Advances in Cryptology — AUSCRYPT '92

Volume 718 of the series Lecture Notes in Computer Science pp 385-396


Non-interactive generation of shared pseudorandom sequences

  • Manuel CerecedoAffiliated withDivision of Electrical and Computer Engineering, Yokohama National University
  • , Tsutomu MatsumotoAffiliated withDivision of Electrical and Computer Engineering, Yokohama National University
  • , Hideki ImaiAffiliated withInstitute of Industrial Science, University of Tokyo

* Final gross prices may vary according to local VAT.

Get Access


We address the following problem: given a random seed secretly shared among a group of individuals, non-interactively generate pieces corresponding to a much longer shared pseudorandom sequence. Shared randomness is an essential resource in distributed computing and non-interactive ways of generating it can be useful in applications such as Byzantine Agreement, common coin flipping or secure computation protocols.

Our first result is negative: well known cryptographically strong pseudorandom number generators cannot be evaluated without interaction and, in particular, it is shown that constructions that recursively apply a one-way function to a random seed and output at each iteration the simultaneously hard bits in the input of the one-way function are actually incompatible with a homomorphic evaluation.

On the other hand, we show that pseudorandom generators that can be both proven cryptographically strong and sharedly evaluated without interaction do exist. A concrete implementation, under the RSA assumption, is described.