No Entropy Without a Model
No Entropy Without a Model
Why "it looks random" is never enough — and what it actually takes to prove that the numbers guarding your secrets are unpredictable to the one person trying to guess them.
Hardware and quantum random number generators are usually justified the same way: the physics is unpredictable, the output passes a battery of statistical tests, so the numbers must be good. This article argues that the justification is missing the only thing that matters. Unpredictability is not a property of a string of bits — it is a property of how little an attacker knows. The honest object to defend is a proven lower bound on the source's conditional min-entropy: a number derived from a physical model, kept true while the device runs by health tests tied to that model, protected from side channels that would quietly hand the attacker the very uncertainty you are counting on, and only then squeezed by a conditioner that spends entropy honestly. A hash cannot manufacture randomness a model never proved. This is the discipline, told for a general technical reader.
1. The Number That Looks Random
A random number generator that merely looks unpredictable offers a cryptographer almost nothing — because essentially every broken generator in history looked unpredictable right up until it was broken. The most famous example has a name that still makes engineers wince: Dual_EC_DRBG.
Dual_EC was a standardised generator. It shipped by default in widely deployed software. It sailed through the standard statistical test batteries without a single complaint. And in 2007, Dan Shumow and Niels Ferguson showed that anyone who knew a secret mathematical relationship between two fixed numbers baked into the design could watch a short run of its output and then predict everything it would ever produce afterwards [Shumow2007, Bernstein2016]. To everyone without that secret, the output was indistinguishable from noise. To the one person holding it, the generator was an open book.
Here is a generator with zero randomness that defeats every statistical test you can throw at it: take a simple counter — 1, 2, 3, 4, … — and encrypt each value under AES with a secret key. The output is uniform, has no detectable bias, and passes the whole NIST and Dieharder suites. Yet to anyone who knows the key, the next output is fully determined. Counting is not randomness, no matter how convincing the disguise.
A purely innocent example makes the same point without any villain. The Mersenne Twister is a widely used pseudo-random generator that passes most of the standard test suites. But once an observer has seen 624 consecutive outputs, its entire future is fixed forever. The tests never noticed; the structure was always there.
So what is randomness, if it is not a visible feature of the bits coming out of a box? It is a gap — the gap between what the attacker knows and what the attacker would need to know to predict your next number. Building an entropy source is the discipline of measuring that gap from below, and of keeping it open while the device runs, through heat, ageing, and a determined adversary. Everything in this article follows from taking that one sentence literally.
Randomness is not a property of the output. It is the size of the attacker's blind spot — and a security argument has to prove that blind spot is large.
— The thesis in one sentenceThe bad argument we want to retire goes like this: the source is physically unpredictable; a hash compresses it; the compressed stream passes the tests; therefore it has full entropy. Every step is either a non-sequitur or false. "Physically unpredictable" means nothing until a model attaches an actual number to it. Compression can only ever preserve or destroy randomness — never create it. And a passing test battery detects gross structure while certifying nothing about how much an informed attacker already knows. In place of "unpredictable, compressed, and tested," this article offers five words: modeled, measured, monitored, margined, and shielded.
2. Entropy Is About the Adversary, Not the Bits
Cryptographers almost never use the "entropy" most people learned in school. The familiar one — Shannon entropy — measures average surprise. That is the wrong average for a secret key, because an attacker does not guess your key on average. They guess it once, with their single best guess. The right quantity is the worst case, called min-entropy.
In words: find the single most likely outcome, take its probability, and that probability alone sets the score. Nothing else about the distribution matters, because the attacker will simply guess that most likely outcome first.
Why the worst case is the only case
Picture a source with 129 possible symbols. Half the time it emits one fixed symbol; the other half of the time it spreads its output evenly over the remaining 128. Its Shannon entropy works out to a comfortable-sounding 4.5 bits. Its min-entropy is exactly 1 bit — because an attacker who always guesses that one fixed symbol is right half the time. A key drawn from this source is cracked on the very first guess with probability one-half. Shannon entropy is blind to that fact. Min-entropy reports it exactly. This is why cryptographic accounting is always a worst-case, lower-bound discipline.
