Paper 2026/772

Lattice-based Ring Verifiable Random Functions

Jie Xu, Monash University
Muhammed F. Esgin, Monash University
Ron Steinfeld, Monash University
Abstract

Verifiable Random Functions (VRFs) provide publicly verifiable pseudorandomness uniquely determined by a secret key and an input. While widely used in decentralized protocols, standard VRF verification reveals the signer's identity, exposing them to targeted adversarial disruption once their eligibility is known. We study Ring VRFs(RVRFs), which allow a member of a public key set (a ring) to publish a VRF value along with a proof of correct generation while hiding the signer's index within the set. We formalize an algorithmic RVRF interface that binds the ring into the evaluated input to prevent cross-ring reuse and ring grinding (i.e., the malicious selection of a specific ring configuration to manipulate the pseudorandom outcome). Diverging from existing UC-based treatments, we propose a comprehensive suite of game-based security notions tailored to verifiable randomness under anonymity: correctness, anonymity, pseudorandomness, and a novel corruption-aware uniqueness notion called $T$-uniqueness. Our main technical result is a modular compiler that transforms any provable VRF into an RVRF by proving a one-out-of-many statement for the induced ring relation. We instantiate the OR layer via an optimized Fiat--Shamir OR (FS-OR) composition in the random oracle model, where the prover utilizes prover-side simulation for all non-witness branches and completes the witness branch only after a global consistency constraint is fixed. Focusing on post-quantum resilience, we provide concrete instantiations of our RVRF framework based on two state-of-the-art lattice VRFs: the long-term lattice VRF $\mathsf{LaV}$ by Esgin et al. (Crypto'23) and the few-time lattice VRF $\mathsf{LB}\text{-}\mathsf{VRF}$ by Esgin et al. (FC'19). We provide a detailed analysis of concrete parameters across various ring sizes for both constructions and perform a comprehensive side-by-side comparison of their communication costs and security trade-offs. Our instantiations are modular, with their security reducing cleanly to (i) the base VRF's correctness, pseudorandomness, and per-key uniqueness, and (ii) standard FS-OR properties (simulatability and extractability).

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
verifiable random functionsring primitivesone-out-of-many proofspost-quantum cryptographylattices
Contact author(s)
jie xu @ monash edu
Muhammed Esgin @ monash edu
Ron Steinfeld @ monash edu
History
2026-04-23: revised
2026-04-20: received
See all versions
Short URL
https://ia.cr/2026/772
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2026/772,
      author = {Jie Xu and Muhammed F. Esgin and Ron Steinfeld},
      title = {Lattice-based Ring Verifiable Random Functions},
      howpublished = {Cryptology {ePrint} Archive, Paper 2026/772},
      year = {2026},
      url = {https://eprint.iacr.org/2026/772}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.