Transcript random

Quantum random flip-flop and its
applications
University of Illinois at Urbana-Champaign
Apr 02, 2014
Mario Stipcevic
Rudjer Boskovic Institute, Zagreb, Croatia
Duke University, Durham, NC
E-mail:
[email protected]
1
What means “random” ?
1. Random variable
a number “drawn” from a p.d.f.
2. Random numbers (sequence)
0110010101010…
D. Knuth:
There is NO definition of random sequence of numbers.
3. Time-wise random events
Radioactive decay, photon emission from a laser, Big-Bang…
4. Randomness
Is throwing a coin random?
Is statistical mechanics random?
Are chaotic moves random?
NO! Governed by Newtoinian laws => deterministic.
2
A physical system being RANDOM means that if we keep
repeating the exact same experiment on it, with exact same
initial conditions
THEN
it yields unexpected result EVERY TIME and EVEN IN THEORY
=> quantum theory
Randomness is a purely quantum effect and has no classical analog.
Randomness is probably the only thing that cannot be defined because
it would imply describing “random” by means of deterministic, (Boolean)
logic.
Unless …… we introduce the non-deterministic logic.
3``
Boolean logic circuits
•
AND, OR, NOT, NAND, flip-flop,….
•
NAND – a single universal element sufficient to build any
logic circuit, e.g. a computer.
Computer does not compute: it merely performs logic operations
on pieces of information.
It
•
•
•
•
is Human interpretation only what we perceive as:
Computation with numbers (ALU – many basic logic circuits),
Text processing,
Graphics,
Music, … etc.
Computer “knows” nothing about any of it.
4
Moreover, computers per se can make only deterministic
decisions – they behave predictably. They can be modeled by
a theoretical model called Turing machine.
However, a more powerful computing paradigm known as
probabilistic Turing machine (PTM) can execute randomized
algorithms:
•
•
•
may compute faster that its deterministic counterpart
may be less prone to computational errors
may solve otherwise untractable problems.
Examples:
Rabin-Miller primality test, Monte Carlo, Cryptography…
PTM depends on random decisions – but no logic circuits that
could implement that feature exist(ed) so far!
Flip-flop (a reminder)
•
•
A non-sequential logic circuit
Several types: D, T, JK, RS,… with optional Set and Reset
Examples:
D-type FF transfers state at D on appearance of pulse at CP;
T-type FF toggles state (Q) on CP if T=1 otherwise nothing.
FF’s can emulate each other:
Sequential and non-sequential logic circuits are building blocks
of all contemporary ICT devices. They are DETERMINISTIC.
6
Flip-flops are used for:
•
•
•
•
•
•
Memory storage (memories, registers,…)
Serial-to-parallel and parallel-to-serial stream data
conversion
Counters
One-shot oscillators (period generators)
Clocks
Frequency division.
Examples of frequency division of periodic signal by 2 and by n
7
Random flip-flop
A single Universal logic element enabling random decisions.
The most important building block of a PTM.
Operates in the same way as ordinary flip-flop except its clock
input acts with a probability of ½.
Conventional DFF:
Exact truth table
Random “DRFF”:
“Typical” truth table
8
Random flip-flop has inputs and outputs fully compatible with
“conventional” logic and can be easily combined with.
For example, RFFs can emulate each other (in the exact same
way as their deterministic counterparts):
Emulation of TRFF by DRFF (left) and vice versa (right).
Applications of random flip-flops
Most obvious application: a random bit generator (RBG).
A RBG produces one random bit upon a request.
Two equivalent realizations of a stream random bit generator with DRFF (left)
and TRFF (right).
Straightforward to parallelize any number of RBGs to achieve
multi-bit RNG
=>
a single clock fixed or float point Uniform p.d.f. random variable.
10
Random numbers are esential for many important applications:
1.
2.
3.
4.
5.
6.
Cryptography
Stochastic (aka Monte Carlo) simulations & calculations
Lottery and online gambling (6 G$ annually in US only)
Numbering of Prepaid & Gift cards
Electronic money
Industrial testing: micro processors (chips), automotive industry,
bench top testing equipment
7. Industry labeling (unique chip numbers, MAC numbers…)
8. etc.