Now let the attacker look over your shoulder
Real sources are not sealed in a vault, and the attacker is not blind. They may see the power-supply ripple, the electronic noise, the temperature — any side information the device leaks or the attacker can nudge. Call everything the attacker can see or control $E$. The honest object is then the conditional min-entropy: how unpredictable the output still is after the attacker has seen $E$.
The formula looks heavy but says something simple. The inner part is the attacker's best guess once they have seen a particular slice of side information. The expectation averages their success over all the side information they will actually encounter. The logarithm turns that success rate into bits.
Suppose $X$ is a perfectly fair bit — one full bit of entropy in isolation. But a cheap sensor leaks a related value $E$ that happens to agree with $X$ ninety percent of the time. An attacker who reads $E$ and simply guesses that $X$ matches it is right 90% of the time. The "fair" coin is now worth only about 0.15 bits to that attacker. It still looks flawlessly random to anyone watching $X$ alone. It is nearly worthless to anyone who can also see $E$.
This is exactly why a vacuum-fluctuation quantum generator cannot simply quote the variance of its measured signal as "entropy." Part of that variance is ordinary classical noise the attacker is allowed to know. The randomness you actually get to keep is whatever survives once you condition on $E$ — never the whole thing.
3. A Hash Cannot Make Entropy
Raw physical noise is rarely clean. It is biased, correlated, lumpy. So designers run it through a conditioner — a hash function, an XOR mixer, a von Neumann corrector — to produce a short, smooth, near-uniform output. It is tempting to believe this step manufactures quality. It does not. A conditioner can only ever concentrate randomness that was already there.
The mathematical reason is a one-line fact called the data-processing inequality: any deterministic function of $X$ can have at most as much min-entropy as $X$ itself, written $H_\infty(f(X)) \le H_\infty(X)$. Any strategy for guessing the squeezed output gives you an at-least-as-good strategy for guessing the input. Squeezing a sponge that is only a quarter full of water does not give you more water.
The Leftover Hash Lemma — and what it actually costs
The tool that prices the squeeze is the Leftover Hash Lemma. Feed a source carrying $k$ bits of (conditional) min-entropy into the right kind of hash family with a public random seed, and you can extract an output that is within a tiny distance $\varepsilon$ of perfectly uniform — provided you do not ask for too much:
Read it plainly: you can keep $m$ output bits, but only up to your input entropy $k$ minus a small toll for near-perfection. The crucial consequence kills the "amplification" fantasy in a single stroke — if $k$ is small, no choice of hash makes $m$ large. There is no clever function that turns a trickle of entropy into a flood.
The Leftover Hash Lemma is unconditional — it holds against any attacker — but only for a "universal hash with a public random seed." The conditioners the standards actually use (hashes built on SHA-2 or SHA-3, HMAC, AES-based CMAC) are fixed functions, not seeded draws from such a family. Their entropy-preservation is therefore a weaker, computational claim: that a specific function behaves enough like an ideal one on real input. The famous "+64" safety margin in the standards is the heuristic price for that gap — the same shape of accounting, ported from a provable world to an assumption-based one.
The practical takeaway is the mental model every engineer should carry. What you must defend is a trustworthy lower bound on the input min-entropy. A source whose true randomness is, say, 7 bits per byte but that you cannot prove is above 7 — because you have no model, or no health test tied to it — is not a 7-bit source for accounting. It is an unbounded source, and you are in the dark. The danger is never that your measured bound is too conservative. The danger is claiming a bound you cannot defend, because the conditioner will faithfully whiten the output either way and hide the difference.
4. Why You Need a Model, Not Just a Measurement
A fair objection: if I capture raw data, run the standard min-entropy estimators, and get a healthy number, why isn't that enough? Because an estimator only measures the sample sitting in front of it, under the assumption that the sample is representative. A model is what licenses that assumption — and what tells you when it fails. Three reasons make the model non-negotiable.
