## Cryptology ePrint Archive: Report 2018/927

Adaptively Secure Distributed PRFs from LWE

Benoît Libert and Damien Stehlé and Radu Titiu

Abstract: In distributed pseudorandom functions (DPRFs), a PRF secret key $SK$ is secret shared among $N$ servers so that each server can locally compute a partial evaluation of the PRF on some input $X$. A combiner that collects $t$ partial evaluations can then reconstruct the evaluation $F(SK,X)$ of the PRF under the initial secret key. So far, all non-interactive constructions in the standard model are based on lattice assumptions. One caveat is that they are only known to be secure in the static corruption setting, where the adversary chooses the servers to corrupt at the very beginning of the game, before any evaluation query. In this work, we construct the first fully non-interactive adaptively secure DPRF in the standard model. Our construction is proved secure under the LWE assumption against adversaries that may adaptively decide which servers they want to corrupt. We also extend our construction in order to achieve robustness against malicious adversaries.

Category / Keywords: cryptographic protocols / LWE, pseudorandom functions, distributed PRFs, threshold cryptography, adaptive security

Original Publication (with major differences): IACR-TCC-2018

Date: received 28 Sep 2018, last revised 17 May 2019

Contact author: benoit libert at ens-lyon fr

Available format(s): PDF | BibTeX Citation

Note: Fixed one reference in the biblio

Short URL: ia.cr/2018/927

[ Cryptology ePrint archive ]