling, statistical	Mbps–Gbps
Self-testing (DI) QRNGs	None	Bell inequality, self-testing	<1 bit/s
Semi–self-testing (MDI, SI) QRNGs	Source or Detector	Tomography, auxiliary tests	kbps–Mbps

Measurement-device-independence (MDI) refers to protocols with a trusted quantum state source and an untrusted measurement device. The randomness is quantified in the presence of arbitrary detector behavior, including potential adversarial control.

2. Security Certification and Measurement Tomography

The central security guarantee of MDI-QRNGs is that the randomness is rigorously certified, independent of measurement device trust, via measurement tomography on a known input state set (Cao et al., 2015). The device prepares quantum states (e.g., $|0\rangle, |1\rangle, |+\rangle, |+i\rangle$ ) and sends them to an untrusted detector, whose action is described by a positive-operator-valued measure (POVM). By sending different states and observing the output distribution, the measurement POVM parameters are estimated.

For binary outcomes, the two-outcome POVM can be represented as

$F_0 = a_1(I + n_x \sigma_x + n_y \sigma_y + n_z \sigma_z)$

$F_1 = a_2(I + n'_x \sigma_x + n'_y \sigma_y + n'_z \sigma_z)$

subject to $a_1, a_2 \geq 0$ , $a_1 + a_2 = 1$ , $|n_1|, |n_2| \leq 1$ , and $a_1 n_1 + a_2 n_2 = 0$ .

Characterizing detector behavior in real time enables the quantification of quantum randomness and the detection of systematic imperfections or adversarial programming, as reductions in the extracted randomness indicate device drift or attack. Notably, losses are not discarded but reinterpreted as valid outcomes, preventing output bias via post-selection (Cao et al., 2015).

3. Randomness Quantification and Min-Entropy Bounds

Extractable randomness per trial is lower-bounded by the min-entropy, defined for a given output probability distribution $p$ as $H_{\infty} = -\log_2(\max p)$ . For conventional MDI-QRNG with trusted source and untrusted detector, the randomness per run when measuring $|\!+\!\rangle$ is

$R(F_0, F_1) = 2 a_1 H_{\infty}\left(\frac{1 + \sqrt{1 - n_y^2 - n_z^2}}{2}\right)$

where $n_y, n_z$ are extracted via tomography (Cao et al., 2015).

Protocols may use all observed probabilities rather than a single witness value (e.g., CHSH); optimization over all possible quantum realizations consistent with the data yields tighter min-entropy bounds and higher certified randomness rates (Yun-Guang et al., 2016). For high-dimensional extensions (e.g., path-encoded qutrits), certified min-entropy per round can exceed 1 bit, approaching $\log_2 d$ for $d$ outcome dimensions (Argillander et al., 7 Oct 2025).

Advanced MDI-QRNG implementations incorporate decoy-state methods to mitigate source multi-photon imperfections, bounding the single-photon response via multiple intensity levels: $p_\mu(1|j) = e^{-\mu} \sum_{n=0}^{\infty} \frac{\mu^n}{n!} p_n(1|j)$ Tight bounds on $p_1(1|j)$ yield more reliable min-entropy estimation (Nie et al., 15 Mar 2024).

4. Protocol Structure, Loss Robustness, and High-Dimensional Realizations

MDI-QRNG operation is partitioned into test and generation modes. During test mode, the source emits a tomographically complete set of states for detector characterization; in generation mode, a fixed state is repeatedly measured for data production (Nie et al., 2016). Switching between modes uses random seeds, with output randomness exceeding seed consumption over time (Ma et al., 2015).

Loss robustness is achieved by including all measurement outcomes, including no-click events, in the output space. In protocols employing high-dimensional path encoding (e.g., qutrits), cascaded tunable beam splitters generate states

$|\psi\rangle = \alpha|0\rangle + e^{i\phi_1} \beta|1\rangle + e^{i\phi_2} \gamma|2\rangle$

with detection events across multiple SNSPDs. Multi-click and no-click events are retained, closing the detection loophole and maximizing certified randomness (Argillander et al., 7 Oct 2025). Experimental throughput can exceed 1.77 Mbps with over 1.2 bits of certified private randomness per round.

5. Performance, Practical Implementations, and Applications

Recent implementations have achieved record generation rates using time-bin encoding, high-frequency modulators, and real-time measurement tomography. An MDI-QRNG employing high-speed time-bin encoding and decoy-state tomography reached min-entropy lower bounds of $7.37 \times 10^{-2}$ bits per pulse at $23$ Mbps (Nie et al., 15 Mar 2024), surpassing early MDI-QRNG realizations ( $\approx$ 5.7 Kbps at 25 MHz (Nie et al., 2016)). Robustness against detector error and source imperfection is enabled via statistical fluctuation analysis (Chernoff bounds) and conservative handling of multi-photonic components.

MDI-QRNGs integrate efficiently with commercial all-fiber setups, facilitating deployment as cryptographic randomness beacons, secure key generation modules, and as randomness sources in quantum networks (Lin et al., 2023, Cao et al., 2015). Real-time quantification and certification support application in environments where detector trust is limited or where measurement devices are supplied by third-party vendors.

6. Comparison with Device-Independent and Source-Independent QRNGs

MDI-QRNGs offer a balanced trade-off between fully device-independent QRNGs and source-independent QRNGs in terms of security and generation rate (Ma et al., 2015, Cao et al., 2015):

Device-independent QRNGs require Bell violation (e.g., CHSH inequality) and often high detection efficiency ( $>$ 67%), resulting in low generation rates (sub-1 bit/s).
Source-independent QRNGs assume a trusted detector and black-box source. These may require random basis switching (squashing models) for certification.
MDI-QRNGs trust only the source, achieving high rates (up to Mbps), with real-time measurement tomography removing detector side-channel vulnerabilities.
Both approaches rely on strong extraction methods (e.g., Trevisan’s and Toeplitz hash) to produce near-uniform random bits.

High-dimensional MDI-QRNG (e.g., qutrit encoding (Argillander et al., 7 Oct 2025)) achieves further increases in certified randomness per trial and robust, scalable integration without increased device complexity.

7. Future Directions and Open Problems

Open challenges include extending security analysis to quantum adversaries, optimizing entropy estimation with enhanced tomography, and scaling rates using faster modulators, higher-dimension encodings, and parallelized detection architectures (Nie et al., 2016, Argillander et al., 7 Oct 2025).

Future protocols may exploit increasingly arbitrary input state sets and extremal POVMs (up to $d^2$ outcomes in a $d$ -dimensional space) to maximize certified randomness (Bischof et al., 2017). Extension toward device-independent (DI) expansion schemes—which use spot-checking and block-wise entropy witnesses for certified randomness expansion—remains an active area of research (Shalm et al., 2019, Mongia et al., 3 Jun 2024).

MDI-QRNGs are poised to underpin scalable quantum-safe cryptographic systems, public randomness beacons, and distributed quantum networks. The absence of trust requirements on detectors, combined with rigorous entropy certification, ensures resilience against side-channel attacks and device manipulation, supporting long-term deployment in mission-critical applications.