{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,27]],"date-time":"2026-04-27T14:41:13Z","timestamp":1777300873320,"version":"3.51.4"},"reference-count":45,"publisher":"Association for Computing Machinery (ACM)","issue":"2","funder":[{"name":"European Union Recovery Fund (Recovery and Resilience Facility) and the Latvian state budget","award":["2.3.1.1.i.0\/1\/22\/I\/CFLA\/001"],"award-info":[{"award-number":["2.3.1.1.i.0\/1\/22\/I\/CFLA\/001"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Priv. Secur."],"published-print":{"date-parts":[[2026,5,31]]},"abstract":"The random number generation capabilities of the GNU\/Linux operating system are subject to certain limitations. As of Linux version 5.6, \/dev\/random operates in a non-blocking manner and, as such, no longer satisfies the criteria for a True Random Number Generator (TRNG). While dedicated quantum random number generator (QRNG) hardware is the preferred source of unpredictable entropy, it is often expensive and difficult to deploy in virtualized\/cloud environments and Internet of Things (IoT) devices. Furthermore, hardware RNG integration typically requires cryptographic applications to adhere to vendor-specific APIs.<\/jats:p>\n \n This article proposes a user-space integration approach for a\n shared<\/jats:italic>\n , potentially remote QRNG device. We develop a QRNG service on top of D-Bus, a ubiquitous inter-process communication framework. It serves as an interface for applications to retrieve\n true<\/jats:italic>\n random numbers. Communication with the remote QRNG device occurs over mutually authenticated TLS 1.3 channels, protected by post-quantum cryptography (PQC) algorithms. We show, as a proof-of-concept, how the proposed D-Bus service can be integrated into the OpenSSL 3 cryptographic library, demonstrating the use of TRNG in a wide range of Linux applications.\n <\/jats:p>\n Our approach is resistant to entropy starvation attacks, supports sharing a QRNG across host and virtualized environments, requires no kernel-level or system-wide modifications, supports mixing multiple sources of entropy, and configuration of post-processing. It provides applications with a TRNG interface suitable for information-theoretically secure (ITS) use cases.<\/jats:p>","DOI":"10.1145\/3799895","type":"journal-article","created":{"date-parts":[[2026,4,13]],"date-time":"2026-04-13T10:54:49Z","timestamp":1776077689000},"page":"1-18","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Integrating Remote Quantum Random Number Generator as a Shared Resource into GNU\/Linux via D-Bus"],"prefix":"10.1145","volume":"29","author":[{"ORCID":"https:\/\/orcid.org\/0009-0008-5713-5914","authenticated-orcid":false,"given":"Kri\u0161j\u0101nis","family":"Petru\u010de\u0146a","sequence":"first","affiliation":[{"name":"Laboratory of Systems Modeling and Software Technologies, University of Latvia Institute of Mathematics and Computer Science","place":["Riga, Latvia"]}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7085-383X","authenticated-orcid":false,"given":"Sergejs","family":"Kozlovi\u010ds","sequence":"additional","affiliation":[{"name":"Laboratory of Systems Modeling and Software Technologies, University of Latvia Institute of Mathematics and Computer Science","place":["Riga, Latvia"]}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-2680-3220","authenticated-orcid":false,"given":"El\u012bna","family":"Kalni\u0146a","sequence":"additional","affiliation":[{"name":"Laboratory of Systems Modeling and Software Technologies, University of Latvia Institute of Mathematics and Computer