Efficient Construction of (Distributed) Verifiable Random Functions
نویسنده
چکیده
We give the first simple and efficient construction of verifiable random functions (VRFs). VRFs, introduced by Micali et al. [MRV99], combine the properties of regular pseudorandom functions (PRFs) [GGM86] (i.e., indistinguishability from a random function) and digital signatures [GMR88] (i.e., one can provide an unforgeable proof that the VRF value is correctly computed). The efficiency of our VRF construction is only slightly worse than that of a regular PRF construction of Naor and Reingold [NR97]. In contrast to ours, the previous VRF constructions [MRV99, Lys02] all involved an expensive generic transformation from verifiable unpredictable functions (VUFs), while our construction is simple and direct. We also provide the first construction of distributed VRFs. Our construction is more efficient than the only known construction of distributed (non-verifiable) PRFs [Nie02], but has more applications than the latter. For example, it can be used to distributively implement the random oracle model in a publicly verifiable manner, which by itself has many applications (e.g., constructing threshold signature schemes). Our main construction is based on a new variant of decisional Diffie-Hellman (DDH) assumption on certain groups where the regular DDH assumption does not hold. We do not make any claims about the validity of our assumption (which we call sum-free DDH, or sf-DDH). However, this assumption seems to be plausible based on our current understanding of certain candidate elliptic and hyperelliptic groups which were recently proposed for use in cryptography [JN01, Jou00]. We hope that the demonstrated power of our sf-DDH assumption will serve as a motivation for its closer study. Department of Computer Science, New York University, 251 Mercer Street, New York, NY 10012, USA. Email: [email protected]
منابع مشابه
Efficient Cryptographic Tools for Secure Distributed Computing
Efficient Cryptographic Tools for Secure Distributed Computing Aleksandr Yampolskiy 2006 This thesis presents a set of efficient and practical tools that can be used to enhance security of existing distributed systems. Our tools achieve marked improvements in bit, round, and communication complexity compared to generic multi-party solutions. We begin by introducing a new cryptographic primitive...
متن کاملAn Efficient Threshold Verifiable Multi-Secret Sharing Scheme Using Generalized Jacobian of Elliptic Curves
In a (t,n)-threshold secret sharing scheme, a secret s is distributed among n participants such that any group of t or more participants can reconstruct the secret together, but no group of fewer than t participants can do. In this paper, we propose a verifiable (t,n)-threshold multi-secret sharing scheme based on Shao and Cao, and the intractability of the elliptic curve discrete logar...
متن کاملAdaptive-Secure VRFs with Shorter Keys from Static Assumptions
Verifiable random functions are pseudorandom functions producing publicly verifiable proofs for their outputs, allowing for efficient checks of the correctness of their computation. In this work, we introduce a new computational hypothesis, the n-Eigen-Value assumption, which can be seen as a relaxation of the Un MDDH assumption, and prove its equivalence with the n-Rank assumption. Based on th...
متن کاملOn the Impossibility of Structure-Preserving Deterministic Primitives
Complex cryptographic protocols are often constructed in a modular way from primitives such as signatures, commitments, and encryption schemes, verifiable random functions, etc. together with zero-knowledge proofs ensuring that these primitives are properly orchestrated by the protocol participants. Over the past decades a whole framework of discrete logarithm based primitives has evolved. This...
متن کاملCompact E-Cash and Simulatable VRFs Revisited
Efficient non-interactive zero-knowledge proofs are a powerful tool for solving many cryptographic problems. We apply the recent Groth-Sahai (GS) proof system for pairing product equations (Eurocrypt 2008) to two related cryptographic problems: compact e-cash (Eurocrypt 2005) and simulatable verifiable random functions (CRYPTO 2007). We present the first efficient compact e-cash scheme that doe...
متن کامل