- Coverage. An entropy source must hold across an entire operating envelope — process, voltage, temperature, ageing — that no finite lab capture can exhaust. The model is what extends a bound measured at a few corners to the corners you never tested, because it names which physical parameter governs the entropy and how. Without it, a clean reading at room temperature says nothing about the cold corner.
- Discrimination. An estimator cannot tell genuine randomness from deterministic structure that merely looks complicated. A weakly chaotic circuit, or one secretly locked to an attacker's injected signal, can produce data the estimators rate as high-entropy while the true unpredictability against an informed attacker is near zero. That is the Dual_EC situation reappearing at the level of physics. Only a model — which predicts the shape the distribution should have, and lets you reject the data when the shape is wrong — catches it.
- Meaning. A model is what makes a health test meaningful. A test threshold computed from a physical parameter is a test of the entropy. A generic statistical test run on the output is a test of the conditioner — the one component specifically designed to hide failures.
A source is certifiable when three things exist together: a stochastic model of its physics; a measured lower bound on its conditional min-entropy that is valid across the whole declared operating envelope; and an online test that rejects any run where the model's parameters wander out of the region where that bound holds. Unpredictability that cannot be written in this form is an aesthetic judgement, not a security parameter.
5. Five Sources, Five Models
To show the discipline is concrete and not a sermon, consider five physical sources that span the field — three classical, two quantum. For each one, the physics hands you an output model, the model names a single governing knob, and that knob both sets the entropy and tells you exactly what failure looks like.
The classical three
Oscillator jitter. A free-running ring oscillator drifts in phase because thermal noise jostles each gate delay; over time those nudges add up into a random walk. The accumulated jitter, measured against the clock period, gives a single quality factor $Q = \sigma_{\text{acc}}^2 / T_0^2$. A larger $Q$ means more genuine wander and more entropy per bit. Measure one jitter variance and one period, and you have bounded both the bias and the correlation at once. The tell-tale sign of real thermal jitter is that it grows linearly with time; if it doesn't, you are probably looking at interference or an attacker's injected tone, not randomness.
Amplified thermal noise. The charge carriers in any resistor jitter purely because of temperature — the Johnson–Nyquist law, $\sigma_v^2 = 4 k_B T R B$, ties that voltage noise directly to temperature, resistance, and bandwidth. This is irreducible physics, not a circuit artefact, which is what makes it attractive. Amplify it, compare it to a threshold, and the output bit is the sign of the noise. The entropy is then controlled by how large the amplifier's offset is relative to the amplified noise — a clean, measurable ratio.
Metastability. A cross-coupled latch can be driven to a knife-edge between its two stable states, and thermal noise decides which way it falls. In principle this is beautiful; in practice it is the trickiest of the three, because manufacturing mismatch gives every latch a built-in lean, and that lean drifts with voltage and temperature. Worse, incomplete settling makes each output depend on the last, so the honest model is not a clean coin flip but a two-state Markov chain — and treating it as a coin flip overstates its entropy.
The quantum two
Single-photon which-path. Send one photon at a balanced beam splitter; quantum mechanics assigns each path a clean one-half probability and one ideal bit of entropy. Reality intrudes through unequal detector efficiencies, dark counts, dead time, and afterpulsing — all classical imperfections an attacker may know or probe. Commercial devices in this family have been certified under both major standards, and those certifications rest on a model of precisely these imperfections, not on the ideal bit alone.
Vacuum-fluctuation homodyne. Here the device measures the quantum "shot noise" of the vacuum against a strong reference beam. The catch: the measured signal mixes the true quantum variance with ordinary classical electronic noise. Quoting the total variance as entropy is the single most common overstatement in this whole field, because it credits you with randomness the attacker controls through the classical part.