Science","place":["Riga, Latvia"]}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1606-4944","authenticated-orcid":false,"given":"Edgars","family":"Rencis","sequence":"additional","affiliation":[{"name":"Laboratory of Systems Modeling and Software Technologies, University of Latvia Institute of Mathematics and Computer Science","place":["Riga, Latvia"]}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2283-2978","authenticated-orcid":false,"given":"Juris","family":"V\u012bksna","sequence":"additional","affiliation":[{"name":"Laboratory of Systems Modeling and Software Technologies, University of Latvia Institute of Mathematics and Computer Science","place":["Riga, Latvia"]}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9608-3792","authenticated-orcid":false,"given":"Edgars","family":"Celms","sequence":"additional","affiliation":[{"name":"Laboratory of Systems Modeling and Software Technologies, University of Latvia Institute of Mathematics and Computer Science","place":["Riga, Latvia"]}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7650-2355","authenticated-orcid":false,"given":"Lelde","family":"L\u0101ce","sequence":"additional","affiliation":[{"name":"Laboratory of Systems Modeling and Software Technologies, University of Latvia Institute of Mathematics and Computer Science","place":["Riga, Latvia"]}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2026,4,27]]},"reference":[{"key":"e_1_3_3_2_2","unstructured":"ArchWiki contributors. 2022. Rng-tools. Retrieved July 29 2025 from https:\/\/wiki.archlinux.org\/title\/Rng-tools"},{"issue":"3","key":"e_1_3_3_3_2","article-title":"POSIX has become outdated","volume":"41","author":"Atlidakis Vaggelis","year":"2016","unstructured":"Vaggelis Atlidakis, Jeremy Andrus, Roxana Geambasu, Dimitris Mitropoulos, and Jason Nieh. 2016. POSIX has become outdated. ;Login: The USENIX Magazine 41, 3 (Fall2016), 5\u20135. Retrieved September 12, 2025 from https:\/\/www.usenix.org\/system\/files\/login\/articles\/login_fall16_02_atlidakis.pdf","journal-title":";Login: The USENIX Magazine"},{"key":"e_1_3_3_4_2","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-90C.4pd"},{"key":"e_1_3_3_5_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2024.110877"},{"key":"e_1_3_3_6_2","volume-title":"Dieharder: A GNU Public License Random Number Tester","author":"Brown Robert G.","year":"2006","unstructured":"Robert G. Brown. 2006. Dieharder: A GNU Public License Random Number Tester. Duke University, Physics Department, Durham, NC, USA. Retrieved April 30, 2025 from https:\/\/rurban.github.io\/dieharder\/manual\/dieharder.pdf"},{"key":"e_1_3_3_7_2","unstructured":"Jake Edge. 2020. Removing the \/dev\/random blocking pool. Retrieved April 30 2025 from https:\/\/lwn.net\/Articles\/808575\/"},{"key":"e_1_3_3_8_2","article-title":"FIPS-compliant random numbers for the kernel","author":"Edge Jake","year":"2021","unstructured":"Jake Edge. 2021. FIPS-compliant random numbers for the kernel. LWN.net (7 December2021). Retrieved from https:\/\/lwn.net\/Articles\/877607\/","journal-title":"LWN.net"},{"key":"e_1_3_3_9_2","unstructured":"Jake Edge. 2022. Problems emerge for a unified \/dev\/*random. Retrieved April 30 2025 from https:\/\/lwn.net\/Articles\/889452\/. LWN.net."},{"key":"e_1_3_3_10_2","unstructured":"Jake Edge. 2022. Uniting the Linux random-number devices. Retrieved April 30 2025 from https:\/\/lwn.net\/Articles\/884875\/"},{"key":"e_1_3_3_11_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.42"},{"key":"e_1_3_3_12_2","volume-title":"Cryptographic Mechanisms: Recommendations and Key Lengths","author":"(BSI) Federal Office for Information Security","year":"2024","unstructured":"Federal Office for Information Security (BSI). 