Date: 31 May 2005

Non-interactive generation of shared pseudorandom sequences

* Final gross prices may vary according to local VAT.

Get Access


We address the following problem: given a random seed secretly shared among a group of individuals, non-interactively generate pieces corresponding to a much longer shared pseudorandom sequence. Shared randomness is an essential resource in distributed computing and non-interactive ways of generating it can be useful in applications such as Byzantine Agreement, common coin flipping or secure computation protocols.

Our first result is negative: well known cryptographically strong pseudorandom number generators cannot be evaluated without interaction and, in particular, it is shown that constructions that recursively apply a one-way function to a random seed and output at each iteration the simultaneously hard bits in the input of the one-way function are actually incompatible with a homomorphic evaluation.

On the other hand, we show that pseudorandom generators that can be both proven cryptographically strong and sharedly evaluated without interaction do exist. A concrete implementation, under the RSA assumption, is described.

Supported by Japanese Ministry of Education, Science and Culture Scholarship, No. 890864.