Paper 2023/1339

FlexiRand: Output Private (Distributed) VRFs and Application to Blockchains

Aniket Kate, Purdue University West Lafayette/ Supra Research, USA
Easwar Vivek Mangipudi, Supra Research, USA
Siva Mardana, Indian Statistical Institute, India
Pratyay Mukherjee, Supra Research, India
Abstract

Web3 applications based on blockchains regularly need access to randomness that is unbiased, unpredictable, and publicly verifiable. For Web3 gaming applications, this becomes a crucial selling point to attract more users by providing credibility to the "random reward" distribution feature. A verifiable random function (VRF) protocol satisfies these requirements naturally, and there is a tremendous rise in the use of VRF services. As most blockchains cannot maintain the secret keys required for VRFs, Web3 applications interact with external VRF services via a smart contract where a VRF output is exchanged for a fee. While this smart contract-based plain-text exchange offers the much-needed public verifiability immediately, it severely limits the way the requester can employ the VRF service: the requests cannot be made in advance, and the output cannot be reused. This introduces significant latency and monetary overhead. This work overcomes this crucial limitation of the VRF service by introducing a novel privacy primitive Output Private VRF ( Pri-VRF) and thereby adds significantly more flexibility to the Web3-based VRF services. We call our framework FlexiRand. While maintaining the pseudo-randomness and public verifiability properties of VRFs, FlexiRand ensures that the requester alone can observe the VRF output. The smart contract and anybody else can only observe a blinded-yet-verifiable version of the output. We formally define Pri-VRF, put forward a practically efficient design, and provide provable security analysis in the universal composability (UC) framework (in the random oracle model) using a variant of one-more Diffie-Hellman assumption over bilinear groups. As the VRF service, with its ownership of the secret key, be- comes a single point of failure, it is realized as a distributed VRF with the key secret-shared across distinct nodes in our framework. We develop our distributed Pri-VRF construction by combining approaches from Distributed VRF and Distributed Oblivious PRF literature. We provide provable security analysis (in UC), implement it and compare its performance with existing distributed VRF schemes. Our distributed Pri-VRF only introduces a minimal computation and communication overhead for the VRF service, the requester, and the contract.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Major revision. ACM CCS 2023
Keywords
Verifiable Random FunctionDVRFPrivacy
Contact author(s)
aniket @ purdue edu
e mangipudi @ supraoracles com
msivakumar 1431 @ gmail com
p mukherjee @ supraoracles com
History
2023-12-30: revised
2023-09-08: received
See all versions
Short URL
https://ia.cr/2023/1339
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/1339,
      author = {Aniket Kate and Easwar Vivek Mangipudi and Siva Mardana and Pratyay Mukherjee},
      title = {{FlexiRand}: Output Private (Distributed) {VRFs} and Application to Blockchains},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1339},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1339}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.