Cryptology ePrint Archive: Report 2004/310

A Verifiable Random Function With Short Proofs and Keys

Yevgeniy Dodis and Aleksandr Yampolskiy

Abstract: We give a simple and efficient construction of a verifiable random function (VRF) on bilinear groups. Our construction is direct. In contrast to prior VRF constructions [MRV99, Lys02], it avoids using an inefficient Goldreich-Levin transformation, thereby saving several factors in security. Our proofs of security are based on a decisional bilinear Diffie-Hellman inversion assumption, which seems reasonable given current state of knowledge. For small message spaces, our VRF's proofs and keys have constant size. By utilizing a collision-resistant hash function, our VRF can also be used with arbitrary message spaces. We show that our scheme can be instantiated with an elliptic group of very reasonable size. Furthermore, it can be made distributed and proactive.

Category / Keywords: Verifiable random functions, Unique signatures, Short keys and proofs, Decisional bilinear Diffie-Hellman assumption, Bilinear groups.

Publication Info: To appear in PKC 2005.

Date: received 16 Nov 2004, last revised 7 Mar 2005

Contact author: aleksandr yampolskiy at yale edu

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Note: 1. referenced "compact e-cash" paper by Camenisch, Hohenberger, Lysyanskaya 2. pointed out that the VRF output can trivially be viewed as a PRF, which doesn't process inputs bit-by-bit

Version: 20050308:002543 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]