2024. Cryptographic Mechanisms: Recommendations and Key Lengths. Technical Guideline TR-02102-1. Federal Office for Information Security (BSI), Bonn, Germany. Retrieved May 4, 2025 from https:\/\/www.bsi.bund.de\/SharedDocs\/Downloads\/EN\/BSI\/Publications\/TechGuidelines\/TG02102\/BSI-TR-02102-1.pdf"},{"key":"e_1_3_3_13_2","doi-asserted-by":"publisher","DOI":"10.3390\/e26121053"},{"key":"e_1_3_3_14_2","series-title":"Security\u201912","first-page":"35","volume-title":"Proceedings of the 21st USENIX Conference on Security Symposium","author":"Heninger Nadia","year":"2012","unstructured":"Nadia Heninger, Zakir Durumeric, Eric Wustrow, and J. Alex Halderman. 2012. Mining your Ps and Qs: Detection of widespread weak keys in network devices. In Proceedings of the 21st USENIX Conference on Security Symposium (Bellevue, WA) (Security\u201912). USENIX Association, USA, 35."},{"key":"e_1_3_3_15_2","volume-title":"From AF_UNIX to kdbus","author":"Herrmann David","year":"2015","unstructured":"David Herrmann. 2015. From AF_UNIX to kdbus. Retrieved September 10, 2025 from https:\/\/dvdhrm.wordpress.com\/2015\/06\/20\/from-af_unix-to-kdbus\/. Blog post."},{"key":"e_1_3_3_16_2","doi-asserted-by":"publisher","unstructured":"Leilei Huang Hongyi Zhou Kai Feng and Chongjin Xie. 2021. Quantum random number cloud platform. DOI:10.1038\/s41534-021-00442-xCited by: 37; All Open Access Gold Open Access.","DOI":"10.1038\/s41534-021-00442-x"},{"key":"e_1_3_3_17_2","volume-title":"SP800-90B Non-Proprietary Public Use Document: Quantis QRNG IID Chips IDQ250C2, IDQ250C3, IDQ6MC1, IDQ20MC1, IDQ20MC1-S1, IDQ20MC1-S3","author":"SA ID Quantique","year":"2023","unstructured":"ID Quantique SA. 2023. SP800-90B Non-Proprietary Public Use Document: Quantis QRNG IID Chips IDQ250C2, IDQ250C3, IDQ6MC1, IDQ20MC1, IDQ20MC1-S1, IDQ20MC1-S3. Public Use Document E63. National Institute of Standards and Technology, Cryptographic Module Validation Program. Retrieved September 12, 2025 from https:\/\/csrc.nist.gov\/CSRC\/media\/projects\/cryptographic-module-validation-program\/documents\/entropy\/E63_PublicUse.pdf. NIST CMVP Entropy Validation Document."},{"key":"e_1_3_3_18_2","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-22r1a"},{"key":"e_1_3_3_19_2","unstructured":"Keithel. 2018. Starting systemd services sharing a session D-Bus on headless system. Retrieved September 12 2025 from https:\/\/serverfault.com\/questions\/892465\/starting-systemd-services-sharing-a-session-d-bus-on-headless-system. ServerFault answer."},{"key":"e_1_3_3_20_2","doi-asserted-by":"crossref","unstructured":"Mohamed Khalil-Hani Vishnu P. Nambiar and Muhammad Nadzir Marsono. 2010. Hardware Acceleration of OpenSSL Cryptographic Functions for High-Performance Internet Security. 374-379 pages. Retrieved from https:\/\/api.semanticscholar.org\/CorpusID:16126362","DOI":"10.1109\/ISMS.2010.89"},{"key":"e_1_3_3_21_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-16815-4_32"},{"key":"e_1_3_3_22_2","unstructured":"Richard Levitte. 2023. vigenere \u2013 an OpenSSL 3 provider that implements an expanded Vigen\u00e8re cipher. Retrieved January 23 2025 from https:\/\/github.com\/provider-corner\/vigenere"},{"key":"e_1_3_3_23_2","unstructured":"Linus Lewandowski. 2016. Pydbus documentation. Retrieved April 13 2025 from https:\/\/pydbus.readthedocs.io\/en\/latest\/legacydocs\/tutorial.html#d-bus-objects"},{"issue":"12","key":"e_1_3_3_24_2","first-page":"1","article-title":"A comprehensive review of quantum random number generators: concepts, classification and the origin of randomness","volume":"22","author":"Mannalatha Vaisakh","year":"2023","unstructured":"Vaisakh Mannalatha, Sandeep Mishra, and Anirban Pathak. 