Recently, Prof. Yu Yu's team from the Department of Computer Science and Engineering , Shanghai Jiao Tong University, collaborated with Pan Jianwei and Zhang Qiang from the Institute for Quantum Information and Quantum Technology Innovation at the Chinese Academy of Sciences, Ma Xiongfeng from Tsinghua University,  Fan Jingyun from Southern University of Science and Technology and other researchers. They achieved the first implementation of a device-independent quantum random number generator as an entropy source, using post-quantum cryptography as a means of identity authentication for a random number beacon public service. This was applied to the field of zero-knowledge proofs (ZKP), eliminating security risks associated with the random oracle model in non-interactive zero-knowledge proofs (NIZKP) and enhancing the security of NIZKP. The findings were published on November 2nd in  "Proceedings of the National Academy of Sciences (PNAS)," with Zhang Kaiyi, a doctoral student of Prof. Yu Yu being the co-first author.

Zero-Knowledge Proofs (ZKP) are a fundamental cryptographic primitive that allows a prover to convince a verifier of the validity of a proposition without revealing any additional information. Non-Interactive Zero-Knowledge Proofs (NIZKP) represent an important variant of ZKP, where the prover needs to send only one message to the verifier. NIZKP finds widespread applications in areas such as digital signatures, blockchain, and identity authentication.

The security of commonly used NIZKP systems is based on the random oracle model. However, the random oracle requires a significant amount of true random numbers, which are impractical to instantiate in reality. Instead, deterministic cryptographic hash functions are often used in practical applications to replace the random oracle. Previous research has indicated that this approach may pose potential security risks.

The intrinsic randomness of quantum physics offers a completely new solution to address this security concern. Specifically, device-independent quantum random numbers (DIQRNG) based on the violation of Bell inequalities can provide truly random numbers with the highest level of security. The security is guaranteed by the fundamental principles of quantum mechanics, without requiring users to make any prior characterization or assumptions about the quantum devices. The research team first implemented a DIQRNG resistant to quantum attacks in 2018 [Nature 562, 548 (2018)], and subsequently enhanced the speed of random number generation in 2021 [Nature Physics 17, 448 (2021); PRL 126, 050503 (2021)].

In this work, the research team established a beacon public service system based on Device-Independent Quantum Random Numbers (DIQRNG). They utilized this system to design and implement a Non-Interactive Zero-Knowledge Proof (NIZKP) scheme that does not rely on the random oracle model. The random number beacon service broadcasts the generated random numbers in real-time to the public. Furthermore, to ensure the security of the random numbers during the broadcasting process, the research team employed a quantum-safe signature algorithm resistant to quantum attacks. Subsequently, they replaced pseudo-random numbers generated by hash functions with the received random numbers from DIQRNG, constructing and experimentally verifying a more secure NIZKP protocol.

This research work marks the first integration of three distinct fields—quantum non-locality, quantum-safe algorithms, and zero-knowledge proofs—resulting in an enhancement of the security of zero-knowledge proofs. The publicly-oriented random number service constructed has significant potential applications in cryptography, lottery industries, and social welfare. The quantum random number beacon public service website can be accessed at: https://randomnessbeacon.com.

Paper Link: https://www.pnas.org/doi/10.1073/pnas.2205463120