Method and system for obtaining quantum random numbers locally by a client

By deploying a quantum random number generator device locally on the client and integrating it with the operating system, the issues of convenience and security in obtaining random numbers on the client are resolved, achieving efficient and reliable quantum random number acquisition and improving the security and robustness of the system.

CN122240064APending Publication Date: 2026-06-19BEIJING JIHENG TECH CO LTD
View PDF 0 Cites 0 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
BEIJING JIHENG TECH CO LTD
Filing Date
2026-03-19
Publication Date
2026-06-19

AI Technical Summary

Technical Problem

Existing technologies have predictability defects in client-side local pseudo-random numbers, while obtaining true random numbers relies on dedicated equipment or cloud services, resulting in low convenience and efficiency, and complex system architecture, which cannot meet the requirements of high security and real-time performance.

Method used

A quantum random number generator device is deployed locally on the client side, integrated with the host via SPI direct connection or USB bridge, and controlled and monitored by a device driver. It is registered as the physical entropy source of the operating system's random number subsystem. Combined with anomaly management and validity detection, it provides a flexible hardware integration solution.

🎯Benefits of technology

It enables efficient and secure local acquisition of high-quality quantum random numbers on the client side, simplifies the system architecture, improves the convenience and security of random number acquisition, and ensures the reliability and stability of the random number service.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122240064A_ABST
    Figure CN122240064A_ABST
Patent Text Reader

Abstract

This invention relates to the field of random number generation technology, specifically disclosing a method, system, motherboard, and USB device for locally acquiring quantum random numbers on a client side. The method includes: deploying a quantum random number generator device locally on the client side; loading a device driver in the client's operating system, using the device driver to perform device control, status monitoring, and data reading of the quantum random number generator device; and the client application acquiring random numbers from the quantum random number generator device via the device driver. This invention integrates the quantum random number generator device on the client side via SPI direct connection or USB bridging, and supports registering the hardware as an entropy source for the operating system, while also implementing anomaly management and validity detection functions. This invention achieves locally acquired quantum true random numbers on the client side while maintaining controllable costs, and has advantages such as simple architecture, high performance, security, reliability, and strong compliance, making it applicable to fields such as finance, government affairs, communications, and entertainment.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of random number generation technology, and specifically to a method, system, motherboard, and USB device for obtaining quantum random numbers locally on a client side. Background Technology

[0002] Random numbers are a fundamental resource in fields such as information security, data science, and fair game theory. The quality of generated random numbers primarily requires two aspects: unpredictability and uniformity.

[0003] For example, in the financial industry, once a hacker masters the pattern of random number generation through technical means, they can impersonate the transacting party during secure SSH communication, thereby tricking the transferee into transferring money into their own account. In the lottery industry, if the random numbers generated by the random system are uneven, the same bet may appear on multiple sites in the same draw. If this bet wins a large prize, it will trigger huge social doubts and public opinion, bringing enormous negative public opinion pressure to the lottery industry and related government departments.

[0004] Currently, random number generation mainly falls into two categories:

[0005] Option 1: Client-side local pseudo-random number generation. The client directly calls pseudo-random number generation algorithms provided by local libraries (such as the LAFM algorithm and Mason swivel algorithm in Linux glibc) to generate random number sequences. This option is fast and simple to implement. However, due to the deterministic nature of the algorithm, the generated random numbers are theoretically predictable, which cannot meet the requirements of high-security applications.

[0006] Option 2: Server-based centralized generation of random numbers using a true random number generator (such as one that utilizes the inherent randomness of physical phenomena), with clients obtaining the numbers over the network: This option employs a client / server architecture, where the server generates random numbers using a true random number generator, and the client obtains them via the network. This option suffers from complex system architecture, high network overhead, cumbersome program implementation, high latency, and the risk of man-in-the-middle attacks.

[0007] For scenarios with a "massive" number of clients and extremely high requirements for the unpredictability, uniformity, and real-time generation of random numbers, such as lottery betting machines, there is an urgent need for a technology that can obtain truly random numbers locally on the client side. Summary of the Invention

[0008] The technical problems to be solved by this invention include:

[0009] Firstly, in view of the existing technology where the predictability of pseudo-random numbers used locally on the client side is lacking and the acquisition of true random numbers usually requires dedicated independent devices or cloud services, making it difficult for client applications to conveniently and efficiently obtain high-quality true random numbers, this invention aims to provide a method for obtaining quantum random numbers locally on the client side, enabling client applications to directly and efficiently obtain random numbers from a locally deployed quantum random number generator device.

[0010] Secondly, regarding the hardware integration problem between the quantum random number generator device and the client host, this invention aims to provide two specific hardware integration schemes to meet the needs of high-performance embedded scenarios and general USB peripheral scenarios, respectively, enabling the quantum random number generator to physically connect and communicate with the client host through a standardized hardware interface.

[0011] Thirdly, regarding the issue of how to integrate quantum random number generator devices into the existing random number service system of the operating system, this invention aims to provide a mechanism for registering quantum random number generator devices as physical entropy sources to the random number subsystem of the operating system, so that all client applications can seamlessly obtain quantum random numbers through the standard random number interface of the operating system, thereby improving the overall random number quality and security of the system as well as the ease of deployment.

[0012] Fourthly, in view of the potential anomalies or performance degradation that may occur in the actual operation of quantum random number generator devices, this invention aims to provide a mechanism for anomaly management and validity detection of quantum random number generator devices, ensuring that client applications can always obtain reliable and valid quantum random numbers.

[0013] Fifthly, the present invention also aims to provide a motherboard product and a USB device product that integrate a quantum random number generator, as well as a client-side system for locally acquiring quantum random numbers based on the above-mentioned method and product, and to specifically apply the above-mentioned technical solutions to fields with high requirements for randomness, such as security authentication and lottery betting.

