 My name is Julio Hernandez-Castro. This is joint work with Darren Harley-Smith, both currently at the University of Kent. I'm not very used to these five minutes format, so unfortunately and I fully apologize for that. We have to skip some interesting parts, particularly related works, and go just basically directly to the results. So these are our victims. These are our targets. These are beauties on the right. These are three quantum random number generators that happen to be manufactured by one of the sponsors of this event, I.D. Quantic. They are interesting. This is more or less our experimental setting. They happen to be pretty expensive, from 1,000 to 3,000 euros, and they claim to provide true randomness at a very high speed, which is very important in their marketing materials. We don't agree that much with that, and we think they compare unfavorably to, for example, something like the Kiosky, which is not quantum. It's a classical TRNG that it's way cheaper. You can find that for 60 euros, and also it's completely open, so the design is open. There's no security by obscurity here. So in case I'm thrown out of the stage because of these five minute format, these are our main results. Quantic claims that they produce true random bits, and we found them, the raw bits, at least heavily biased and correlated. They claim these very high speeds, 16 megabits per second, four megabits per second, off through random bits, and that's simply not true. You can achieve basically one fourth of this speed after post-processing. They also claim post-processing is optional. Again, not really. They also do some self-certification that we think is not really useful, and they also engage in third-party certification, but at levels, for one particular generator they use, at levels that are so loaded, I think are useless for cryptography. Also, they have an additional scene. Their tiering Gs are close hardware design. It's not open, as we have seen the chaos key is. Security by obscurity and all that. We have seen these thousands of times. It doesn't end well. So very quickly, these is quite depressing. Basically, you have the three generators there. They struggle, but mostly pass the well-known statistical tests, die-harder and nist, with some difficulty. But then, when presented with new tests, less well-known in the crypto community, like alphabets and rabbit, coming from test UO0, they fail miserably. You have chaos key for 60 euros, that pass everything with flying colors. And even the random pass everything, all these battery tests with flying colors. So, not great. I don't think I have a lot of time to mention these, but they present quite interesting bias when we analyze these with chi-square tests. We have seen something similar in previous works with the same team on DESFAR EV1 cards. So, that is a worrying trend. We have been working on tiering G analysis for the last three years, and we find more and more examples of generators that are engineered just to about pass the well-known test and then miserably fail anything outside of that. And that is not good because that will seed them other random number generators for crypto protocols. So, very quickly, this is part of an ongoing work. We are investigating other quantum random number generators. These four in here, they are based on slightly different ideas. One is a radioactive decay. The quantities one are bin splitters, so a photon and a mirror and so forth. And we have found that they are not the only ones to blame here, hot pits. And the Australian National University, QRNG, are also very bad. The results are provisional, of course, ongoing. On the other hand, there are some good cases, the humble generator, and it comes higher seems to be pretty good. Yeah, some people pay for this. And we engage into IDQ in some sort of responsible disclosure, and they were relatively nice. And yeah, that's it.