Integration of quantum random number generators with post-quantum cryptography algorithms

Abstract

As quantum technologies advance, the security of popular cryptographic protocols becomes more threatened by the capabilities of Cryptographically Relevant Quantum Computers (CRQCs). In this scenario, Post-Quantum Cryptography (PQC) has become a potential solution to prolong the life of existing Public Key Infrastructure (PKI) systems. However, PQC protocols depend on high-quality randomness for key generation and encapsulation procedures, with the quality of the entropy source potentially having a profound impact on the security of the overall system. In this work, we demonstrate a proof-of-concept enabling the incorporation of Quantum Random Number Generation (QRNG) devices within communication networks using PQC-based Transport Layer Security (TLS).Using open-source cryptographic libraries and commercial QRNG hardware, we demonstrate their use as entropy sources via an Entropy-as-a-Service (EaaS) model. We highlight two particular use cases: a fully virtualized private PKI network and a connection to an external PQC-enabled server. Experimental results show that EaaS QRNG enables real-time entropy monitoring and quality assessment in cryptographic management systems, with negligible impact on TLS handshake time.