11
Random Programming Language
Instructions
Programming of a PTM requires existence of a computer
programming language that feature random decisions, like:
Ordinary PL
1. IF {condition} THEN
{block1}
ELSE
{block2}
ENDIF
Probabilistic PL
RIF {prob} {condition} THEN
{block1}
ELSE
{block2}
ENDIF
2. GOTO n OF lab1, lab2, lab3, ...
RGOTO lab1, lab2, lab3, ...
3. srand(seed);
a= rfloat;
OR
a= rdouble;
……
a = rand();
12
Binary symmetric channel with noise
In information-theoretic secure cryptographic protocols based
on noisy channels (BSCN) is a crucial resource.
BSCN flips the data bit with a predetermined “bit error
probability” probability perr < ½.
Realization of BSCN with perr = µ
13
In Maurer’s scenario Alice, Bob and Eve all have access to a
public string (S0) via individual BSCNs and Eve’s perr=γ >0.
There are 2 deviations from the Shannon crypto model:
1. Alice, Bob and Eve do not have the same information
2. There is an arbitrary small probability that Alice and Bob
would end up with a different key.
A protocol exist by which Alice and Bob can arrive to a IT
provable secure key by public communication, just s in QKD!
IEEE T Inform. Theor. 49, 822-831 (2003)
14
Analog noise generator
Gaussian white noise is a very useful resource for:
• measuring and testing of audio equipment
• speech and music synthesis,
• testing radio communication circuits, etc
Pseudo-random techniques exhibit peaks, electronic noise (eg.
transistor noise) exhibits 1/f rise near zero.
Spectrum starts at 0 and drops down by -0.1dB at 0.12 fclock, -1dB at 0.26 fclock
Power density envelope
no peaks.
is flat near zero and has
15
Randomness preserving frequency
division
Random pulse train (RPT) = time-wise random pulses (events).
Random pulse train (RPT) consists of logic pulses of equal width and height such that
waiting times obey Exponential p.d.f.
Frequency of periodic signals can be divided using ordinary
flip-flops and yield periodic signals.
Circuits with ordinary FFs divide random pulses too but …
time-wise randomness is NOT preserved.
Example:
Deterministic division by 2 => exactly every second pulse is omitted.
Random division by 2 => on average every second pulse is omitted.
Random division preserves time-wise randomness.
16
Basic random divider circuits
Basic random dividers:
a) random divider by 2; b) random divider by 4; c) divider which performs
random division by 2 followed by deterministic division by 2.
Stacking basic dividers frequency of a RPT can be divided by 2N.
Randomness preserving frequency division wasn’t feasible so far.
17
Waiting time distributions of a
RPT (the exponential p.d.f.) and
of a RPT divided by factors:
2D, 2D2R, 2D4R and 2D16R.
1. Random and Deterministic divisions
do not commute.
2. Random division is a self-healing process.
Can we divide by an arbitrary integer number n?
This is still an open question.
Naively it may be done by a random counter-to-n but that does not work !
18
Random Counter
A random analog of the 4-bit synchronous binary counter
exhibits rich set of phenomena.
Known so far:
1. Counter has 16 states Q={Q3,Q2,Q1,Q0}
representing numbers in range 0-15
2. Advancement resembles random walker
wondering about 15/2
3. Each output Qi generates a random
number sequence with zero bias and
serial correlation coefficients:
ak(Qi) = (1-2-i)k (a Markov process).
4. Frequency of the clock appears at Qi divided:
f(Qi) = fin/(2i+1)R/2D
BUT the outputs are 100% correlated thus
frequency synthesis is not possible.
Need for NEW tools to compute circuits (random Boolean logic?)
19
Random Frequency Synthesis
If we cannot divide – let’s multiply by <1!
μ-multiplier:
N
2
3
4
5
6
2N
4
8
16
32
64
7
128
8
256
1
0
1024
k
1 2 3
1 2 3 4 6 7
1 2 3 4 6 7 8 12 14 15
1 2 3 4 6 7 8 12 14 15 16 24 28 30 31
1 2 3 4 6 7 8 12 14 15 16 24 28 30 31
32 48 56 60 62 63
1 2 3 4 6 7 8 12 14 15 16 24 28 30 31
32 48 56 60 62 63 64 96 112 120 124 126
127
1 2 3 4 6 7 8 12 14 15 16 24 28 30 31
32 48 56 60 62 63 64 96 112 120 124 126
127 128 192 224 240 248 252 254 255
1 2 3 4 6 7 8 12 14 15 16 24 28 30 31
32 48 56 60 62 63 64 96 112 120 124 126
127 128 192 224 240 248 252 254 255 256
384 448 480 496 504 508 510 511 512 768
896 960 992 1008 1016 1020 1022 1023
μ-multiplier schematic and the table of realizable multiplication factors k/2N
20
Advantages:
•
Instantaneous change of random pulse rate (not limited by the
quasi-Heisenberg uncertainty principle )
•
Digitally selectable frequency (similar to PLL circuit)
Disadvantage:
•
Sparse set of multiplication factors.
