Bong Gon Kim,Dennis Wong,Yoon Seok Yang

DOI: https://doi.org/10.5121/csit.2023.132104

2024-02-07

Abstract:We present a secure and private blockchain-based Verifiable Random Function (VRF) scheme addressing some limitations of classical VRF constructions. Given the imminent quantum computing adversarial scenario, conventional cryptographic methods face vulnerabilities. To enhance our VRF's secure randomness, we adopt post-quantum Ring-LWE encryption for synthesizing pseudo-random sequences. Considering computational costs and resultant on-chain gas costs, we suggest a bifurcated architecture for VRF design, optimizing interactions between on-chain and off-chain. Our approach employs a secure ring signature supported by NIZK proof and a delegated key generation method, inspired by the Chaum-Pedersen equality proof and the Fiat-Shamir Heuristic. Our VRF scheme integrates multi-party computation (MPC) with blockchain-based decentralized identifiers (DID), ensuring both security and randomness. We elucidate the security and privacy aspects of our VRF scheme, analyzing temporal and spatial complexities. We also approximate the entropy of the VRF scheme and detail its implementation in a Solidity contract. Also, we delineate a method for validating the VRF's proof, matching for the contexts requiring both randomness and verification. Conclusively, using the NIST SP800-22 of the statistical randomness test suite, our results exhibit a 98.86% pass rate over 11 test cases, with an average p-value of 0.5459 from 176 total tests.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Bong Gon Kim,Dennis Wong,Yoon Seok Yang

DOI: https://doi.org/10.5121/ijcis.2023.13401

2024-01-30

Abstract:In this study, we present a secure smart contract-based Verifiable Random Function (VRF) model, addressing the shortcomings of existing systems. As quantum computing emerges, conventional public key cryptography faces potential vulnerabilities. To enhance our VRF's robustness, we employ post-quantum Ring-LWE encryption for generating pseudo-random sequences. Given the computational intensity of this approach and associated on-chain gas costs, we propose a hybrid architecture of VRF system where on-chain and off-chain can communicate in a scalable and secure way. To ensure the validity and integrity of the off-chain computations (e.g., Ring-LWE encryption), we employ a quantum-secure linkable ring signature scheme on NTRU lattice and also delegated key generation (DKG) with a secure key encapsulation mechanism (KEM). Our decentralized VRF employs multi-party computation (MPC) with blockchain-based decentralized identifiers (DID), ensuring the collective efforts of enhanced randomness and security. We show the security and privacy advantages of our proposed VRF model with the approximated estimation of overall temporal and spatial complexities. We also evaluate our VRF MPC model's entropy and outline its Solidity smart contract integration. This research also provides a method to produce and verify the VRF output's proof, optimal for scenarios necessitating randomness and validation. Lastly, using NIST SP800-22 test suite for randomness, we demonstrate the commendable result with a 97.73% overall pass rate on 11 standard tests and 0.5459 of average p-value for the total 176 tests.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Dev Gurung,Shiva Raj Pokhrel,Gang Li

DOI: https://doi.org/10.48550/arXiv.2306.14772

2023-07-01

Abstract:Post-quantum security is critical in the quantum era. Quantum computers, along with quantum algorithms, make the standard cryptography based on RSA or ECDSA over FL or Blockchain vulnerable. The implementation of post-quantum cryptography (PQC) over such systems is poorly understood as PQC is still in its standardization phase. In this work, we propose a hybrid approach to employ PQC over blockchain-based FL (BFL), where we combine a stateless signature scheme like Dilithium (or Falcon) with a stateful hash-based signature scheme like the extended Merkle Signature Scheme (XMSS). We propose a linear-based formulaic approach to device role selection mechanisms based on multiple factors to address the performance aspect. Our holistic approach of utilizing a verifiable random function (VRF) to assist in the blockchain consensus mechanism shows the practicality of the proposed approaches. The proposed method and extensive experimental results contribute to enhancing the security and performance aspects of BFL systems.

