Quantum Entropy at Scale

Why ‘Random’ Might Be the Most Important Word in Cybersecurity

In this QSECDEF workshop, Dave and Jose explained Quside’s approach to quantum random number generation and made a simple but powerful point: many digital systems appear secure on the surface, yet depend on randomness that may be far less robust than assumed. That matters because cryptography, wallets, digital signatures, VPNs and even blockchain fairness all rely on one essential ingredient - unpredictability. Quside presents its products as quantum-based entropy sources and says its work with Deloitte is intended to make that unpredictability measurable rather than merely assumed.

A useful analogy is a large lock factory. Most attention goes to the strength of the metal, the sophistication of the lock design and the finish on the handle. That is understandable. Yet if the factory keeps reusing the same small set of key patterns, the entire system is compromised. Weak randomness is that hidden key-pattern problem. It does not appear dramatic. It appears mundane, which is precisely why it is so dangerous.

One of the most valuable points in the discussion was a distinction that is often overlooked. Output that appears random is not the same as strong entropy. Put simply, a string of numbers can look disorderly while still coming from a very limited set of possibilities. NIST guidance reflects this distinction. SP 800-90B focuses on entropy sources and the estimation of min-entropy, while SP 800-90C defines constructions for random bit generators that combine entropy sources with deterministic generators. Standards bodies are therefore not merely asking whether an output stream looks random. They are asking how much real unpredictability it contains.

The point becomes clearer with a practical example. Imagine a raffle in which every ticket appears unique, but most were printed from the same small batch. The raffle seems fair, but it is not. The same principle applies to cryptographic keys. AES-256 only delivers its stated strength if the key material is generated with sufficient entropy. A 256-bit string built from weak or repeated internal patterns is like a supercar fitted with a lawnmower engine.

This helps explain the repeated emphasis on quantum random number generators, or QRNGs. The claim is not that classical systems are ineffective. Rather, many classical random number generation methods rely on indirect signals, software state or hardware noise that can be difficult to validate continuously. NIST already requires documentation demonstrating conformance with SP 800-90B for applicable FIPS 140-2 and FIPS 140-3 module submissions, and SP 800-90C, published in 2025, formalised how approved entropy sources and DRBGs should be combined. Entropy has therefore moved from a matter of trust to a matter of demonstrable assurance.

Quside and Deloitte have advanced a useful framework that divides RNGs into four levels, ranging from fake randomness to what they describe as ‘Level 4’ quantified uncertainty. One need not accept every marketing label to recognise the strategic value of the argument. Boards, auditors and product teams increasingly want to know not simply whether an RNG exists, but whether its quality can be monitored, certified and tied to a physical entropy source. Quside states that its photonic quantum-based entropy sources received NIST SP 800-90B certification in September 2024, which strengthens its position in regulated markets.

The workshop was at its strongest when it moved from theory to examples of failure. Security history contains many cases in which weak randomness caused disproportionate harm. Debian’s 2008 OpenSSL bug made key generation dangerously predictable, prompting advice that affected key material should be regenerated from scratch. Cisco has also issued advisories for products in which insufficient entropy in the DRBG could lead to cryptographic collisions or private-key compromise. These are not cinematic failures. They are infrastructure failures - and that is more serious, because infrastructure underpins everything else.

Blockchain systems offer the same lesson in a more visible form. The discussion highlighted three areas in which randomness matters: key generation, consensus or leader election, and application-level behaviour such as NFT minting or game outcomes. Real-world examples support the point. The Meebits mint became a well-known case of predictable outcome selection, while recent research on Ethereum’s RANDAO mechanism has examined ‘last revealer’ bias, in which participants may have an incentive to withhold or reveal information strategically in order to influence future randomness.

The wider business message is clear. Weak randomness is not merely a cryptographic flaw. It is a trust flaw. In a wallet, it may lead to stolen funds. In a PKI environment, it may produce duplicate or guessable keys. In a blockchain, it can undermine fairness. In a regulated industry, it can become an audit problem, an insurance problem and a reputational problem. An organisation may invest heavily in sophisticated defences only to fail because of a weakness at the foundation.

Timing also matters. Since August 2024, NIST has finalised FIPS 203 for ML-KEM and FIPS 204 for ML-DSA, the first core post-quantum standards. The UK’s NCSC published migration milestones in March 2025, setting targets for planning by 2028, priority migration by 2031 and completion by 2035. The EU followed with a coordinated implementation roadmap in June 2025. The market has therefore moved from treating quantum risk as a distant issue to treating migration planning as a current requirement. Better entropy is not the whole post-quantum story, but it is one of the foundations on which the rest depends.

The practical conclusion from the session was sensible. Begin with threat mapping. Identify where randomness enters systems. Distinguish output testing from entropy assurance. Avoid single points of entropy failure. Design for cryptographic agility so that algorithms and entropy sources can be replaced without rebuilding entire systems. Put plainly, do not wait until the roof is on fire before asking where the smoke alarm batteries came from.

Salient points

1. Cryptography depends on unpredictability, not merely on numbers that appear random.
2. NIST SP 800-90B focuses on entropy sources and min-entropy estimation, while SP 800-90C defines approved RBG constructions.
3. FIPS 203 and FIPS 204, finalised in August 2024, mark a major step towards operational post-quantum cryptography.
4. Weak randomness has already caused serious failures, including Debian’s OpenSSL incident and Cisco entropy-related vulnerabilities.
5. In blockchain systems, poor randomness can affect wallets, leader election and application fairness, as illustrated by Meebits-style mint manipulation and RANDAO bias research.
6. Quside and Deloitte argue for ‘Level 4’ RNGs - randomness generated by a quantum process and validated in operation.
7. Migration pressure is increasing in the UK and EU, making entropy assurance a business and compliance issue rather than a purely technical one.

Market classification

Quantum cybersecurity infrastructure, specifically entropy generation and cryptographic trust primitives.

Sub-markets and adjacent domains

Post-quantum cryptography, hardware security modules, PKI modernisation, secure connectivity for IoT, blockchain infrastructure, secure edge computing, defence communications, data-centre security and high-integrity Monte Carlo computing.

Competitor categories

Classical PRNG vendors, TRNG hardware vendors, HSM providers with embedded entropy sources, blockchain oracle and randomness providers, and QRNG specialists integrated into chips, cards, cloud or network services.

Market outlook

The direction of travel is clear. Standards are maturing, compliance pressure is rising, and organisations are being pushed to inventory cryptographic dependencies well before large-scale quantum attacks become practical. This creates a growing market for certified entropy, particularly where products must demonstrate assurance rather than merely claim it.

Demand drivers

1. Post-quantum migration programmes
2. Audit and certification requirements
3. Zero-trust and root-of-trust upgrades
4. Rising concern over harvest-now, decrypt-later risk
5. Blockchain fairness and anti-manipulation requirements
6. Demand for secure key generation at endpoints, beyond central infrastructure

Sources and references

1. NIST SP 800-90B - entropy source guidance
2. NIST SP 800-90C - RBG constructions
3. NIST FIPS 203 and FIPS 204
4. NCSC UK PQC migration roadmap
5. EU coordinated implementation roadmap for PQC transition
6. Quside and Deloitte on Level 4 RNG
7. Quside SP 800-90B certification announcement
8. Debian OpenSSL advisory
9. Cisco insufficient-entropy advisories and NVD record
10. Meebits and RANDAO references