4. Results
We investigate the Quantum-Entropy-Assisted Hybrid Commitment (HQC) framework with real quantum randomness from the Australian National University (ANU) Quantum Random Number Generator (QRNG). The ANU QRNG service derives entropy from measurements associated with quantum vacuum fluctuations, providing a high-entropy randomness source for the HQC framework, for the generation of commitments. The evaluation focuses on protocol latency, cryptographic security validation, entropy quality characterization, Merkle aggregation scalability, and embedded resource utilization.
4.1. Benchmark Methodology
All experiments were executed on a Raspberry Pi 4 Model B equipped with a Broadcom BCM2711 ARM Cortex-A72 processor operating at 1.5 GHz with 4 GB RAM running Ubuntu 22.04 LTS (64-bit). The HQC implementation was written in Python 3.12 using SHAKE-256 as the underlying cryptographic hash primitive. The commitment construction follows the form , where m denotes the sensor message, r denotes a 256-bit quantum-generated nonce, and t denotes a 64-bit timestamp. Timing measurements were collected using Python’s time.perf_counter.ns() hardware performance counter. Each benchmark consisted of 10,000 independent iterations following a warm-up phase to eliminate cold-start artifacts, and measurements were averaged over batched executions to reduce timer quantization effects. The benchmarking environment used the SHAKE-256 hash primitive, the ANU QRNG entropy source, and a performance-optimized CPU configuration to reduce timing variability during measurements.
Remark 9 (Python runtime effects on tail latency). Python’s Global Interpreter Lock (GIL) and garbage collector (GC) can introduce unpredictable pauses affecting tail-latency figures. The 99th-percentile commit latency of s likely includes occasional GC pauses. In a production deployment using a compiled language (e.g., C, Rust, or a bare-metal firmware implementation), tail latency is expected to be significantly lower and more deterministic.
The reported measurements isolate the cryptographic core of the HQC protocol and explicitly exclude disk I/O, networking overhead, persistent database storage, sensor acquisition delays, and application-layer communication latency. To isolate protocol execution cost from remote network latency, quantum entropy was preloaded into a local entropy buffer (quantum_entropy.bin) before benchmarking. Consequently, the reported commit latency measures consumption of locally buffered quantum entropy rather than remote QRNG acquisition latency.
4.2. Quantum Entropy Initialization
The actual quantum-generated entropy, from the ANU QRNG service, fed into the HQC framework. The local entropy pool was filled with 5,242,880 bytes of quantum entropy before execution. The ANU QRNG is based on an entropy pool that is physically generated by the measurement of quantum vacuum fluctuations, unlike entropy pools like /dev/urandom that are found in operating systems. The cryptographic operations of the HQC framework remain entirely classical, while the entropy generation layer is assisted by quantum-generated randomness.
4.3. Protocol Latency Evaluation
The commit operation incurs higher latency because it consumes quantum-generated entropy during nonce generation as shown in
Table 4 and
Figure 4.
Verification reuses the provided nonce and timestamp and performs deterministic SHAKE-256 recomputation without additional entropy generation.
The experimental results indicate that the HQC framework maintains microsecond-scale execution latency while incorporating quantum-generated entropy into the nonce generation process. The latency distributions for the HQC commit and verify operations are shown in
Figure 5 and
Figure 6. Both distributions were generated from 10,000 independent iterations using genuine quantum entropy obtained from the ANU QRNG service based on quantum vacuum fluctuations. The commit latency distribution in
Figure 5 exhibits a mean latency of 5.22 µs, a median of 5.10 µs, and a standard deviation of 1.17 µs. These results indicate low timing variance and strong concentration around the mean execution time. The maximum observed commit latency was 10.00 µs, demonstrating stable execution behavior under repeated trials. The empirical distribution is approximately unimodal with moderate right skew and does not exhibit substantial heavy-tail behavior within the evaluated experimental range in real-time deployments.
The verify latency distribution in
Figure 6 achieves a mean latency of 2.24 µs with a standard deviation of 0.41 µs. Verification is approximately 2.3× faster than commitment because the verifier reuses the supplied nonce and timestamp without requiring additional entropy extraction or secure random number generation during recomputation of the commitment digest.
Overall, both latency distributions demonstrate that the HQC framework introduces minimal computational overhead while maintaining microsecond-level execution latency. Based on the measured commit latency, the measured implementation throughput corresponds to approximately 196,000 commitment operations per second under isolated benchmarking conditions. In practical deployments, however, achievable throughput would additionally depend on network communication, operating-system scheduling, sensor sampling, storage overhead, and application-level processing constraints. The results support the feasibility of deploying HQC in embedded and resource-constrained autonomous sensing environments requiring low-latency cryptographic commitment operations.
4.4. Security Validation
We evaluated the security properties of HQC over 10,000 independent adversarial trials.
Table 5.
Security Validation Summary.
Table 5.