Cryptography and Security

Shuang Yao,Dawei Zhang

DOI: https://doi.org/10.1155/2022/6467866

2022-04-19

Wireless Communications and Mobile Computing

Abstract:Verifiable random function is a powerful function that provides a noninteractively public verifiable proof for its output. Recently, verifiable random function has found essential applications in designing secure consensus protocols in blockchain. How to construct secure and practical verifiable random functions has also attracted more and more attention. In this paper, we propose a practical anonymous verifiable random function. Security proofs show that the proposed anonymous verifiable random function achieves correctness, anonymity, uniqueness, and pseudorandomness. In addition, we show a concrete application of our proposed anonymous verifiable random function in blockchain to improve the consensus mechanism for Hyperledger fabric. Finally, we implement the proposed anonymous verifiable random function and evaluate its performance. Test results show that the proposed anonymous verifiable random function supports faster computing operations and has a smaller proof size.

computer science, information systems,telecommunications,engineering, electrical & electronic

Nasser Alsalami,Bingsheng Zhang

DOI: https://doi.org/10.1109/iwqos49365.2020.9213064

2020-01-01

Abstract:Public blockchains can be abused to covertly store and disseminate potentially harmful digital content which poses a serious regulatory issue. In this work, we show the severity of the problem by demonstrating that blockchains can be exploited to surreptitiously distribute arbitrary content. More specifically, all major blockchain systems use randomized cryptographic primitives, such as digital signatures and non-interactive zero-knowledge proofs; we illustrate how the uncontrolled randomness in such primitives can be maliciously manipulated to enable covert communication and hidden persistent storage. To clarify the potential risk, we design, implement and evaluate our technique against the widely-used ECDSA signature scheme, the CryptoNote's ring signature scheme, and Monero's ring confidential transactions. Importantly, the significance of the demonstrated attacks stems from their undetectability, their adverse effect on the future of decentralized blockchains, and their serious repercussions on users' privacy and crypto funds. Finally, we present a generic framework to immunize blockchains against these attacks.

Chao-Hsien Hsieh,Xinyu Yao,Qing Zhang,Mengchen Lv,Ruobing Wang,Bingxue Ni

DOI: https://doi.org/10.1109/access.2022.3206450

IF: 3.9

2022-09-27

IEEE Access

Abstract:Random numbers are widely used in numerical computing, statistical simulation, random sampling, etc. At present, the mechanism for generating random numbers by computers is at risk of being attacked. The generated random numbers may be predicted in some cases,. However, current RNGs used in blockchain are not sufficient enough to handle attacks. Therefore, it is necessary to improve the security of random numbers. This paper improves the random number generator and designs a secure random number generator based on blockchain (BCsRNG). In practice, an encapsulated function algorithm of the secure random number is developed with the smart contract. Moreover, an API is provided to facilitate input and output. The experimental results show that the random numbers generated by BCsRNG are difficult to decipher and have higher randomness and security.

computer science, information systems,telecommunications,engineering, electrical & electronic

Yevgeniy Dodis,Aleksandr Yampolskiy

DOI: https://doi.org/10.1007/978-3-540-30580-4_28

2005-01-01

Abstract:We give a simple and efficient construction of a verifiable random function (VRF) on bilinear groups. Our construction is direct. In contrast to prior VRF constructions [14,15], it avoids using an inefficient Goldreich-Levin transformation, thereby saving several factors in security. Our proofs of security are based on a decisional bilinear Diffie-Hellman inversion assumption, which seems reasonable given current state of knowledge. For small message spaces, our VRF’s proofs and keys have constant size. By utilizing a collision-resistant hash function, our VRF can also be used with arbitrary message spaces. We show that our scheme can be instantiated with an elliptic group of very reasonable size. Furthermore, it can be made distributed and proactive.