[0014] Technical solution

[0015] To address the aforementioned technical problems, the present invention provides the following technical solutions. It should be noted that these technical solutions can be implemented individually or in combination, as long as they do not contradict each other. The scope of protection of the present invention is defined by the claims, and is not limited to the specific solutions described below.

[0016] A first aspect of the present invention provides a method for obtaining quantum random numbers locally on a client side, comprising:

[0017] Deploy a quantum random number generator device locally on the client side;

[0018] The device driver is loaded into the operating system of the client, and the device driver is used to perform device control, status monitoring and data reading of the quantum random number generator device;

[0019] The client application obtains random numbers from the quantum random number generator device via the device driver.

[0020] A second aspect of the present invention provides a method according to the first aspect, wherein deploying a quantum random number generator device locally on a client side includes: integrating the quantum random number generator device as an SPI slave device with the client via a direct connection through a Serial Peripheral Interface (SPI), wherein the interface pins of the quantum random number generator device for SPI communication are connected to corresponding pins of the SPI controller of the client's motherboard SoC, and the control pins of the quantum random number generator device for device control and status monitoring are connected to corresponding pins of the general purpose input / output (GPIO) controller of the motherboard SoC, thereby the SPI subsystem of the device driver reads random numbers from the quantum random number generator device through the SPI controller, and the GPIO subsystem of the device driver performs device control and status monitoring on the quantum random number generator device through the GPIO controller.

[0021] A third aspect of the present invention provides a method according to the second aspect, wherein the data output pin of the quantum random number generator device is connected to the data input line of the SPI controller, and the enable pin and status pin of the quantum random number generator device are respectively connected to the corresponding pins of the GPIO controller.

[0022] A fourth aspect of the present invention provides a method according to the first aspect, wherein deploying a quantum random number generator device locally on a client side includes: integrating the quantum random number generator device as an SPI slave device with the client via a USB bridge, wherein the interface pins of the quantum random number generator device for SPI communication are connected to corresponding pins of the SPI controller of the microcontroller of the USB device, and the control pins of the quantum random number generator device for device control and status monitoring are connected to corresponding pins of the GPIO controller of the microcontroller, thereby enabling the device driver of the client to communicate with the microcontroller via USB, so that the microcontroller reads random numbers from the quantum random number generator device through its SPI controller and performs device control and status monitoring on the quantum random number generator device through its GPIO controller.

[0023] A fifth aspect of the present invention provides a method according to the fourth aspect, wherein the firmware of the microcontroller identifies itself as a CDC / ACM class device during the USB enumeration process, causing the operating system of the client to automatically load a general serial port driver so that the client application can read random numbers in byte stream mode.

[0024] A sixth aspect of the present invention provides a method according to the fourth aspect, wherein the firmware of the microcontroller identifies itself as an HID class device during the USB enumeration process, so as to encapsulate the random number read by the SPI controller into an HID input report and transmit it to the client application.

[0025] A seventh aspect of the present invention provides a method according to the first aspect, further comprising: a random number service module deployed on the client registering the quantum random number generator device as a physical entropy source to the random number subsystem of the operating system, such that the client application obtains random numbers generated by the quantum random number generator device through the standard random number interface of the operating system.

[0026] The eighth aspect of the present invention provides a method according to the seventh aspect, wherein the standard random number interface includes, but is not limited to, / dev / random and / dev / urandom of Linux systems, BCryptGenRandom API of Windows systems, and SecRandomCopyBytes API of macOS systems.

[0027] A ninth aspect of the present invention provides a method according to the seventh aspect, further comprising: the client application obtaining a random number from the quantum random number generator device through the random number service module.

[0028] A tenth aspect of the present invention provides a method according to the ninth aspect, further comprising: the random number service module performing anomaly management on the quantum random number generator device.

[0029] The eleventh aspect of the present invention provides a method according to the ninth aspect, further comprising: the random number service module performing a validity check on the quantum random number generator device.

[0030] A twelfth aspect of the present invention provides a method according to an eleventh aspect, wherein the random number service module performs a validity check on the quantum random number generator device comprising:

[0031] Collect a predetermined amount of random numbers at the specified time;

[0032] The prescribed detection algorithm is executed on the predetermined number of random numbers collected;

[0033] If the test fails, determine whether the maximum number of tests has been reached;

[0034] When it is determined that the maximum number of detections has been reached, the quantum random number generator device is deemed to have failed.

[0035] The thirteenth aspect of the present invention provides a motherboard integrating a quantum random number generator device, comprising:

[0036] SoC chip, which integrates an SPI controller and a GPIO controller;

[0037] A quantum random number generator device is used to generate random numbers. Its interface pins for SPI communication are connected to the corresponding pins of the SPI controller, and its control pins for device control and status monitoring are connected to the corresponding pins of the GPIO controller.

[0038] The fourteenth aspect of the present invention provides a motherboard according to the thirteenth aspect, wherein the data output pin of the quantum random number generator device is connected to the data input line of the SPI controller, and the enable pin and status pin of the quantum random number generator device are respectively connected to the corresponding pins of the GPIO controller.

[0039] The fifteenth aspect of the present invention provides a USB device integrating a quantum random number generator, comprising:

[0040] The microcontroller integrates an SPI controller and a GPIO controller.

[0041] A quantum random number generator device is used to generate random numbers. Its interface pins for SPI communication are connected to the corresponding pins of the SPI controller, and its control pins for device control and status monitoring are connected to the corresponding pins of the GPIO controller.

[0042] The sixteenth aspect of the present invention provides a USB device according to the fifteenth aspect, wherein the data output pin of the quantum random number generator is connected to the data input line of the SPI controller, and the enable pin and status pin of the quantum random number generator are respectively connected to the corresponding pins of the GPIO controller.

