Paper 2006/321

Efficient Pseudorandom Generators Based on the DDH Assumption

Reza Rezaeian Farashahi, Berry Schoenmakers, and Andrey Sidorenko


A family of pseudorandom generators based on the decisional Diffie-Hellman assumption is proposed. The new construction is a modified and generalized version of the Dual Elliptic Curve generator proposed by Barker and Kelsey. Although the original Dual Elliptic Curve generator is shown to be insecure, the modified version is provably secure and very efficient in comparison with the other pseudorandom generators based on discrete log assumptions. Our generator can be based on any group of prime order provided that an additional requirement is met (i.e., there exists an efficiently computable function that in some sense enumerates the elements of the group). Two specific instances are presented. The techniques used to design the instances, for example, the new probabilistic randomness extractor are of independent interest for other applications.

Available format(s)
Publication info
Published elsewhere. Unknown where it was published
Pseudorandom generatorDDH problemconcrete security
Contact author(s)
a sidorenko @ tue nl
2006-11-07: revised
2006-09-26: received
See all versions
Short URL
Creative Commons Attribution


      author = {Reza Rezaeian Farashahi and Berry Schoenmakers and Andrey Sidorenko},
      title = {Efficient Pseudorandom Generators Based on the DDH Assumption},
      howpublished = {Cryptology ePrint Archive, Paper 2006/321},
      year = {2006},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.