Paper 2024/643
Key-Homomorphic and Aggregate Verifiable Random Functions
Abstract
A verifiable random function (VRF) allows one to compute a random-looking image, while at the same time providing a unique proof that the function was evaluated correctly. VRFs are a cornerstone of modern cryptography and, among other applications, are at the heart of recently proposed proof-of-stake consensus protocols. In this work we initiate the formal study of aggregate VRFs, i.e., VRFs that allow for the aggregation of proofs/images into a small digest, whose size is independent of the number of input proofs/images, yet it still enables sound verification. We formalize this notion along with its security properties and we propose two constructions: The first scheme is conceptually simple, concretely efficient, and uses (asymmetric) bilinear groups of prime order. Pseudorandomness holds in the random oracle model and aggregate pseudorandomness is proven in the algebraic group model. The second scheme is in the standard model and it is proven secure against the learning with errors (LWE) problem. As a cryptographic building block of independent interest, we introduce the notion of key homomorphic VRFs, where the verification keys and the proofs are endowed with a group structure. We conclude by discussing several applications of key-homomorphic and aggregate VRFs, such as distributed VRFs and aggregate proof-of-stake protocols.
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- A minor revision of an IACR publication in TCC 2024
- Keywords
- VRF
- Contact author(s)
- giulio malavolta @ hotmail it
- History
- 2024-09-23: revised
- 2024-04-26: received
- See all versions
- Short URL
- https://ia.cr/2024/643
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/643,
author = {Giulio Malavolta},
title = {Key-Homomorphic and Aggregate Verifiable Random Functions},
howpublished = {Cryptology {ePrint} Archive, Paper 2024/643},
year = {2024},
url = {https://eprint.iacr.org/2024/643}
}
