Non-interactive generation of shared pseudorandom sequences

  • Manuel Cerecedo
  • Tsutomu Matsumoto
  • Hideki Imai
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 718)


We address the following problem: given a random seed secretly shared among a group of individuals, non-interactively generate pieces corresponding to a much longer shared pseudorandom sequence. Shared randomness is an essential resource in distributed computing and non-interactive ways of generating it can be useful in applications such as Byzantine Agreement, common coin flipping or secure computation protocols.

Our first result is negative: well known cryptographically strong pseudorandom number generators cannot be evaluated without interaction and, in particular, it is shown that constructions that recursively apply a one-way function to a random seed and output at each iteration the simultaneously hard bits in the input of the one-way function are actually incompatible with a homomorphic evaluation.

On the other hand, we show that pseudorandom generators that can be both proven cryptographically strong and sharedly evaluated without interaction do exist. A concrete implementation, under the RSA assumption, is described.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    S. Akl and P. Taylor. “Cryptographic solution to a problem of access control in a hierarchy.” ACM TOCS, 1, 1983, pp. 239–248.Google Scholar
  2. 2.
    W. Alexi, B. Chor, O. Goldreich and C.P. Schnorr. “RSA and Rabin Functions: Certain Parts are as Hard as the Whole.” SIAM Journal on Computing, vol. 17, no. 2, April 1988, pp. 194–209.Google Scholar
  3. 3.
    M. Ben-Or, S. Goldwasser and A. Wigderson. “Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation.” Proc. 20th STOC, ACM, 1988, pp. 1–10.Google Scholar
  4. 4.
    D. Beaver. “Foundations of Secure Interactive Computing.” Proc. Crypto '91, Springer-Verlag, LNCS vol. 576, pp. 377–391.Google Scholar
  5. 5.
    J.C. Benaloh. “Secret Sharing Homomorphisms: Keeping Shares of a Secret Secret.” Proc. Crypto '86. Springer-Verlag, LNCS vol. 293, 1987.Google Scholar
  6. 6.
    M. Blum and S. Micali. “How to Generate Cryptographically Strong Sequences Of Pseudo-Random Bits.” Proc. 22nd FOCS, IEEE, 1982, pp. 112–117.Google Scholar
  7. 7.
    D. Beaver, S. Micali and P. Rogaway. “The Round Complexity of Secure Protocols.” Proc. 22nd STOC, ACM, 1990, pp. 503–513.Google Scholar
  8. 8.
    J. Carter and M. Wegman. “Universal Classes of Hash Functions.” Journal of Computer and System Sciences, 1979, vol. 18, pp. 143–154.Google Scholar
  9. 9.
    B. Chor and C. Dwork. “Randomization in Byzantine Agreement.” Advances in Computing Research, vol. 5, JAI Press, 1989, pp. 443–497.Google Scholar
  10. 10.
    B. Chor, S. Goldwasser, S. Micali and B. Awerbuch. “Verifiable Secret Sharing and Achieving Simultaneity in the Presence of Faults.” Proc. 26th FOCS, IEEE, 1985, pp. 383–395.Google Scholar
  11. 11.
    J.-H. Evertse and E. van Heyst. “Which New RSA-Signatures Can Be Computed from Certain Given RSA-Signatures?” Journal of Cryptology, vol. 5, no. 1, 1992, pp. 41–52.Google Scholar
  12. 12.
    P. Feldman. “A Practical Scheme for Non-Interactive Verifiable Secret Sharing.” Proc. 28th FOCS, IEEE, 1987, pp. 427–437.Google Scholar
  13. 13.
    Y. Frankel and Y. Desmedt. “Classification of ideal homomorphic threshold schemes over finite Abelian groups.” Proc. Eurocrypt '92. To appear in Springer-Verlag, LNCS.Google Scholar
  14. 14.
    P. Feldman and S. Micali. “Optimal Algorithms for Byzantine Agreement.” Proc. 20th STOC, ACM, 1988, pp. 148–161.Google Scholar
  15. 15.
    Y. Frankel, Y. Desmedt and M. Burmester. “Non-existence of homomorphic general sharing schemes for some key spaces.” Proc. Crypto '92. To appear in Springer-Verlag, LNCS.Google Scholar
  16. 16.
    O. Goldreich, S. Micali and A. Wigderson. “How to Play Any Mental Game.” Proc. 19th STOC, ACM, 1987, pp. 218–229.Google Scholar
  17. 17.
    S. Goldwasser, S. Micali and C. Rackoff. The Knowledge Complexity of Interactive Proof Systems. SIAM Journal on Computing, vol. 18, no. 1, Feb. 1989, pp. 186–208.Google Scholar
  18. 18.
    J. Håstad. “Pseudo-Random Generators under Uniform Assumptions.” Proc. 22nd STOC, ACM, 1990, pp. 395–404.Google Scholar
  19. 19.
    R. Impagliazzo, L.A. Levin and M. Luby. “Pseudo-Random Generation from Oneway Functions.” Proc. 21st STOC, ACM, 1989, pp. 12–24.Google Scholar
  20. 20.
    R. Impagliazzo, M. Naor. “Efficient Cryptographic Schemes Provably as Secure as Subset Sum.” Proc. 30th FOCS, IEEE, 1989, pp. 236–241.Google Scholar
  21. 21.
    S. Micali and T. Rabin. “Collective Coin Tossing without Assumptions nor Broadcasting.” Proc. Crypto '90, Springer-Verlag, LNCS vol. 537, 1991.Google Scholar
  22. 22.
    S. Micali and P. Rogaway. Secure Computation. Proc. Crypto '91, Springer-Verlag, LNCS vol. 576, pp. 392–404.Google Scholar
  23. 23.
    T.P. Pedersen. “Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing.” Proc. Crypto '91, Springer-Verlag, LNCS vol. 576, 1992, pp. 129–140.Google Scholar
  24. 24.
    T. Rabin and M. Ben-Or. “Verifiable Secret Sharing and Multi-Party Protocols with Honest Majority.” Proc. 21st STOC, ACM, 1989, pp. 73–85.Google Scholar
  25. 25.
    A. Shamir. “On the Generation of Cryptographically Strong Pseudorandom Sequences.” ACM Trans. on Computer Systems, vol. 1, no. 1, Feb. 1983, pp. 38–44.Google Scholar
  26. 26.
    A.C. Yao. “Theory and Applications of Trapdoor Functions.” Proc. 23rd FOCS, IEEE, 1982, pp. 80–91.Google Scholar

Copyright information

© Springer-Verlag 1993

Authors and Affiliations

  • Manuel Cerecedo
    • 1
  • Tsutomu Matsumoto
    • 1
  • Hideki Imai
    • 2
  1. 1.Division of Electrical and Computer EngineeringYokohama National UniversityYokohamaJapan
  2. 2.Institute of Industrial ScienceUniversity of TokyoTokyoJapan

Personalised recommendations