[0043] The seventeenth aspect of the present invention provides a system for locally acquiring quantum random numbers on a client side, comprising:

[0044] The motherboard as described in aspect thirteen or fourteen,

[0045] The device driver loaded by the client operating system includes an SPI subsystem for reading random numbers generated by the quantum random number generator from the SPI controller, and a GPIO subsystem for performing device control and status monitoring of the quantum random number generator device through the GPIO controller.

[0046] An eighteenth aspect of the present invention provides a system according to the seventeenth aspect, further comprising a random number service module loaded by a client, the random number service module comprising:

[0047] Software development kits are used to provide application programming interfaces for client applications to use quantum random number generator devices;

[0048] The registration management unit is used to register the quantum random number generator device as a physical entropy source to the operating system's random number subsystem, so that client applications can obtain random numbers generated by the quantum random number generator device through the operating system's standard random number interface.

[0049] An anomaly management unit is used to perform anomaly management on the quantum random number generator device;

[0050] The validity detection unit is used to perform a prescribed validity detection on the quantum random number generator device.

[0051] The nineteenth aspect of the present invention provides a system for locally acquiring quantum random numbers on a client side, comprising:

[0052] USB devices as described in aspect fifteen or sixteen,

[0053] The client host communicates with the USB device via USB so that the client application can obtain random numbers generated by the quantum random number generator device.

[0054] A twentieth aspect of the present invention provides a system according to the nineteenth aspect, further comprising a random number service module loaded on a client host, the random number service module comprising:

[0055] Software development kits are used to provide application programming interfaces for client applications to use quantum random number generator devices;

[0056] The registration management unit is used to register the quantum random number generator device as a physical entropy source to the operating system's random number subsystem, so that client applications can obtain random numbers generated by the quantum random number generator device through the operating system's standard random number interface.

[0057] An anomaly management unit is used to perform anomaly management on the quantum random number generator device;

[0058] The validity detection unit is used to perform a prescribed validity detection on the quantum random number generator device.

[0059] The twenty-first aspect of the present invention provides a SoC chip integrating a quantum random number generator, comprising:

[0060] Processor core;

[0061] A quantum random number generator unit, integrated inside the SoC chip, is used to generate random numbers;

[0062] The SPI controller is connected to the data signal pin of the quantum random number generator unit via an internal chip bus.

[0063] The GPIO controller is connected to the control signal pins of the quantum random number generator unit via an internal chip bus.

[0064] The twenty-second aspect of this invention provides a microcontroller chip integrating a quantum random number generator, comprising:

[0065] Processor core;

[0066] USB device controller;

[0067] The quantum random number generator unit is integrated inside the microcontroller chip and is used to generate random numbers;

[0068] The SPI controller is connected to the data signal pin of the quantum random number generator unit via an internal chip bus.

[0069] The GPIO controller is connected to the control signal pins of the quantum random number generator unit via an internal chip bus.

[0070] The twenty-third aspect of the present invention provides an application of the motherboard as described in the thirteenth or fourteenth aspect in the fields of finance, government affairs, communications, and entertainment, including but not limited to financial transaction terminals, ATMs, security authentication devices, e-government key devices, ID card readers, VPN gateways, encrypted routers, lottery betting machines, or electronic game machines.

[0071] The twenty-fourth aspect of the present invention provides an application of the USB device as described in the fifteenth or sixteenth aspect in the fields of finance, government affairs, communications, and entertainment, including but not limited to financial transaction terminals, ATMs, security authentication devices, e-government key devices, ID card readers, VPN gateways, encrypted routers, lottery betting machines, or electronic game machines.

[0072] The twenty-fifth aspect of the present invention provides an application of the system described in any one of the seventeenth to twentieth aspects in the fields of finance, government affairs, communications, and entertainment, including but not limited to financial transaction terminals, ATMs, security authentication devices, e-government key devices, ID card readers, VPN gateways, encrypted routers, lottery betting machines, or electronic game machines.

[0073] The twenty-sixth aspect of the present invention provides an application of the SoC chip described in the twenty-first aspect in the fields of finance, government affairs, communications, and entertainment, including but not limited to financial transaction terminals, ATMs, security authentication devices, e-government key devices, ID card readers, VPN gateways, encrypted routers, lottery betting machines, or electronic game machines.

[0074] The twenty-seventh aspect of the present invention provides an application of the microcontroller chip as described in the twenty-second aspect in the fields of finance, government affairs, communications, and entertainment, including but not limited to financial transaction terminals, ATMs, security authentication devices, e-government key devices, ID card readers, VPN gateways, encrypted routers, lottery betting machines, or electronic game machines.

[0075] The twenty-eighth aspect of the present invention provides a security authentication device, including a motherboard as described in the thirteenth or fourteenth aspect or a SoC chip as described in the twenty-first aspect.

[0076] The twenty-ninth aspect of the present invention provides a lottery betting machine terminal, including a motherboard as described in claim 13 or 14 or a SoC chip as described in claim 21.

[0077] The thirtieth aspect of the present invention provides a financial transaction terminal, including a USB device as described in the fifteenth or sixteenth aspect or a microcontroller chip as described in the twenty-second aspect.

[0078] The thirty-first aspect of the present invention provides a computer-readable storage medium having a computer program stored thereon, the computer program performing the following functions when executed by a processor:

[0079] The random number service module is used to access the locally deployed quantum random number generator device through the device driver;

[0080] The random number service module includes:

[0081] The software development kit unit provides an application programming interface for client applications to use quantum random number generator devices.

[0082] The registration management unit is used to register the quantum random number generator device as a physical entropy source to the operating system's random number subsystem.

[0083] An anomaly management unit is used to perform anomaly management on the quantum random number generator device;

[0084] The validity detection unit is used to perform a prescribed validity detection on the quantum random number generator device.

[0085] The thirty-second aspect of the present invention provides a software development kit, stored on a computer-readable medium, comprising:

[0086] Application programming interface (API) for client applications to call to obtain quantum random numbers;

[0087] The underlying communication module is used to exchange data with the locally deployed quantum random number generator device through the device driver;

[0088] The software development kit is integrated into the client application, enabling the client application to obtain random numbers from the quantum random number generator device.