Security Validation Summary.
| Property |
Outcome |
Result |
| Correctness |
Successful verifications |
10,000/10,000 |
| Binding |
Successful forgeries |
0/10,000 |
| Freshness |
Replay attempts rejected |
10,000/10,000 |
For correctness evaluation, all honest commitment-opening pairs verified successfully, yielding 10,000 successful verifications out of 10,000 trials. For the binding evaluation, no successful forgery attempts were observed during the experimental campaign. While empirical testing cannot establish formal cryptographic security, the observed behavior is consistent with the computational binding guarantees derived from the collision resistance assumption of SHAKE-256. For freshness evaluation, all replay attempts using stale timestamps were rejected successfully, indicating that the timestamp validation mechanism operated as intended throughout the experiments.
Figure 7.
Security Validation Results.
Figure 7.
Security Validation Results.
For hiding validation the hiding property was evaluated using the Kolmogorov-Smirnov statistical test applied to commitment distributions generated from distinct sensor messages. The measured
p-value was 0.7947. Since the resulting
p-value does not cross standard significance thresholds (
), the statistical test did not detect significant differences between the sampled commitment distributions. The observed statistical behavior is consistent with the intended hiding characteristics of the construction under the evaluated experimental conditions. Importantly, failure to reject the null hypothesis does not prove perfect indistinguishability; rather, it indicates that no statistically significant distinction was detected at the evaluated sample size. Additional experimental details are provided in
Appendix A.
Remark 10 (KS-test limitations). A sample size of 10 000 evaluates the commitment output distribution in a low-dimensional projection. The full 256-bit output space ( possible values) cannot be exhaustively sampled; therefore the KS test provides empirical consistency evidence rather than a proof of indistinguishability. The formal hiding guarantee is provided by Theorem 2.
4.5. Quantum Entropy Quality Analysis
Empirical min-entropy estimation was used to assess the quality of the quantum entropy source. The min-entropy measured was 7.1844 bits/byte as shown in
Figure 8.
This value indicates a high-entropy non-deterministic randomness source suitable for cryptographic nonce generation. Hence the entropy quality meets the randomness criteria of the HQC protocol.
4.6. Merkle Aggregation Scalability
For large deployments of autonomous sensors, we measured the latency of building Merkle trees as the number of leaf commitments grew as shown in
Table 6 and
Figure 9.
The measured scaling behavior is consistent with the expected aggregation complexity . Even for 1024 simultaneous sensor commitments, the Merkle root computation required only 1.640 ms.
These results suggest that hierarchical aggregation remains computationally feasible for dense edge-based sensor deployments.
4.7. Resource Utilization
The HQC implementation maintained low computational and memory overhead throughout execution as shown in
Table 7.
The compact memory footprint demonstrates practical suitability for embedded and edge-based systems.
4.8. Quantum Integration
Earlier prototype implementations relied on operating-system entropy pools, whereas the present implementation incorporates entropy generated through the ANU QRNG service. Consequently, the HQC framework integrates quantum-generated randomness into the nonce generation process while retaining entirely classical cryptographic operations. Importantly, the protocol does not require quantum communication channels, entanglement distribution, quantum memory, or quantum computation. Instead, quantum functionality is limited to the entropy generation layer, enabling deployment on conventional embedded hardware. This hybrid design provides a practical balance between entropy quality, computational efficiency, scalability, and embedded-system deployability.
4.9. Comparison with Alternative Commitment Schemes
For the purpose of discussing the performance and deployment properties of the proposed HQC framework, we compare it with some of the most representative paradigms for commitments that are often mentioned in the embedded security and post-quantum cryptography literature. The comparison is based on, security assumptions, entropy requirements, computational overhead, deployability on embedded systems, and practical suitability for autonomous sensor networks as shown in
Table 8.
The comparison points out a number of differences. First, conventional hash-based commitment schemes are cheap to compute and easily deployable, but are based entirely on pseudo-random (or operating system) entropy sources. The proposed HQC framework, on the other hand, incorporates quantum-generated entropy while maintaining low computational overhead comparable to lightweight classical constructions. Secondly, lattice-based commitment schemes offer more post-quantum assumptions for future quantum attacks. However, their computational, memory and key size requirements are usually significantly higher, and they are not as suitable for very low resource edge environments. Thirdly, fully quantum commitment protocols using entanglement or relativistic assumptions may provide stronger theoretical security guarantees under specific physical and communication assumptions. However, these protocols are still not applicable for embedded autonomous sensor deployments because of the requirement of quantum communication channels, entanglement distribution, quantum state preservation, or synchronized relativistic infrastructure.
The HQC framework instead adopts a hybrid architectural approach in which only the entropy generation layer is quantum-assisted, while all cryptographic processing remains classically executable on conventional embedded hardware. This design choice provides several practical advantages like microsecond-scale execution latency, low memory overhead, compatibility with existing embedded processors, scalable hierarchical aggregation, and deployability without quantum networking infrastructure. Although HQC does not provide unconditional quantum security guarantees, the framework illustrates how selective integration of quantum-generated entropy can enhance randomness quality while preserving lightweight embedded deployment characteristics. Consequently, the HQC framework occupies a practical intermediate position between purely classical commitment systems and fully quantum cryptographic architectures, making it particularly suitable for real-time autonomous sensing and edge-security applications.
