In distributed pseudorandom functions (DPRFs), a PRF secret key SK is secret shared among N servers so that each server can locally compute a partial evaluation of the PRF on some input X. A combiner that collects t partial evaluations can then reconstruct the evaluation F(SK, X) of the PRF under the initial secret key. So far, all non-interactive constructions in the standard model are based on lattice assumptions. One caveat is that they are only known to be secure in the static corruption setting, where the adversary chooses the servers to corrupt at the very beginning of the game, before any evaluation query. In this work, we construct the first fully non-interactive adaptively secure DPRF in the standard model. Our construction is proved secure under the \(\textsf {LWE}\) assumption against adversaries that may adaptively decide which servers they want to corrupt. We also extend our construction in order to achieve robustness against malicious adversaries.

在分布式伪随机函数 (DPRF) 中，PRF 密钥SK在N 个服务器之间秘密共享，因此每个服务器都可以在本地计算对某个输入X的 PRF 的部分评估。收集t 个部分评估的组合器然后可以重建评估F ( SK ,  X) 的初始密钥下的 PRF。到目前为止，标准模型中的所有非交互式构造都是基于格子假设的。一个警告是，它们仅在静态损坏设置中是安全的，即在任何评估查询之前，对手在游戏一开始就选择要损坏的服务器。在这项工作中，我们在标准模型中构建了第一个完全非交互式自适应安全 DPRF。我们的构造在\(\textsf {LWE}\)假设下被证明是安全的，可以对抗可能自适应地决定他们想要破坏哪些服务器的对手。我们还扩展了我们的结构，以实现对恶意对手的鲁棒性。