[0089] The thirty-third aspect of the present invention provides a device driver stored on a computer-readable medium, the device driver comprising:

[0090] The SPI subsystem module is used to read random numbers from the quantum random number generator device via the SPI controller;

[0091] The GPIO subsystem module is used to perform device control and status monitoring of the quantum random number generator device through the GPIO controller;

[0092] Once the device driver is loaded into the operating system, the quantum random number generator device becomes available in the operating system.

[0093] The thirty-fourth aspect of the present invention provides a random number service module, comprising:

[0094] The software development kit unit provides an application programming interface for client applications to use quantum random number generator devices.

[0095] The registration management unit is used to register the quantum random number generator device as a physical entropy source to the operating system's random number subsystem.

[0096] An anomaly management unit is used to perform anomaly management on the quantum random number generator device;

[0097] The validity detection unit is used to perform a prescribed validity detection on the quantum random number generator device.

[0098] The thirty-fifth aspect of the present invention provides a computer-readable storage medium having a computer program stored thereon, which, when executed by a processor, implements the method as described in any one of the seventh to twelfth aspects.

[0099] The thirty-sixth aspect of the present invention provides a computer program product including computer-executable instructions that, when executed by a processor, cause a client including a quantum random number generator device to implement the system as described in any one of the seventeenth to twentieth aspects.

[0100] Beneficial effects

[0101] Compared with the prior art, the technical solution provided by the present invention has the following beneficial effects:

[0102] First, it improves the convenience and efficiency of random number acquisition. By deploying a quantum random number generator directly on the client side, this invention enables client applications to obtain high-quality quantum true random numbers conveniently and quickly, just like accessing ordinary hardware peripherals, without relying on networks or expensive dedicated equipment.

[0103] Secondly, it provides flexible and diverse hardware integration solutions. This invention offers both SPI direct connection and USB bridging hardware integration methods. The former is suitable for embedded or IoT devices with strict requirements on performance, size, and power consumption; the latter, leveraging the universality of USB, enables the quantum random number generator to be plug-and-play applied to general-purpose computing platforms such as personal computers and servers. These two solutions cover the vast majority of client application scenarios.

[0104] Third, this invention achieves deep integration of quantum random numbers with the operating system's native random number service. By registering the quantum random number generator as a physical entropy source into the operating system kernel's random number pool, this invention can inject the entropy of quantum random numbers into the system's default random number generator. This allows all applications within the system that rely on standard operating system interfaces (such as / dev / urandom) to automatically obtain secure random numbers enhanced by quantum random numbers without any modification, fundamentally improving the cryptographic security of the entire system.

[0105] Fourth, it ensures the reliability and stability of the quantum random number service. By introducing a random number service module and configuring it with anomaly management and validity detection functions, this invention can monitor the health status of the quantum random number generator device in real time, promptly detect and handle anomalies such as hardware failure or performance degradation, and ensure that upper-layer applications always obtain truly random numbers that meet quality requirements, greatly enhancing the robustness of the system.

[0106] In summary, this invention achieves true random number acquisition that is simple in architecture, high in performance, and secure and reliable by integrating a quantum random number generator device locally on the client side, in conjunction with a device driver and a random number service module. Attached Figure Description

[0107] To make the content of this invention easier to understand, the specific embodiments of this invention will be further described in detail below with reference to the accompanying drawings. Throughout the drawings, the same or similar reference numerals denote the same or similar elements or elements having the same or similar functions. The described drawings are merely some preferred embodiments of this invention; those skilled in the art can obtain other similar drawings based on these drawings without any creative effort.

[0108] Figure 1 This is a schematic diagram of a client-side quantum random number acquisition system according to an embodiment of the present invention.

[0109] Figure 2 This is a schematic diagram of an improved example of a client-side quantum random number acquisition system according to an embodiment of the present invention.

[0110] Figure 3 This is a flowchart illustrating the process of validating a quantum random number generator device.

[0111] Figure 4 This is a schematic diagram of integrating a quantum random number generator device into a client via a direct SPI connection according to an embodiment of the present invention.

[0112] Figure 5 This is a schematic diagram illustrating the integration of a quantum random number generator device into a client via a USB bridging method according to an embodiment of the present invention.

[0113] Figure label:

[0114] 1000 Motherboard SoC

[0115] 1010 SPI Controller

[0116] 1020 GPIO Controller

[0117] 1100 Quantum Random Number Generator Device

[0118] 1200 Device Driver

[0119] 1210 SPI Subsystem / Universal USB Subsystem

[0120] 1220 GPIO Subsystem

[0121] 1300 Client Application

[0122] 1310 New Applications

[0123] 1320 Existing Applications

[0124] 1400 Random Number Service Module

[0125] 1410 Software Development Kit (SDK)

[0126] 1420 Registration Management Unit

[0127] 1430 Anomaly Management Unit

[0128] 1440 Validity Detection Unit

[0129] 1500 Operating System Random Number Subsystem / Microcontroller

[0130] 1510 USB Device Controller

[0131] Firmware 1520

[0132] 1530 Microcontroller SPI Controller

[0133] 1540 Microcontroller GPIO Controller Detailed Implementation

[0134] To make the objectives, technical solutions, and advantages of this invention clearer, the invention will be described in further detail below with reference to the accompanying drawings and specific embodiments. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and not intended to limit it.

[0135] Among true random number generators, those based on different physical phenomena also differ. For example, generators based on thermal noise motion produce random numbers whose quality is highly dependent on temperature and exhibit instability. In contrast, quantum random number generators (QRNGs) not only have rigorous theoretical proofs regarding their random uniformity and unpredictability, but also possess extremely high operational stability unaffected by external environmental factors, thus offering significant advantages.

