当前位置:
X-MOL 学术
›
J. Cryptol.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Verifiable Random Functions from Non-interactive Witness-Indistinguishable Proofs
Journal of Cryptology ( IF 3 ) Pub Date : 2019-09-04 , DOI: 10.1007/s00145-019-09331-1 Nir Bitansky
Journal of Cryptology ( IF 3 ) Pub Date : 2019-09-04 , DOI: 10.1007/s00145-019-09331-1 Nir Bitansky
Verifiable random functions (VRFs) are pseudorandom functions where the owner of the seed, in addition to computing the function’s value y at any point x, can also generate a non-interactive proof \(\pi \) that y is correct, without compromising pseudorandomness at other points. Being a natural primitive with a wide range of applications, considerable efforts have been directed toward the construction of such VRFs. While these efforts have resulted in a variety of algebraic constructions (from bilinear maps or the RSA problem), the relation between VRFs and other general primitives is still not well understood. We present new constructions of VRFs from general primitives, the main one being non-interactive witness-indistinguishable proofs (NIWIs). This includes: (1) a selectively secure VRF assuming NIWIs and non-interactive commitments. As usual, the VRF can be made adaptively secure assuming subexponential hardness of the underlying primitives. (2) An adaptively secure VRF assuming (polynomially hard) NIWIs, non-interactive commitments, and (single-key) constrained pseudorandom functions for a restricted class of constraints. The above primitives can be instantiated under various standard assumptions, which yields corresponding VRF instantiations, under different assumptions than were known so far. One notable example is a non-uniform construction of VRFs from subexponentially hard trapdoor permutations, or more generally, from verifiable pseudorandom generators (the construction can be made uniform under a standard derandomization assumption). This partially answers an open question by Dwork and Naor (FOCS ’00). The construction and its analysis are quite simple. Both draw from ideas commonly used in the context of indistinguishability obfuscation.
中文翻译:
可从非交互式目击者无法区分的证明中验证的随机函数
可验证的随机函数(的VRF)是伪随机函数,其中所述种子的所有者,在除了计算该函数的值ý在任何点X,也可以产生一个非交互证明\(\ PI \)即Ý是正确的,而不会损害伪随机性。作为具有广泛应用范围的自然原语,已经为构建这种VRF做出了巨大努力。尽管这些努力导致了各种代数构造(来自双线性图或RSA问题),但对VRF与其他通用图元之间的关系仍然知之甚少。我们从一般原语中介绍了VRF的新构造,主要是非交互的证人无法区分的证据(NIWI)。这包括:(1)假定NIWI和非交互式承诺的选择性安全VRF。像往常一样,可以假设基本图元的指数强度小于VRF,则可以自适应地确保VRF。(2)一种自适应安全的VRF,假定(多项式难)NIWI,非交互式承诺和(单键)约束伪随机函数,用于一类受限约束。可以在各种标准假设下实例化上述原语,而这些标准假设会在与迄今已知的假设不同的假设下产生相应的VRF实例。一个显着的例子是来自次指数级硬活板门置换的VRF的非均匀构造,或更普遍地,来自可验证的伪随机数生成器(可以在标准的非随机化假设下使构造统一)。这部分回答了Dwork和Naor(FOCS '00)提出的一个悬而未决的问题。构造及其分析非常简单。两者都取材于在不可混淆性混淆中常用的观念。
更新日期:2019-09-04
中文翻译:
可从非交互式目击者无法区分的证明中验证的随机函数
可验证的随机函数(的VRF)是伪随机函数,其中所述种子的所有者,在除了计算该函数的值ý在任何点X,也可以产生一个非交互证明\(\ PI \)即Ý是正确的,而不会损害伪随机性。作为具有广泛应用范围的自然原语,已经为构建这种VRF做出了巨大努力。尽管这些努力导致了各种代数构造(来自双线性图或RSA问题),但对VRF与其他通用图元之间的关系仍然知之甚少。我们从一般原语中介绍了VRF的新构造,主要是非交互的证人无法区分的证据(NIWI)。这包括:(1)假定NIWI和非交互式承诺的选择性安全VRF。像往常一样,可以假设基本图元的指数强度小于VRF,则可以自适应地确保VRF。(2)一种自适应安全的VRF,假定(多项式难)NIWI,非交互式承诺和(单键)约束伪随机函数,用于一类受限约束。可以在各种标准假设下实例化上述原语,而这些标准假设会在与迄今已知的假设不同的假设下产生相应的VRF实例。一个显着的例子是来自次指数级硬活板门置换的VRF的非均匀构造,或更普遍地,来自可验证的伪随机数生成器(可以在标准的非随机化假设下使构造统一)。这部分回答了Dwork和Naor(FOCS '00)提出的一个悬而未决的问题。构造及其分析非常简单。两者都取材于在不可混淆性混淆中常用的观念。
京公网安备 11010802027423号