Abstract
Constrained verifiable random functions (VRFs) were introduced by Fuchsbauer. In a constrained VRF, one can drive a constrained key skS from the master secret key sk, where S is a subset of the domain. Using the constrained key skS, one can compute function values at points which are not in the set S. The security of constrained VRFs requires that the VRFs’ output should be indistinguishable from a random value in the range. They showed how to construct constrained VRFs for the bit-fixing class and the circuit constrained class based on multilinear maps. Their construction can only achieve selective security where an attacker must declare which point he will attack at the beginning of experiment. In this work, we propose a novel construction for constrained verifiable random function from bilinear maps and prove that it satisfies a new security definition which is stronger than the selective security. We call it semiadaptive security where the attacker is allowed to make the evaluation queries before it outputs the challenge point. It can immediately get that if a scheme satisfied semiadaptive security, and it must satisfy selective security.
Highlights
Pseudorandom functions (PRFs) are one of the basic concepts in modern cryptography, which were introduced by Goldreich et al [1]
We reduce weak Bilinear Diffie–Hellman Inversion (BDHI) assumption to the pseudorandomness of constrained veri able random functions (VRFs)
We say that the weak bilinear Diffie–Hellman inversion problem is hard if for all polynomial probabilistic time (PPT) A, AdvBADHI is negligible in λ
Summary
Pseudorandom functions (PRFs) are one of the basic concepts in modern cryptography, which were introduced by Goldreich et al [1]. Given a constrained key skS for a set S ⊂ X, the algorithm Prove computes a value y F(sk, x) associated with a prove π which can be used to verify the correctness of y F(sk, x) by the public key pk. E pseudorandomness requires that the evaluation of F(sk, x) should be indistinguishable from a random value, even if the adversary is given several constrained keys for subset. Sq1 ⊂ X and several function values associated with proofs at points x ∈ ∩ qj 1 1Sj. A possible application of constrained VRFs is micropayments [8]. Inspired by the constrained PRFs of Hohenberber et al [9], we construct a VRF with constrained keys for any sets of polynomial size and define a new security named semiadaptive security.
Sign-in/Register to view highlights & summary 
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call