[0136] The present invention aims to provide a technical solution for efficiently and reliably integrating a quantum random number generator with client devices (such as personal computers, embedded systems, lottery betting machines, etc.), so that upper-layer applications can conveniently obtain high-quality random numbers with quantum physical security guarantees.

[0137] Figure 1 This is a schematic diagram of a client-side quantum random number acquisition system according to an embodiment of the present invention.

[0138] like Figure 1As shown, the client-side quantum random number acquisition system includes a quantum random number generator device 1100 deployed locally on the client, a device driver 1200, and a client application 1300.

[0139] The quantum random number generator device 1100 is a device that generates a binary stream of raw random numbers at a manageable cost. For example, the quantum random number generator device 1100 can be deployed locally in two ways:

[0140] The first method is to directly integrate the quantum random number generator device 1100 onto the client host motherboard. This method has a high degree of integration, is easier to maintain, and is more secure.

[0141] The second approach is to integrate the quantum random number generator device 1100 onto a single-chip microcomputer and connect it to the client host via a peripheral device (such as a USB device). This approach is particularly suitable for existing systems that are already in use.

[0142] The following will refer to Figure 4 , Figure 5 These two deployment schemes are described in detail.

[0143] Device driver 1200 is the intermediary for the interaction between quantum random number generator device 1100 and client operating system. It provides various management functions such as device initialization, device read / write, device shutdown, device reset, etc., in accordance with the unified driver specification of the operating system, so that quantum random number generator device 1100 can be used in the operating system and then accessed by client application 1300 to obtain random number binary stream.

[0144] According to this embodiment, quantum random numbers can be obtained locally on the client side.

[0145] Figure 2 This is a schematic diagram of an improved example of a client-side quantum random number acquisition system according to an embodiment of the present invention.

[0146] and Figure 1 Compared to the system shown, excluding the quantum random number generator device 1100 and the device driver 1200, Figure 2 The client-side quantum random number acquisition system shown also includes a random number service module 1400.

[0147] The random number service module 1400 accesses the quantum random number generator device 1100 via the device driver 1200 to obtain the raw random number binary stream and, according to the upper-layer application ( Figure 2 The new application 1310 shown needs to convert the data format for use by upper-layer applications.

[0148] Specifically, the random number service module 1400 may include a software development kit (SDK) unit 1410, a registration management unit 1420, an exception management unit 1430, and a validity detection unit 1440. The SDK unit 1410 encapsulates the internal details that need to be handled when using the quantum random number generator device 1100 (e.g., USB device interface location and lookup, USB data packet format, and the underlying communication mechanism for interacting with the quantum random number generator device 1100), and provides an easy-to-understand and use application programming interface (API), including operations such as Open (open device), Close (close device), exception management / Reset (reset device), Read (read random numbers), and validity detection. In this way, new application 1310 can use this SDK unit 1410 to simplify development work related to random number usage.

[0149] The registration management unit 1420 is used to register the quantum random number generator device 1100, a "physical entropy source," to the operating system random number subsystem 1500 (e.g., the Linux LRNG subsystem). This allows existing applications 1320 (e.g., SSHD services) to access the quantum random number generator device 1100 via the device driver 1200 to obtain random numbers without modifying the code, through the unified framework and unified access interface provided by the operating system random number subsystem 1500 (e.g., / dev / random and / dev / urandom in Linux, BCryptGenRandom API in Windows, and SecRandomCopyBytes API in macOS).

[0150] The exception management unit 1430 manages exceptions in the quantum random number generator device 1100. When an intermittent exception occurs in the quantum random number generator device 1100, its status detection pin will output a signal. The GPIO controller connected to this pin will detect this exception signal, triggering a hardware interrupt. In this case, the exception management unit 1430 will perform the following operations:

[0151] (1) The quantum random number generator device 1100 is shut down by the Close operation in SDK unit 1410, and the random number subsystem 1500 of the operating system is notified to inform the existing application 1320 to pause the acquisition of random numbers;

[0152] (2) The quantum random number generator device 1100 is reset by the Reset operation in SDK unit 1410;

[0153] (3) Notify the operating system random number subsystem 1500 that the quantum random number generator device 1100 has been reset, and then inform the existing application 1320 that it can continue to receive random numbers.

[0154] The new application 1310 learns of the anomalies and resets of the quantum random number generator device 1100 through interaction with the SDK unit 1410.

[0155] The validity detection unit 1440 is used to periodically or periodically detect the validity of random numbers generated by the quantum random number generator device 1100 according to the prescribed random number detection standards (such as GB / T 32915-2016 "Information Security Technology Binary Sequence Randomness Detection Method", GM / T 0005-2021 "Randomness Detection Specification", GM / T 0062-2018 "Random Number Detection Requirements for Cryptographic Products", etc.) in order to determine whether the quantum random number generator device 1100 can continue to be used.

[0156] The following reference Figure 3 The process for validity testing is described.

[0157] The validity detection unit 1440 waits for a preset detection time (e.g., a fixed detection time or a detection cycle) (S3010). When the preset detection time is reached (S3020), the validity detection unit 1440 collects a predetermined amount of random numbers from the quantum random number generator device 1100 (S3030), executes a prescribed detection algorithm (determined according to the random number detection standard) on the collected random numbers (S3040), and determines whether the detection passes (S3050). If it passes, it returns to S3010 and enters the next round of detection; if it fails, it proceeds to S3060 to determine whether the "maximum number of detections has been reached". If it is determined that the maximum number of detections has been reached, it is determined that the quantum random number generator device 1100 has failed, and the new application 1310 is notified through the SDK unit 1410, and the operating system random number subsystem 1500 is notified so that the existing application 1320 can take subsequent measures (such as switching the entropy source or issuing an alarm); if it is determined that the maximum number of detections has not been reached, it returns to S3030 and continues to collect a predetermined amount of random numbers.