Fangxing Shu,Kai Lei

DOI: https://doi.org/10.1088/1742-6596/1780/1/012038

2021-01-01

Journal of Physics Conference Series

Abstract:Abstract As a new distributed computing paradigm, blockchain is rapidly evolving in areas such as digital finance and cryptocurrency. However, existing blockchain projects adopt different blockchain architectures and protocols, as a result it is difficult for different blockchain systems to flow value to each other or communicate information, and different blockchain systems become isolated islands. This has brought limitations to the usable range, function and scalability of blockchain technology. In order to solve this problem, and bulid trust between different blockchain networks, cross-chain technology has been proposed and received a lot of attention. In this paper we proposed a cross-chain mechanism based on verifiable random functions ( VRF ) and threshold cryptography, we name this scheme as Vger. In Vger, through VRF based cryptographic sortition to select management committee for escrow account and dynamic security setting mechanism, that optimize the security and efficiency about cross-chain transaction.

Susan Hohenberger,Brent Waters

DOI: https://doi.org/10.1007/978-3-642-13190-5_33

2010-01-01

Abstract:We present a family of verifiable random functions which are provably secure for exponentially-large input spaces under a noninteractive complexity assumption. Prior constructions required either an interactive complexity assumption or one that could tolerate a factor 2n security loss for n-bit inputs. Our construction is practical and inspired by the pseudorandom functions of Naor and Reingold and the verifiable random functions of Lysyanskaya. Set in a bilinear group, where the Decisional Diffie-Hellman problem is easy to solve, we require the l- Decisional Diffie-Hellman Exponent assumption in the standard model, without a common reference string. Our core idea is to apply a simulation technique where the large space of VRF inputs is collapsed into a small (polynomial-size) input in the view of the reduction algorithm. This view, however, is information-theoretically hidden from the attacker. Since the input space is exponentially large, we can first apply a collision-resistant hash function to handle arbitrarily-large inputs.

Tibor Jager,David Niehues

DOI: https://doi.org/10.1007/978-3-030-38471-5_13

2020-01-01

Abstract:Verifiable random functions (VRFs) are essentially digital signatures with additional properties, namely verifiable uniqueness and pseudorandomness, which make VRFs a useful tool, e.g., to prevent enumeration in DNSSEC Authenticated Denial of Existence and the CONIKS key management system, or in the random committee selection of the Algorand blockchain.Most standard-model VRFs rely on admissible hash functions (AHFs) to achieve security against adaptive attacks in the standard model. Known AHF constructions are based on error-correcting codes, which yield asymptotically efficient constructions. However, previous works do not clarify how the code should be instantiated concretely in the real world. The rate and the minimal distance of the selected code have significant impact on the efficiency of the resulting cryptosystem, therefore it is unclear if and how the aforementioned constructions can be used in practice.First, we explain inherent limitations of code-based AHFs. Concretely, we assume that even if we were given codes that achieve the well-known Gilbert-Varshamov or McEliece-Rodemich-Rumsey-Welch bounds, existing AHF-based constructions of verifiable random functions (VRFs) can only be instantiated quite inefficiently. Then we introduce and construct computational AHFs (cAHFs). While classical AHFs are information-theoretic, and therefore work even in presence of computationally unbounded adversaries, cAHFs provide only security against computationally bounded adversaries. However, we show that cAHFs can be instantiated significantly more efficiently. Finally, we use our cAHF to construct the currently most efficient verifiable random function with full adaptive security in the standard model.

Olivia Saa,Julio Michael Stern

DOI: https://doi.org/10.3390/proceedings2019033017

2019-04-21

Abstract:Randomization is an integral part of well-designed statistical trials, and is also a required procedure in legal systems, see Marcondes et al. (2019) This paper presents an easy to implement randomization protocol that assures, in a formal mathematical setting, a statistically sound, computationally efficient, cryptographically secure, traceable and auditable randomization procedure that is also resistant to collusion and manipulation by participating agents.

