Enhancing Transport Layer Security Using Quantum Random Number Generator in Elliptic Curve Cryptography

Abstract

Transport Layer Security (TLS) protects most internet traffic, yet its Elliptic Curve Cryptography (ECC) operations can fail catastrophically when randomness is biased or predictable. This study presents a standards-compliant way to harden ECC in TLS by injecting Quantum Random Number Generator (QRNG) entropy into three critical points: (i) private-key generation, (ii) ECDHE ephemeral-scalar selection, and (iii) (optionally) ECDSA per-message nonces while preserving RFC 8446 interoperability. We design a lightweight entropy pipeline that mixes QRNG output with the operating system’s CSPRNG using a keyed extractor, and we implement a reproducible Python toolchain (CLI/GUI) for signing/verification with ECDSA (P-256). Randomness is assessed with Shannon entropy and a subset of NIST SP 800-22 tests (e.g., frequency/monobit, runs, serial, approximate entropy) on multi-megabyte streams; functional tests validate signature correctness and TLS-like key-agreement flows. Results show that QRNG-mixed streams provide near-maximal entropy and stable bit balance, and that keys and ephemeral scalars derived from the mixed source remain unpredictable even under PRNG state-compromise assumptions. The approach integrates transparently with existing ECC stacks, and practical overhead is minimal because entropy is buffered. We discuss residual risks (QRNG availability, health testing, secure transport from device to host) and outline extensions for explicit nonce control and broader TLS handshake coverage. This work contributes a pragmatic, deployable artifact complete with code and evaluation scriptsthat institutes stronger entropy hygiene for ECC within TLS as organizations plan their transition to post-quantum cryptography.