## Cryptology ePrint Archive: Report 2021/100

SPURT: Scalable Distributed Randomness Beacon with Transparent Setup

Sourav Das and Vinith Krishnan and Irene Miriam Isaac and Ling Ren

Abstract: Having shared access to high-quality random numbers is essential in many important applications. Yet, existing constructions of distributed random beacons still have limitations such as imperfect security guarantees, strong setup or network assumptions, or high costs. In this paper, we present SPURT, an efficient distributed randomness beacon protocol that does not require any trusted or expensive setup and is secure against a malicious adversary that controls up to one-third of the nodes in a partially synchronous network. We formally prove that each output of SPURT is unpredictable, bias-resistant, and publicly verifiable. SPURT has an amortized total communication cost of $O(\lambda n^2)$ per beacon output where $\lambda$ is the security parameter. While designing SPURT, we augment existing State Machine Replication (SMR) protocols to ensure that all nodes decide nearly simultaneously. We also design a publicly verifiable secret sharing (PVSS) scheme whose security is based on the standard Decisional Bilinear Diffie-Hellman assumption and does not require a Random Oracle. We implement SPURT and evaluate it using a network of up to 128 nodes running in geographically distributed AWS instances. Our evaluation shows that SPURT can produce about 84 beacon outputs per minute in a network of 32 nodes and is comparable to systems with stronger assumptions or weaker security.

Category / Keywords: cryptographic protocols / Random Beacons, Distributed Randomness, PVSS

Date: received 26 Jan 2021, last revised 31 Aug 2021

Contact author: souravd2 at illinois edu, vinithk2 at illinois edu, irenemi2 at illinois edu, renling at illinois edu

Available format(s): PDF | BibTeX Citation

Note: Partially synchronous Randomness beacon with Quadratic Communication, Nearly simultaneous decision SMR, New PVSS scheme assuming DBDH and experimental results.

Short URL: ia.cr/2021/100

[ Cryptology ePrint archive ]