For the homodyne source, the ratio of quantum noise to classical noise — the "shot-noise clearance ratio" — decides how much of the measured signal is honestly random. The paper's simulations make the gap quantitative: as the clearance ratio worsens, the honest conditional min-entropy stays pinned at the value set by the genuine quantum noise, while the naive total-variance figure inflates without bound. When the two kinds of noise are equal, the overstatement is already about half a bit per sample; push classical noise higher and it tops a full bit. That shaded gap between the two curves is randomness the attacker controls.
| Source | Where the randomness lives | Governing knob | What failure looks like |
|---|---|---|---|
| Oscillator jitter | Thermal phase drift of a ring oscillator | Jitter quality factor $Q$ | $Q$ collapses; jitter stops scaling with time (injection locking) |
| Amplified thermal | Johnson–Nyquist noise in a resistor | Offset vs. amplified noise | Bias drift, amplifier saturation, $1/f$ contamination |
| Metastability | A latch balanced on a knife-edge | Built-in offset; Markov transitions | Bias survives calibration; correlation won't vanish |
| Photon which-path | One photon, two paths, Born rule | Efficiency mismatch, dark counts | Measured bias disagrees with the imperfection model |
| Vacuum homodyne | Quantum shot noise of the vacuum | Shot-noise clearance ratio | "Quantum" variance fails to track the reference beam |
Notice the last column. Every model comes with a way to be proven wrong by measurement. A model no experiment could ever contradict carries no information — and in a real evaluation lab, that falsification test is the acceptance test.
6. Measure, Monitor, Margin
A model proves a number at design time. Three field disciplines keep that number honest at run time.
Measure the raw source — before the conditioner
The cardinal rule is procedural: tap the signal upstream of any hash or corrector. A conditioner whitens everything it touches, including failure. Measure after it and you are measuring the conditioner, not the source. Debiasing, XOR, von Neumann correction — all allowed in the data path, but they live downstream of the measurement point, they can never raise the min-entropy, and you may never credit their cleaned-up statistics as if they were the raw source.
Estimate the hard way — assume nothing is independent
Run the conservative non-IID estimators and report the minimum across all of them. This is not just caution; it is a free diagnosis. The estimator that wins tells you the failure mode. If a Markov estimator dominates, the source has serial dependence — the metastability latch with incomplete settling. If a longer-range predictor dominates, there is periodic structure an attacker may be injecting. If "most-common-value" dominates, the source is simply biased. Reading the winner is reading the disease.
Tie every health test to a physical knob
The standard built-in tests catch catastrophe — a source that drops dead or jams at one value. They do not catch the failure that actually happens in the field: a source that quietly slumps from 0.9 bits to 0.6 bits as the chip warms up, all while still looking noisy. The fix is to monitor, online, the very parameter the model says governs entropy — the jitter $Q$, the offset drift, the clearance ratio — and alarm the moment it crosses the value where your entropy claim would break.
A generic output test asks "does this look random?" A model-bound test asks "is the physical thing that makes the randomness still doing its job?"
— The whole point of binding tests to parametersProve your alarm works by attacking it yourself
A health test you have never tried to fool is decoration — a smoke detector you have never held a match to. So you inject the failures you fear: supply droop, electromagnetic pulses, thermal shock, manipulation of a laser's reference beam, deliberate illumination of a photon detector. The acceptance criterion is a latency statement. For each attack, the test must alarm before the true entropy falls below your claim, and the number of below-claim outputs emitted in the gap between collapse and alarm must be counted and bounded.
In the paper's simulation, a jitter source runs happily near 0.98 bits per sample. At a chosen instant, an injection-locking attack collapses its quality factor and the true entropy crashes to about 0.11 bits. A sliding-window monitor watches the estimate fall and fires its alarm as it crosses the claimed floor of 0.8 — with a detection latency of 160 outputs. That 160 is the concrete, reportable number an integrator must buffer or discard behind the alarm. An entropy claim with no latency bound is a statement about the past, not a guarantee about the next sample.
7. The Side Door
The conditional min-entropy $\widetilde{H}_\infty(X \mid E)$ is only as honest as the side information $E$ it conditions on. If a physical side channel hands the attacker something the model left out of $E$, the true entropy is lower than the certified one, and every downstream guarantee silently fails. Leakage is therefore not a separate worry bolted on at the end. It is the question of whether your $E$ is complete.