[0158] According to this improved embodiment, due to the addition of the random number service module 1400, existing application 1320 can directly use the random numbers generated by the quantum random number generator device 1100 without modifying the code, while new application 1310 can conveniently use the random numbers generated by the quantum random number generator device 1100 through the SDK unit 1410 of the random number service module 1400. Although not shown, alternatively, new application 1310 can also use the random numbers generated by the quantum random number generator device 1100 through the operating system random number subsystem 1500, just like existing application 1320.

[0159] This helps the invention to be applied to a large number of existing client devices.

[0160] The following describes two client-side local deployment schemes for the quantum random number generator device 1100.

[0161] Deployment Option 1: SPI Direct Connection Integration Solution

[0162] Figure 4 This paper illustrates a scheme in which a quantum random number generator device 1100 is integrated with a client as an SPI slave device via a direct connection through a Serial Peripheral Interface (SPI).

[0163] The interface pins (e.g., data output pins) of the quantum random number generator device 1100 for SPI communication are connected to the corresponding pins (e.g., data input lines) of the SPI controller 1010 of the motherboard SoC 1000, and the control signal pins (including enable signals and status monitoring signals) are connected to the corresponding pins of the GPIO (general purpose input / output) controller 1020 of the motherboard SoC 1000.

[0164] Device driver 1200 includes an SPI subsystem 1210 and a GPIO subsystem 1220. The GPIO subsystem 1220 interacts with the GPIO controller 1020 to perform "enable operations" (chip enable, output enable), thereby achieving "device initialization" of the quantum random number generator device 1100. Since the status monitoring signal pin of the quantum random number generator device 1100 is also connected to the GPIO controller 1020, if the quantum random number generator device 1100 experiences an abnormal state, the GPIO controller 1020 will detect the signal, triggering an interrupt. Ultimately, it will complete operations such as device shutdown or reset by calling the "interrupt operation" of the GPIO subsystem 1220 to ensure the normal operation of the random number function. The SPI subsystem 1210 interacts with the SPI controller 1010 to read the random number binary stream through "read operations."

[0165] In this way, the client application can access the locally integrated quantum random number generator device 1100 via the device driver 1200 to obtain a random number binary stream.

[0166] Deployment Option 2: USB Bridging Solution

[0167] Figure 5 A scheme is shown in which the quantum random number generator device 1100 is integrated with a client as an SPI slave device via a USB bridge.

[0168] The microcontroller 1500 integrates a USB device controller 1510 to enable USB interaction with the universal USB subsystem 1210 of the device driver 1200. The firmware 1520 of the microcontroller 1500 is encapsulated in Flash memory. This constitutes a USB device that can be plugged into a client host as a peripheral.

[0169] The quantum random number generator device 1100 is integrated on the microcontroller 1500. Its interface pins for SPI communication (e.g., data output pins) are connected to the corresponding pins (e.g., data input lines) of the SPI controller 1530 of the microcontroller 1500, and its control signal pins (including enable signals and status monitoring signals) are connected to the corresponding pins of the GPIO controller 1540 of the microcontroller 1500.

[0170] Firmware 1520 performs "enable operations" ("chip enable" and "output enable") through GPIO controller 1540 to achieve "device initialization" of quantum random number generator device 1100.

[0171] Since the state monitoring signal pin of the quantum random number generator device 1100 is connected to the corresponding pin of the GPIO controller 1540, once the quantum random number generator device 1100 is in an abnormal state, the GPIO controller 1540 will detect the signal, thereby triggering an interrupt. Finally, it will complete operations such as device shutdown and reset by calling the "interrupt operation" of the firmware 1520 to ensure the normal operation of the random number function.

[0172] When the USB device is plugged into the client host, the Universal USB Subsystem 1210 of the device driver 1200 will detect the device, perform "USB communication negotiation", and identify the USB device as a "CDC / ACM" device type or a "HID" device type so that the client application 1300 can obtain random numbers generated by the quantum random number generator device 1100.

[0173] When a USB device is identified as a "CDC / ACM" device type, firmware 1520 reads random numbers from the quantum random number generator device 1100 via SPI controller 1530, then returns them to the USB host controller via the USB bus as a raw byte stream, which is ultimately received by the client application 1300 as a raw byte stream. The client application 1300 does not need to understand the USB protocol specification; it only needs to process the byte stream like traditional serial communication. This method is suitable for scenarios requiring the acquisition of large amounts of random numbers.

[0174] When a USB device is identified as a "HID" device type, firmware 1520 reads a random number from quantum random number generator 1100 via SPI controller 1530, encapsulates the random number according to the format of the USB HID input report, and then returns it to the USB host controller via the USB bus, ultimately being received by client application 1300. This method requires client application 1300 to understand and parse the format and content of the USB HID input report.

[0175] The technical solution of this invention can be widely applied to various industries requiring high-quality random numbers, including but not limited to the financial sector (such as financial transaction terminals, ATMs, and security authentication equipment), the government sector (such as e-government key devices and ID card readers), the communications sector (such as VPN gateways and encrypted routers), and the entertainment sector (such as lottery betting machines and electronic game machines). In these fields, the unpredictability and uniformity of quantum random numbers can significantly improve the security and fairness of the system.

[0176] The random number service module 1400 of this invention can be distributed and implemented in various software product forms, including but not limited to: providing it to application developers as a standalone software development kit (SDK); providing it with hardware products as part of a device driver; distributing it via the Internet as a downloadable computer program product; selling it stored on computer-readable storage media (such as optical discs, USB flash drives, and solid-state drives); or running on a server as part of a cloud service. These software product forms all contain the core technical features of this invention and can achieve the same technical effects.