4.10. Comparative Latency Benchmark
To contextualise the HQC latency results,
Table 9 reports commit and verify latency for three representative lightweight commitment constructions measured on the same Raspberry Pi 4 platform under identical benchmarking conditions (10 000 iterations, warm-up phase,
time.perf_counter_ns()).
The HQC commit latency of s is approximately higher than a classical SHAKE-256 commitment (∼3.8 s) on the same platform. This overhead arises from the buffered QRNG nonce consumption step and is the direct cost of integrating genuine quantum entropy. Verify latency (s) is comparable across all schemes because verification is a pure hash recomputation with no entropy generation. BLAKE3 achieves the lowest latency due to its SIMD-optimised design, but provides no quantum entropy and relies on OS PRNG randomness. The HQC framework thus incurs a modest and bounded latency premium in exchange for quantum-grade nonce entropy and the formal hiding guarantees of Theorem 2.
Remark 11 (Lattice-based baseline).
A direct comparison with Dilithium-based or Ring-LWE commitment constructions was not performed in this study, as no lightweight Python reference implementation was available for fair comparison on the Raspberry Pi 4. Based on published benchmarks [14], lattice-based commitments incur commit latencies in the range 1–ms on similar ARM platforms, placing them approximately slower than HQC for this use case. A compiled-language (C/Rust) comparative benchmark is identified as future work.
4.11. Summary of Results
The experimental evaluation indicates that the HQC framework achieves low-latency operation, scalable aggregation performance, and practical embedded-system compatibility, as shown in
Table 10, including the fact that it provides true quantum entropy integration, a commitment latency of microseconds or less, strong replay resistance, scalable hierarchical aggregation, and low embedded resource overhead.
The findings show that quantum-entropy-assisted commitment architectures can be implemented in an autonomous sensor and edge-computing setting without the need for quantum communication networks.
4.12. Deployment Case Study: Autonomous Drone Swarm Monitoring
To validate the HQC framework in a realistic agentic setting, we present a deployment case study modelling a swarm of autonomous aerial drones performing coordinated environmental monitoring over a m grid.
4.12.1. Scenario Description
Each drone
samples atmospheric sensor data (temperature, pressure, particulate matter) at
Hz and transmits committed readings to a ground-based gateway cluster
, each serving
drones. A central verifier
V (cloud-based server) maintains an auditable log of all commitment epochs. The deployment scenario is motivated by the falsification threat described in
Section 1: a compromised drone may attempt to retroactively alter its reported sensor readings or flight path after a collision event is investigated.
4.13. Commitment Rate and Epoch Budget
At
Hz, each drone generates 2 commitments per second. With the HQC mean commit latency of
s, the per-drone cryptographic overhead is:
This is negligible relative to sensor acquisition, communication, and flight control workloads.
4.13.1. Gateway Aggregation
Each gateway aggregates
drone commitments per epoch (
ms). From
Table 6, the Merkle root construction for
leaves requires
ms, well within the epoch window. The gateway forwards a single 32-byte Merkle root to the verifier rather than 32 individual commitments, reducing uplink bandwidth by a factor of
.
4.13.2. Verifier Audit Load
The verifier processes two Merkle roots per epoch (one from each gateway). Each root verification requires hash evaluations, totalling 10 hash operations per epoch for the full swarm. At a verification latency of s per hash evaluation, the verifier’s cryptographic load is s per epoch, representing negligible computational overhead on commodity server hardware.
4.13.3. Non-Repudiation Guarantee
If a post-incident investigation requires verifying drone ’s reported reading at time t, the verifier retrieves the stored Merkle root for the relevant epoch and the authentication path . Given the opening provided by , the verifier recomputes and checks it against using in steps. Any discrepancy between the claimed reading and the committed value is detected with probability by Proposition 4, providing a cryptographic audit trail that is binding under SHAKE-256 collision resistance.
4.13.4. Resource Footprint per Drone
Each drone maintains a secret state
of 96 bytes (
Table 7) per commitment, plus a 32-byte commitment value. At
Hz, the per-drone per-second storage overhead is
bytes, well within the memory constraints of typical flight controllers (e.g., Pixhawk 6C: 2 MB RAM).
4.13.5. Case Study Summary
Table 11 summarises the key deployment metrics.
The case study demonstrates that the HQC framework scales gracefully to realistic agentic deployments without imposing meaningful computational or storage burden on resource-constrained nodes. The non-repudiation guarantee provided by the commitment layer is particularly valuable in safety-critical scenarios such as drone collision investigations, where retroactive data falsification poses a direct operational and liability risk.