And the stakes are sharper here than for an ordinary cipher. Leaking one key bit costs you one secret. Leaking the state of your noise source — the oscillator's phase, the comparator's instantaneous input, the laser's amplitude — can collapse the entropy of every future output, because an attacker who learns the source's state can predict samples rather than recover a single secret. Power and electromagnetic emanations carry exactly these quantities: the switching of the sampling logic, the comparator's decision, the analog-to-digital conversion are all correlated with the raw sample, and modern probes with machine-learning analysis pull such correlations out cheaply.
Several of the faults from the previous section are also side channels played backwards. Injecting a tone into a ring oscillator can both reduce its entropy and synchronise it to the attacker's clock — and this has been demonstrated wirelessly, with no physical contact. A device that is monitored for entropy but not shielded for leakage can be driven into a low-entropy, attacker-synchronised state its health test was never designed to see.
A design that takes leakage seriously keeps the noise source and its first amplifier inside the same shielded, power-conditioned boundary as the conditioner, so the raw sample is never exposed on an external rail; treats the sampling clock and conversion events as leakage sources to be masked or randomly timed; optionally adds a decoy whose emanations are indistinguishable from the live source; and extends the fault-injection campaign to emission measurement, verifying that what an external probe can recover about the raw sample stays below a stated bound. The leakage budget is then reported right alongside the entropy budget. A conditional-entropy claim that does not even state which $E$ it assumed is not yet a claim.
8. The Quantum Question
The word "quantum" does more rhetorical work in this market than almost any other, so it deserves a careful answer to three separate questions that get routinely tangled together.
Does a quantum generator carry a real advantage?
Yes — a genuine one, worth paying for. Its ideal model has a first-principles entropy that is a consequence of quantum measurement itself, not an estimate of some messy classical process. But that advantage lives in the ceiling. Your security parameter is the floor, and the floor is classical: the single-photon device leaks through detector imperfections, the homodyne device through classical excess noise. Quantum mechanics guarantees the ceiling is high. It says nothing about where the floor sits — and the floor is where you stand.
Quantum mechanics provides a ceiling on unpredictability. It is silent about the floor — and the floor is set entirely by how well the real apparatus approximates the ideal.
— The heart of the quantum caseDo quantum computers threaten hardware RNGs?
Not at the entropy-source layer. A quantum computer attacks the hard-math assumptions behind public-key cryptography and, via Grover's algorithm, halves the effective strength of symmetric keys. It does not predict a well-characterised physical noise source, whose security at the raw layer is information-theoretic and rests on no computational assumption at all. The post-quantum transition is a story about the algorithms downstream of the generator — with one caveat: the hash or cipher used for conditioning should keep adequate strength under Grover, which the standard 256-bit choices already do.
Do better quantum sensors make sources more predictable?
This is the genuinely interesting threat. Improved quantum-limited sensing lowers the cost of measuring exactly the classical quantities that make up $E$ — a laser's phase, a detector's afterpulsing, a faint emanation — and so can enlarge the attacker's side information against a source whose leakage budget was set against weaker instruments. This is a leakage question, and the right response is to state, in the model, what measurement capability you assumed the attacker has.
Not "is it quantum?" Ask instead: What is your conditional min-entropy given your own classical noise? Which online test holds it there? And what attacker measurement capability did your leakage budget assume? A transparent, certified classical generator with a defended conditional-entropy bound beats an opaque quantum one that merely ships the ideal bit. Transparency of the model is not a marketing nicety — under the definition in Section 4, it is what "certified" actually means.
9. The Whole Chain in One Line
The model, the measurement, the health test, the entropy accounting, and the leakage budget are routinely dismissed as compliance overhead laid on top of a source that is "obviously random." The order of dependence is the reverse. Those five are the only content the word random has in a cryptographic setting — the source is nothing without them. They link into a single chain, and dropping any one makes the others stop meaning anything.