2023. A comprehensive review of quantum random number generators: concepts, classification and the origin of randomness. Quantum Information Processing 22, 12, Article 439 (2023), 1\u201345. Retrieved from https:\/\/api.semanticscholar.org\/CorpusID:247187462","journal-title":"Quantum Information Processing"},{"key":"e_1_3_3_25_2","volume-title":"D-Bus - A Message-Bus System (Project Home)","author":"McVittie Simon","year":"2022","unstructured":"Simon McVittie, Ralf Habacker, and Joe Rayhawk. 2022. D-Bus - A Message-Bus System (Project Home). freedesktop.org. Retrieved May 4, 2025 from https:\/\/www.freedesktop.org\/wiki\/Software\/dbus\/"},{"key":"e_1_3_3_26_2","unstructured":"Stephan M\u00fcller. 2019. \/dev\/random - a new approach with full SP800-90B compliance. Retrieved April 30 2025 from https:\/\/lore.kernel.org\/lkml\/20191111181721.23209-1-smueller@chronox.de\/. PATCH v24 00\/12 Linux Kernel Mailing List."},{"key":"e_1_3_3_27_2","volume-title":"Documentation and Analysis of the Linux Random Number Generator","author":"M\u00fcller Stephan","year":"2022","unstructured":"Stephan M\u00fcller, Sebastian Mayer, Caroline Holz auf der Heide, and Andreas Hohenegger. 2022. Documentation and Analysis of the Linux Random Number Generator. BSI Study, Version 5.0 Study No. 449. Federal Office for Information Security (BSI), Germany, Bonn, Germany. Prepared for BSI by atsec information security GmbH, Accessed: 2025-04-30."},{"key":"e_1_3_3_28_2","volume-title":"CPU Jitter Based Non-Physical True Random Number Generator","author":"M\u00fcller Stephan","year":"2022","unstructured":"Stephan M\u00fcller. 2022. CPU Jitter Based Non-Physical True Random Number Generator. Technical Report. chronox. Retrieved July 30, 2025 from https:\/\/www.chronox.de\/jent\/CPU-Jitter-NPTRNG-v2.2.0.pdf"},{"key":"e_1_3_3_29_2","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.FIPS.140-3"},{"key":"e_1_3_3_30_2","unstructured":"National Institute of Standards and Technology. 2024. NIST Releases First 3 Finalized Post-Quantum Encryption Standards. Retrieved April 30 2025 from https:\/\/www.nist.gov\/news-events\/news\/2024\/08\/nist-releases-first-3-finalized-post-quantum-encryption-standards"},{"key":"e_1_3_3_31_2","article-title":"What is the relationship between entropy conditioning and final output bias in a TRNG?","author":"Ossifrage Squeamish","year":"2018","unstructured":"Squeamish Ossifrage. 2018. What is the relationship between entropy conditioning and final output bias in a TRNG?. Cryptography Stack Exchange. Retrieved September 17, 2025 from https:\/\/crypto.stackexchange.com\/questions\/58023\/what-is-the-relationship-between-entropy-conditioning-and-final-output-bias-in-a\/58168#58168","journal-title":"Cryptography Stack Exchange"},{"key":"e_1_3_3_32_2","unstructured":"Havoc Pennington and David A. Wheeler. 2005. D-Bus FAQ. Retrieved September 9 2025 from https:\/\/dbus.freedesktop.org\/doc\/dbus-faq.html"},{"key":"e_1_3_3_33_2","volume-title":"A Proposal for Functionality Classes for Random Number Generators","author":"Peter Matthias","year":"2024","unstructured":"Matthias Peter and Werner Schindler. 2024. A Proposal for Functionality Classes for Random Number Generators. Technical Report AIS 31, Version 3.0. Federal Office for Information Security (BSI), Bonn, Germany."},{"key":"e_1_3_3_34_2","unstructured":"Lennart Poettering. 2015. The new sd-bus API of systemd. Retrieved April 30 2025 from https:\/\/0pointer.net\/blog\/the-new-sd-bus-api-of-systemd.html"},{"key":"e_1_3_3_35_2","unstructured":"Lennart Poettering and Zbigniew J\u0119drzejewski-Szmek. 