A research on general random frequency synthesis circuits in under
way (see arXiv:1308.5719 [quant-ph]).
21
Using RFF and deterministic logic it is possible to make a
Random Pulse Selector (RPS): sends an input pulse randomly to one
of the two output ports.
A block schematic of a full-fledged RPT generator of frequency in
the range [fo, fo+f in] in arbitrary small steps Δf.
22
Electronic dice
And now some fun. Send a request pulse and obtain integer
random value in the range 1-6, just like throwing a dice.
Note: the device is symmetric on permutation of outputs.

A Request pulse generates a number in the range 0-7. If codes 0 or 7 are
obtained, an intenal generator sends further request pulses until a value
1-6 is obtained. Ready signifies the end of the process.
23
Random pulse computing paradigm
Binary operations between frequencies of random pulse trains
Quasi-analog, classical calculation
Requires time to settle (~Heisenberg uncertainty)
High immunity against noise (used in airplanes)
Simple hardware
Random pulse train (RPT) consists of logic pulses of equal width and
height such that waiting times obey exponential p.d.f.
Realizations of elementary binary mathematical operations between
frequencies of RPTs.
24
Having the 3 elementary binary operations (+, -, *) one can evaluate
polynomials (with very little resources in comparison to digital
operations) and thus all functions that allow Taylor expansion.
•
•
Adding operations requires minimum additional hardware
All n-nary operations are parallel (not sequential)
Open problems: 1. binary division unknown
2. analog-RPT and RPT-analog conversions
25
Realization of a RFF
A work in progress. One non-ideal solution takes advantage of
approximate even-odd symmetry of slowly sampled exponential
p.d.f. (CLT):
Time-wise random events (LED -> dispersive filter -> photon detector) toggle
the TFF whose state controls the clock pulse input (CP).
This DRFF is edge-triggered.
M. Stipcevic, Rev. Sci. Instrum. 75(2004)4442-4449
V. Bagini and M. Bucci., CHES 1999, pp. 204–218,
P. Chevalier, C. Menard, B. Dorval, Patent No. US3790768A
26
Conclusion
Random flip-flop is a novel digital circuit that generates and processes
classical information by means of a purely quantum effect – randomness.
It features inputs and outputs fully compatible with ordinary logic.
Potential applications:
•
•
•
•
•
•
•
•
Probabilistic Turing machine
Random pulse computing paradigm
Random number generation
Randomness preserving frequency division
Random frequency synthesis
Random counters
Simulation of random walks, fair coins, fair dices, etc.
Many more?
27
28
Random Number Generator
Starting from an initial number, algorithmically produce sequence of
numbers. If they “look random” than that is a PRNG.
Examples: xn 1  (axn  b) mod c
xn1  (axn1  b) mod c
= LCG(a,b,c)
=ILCG(a,b,c)
Pseudo random number sequences exhibit strong, deterministic,
long-range, correlations.
29
Spatial Quantum RNG
Specially prepared qubit measured (projected) in orthogonal basis:
  0  1
(highest entropy α2=β2=½)
0 0

1 1
Beam splitter QRNG
•
•
Depending on which detector “clicks”, 0 or 1 is generated per each
detected photon.
Simple and theoretically perfect.
30
How did we test for randomness ?
NO definition exists of (sequence of) random numbers.
Generally, one could say that a sequence (of binary values, bits) is
random if it is unbiased i.e. p(1)=p(0), and if there are no functional or
probabilistic correlations among bits.
There are infinitely many properties that a long sequence of random
bits must satisfy, statistically.
We tested for:
1. Bias, defined as p(1)-½
2. Serial auto correlation , defined [Knuth] as:
ak 
i1 bi  b bik  b  i1 bi  b 
N k
k is a lag between bits.
N
2
31