Cryptography and Security,Computers and Society,Probability

David Niehues

DOI: https://doi.org/10.1007/978-3-030-75248-4_3

2021-01-01

Abstract:Verifiable random functions (VRFs), introduced by Micali, Rabin and Vadhan (FOCS’99), are the public-key equivalent of pseudorandom functions. A public verification key and proofs accompanying the output enable all parties to verify the correctness of the output. However, all known standard model VRFs have a reduction loss that is much worse than what one would expect from known optimal constructions of closely related primitives like unique signatures. We show that: Every security proof for a VRF that relies on a non-interactive assumption has to lose a factor of Q, where Q is the number of adversarial queries. To that end, we extend the meta-reduction technique of Bader et al. (EUROCRYPT’16) to also cover VRFs.This raises the question: Is this bound optimal? We answer this question in the affirmative by presenting the first VRF with a reduction from the non-interactive qDBDHI assumption to the security of VRF that achieves this optimal loss.We thus paint a complete picture of the achievability of tight verifiable random functions: We show that a security loss of Q is unavoidable and present the first construction that achieves this bound.

Muhammed F. Esgin,Veronika Kuchta,Amin Sakzad,Ron Steinfeld,Zhenfei Zhang,Shifeng Sun,Shumo Chu

DOI: https://doi.org/10.1007/978-3-662-64331-0_29

2021-01-01

Abstract:In this work, we introduce the first practical post-quantum verifiable random function (VRF) that relies on well-known (module) lattice problems, namely Module-SIS and Module-LWE. Our construction, named LB-VRF, results in a VRF value of only 84 bytes and a proof of around only 5 KB (in comparison to several MBs in earlier works), and runs in about 3 ms for evaluation and about 1 ms for verification.In order to design a practical scheme, we need to restrict the number of VRF outputs per key pair, which makes our construction few-time. Despite this restriction, we show how our few-time LB-VRF can be used in practice and, in particular, we estimate the performance of Algorand using LB-VRF. We find that, due to the significant increase in the communication size in comparison to classical constructions, which is inherent in all existing lattice-based schemes, the throughput in LB-VRF-based consensus protocol is reduced, but remains practical. In particular, in a medium-sized network with 100 nodes, our platform records a 1.14×$$\times $$ to 3.4×$$\times $$ reduction in throughput, depending on the accompanying signature used. In the case of a large network with 500 nodes, we can still maintain at least 24 transactions per second. This is still much better than Bitcoin, which processes only about 5 transactions per second.

Zhijie Jerry Shi,Fan Zhang

2006-01-01

Abstract:Elliptic curve cryptography (ECC) has attracted a lot of attention because it can provide similar levels of security with much shorter keys than the arithmetic of multiple-precision integers in finite fields, which has been widely used in many public-key and key-exchange algorithms. Small key sizes are especially important to resource constrained devices as shorter keys require less storage space and consume less power to transmit and compute. However, ECC algorithms are vulnerable to power analysis attacks, which exploit the instantaneous power consumptions of computing devices to retrieve secret data. Many countermeasures have been proposed to make ECC implementations secure against power analysis. One of the approaches is randomized algorithms that generate different power traces even if the input of the algorithm is the same. For example, the randomized scalar point multiplication algorithm proposed by Oswald et al. combines two algorithms and uses random variables to decide which algorithm to follow at different stages of the execution. The randomized algorithm can thwart traditional power analysis attacks. However, in this paper, we propose an effective attack on the randomized algorithms. Our attack does not require a large number of power traces and has a very high success rate.

Guohua Tian,Jianghong Wei,Mirosław Kutyłowski,Willy Susilo,Xinyi Huang,Xiaofeng Chen,Miroslaw Kutylowski

