TY - GEN

T1 - Efficient construction of (distributed) verifiable random functions

AU - Dodis, Yevgeniy

PY - 2002

Y1 - 2002

N2 - We give the first simple and efficient construction of verifiable random functions (VRFs). VRFs, introduced by Micali et al. [13], combine the properties of regular pseudorandom functions (PRFs) (i.e., indistinguishability from a random function) and digital signatures (i.e., one can provide an unforgeable proof that the VRF value is correctly computed). The efficiency of our VRF construction is only slightly worse than that of a regular PRF construction of Naor and Reingold [16]. In contrast to our direct construction, all previous VRF constructions [13, 12] involved an expensive generic transformation from verifiable unpredictable functions (VUFs). We also provide the first construction of distributed VRFs. Our construction is more efficient than the only known construction of distributed (non-verifiable) PRFs [17], but has more applications than the latter. For example, it can be used to distributively implement the random oracle model in a publicly verifiable manner, which by itself has many applications. Our construction is based on a new variant of decisional Diffie-Hellman (DDH) assumption on certain groups where the regular DDH assumption does not hold [10, 9]. Nevertheless, this variant of DDH seems to be plausible based on our current understanding of these groups. We hope that the demonstrated power of our assumption will serve as a motivation for its closer study.

AB - We give the first simple and efficient construction of verifiable random functions (VRFs). VRFs, introduced by Micali et al. [13], combine the properties of regular pseudorandom functions (PRFs) (i.e., indistinguishability from a random function) and digital signatures (i.e., one can provide an unforgeable proof that the VRF value is correctly computed). The efficiency of our VRF construction is only slightly worse than that of a regular PRF construction of Naor and Reingold [16]. In contrast to our direct construction, all previous VRF constructions [13, 12] involved an expensive generic transformation from verifiable unpredictable functions (VUFs). We also provide the first construction of distributed VRFs. Our construction is more efficient than the only known construction of distributed (non-verifiable) PRFs [17], but has more applications than the latter. For example, it can be used to distributively implement the random oracle model in a publicly verifiable manner, which by itself has many applications. Our construction is based on a new variant of decisional Diffie-Hellman (DDH) assumption on certain groups where the regular DDH assumption does not hold [10, 9]. Nevertheless, this variant of DDH seems to be plausible based on our current understanding of these groups. We hope that the demonstrated power of our assumption will serve as a motivation for its closer study.

UR - http://www.scopus.com/inward/record.url?scp=84958742006&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84958742006&partnerID=8YFLogxK

U2 - 10.1007/3-540-36288-6_1

DO - 10.1007/3-540-36288-6_1

M3 - Conference contribution

AN - SCOPUS:84958742006

SN - 354000324X

SN - 9783540362883

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 1

EP - 17

BT - Public Key Cryptography - PKC 2003 - 6th International Workshop on Practice and Theory in Public Key Cryptography, Proceedings

A2 - Desmedt, Yvo G.

PB - Springer Verlag

T2 - 6th International Workshop on Practice and Theory in Public Key Cryptography, PKC 2003

Y2 - 6 January 2003 through 8 January 2003

ER -