<p>We propose federated quantum randomness with client-side sanity (FQR-CSS), a federated architecture that supplies continuously verifiable quantum entropy to cloud hardware security modules (HSMs) and key management services (KMS). In FQR-CSS, each quantum random number generator (QRNG) node emits a randomness contribution along with a post-quantum zero-knowledge proof (ZKP) attesting to device-level operational predicates. An aggregation layer verifies these proofs, runs Byzantine fault tolerance (BFT) consensus (instantiated via HotStuff) over accepted contributions, and publishes a mixed output with an integrity token. We introduce the security notion of verifiable quantum randomness (VQR), comprising unpredictability, quantum-origin guarantee, and federated integrity. We prove VQR under concrete post-quantum cryptographic assumptions. Our proofs utilize Track-A constructions (ZKPs over classical measurement logs), which are fully implementable today. We further outline a theoretical roadmap for Track-B (direct quantum state verification) to guide future research directions. Our empirical evaluation of a post-quantum zk-STARK (Track-A) demonstrates prover latencies of approximately 26&#xa0;ms for synthetic statistical predicates (K=1024), with sub-millisecond verification times, proof approximately 2.6 KB, and an estimated end-to-end WAN+HotStuff latency approximately 396&#xa0;ms in our conservative model.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Cryptographically auditable quantum entropy for cloud HSMs and KMS

  • Menyhért Pálinkó

摘要

We propose federated quantum randomness with client-side sanity (FQR-CSS), a federated architecture that supplies continuously verifiable quantum entropy to cloud hardware security modules (HSMs) and key management services (KMS). In FQR-CSS, each quantum random number generator (QRNG) node emits a randomness contribution along with a post-quantum zero-knowledge proof (ZKP) attesting to device-level operational predicates. An aggregation layer verifies these proofs, runs Byzantine fault tolerance (BFT) consensus (instantiated via HotStuff) over accepted contributions, and publishes a mixed output with an integrity token. We introduce the security notion of verifiable quantum randomness (VQR), comprising unpredictability, quantum-origin guarantee, and federated integrity. We prove VQR under concrete post-quantum cryptographic assumptions. Our proofs utilize Track-A constructions (ZKPs over classical measurement logs), which are fully implementable today. We further outline a theoretical roadmap for Track-B (direct quantum state verification) to guide future research directions. Our empirical evaluation of a post-quantum zk-STARK (Track-A) demonstrates prover latencies of approximately 26 ms for synthetic statistical predicates (K=1024), with sub-millisecond verification times, proof approximately 2.6 KB, and an estimated end-to-end WAN+HotStuff latency approximately 396 ms in our conservative model.