[0177] The quantum random number generator device of the present invention can also be directly integrated into a SoC chip to form a single-chip solution. For example, one embodiment of the present invention also provides an SoC chip integrating a quantum random number generator, including: a processor core, a quantum random number generator unit, an SPI controller, and a GPIO controller. The data signal pins and control signal pins of the quantum random number generator unit are connected to the SPI controller and the GPIO controller respectively through the chip's internal bus to realize on-chip high-speed data exchange. This integration scheme can further reduce system cost, improve integration and security.

[0178] This SoC chip, which integrates a quantum random number generator, can also be integrated with a USB device controller to further form a USB device, creating a complete single-chip USB solution.

[0179] The specific embodiments of the present invention have been described in detail above with reference to the accompanying drawings, but the present invention is not limited to the embodiments described above. For those skilled in the art, various changes, modifications, substitutions, and variations can be made to these embodiments without departing from the technical principles and spirit of the present invention, and all such changes should be considered within the scope of protection of the present invention.

Claims

1. A method for obtaining quantum random numbers locally on a client side, characterized in that, include: Deploy a quantum random number generator device locally on the client side; The device driver is loaded into the operating system of the client, and the device driver is used to perform device control, status monitoring and data reading of the quantum random number generator device; The client application obtains random numbers from the quantum random number generator device via the device driver.

2. The method according to claim 1, characterized in that, Deploying a quantum random number generator device locally on the client side includes: integrating the quantum random number generator device as an SPI slave device with the client via a direct connection through a serial peripheral interface (SPI). Specifically, the interface pins of the quantum random number generator device used for SPI communication are connected to corresponding pins of the SPI controller on the client's motherboard SoC, and the control pins of the quantum random number generator device used for device control and status monitoring are connected to corresponding pins of the general purpose input / output (GPIO) controller on the motherboard SoC. Thus, the SPI subsystem of the device driver reads random numbers from the quantum random number generator device through the SPI controller, and the GPIO subsystem of the device driver performs device control and status monitoring on the quantum random number generator device through the GPIO controller.

3. The method according to claim 2, characterized in that, The data output pin of the quantum random number generator is connected to the data input line of the SPI controller, and the enable pin and status pin of the quantum random number generator are respectively connected to the corresponding pins of the GPIO controller.

4. The method according to claim 1, characterized in that, Deploying a quantum random number generator device locally on the client side includes: integrating the quantum random number generator device as an SPI slave device with the client via a USB bridge, wherein the interface pins of the quantum random number generator device for SPI communication are connected to the corresponding pins of the SPI controller of the microcontroller of the USB device, and the control pins of the quantum random number generator device for device control and status monitoring are connected to the corresponding pins of the GPIO controller of the microcontroller. Thus, the device driver of the client communicates with the microcontroller via USB, enabling the microcontroller to read random numbers from the quantum random number generator device through its SPI controller and to perform device control and status monitoring on the quantum random number generator device through its GPIO controller.

5. The method according to claim 4, characterized in that, During the USB enumeration process, the firmware of the microcontroller identifies itself as a CDC / ACM type device, causing the client's operating system to automatically load the general serial port driver so that the client application can read random numbers in byte stream mode.

6. The method according to claim 4, characterized in that, The firmware of the microcontroller identifies itself as an HID class device during the USB enumeration process, so that the random number read by the SPI controller can be encapsulated into an HID input report and transmitted to the client application.

7. The method according to claim 1, characterized in that, Also includes: The random number service module deployed on the client registers the quantum random number generator device as a physical entropy source to the operating system's random number subsystem, enabling the client application to obtain random numbers generated by the quantum random number generator device through the operating system's standard random number interface.

8. The method according to claim 7, characterized in that, The standard random number interface includes, but is not limited to, / dev / random and / dev / urandom on Linux systems, BCryptGenRandom API on Windows systems, and SecRandomCopyBytes API on macOS systems.

9. The method according to claim 7, characterized in that, Also includes: The client application obtains random numbers from the quantum random number generator device through the random number service module.

10. The method according to claim 9, characterized in that, Also includes: The random number service module performs anomaly management on the quantum random number generator device.

11. The method according to claim 9, characterized in that, Also includes: The random number service module performs validity checks on the quantum random number generator device.

12. The method according to claim 11, characterized in that, The random number service module performs validity checks on the quantum random number generator device, including: Collect a predetermined amount of random numbers at the specified time; The prescribed detection algorithm is executed on the predetermined number of random numbers collected; If the test fails, determine whether the maximum number of tests has been reached; When it is determined that the maximum number of detections has been reached, the quantum random number generator device is deemed to have failed.

13. A motherboard integrating a quantum random number generator, characterized in that, include: SoC chip, which integrates an SPI controller and a GPIO controller; A quantum random number generator device is used to generate random numbers. Its interface pins for SPI communication are connected to the corresponding pins of the SPI controller, and its control pins for device control and status monitoring are connected to the corresponding pins of the GPIO controller.

14. The motherboard according to claim 13, characterized in that, The data output pin of the quantum random number generator is connected to the data input line of the SPI controller, and the enable pin and status pin of the quantum random number generator are respectively connected to the corresponding pins of the GPIO controller.

15. A USB device integrating a quantum random number generator, characterized in that, include: The microcontroller integrates an SPI controller and a GPIO controller. A quantum random number generator device is used to generate random numbers. Its interface pins for SPI communication are connected to the corresponding pins of the SPI controller, and its control pins for device control and status monitoring are connected to the corresponding pins of the GPIO controller.

16. The USB device according to claim 15, characterized in that, The data output pin of the quantum random number generator is connected to the data input line of the SPI controller, and the enable pin and status pin of the quantum random number generator are respectively connected to the corresponding pins of the GPIO controller.

17. A system for locally acquiring quantum random numbers on a client side, characterized in that, include: The motherboard as described in claim 13 or 14, The device driver loaded by the client operating system includes an SPI subsystem for reading random numbers generated by the quantum random number generator from the SPI controller, and a GPIO subsystem for performing device control and status monitoring of the quantum random number generator device through the GPIO controller.