Modeled
A stochastic model derived from the device physics turns a vague claim of "unpredictable" into an actual number, with the entropy tied to a measurable knob.
Measured
A conservative lower bound on conditional min-entropy is measured on the raw source, before any conditioning, with the most pessimistic applicable estimator.
Monitored
Health tests bound to the model's parameter keep the number true over time and temperature — and are proven to alarm fast enough by attacking them on purpose.
Margined
The conditioner spends the entropy honestly. With $n$ output bits needed, it must consume input carrying at least $n + 64$ bits of proven min-entropy.
Shielded
A leakage argument proves the attacker has not already been handed the source's secret through a side door of power, EM, timing, or photons.
The accounting, made concrete
The chain ends in arithmetic. If your live health test guarantees $\rho$ bits of min-entropy per raw bit, and you want a 256-bit full-entropy block, the rule is to consume enough raw bits to clear $256 + 64 = 320$ bits of proven entropy. A cleaner source needs fewer raw bits; a degraded one simply consumes more — until it crosses the floor, at which point the health test has already alarmed. The same number the model predicts, the estimator confirms, and the health test defends is the number that sizes the conditioner.
| Source (design target) | Min-entropy ρ per raw bit | Raw bits for a 256-bit block | Conditioner |
|---|---|---|---|
| Oscillator jitter | 0.50 | 640 | SHA-256 |
| Amplified thermal | 0.80 | 400 | SHA-256 |
| Metastability | 0.60 | 534 | SHA-256 |
| Vacuum homodyne | 0.95 | 337 | SHA-256 |
That tidy division assumes min-entropy simply adds up bit by bit — which is only true for a source whose samples are independent. A source like metastability is explicitly not independent; it follows a Markov model with memory. For such a source, the true entropy of a whole block is found by working through the joint distribution, not by naively multiplying an average per-sample rate. The honest accountant keeps the dependence in view.
And so the conclusion writes itself. Unpredictability is necessary — and once it is written as a proven, monitored, leak-contained lower bound on conditional min-entropy, it is also sufficient, because at that point the Leftover Hash Lemma supplies the rest for free. The error worth eradicating is the belief that a conditioner can rescue a source the model never characterised. It cannot.
A hash function is an excellent way to hide that you do not know how much entropy you have — and a poor way to obtain any.
— The closing line of the argumentQuick Reference Glossary
| Term | Definition |
|---|---|
| Min-Entropy | $H_\infty(X) = -\log_2 \max_i p_i$ — the worst-case measure of unpredictability, set by the single most likely outcome. The right entropy for a key. |
| Conditional Min-Entropy | How unpredictable the output remains after the attacker has seen all the side information $E$ they can access. The quantity a real claim must lower-bound. |
| Side Information ($E$) | Everything an attacker can observe or control — supply ripple, electronic noise, temperature, classical excess noise, leaked emanations. |
| Stochastic Model | A physics-derived description $p(x\mid\theta)$ of the raw source, with parameters tied to measurable electrical or optical quantities. |
| Conditioner | A deterministic step (hash, XOR, von Neumann corrector) that concentrates existing entropy into a shorter, smoother string. It can never create entropy. |
| Leftover Hash Lemma | The theorem that prices extraction: from $k$ input bits you can pull at most $m \le k - 2\log_2(1/\varepsilon)$ near-uniform output bits. |
| Health Test | An online check that the source still meets its entropy claim. Most useful when its threshold is computed from a model parameter, not from generic output statistics. |
| Detection Latency | The number of below-claim outputs a health test lets through between an entropy collapse and its alarm. Must be measured and bounded. |
| Clearance Ratio | For a homodyne QRNG, the ratio of genuine quantum noise to classical noise — a monitored security parameter, not a performance figure. |
| SP 800-90B / AIS 31 | The two major evaluation traditions for entropy sources: NIST's estimator-centric battery, and BSI's model-centric requirement for a stochastic model. |
References
[SP90B] Turan, M.S., Barker, E., Kelsey, J., McKay, K.A., Baish, M.L., Boyle, M.: Recommendation for the Entropy Sources Used for Random Bit Generation. NIST Special Publication 800-90B (2018).