2024. System and Service Manager. Retrieved April 16 2025 from https:\/\/systemd.io\/"},{"key":"e_1_3_3_36_2","first-page":"121","volume-title":"Proceedings of the 17th Network and Distributed System Security Symposium (NDSS 2010)","author":"Ristenpart Thomas","year":"2010","unstructured":"Thomas Ristenpart and Scott Yilek. 2010. When good randomness goes bad : Virtual machine reset vulnerabilities and hedging deployed cryptography. In Proceedings of the 17th Network and Distributed System Security Symposium (NDSS 2010). The Internet Society, San Diego, California, USA, 121\u2013128. Retrieved from https:\/\/www.ndss-symposium.org\/ndss2010\/when-good-randomness-goes-bad-virtual-machine-reset-vulnerabilities-and-hedging-deployed. Symposium dates: 28 February\u20133 March 2010."},{"key":"e_1_3_3_37_2","article-title":"Overview of AIS 20\/31","author":"Schindler Werner","year":"2023","unstructured":"Werner Schindler. 2023. Overview of AIS 20\/31. NIST Presentation. Retrieved September 19, 2025 from https:\/\/csrc.nist.gov\/csrc\/media\/Presentations\/2023\/overview-of-ais-2031\/images-media\/session-2-schindler-overview-of-ais-20-31.pdf","journal-title":"NIST Presentation"},{"key":"e_1_3_3_38_2","doi-asserted-by":"publisher","DOI":"10.1145\/945511.945516"},{"key":"e_1_3_3_39_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-10683-0_12"},{"key":"e_1_3_3_40_2","unstructured":"TPM2-software community and Petr Gotthard. 2025. tpm2-openssl - OpenSSL Provider for TPM 2.0 integration. Retrieved January 23 2025 from https:\/\/github.com\/tpm2-software\/tpm2-openssl"},{"key":"e_1_3_3_41_2","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-90B"},{"key":"e_1_3_3_42_2","unstructured":"Paul Uszak. 2024. ENT3000: Rationale & FAQ. Retrieved from http:\/\/www.reallyreallyrandom.com\/ent3000\/rational\/index.html"},{"issue":"12","key":"e_1_3_3_43_2","first-page":"36","article-title":"Various techniques used in connection with random digits","author":"Neumann John von","year":"1951","unstructured":"John von Neumann. 1951. Various techniques used in connection with random digits. Applied Math Series12 (1951), 36\u201338.","journal-title":"Applied Math Series"},{"key":"e_1_3_3_44_2","unstructured":"John Walker. 2008. ENT \u2014 Fourmilab Random Sequence Tester. GitHub repository Retrieved April 30 2025 from https:\/\/github.com\/Fourmilab\/ent_random_sequence_tester"},{"key":"e_1_3_3_45_2","doi-asserted-by":"publisher","DOI":"10.5753\/sbseg.2020.19236"},{"key":"e_1_3_3_46_2","unstructured":"Philip Withnall. 2017. Comment on \u201cPassing a large data structure over D-Bus\u201d. Stack Overflow comment; Retrieved September 10 2025 from https:\/\/stackoverflow.com\/questions\/6220704\/passing-a-large-data-structure-over-dbus#comment76868948_12622541"}],"container-title":["ACM Transactions on Privacy and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3799895","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,27]],"date-time":"2026-04-27T13:47:20Z","timestamp":1777297640000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3799895"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,4,27]]},"references-count":45,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2026,5,31]]}},"alternative-id":["10.1145\/3799895"],"URL":"https:\/\/doi.org\/10.1145\/3799895","relation":{},"ISSN":["2471-2566","2471-2574"],"issn-type":[{"value":"2471-2566","type":"print"},{"value":"2471-2574","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,4,27]]},"assertion":[{"value":"2025-05-15","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-11-05","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2026-04-27","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}