Paper 2024/435

Unbiasable Verifiable Random Functions

Emanuele Giunta, Web3 Foundation, IMDEA Software Institute, Universidad Politécnica de Madrid
Alistair Stewart, Web3 Foundation
Abstract

Verifiable Random Functions (VRFs) play a pivotal role in Proof of Stake (PoS) blockchain due to their applications in secret leader election protocols. However, the original definition by Micali, Rabin and Vadhan is by itself insufficient for such applications. The primary concern is that adversaries may craft VRF key pairs with skewed output distribution, allowing them to unfairly increase their winning chances. To address this issue David, Gaži, Kiayias and Russel (2017/573) proposed a stronger definition in the universal composability framework, while Esgin et al. (FC '21) put forward a weaker game-based one. Their proposed notions come with some limitations though. The former appears to be too strong, being seemingly impossible to instantiate without a programmable random oracle. The latter instead is not sufficient to prove security for VRF-based secret leader election schemes. In this work we close the above gap by proposing a new security property for VRF we call unbiasability. On the one hand, our notion suffices to imply fairness in VRF-based leader elections protocols. On the other hand, we provide an efficient compiler in the plain model (with no CRS) transforming any VRF into an unbiasable one under standard assumptions. Moreover, we show folklore VRF constructions in the ROM to achieve our notion without the need to program the random oracle. As a minor contribution, we also provide a generic and efficient construction of certified 1 to 1 VRFs from any VRF.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
A major revision of an IACR publication in EUROCRYPT 2024
Keywords
Verifiable Random FunctionPoS BlockchainSecret Leader ElectionStandard ModelUnbiasabilityECVRF
Contact author(s)
emanuele giunta @ imdea org
alistair @ web3 foundation
History
2024-03-15: approved
2024-03-13: received
See all versions
Short URL
https://ia.cr/2024/435
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/435,
      author = {Emanuele Giunta and Alistair Stewart},
      title = {Unbiasable Verifiable Random Functions},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/435},
      year = {2024},
      url = {https://eprint.iacr.org/2024/435}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.