[SP90A] Barker, E., Kelsey, J.: Recommendation for Random Number Generation Using Deterministic Random Bit Generators. NIST SP 800-90A Rev. 1 (2015).
[SP90C] Barker, E., Kelsey, J., McKay, K.A., Roginsky, A., Turan, M.S.: Recommendation for Random Bit Generator (RBG) Constructions. NIST SP 800-90C (final, 2025).
[AIS31v3] Peter, M., Schindler, W.: A Proposal for: Functionality Classes for Random Number Generators, Version 3.0. BSI, mathematical-technical reference for AIS 20/AIS 31 (10 September 2024).
[AIS31v2] Killmann, W., Schindler, W.: A Proposal for: Functionality Classes for Random Number Generators, Version 2.0. BSI AIS 20/AIS 31 (2011).
[Shumow2007] Shumow, D., Ferguson, N.: On the Possibility of a Back Door in the NIST SP 800-90 Dual_EC_PRNG. CRYPTO 2007 Rump Session (2007).
[Bernstein2016] Bernstein, D.J., Lange, T., Niederhagen, R.: Dual EC: A Standardized Back Door. In: The New Codebreakers, LNCS 9100, pp. 256–281. Springer (2016).
[ILL1989] Impagliazzo, R., Levin, L.A., Luby, M.: Pseudo-random Generation from One-way Functions. In: STOC 1989, pp. 12–24. ACM (1989).
[Dodis2008] Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.: Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data. SIAM J. Computing 38(1), 97–139 (2008).
[Baudet2011] Baudet, M., Lubicz, D., Micolod, J., Tassiaux, A.: On the Security of Oscillator-Based Random Number Generators. J. Cryptology 24(2), 398–425 (2011).
[Petrie2000] Petrie, C.S., Connelly, J.A.: A Noise-Based IC Random Number Generator for Applications in Cryptography. IEEE TCAS I 47(5), 615–621 (2000).
[Tokunaga2008] Tokunaga, C., Blaauw, D., Mudge, T.: True Random Number Generator with a Metastability-Based Quality Control. IEEE JSSC 43(1), 78–85 (2008).
[Markettos2009] Markettos, A.T., Moore, S.W.: The Frequency Injection Attack on Ring-Oscillator-Based True Random Number Generators. In: CHES 2009, LNCS 5747, pp. 317–331. Springer (2009).
[Bayon2012] Bayon, P., et al.: Contactless Electromagnetic Active Attack on Ring Oscillator Based TRNG. In: COSADE 2012, LNCS 7275, pp. 151–166. Springer (2012).
[Dodis2013] Dodis, Y., Pointcheval, D., Ruhault, S., Vergnaud, D., Wichs, D.: Security Analysis of Pseudorandom Number Generators with Input: /dev/random is Not Robust. In: ACM CCS 2013, pp. 647–658.
[Fortuna] Ferguson, N., Schneier, B., Kohno, T.: Cryptography Engineering (Fortuna generator). Wiley (2010).
[FIPS140-3] NIST: Security Requirements for Cryptographic Modules. FIPS PUB 140-3 (2019); adopts ISO/IEC 19790:2012.
[HC2017] Herrero-Collantes, M., Garcia-Escartin, J.C.: Quantum Random Number Generators. Rev. Mod. Phys. 89, 015004 (2017).
[Ma2016] Ma, X., Yuan, X., Cao, Z., Qi, B., Zhang, Z.: Quantum Random Number Generation. npj Quantum Information 2, 16021 (2016).
[Haw2015] Haw, J.Y., et al.: Maximization of Extractable Randomness in a Quantum Random-Number Generator. Phys. Rev. Applied 3, 054004 (2015).
[IDQ] ID Quantique: Quantis QRNG — AIS 31 / SP 800-90B Certification and Stochastic-Model Documentation. Vendor certification documentation.