Paper 2025/349

Efficient Distributed Randomness Generation from Minimal Assumptions where PArties Speak Sequentially Once

Abstract

We study efficient public randomness generation protocols in the PASSO (PArties Speak Sequentially Once) model for multi-party computation (MPC). PASSO is a variation of traditional MPC where $$ parties are executed in sequence and each party ``speaks'' only once, broadcasting and sending secret messages only to parties further down the line. Prior results in this setting include information-theoretic protocols in which the computational complexity scales exponentially with the number of corruptions $$ (CRYPTO 2022), as well as more efficient computationally-secure protocols either assuming a trusted setup phase or DDH (FC 2024). Moreover, these works only consider security against static adversaries. In this work, we focus on computational security against adaptive adversaries and from minimal assumptions, and improve on the works mentioned above in several ways: - Assuming the existence of non-interactive perfectly binding commitments, we design protocols with $$ or $$ parties that are efficient and secure whenever $$ is small compared to the security parameter $$ (e.g., $$ is constant). This improves the resiliency of all previous protocols, even those requiring a trusted setup. It also shows that $$ parties are necessary and sufficient for $$ corruptions in the computational setting, while $$ parties are required for information-theoretic security. - Under the same assumption, we design protocols with $$ or $$ parties (depending on the adversarial network model) which are efficient whenever $$. This improves on the existing DDH-based protocol both in terms of resiliency and the underlying assumptions. - We design efficient protocols with $$ or $$ parties (depending on the adversarial network model) assuming the existence of one-way functions. We complement these results by studying lower bounds for randomness generation protocols in the computational setting.