DOI: https://doi.org/10.1109/tc.2022.3230900

IF: 3.183

2022-01-01

IEEE Transactions on Computers

Abstract:Driven by various legal obligations and service requirements, the redactable blockchain was introduced to balance the modifiability and immutability of blockchain technology. However, such a blockchain inevitably generates one or even more acceptable versions for the same block data, enabling malicious full nodes to deceive light/new nodes with old data and even disrupt the consistency of the blockchain ledger. In this paper, we introduce the concept of verifiable redactable blockchain (VRBC) to provide efficient validity verification for on-chain data. To this end, we design a novel authentication data structure, called blockchain authentication tree (BAT), which utilizes a chameleon hash function and aggregatable vector commitment to bind continuously-appended blocks. Based on this, we propose an efficient VRBC scheme supporting integrity auditing, which not only allows light nodes to query and validate on-chain data, but also enables new nodes to check the integrity of the blockchain ledger before synchronizing it, effectively avoiding resource waste and security risks caused by invalid queries and ledger synchronization. Furthermore, we introduce some optimized strategies to improve the performance of the proposed scheme and extend it to transaction-level and permissionless VRBC, respectively. Finally, we demonstrate the practicability of the proposed scheme through detailed security analysis and visual performance evaluation.

engineering, electrical & electronic,computer science, hardware & architecture

A. M. Papathanasiou,G.C. Polyzos

DOI: https://doi.org/10.1109/ICOIN59985.2024.10572151

2024-01-17

Abstract:Self-Sovereign Identity (SSI) has highlighted the benefits and importance of granting users complete control over their identity. Unlike previous solutions, which entrust identity management to third-party applications or services, SSI empowers users to control their personal data. Nonetheless, compromised identities remain a challenge as they must be revoked in order to prevent additional privacy and security issues. However, in several SSI systems, privacy is compromised in favor of efficiency, allowing third parties to gain access to users’ personal data. In this paper, we highlight the shortcomings of existing SSI solutions and propose a system that addresses credential revocation by balancing privacy with efficiency, by leveraging Verifiable Random Functions (VRFs).

Computer Science

Yiming Li,Shengli Liu,Shuai Han,Dawu Gu,Jian Weng

DOI: https://doi.org/10.2139/ssrn.4197049

IF: 1.002

2023-03-16

Theoretical Computer Science

Abstract:A verifiable random function (VRF) is a pseudorandom function F that can be publicly verified. A simulatable VRF (sVRF) is an important variant of a VRF, which additionally provides simulatability. Informally, the simulatability of a VRF depicts the ability to simulate a valid proof π that y=F(sk,x) for any input x and any output value y . A (simulatable) VRF can be used in the E-Cash, E-Lottery, blockchain and constructing the multi-theorem non-interactive zero-knowledge (NIZK) proof. However, up to now, the existing constructions of an sVRF either rely on non-standard assumptions (e.g., the Q -type ones), or are built in the random oracle model, or resort to time-consuming techniques like the Cook-Levin reduction. In this paper, we design the first sVRF from the LWE assumption in the standard model (free of a random oracle) without using a Cook-Levin reduction. In our construction of an sVRF, we take as building blocks a pseudorandom function, a trapdoor fully homomorphic commitment (FHC) scheme, and a NIZK proof system for a language specified by FHC. Our trapdoor FHC is the key technical tool, which helps the simplification of the underlying NIZK language, thus making possible an instantiation of a NIZK proof from LWE without a Cook-Levin reduction. Together with an LWE-based PRF, we obtain an sVRF scheme from LWE.

computer science, theory & methods

Xinshu Ma,Florentin Rochet,Tariq Elahi

DOI: https://doi.org/10.48550/arXiv.2301.09207

2023-01-22

Cryptography and Security

Abstract:The security and performance of Mixnets depends on the trustworthiness of the Mixnodes in the network. The challenge is to limit the adversary's influence on which Mixnodes operate in the network. A trusted party (such as the Mixnet operator) may ensure this, however, it is a single point of failure in the event of corruption or coercion. Therefore, we study the problem of how to select a subset of Mixnodes in a distributed way for Mixnet construction. We present VeraSel, a scheme that enables Mixnodes to be chosen according to their weights in a distributed, unbiased, and verifiable fashion using Verifiable Random Functions (VRFs). It is shown that VeraSel enables any party to learn and verify which nodes has been selected based on the commitments and proofs generated by each Mixnode with VRF.