18. The system according to claim 17, characterized in that, It also includes a random number service module loaded on the client side. The random number service module includes: The software development kit unit provides an application programming interface for client applications to use quantum random number generator devices. The registration management unit is used to register the quantum random number generator device as a physical entropy source to the operating system's random number subsystem, so that client applications can obtain random numbers generated by the quantum random number generator device through the operating system's standard random number interface. An anomaly management unit is used to perform anomaly management on the quantum random number generator device; The validity detection unit is used to perform a prescribed validity detection on the quantum random number generator device.

19. A system for locally acquiring quantum random numbers on a client side, characterized in that, include: The USB device as described in claim 15 or 16, The client host communicates with the USB device via USB so that the client application can obtain random numbers generated by the quantum random number generator device.

20. The system according to claim 19, characterized in that, It also includes a random number service module loaded on the client host. The random number service module includes: Software development kits are used to provide application programming interfaces for client applications to use quantum random number generator devices; The registration management unit is used to register the quantum random number generator device as a physical entropy source to the operating system's random number subsystem, so that client applications can obtain random numbers generated by the quantum random number generator device through the operating system's standard random number interface. An anomaly management unit is used to perform anomaly management on the quantum random number generator device; The validity detection unit is used to perform a prescribed validity detection on the quantum random number generator device.

21. A SoC chip integrating a quantum random number generator, characterized in that, include: Processor core; A quantum random number generator unit, integrated inside the SoC chip, is used to generate random numbers; The SPI controller is connected to the data signal pin of the quantum random number generator unit via an internal chip bus. The GPIO controller is connected to the control signal pins of the quantum random number generator unit via an internal chip bus.

22. A microcontroller chip integrating a quantum random number generator, characterized in that, include: Processor core; USB device controller; The quantum random number generator unit is integrated inside the microcontroller chip and is used to generate random numbers; The SPI controller is connected to the data signal pin of the quantum random number generator unit via an internal chip bus. The GPIO controller is connected to the control signal pins of the quantum random number generator unit via an internal chip bus.

23. An application of the motherboard as described in claim 13 or 14 in the fields of finance, government affairs, communications, and entertainment, wherein the fields include, but are not limited to, financial transaction terminals, ATMs, security authentication devices, e-government key devices, ID card readers, VPN gateways, encrypted routers, lottery betting machines, or electronic game machines.

24. An application of the USB device as described in claim 15 or 16 in the fields of finance, government affairs, communications, and entertainment, wherein the fields include, but are not limited to, financial transaction terminals, ATMs, security authentication devices, e-government key devices, ID card readers, VPN gateways, encrypted routers, lottery betting machines, or electronic game machines.

25. An application of the system as described in any one of claims 17 to 20 in the fields of finance, government affairs, communications, and entertainment, wherein the fields include, but are not limited to, financial transaction terminals, ATMs, security authentication devices, e-government key devices, ID card readers, VPN gateways, encrypted routers, lottery betting machines, or electronic game machines.

26. An application of the SoC chip as described in claim 21 in the fields of finance, government affairs, communications, and entertainment, wherein the fields include, but are not limited to, financial transaction terminals, ATMs, security authentication devices, e-government key devices, ID card readers, VPN gateways, encrypted routers, lottery betting machines, or electronic game machines.

27. An application of the microcontroller chip as described in claim 22 in the fields of finance, government affairs, communications, and entertainment, wherein the fields include, but are not limited to, financial transaction terminals, ATMs, security authentication devices, e-government key devices, ID card readers, VPN gateways, encrypted routers, lottery betting machines, or electronic game machines.

28. A security authentication device, characterized in that, This includes the motherboard as described in claim 13 or 14, or the SoC chip as described in claim 21.

29. A lottery betting machine terminal, characterized in that, This includes the motherboard as described in claim 13 or 14, or the SoC chip as described in claim 21.

30. A financial transaction terminal, characterized in that, This includes the USB device as described in claim 15 or 16, or the microcontroller chip as described in claim 22.

31. A computer-readable storage medium having a computer program stored thereon, the computer program performing the following functions when executed by a processor: The random number service module is used to access the locally deployed quantum random number generator device through the device driver; The random number service module includes: The software development kit unit provides an application programming interface for client applications to use quantum random number generator devices. The registration management unit is used to register the quantum random number generator device as a physical entropy source to the operating system's random number subsystem. An anomaly management unit is used to perform anomaly management on the quantum random number generator device; The validity detection unit is used to perform a prescribed validity detection on the quantum random number generator device.

32. A software development kit, stored on a computer-readable medium, comprising: Application programming interface (API) for client applications to call to obtain quantum random numbers; The underlying communication module is used to exchange data with the locally deployed quantum random number generator device through the device driver; The software development kit is integrated into the client application, enabling the client application to obtain random numbers from the quantum random number generator device.

33. A device driver stored on a computer-readable medium, the device driver comprising: The SPI subsystem module is used to read random numbers from the quantum random number generator device via the SPI controller; The GPIO subsystem module is used to perform device control and status monitoring of the quantum random number generator device through the GPIO controller; Once the device driver is loaded into the operating system, the quantum random number generator device becomes available in the operating system.

34. A random number service module, characterized in that, include: The software development kit unit provides an application programming interface for client applications to use quantum random number generator devices. The registration management unit is used to register the quantum random number generator device as a physical entropy source to the operating system's random number subsystem. An anomaly management unit is used to perform anomaly management on the quantum random number generator device; The validity detection unit is used to perform a prescribed validity detection on the quantum random number generator device.

35. A computer-readable storage medium having a computer program stored thereon, which, when executed by a processor, implements the method as described in any one of claims 7 to 12.

36. A computer program product comprising computer-executable instructions that, when executed by a processor, cause a client including a quantum random number generator device to implement the system as described in any one of claims 17 to 20.