The New Randomness Beacon Format Standard: An Exercise in Limiting the Power of a Trusted Third Party

  • John KelseyEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11322)


We discuss the development of a new format for beacons–servers which provide a sequence of digitally signed and hash-chained public random numbers on a fixed schedule. Users of beacons rely on the trustworthiness of the beacon operators. We consider several possible attacks on the users by the beacon operators, and discuss defenses against those attacks that have been incorporated into the new beacon format. We then analyze and quantify the effectiveness of those defenses.



The author would like to thank René Peralta, Luís Brandão, Harold Bloom, Paul Black, Carl Miller, and the participants of the Vail Computer Elements Workshop and COSIC Seminar, for many useful comments, questions and conversations about this work. The author would also like to thank the anonymous referees, for many useful comments and requests for clarification.


  1. 1.
    8x Nvidia GTX 1080 Hashcat Benchmarks. Accessed 09 July 2018Google Scholar
  2. 2.
    Biryukov, A., Dinu, D., Khovratovich, D.: Argon2: new generation of memory-hard functions for password hashing and other applications. In: IEEE European Symposium on Security and Privacy, EuroS&P 2016, Saarbrücken, Germany, 21–24 March 2016, pp. 292–302 (2016).
  3. 3.
    Black, P.E.: Skip List. Dictionary of Algorithms and Data Structures. [online], Pieterse, V., Black, P.E. (eds.) Accessed 17 Nov 2017
  4. 4.
    Cooper, D., et al.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. In: RFC 5280, pp. 1–151 (2008).
  5. 5.
    Laurie, B., Langley, A., Käsper, E.: Certificate transparency. In: RFC 6962, pp. 1–27 (2013).
  6. 6.
    Mell, P., Kelsey, J., Shook, J.M.: Cryptocurrency smart contracts for distributed consensus of public randomness. In: Stabilization, Safety, and Security of Distributed Systems - 19th International Symposium, SSS 2017, Boston, MA, USA, 5–8 November 2017, pp. 410–425 (2017). Scholar
  7. 7.
    Newman, C., Klyne, G.: Date and Time on the Internet: Timestamps. RFC 3339, July 2002.
  8. 8.
    NIST Randomness Beacon (2018). Accessed 09 July 2018
  9. 9.
    Percival, C., Josefsson, S.: The scrypt password-based key derivation function. In: RFC 7914, pp. 1–16 (2016).
  10. 10.
    Powerball. Accessed 19 Sep 2018
  11. 11.
    Rabin, M.O.: Transaction protection by beacons. J. Comput. Syst. Sci. 27(2), 256–267 (1983). Scholar
  12. 12.
    Rivest, R.L., Shamir, A., Wagner, D.A.: Time-lock Puzzles and Timed-release Crypto. Technical report Cambridge, MA, USA (1996)Google Scholar
  13. 13.
    Schelling, T.C.: The Strategy of Conflict. Oxford University Press, Oxford (1960)zbMATHGoogle Scholar
  14. 14.
    National Institute of Standards and Technology. FIPS 180–4, Secure Hash Standard, Federal Information Processing Standard (FIPS), Publication 180–4. Technical report. Department of Commerce (2015).
  15. 15.
    National Institute of Standards and Technology. FIPS 186–4, Secure Hash Standard, Federal Information Processing Standard (FIPS), Publication 186–4 Digital Signature Standard (DSS. Technical report Department of Commerce (2013).
  16. 16.
    Szabo, N.: Trusted Third Parties are Security Holes (2001). Accessed 09 July 2018Google Scholar
  17. 17.
    Wikipedia contributors. Dow Jones Industrial Average—Wikipedia, The Free Encyclopedia (2018). Accessed 19 Sep 2018

Copyright information

© This is a U.S. government work and not under copyright protection in the U.S.; foreign copyright protection may apply 2018

Authors and Affiliations

  1. 1.National Institute of Standards and TechnologyGaithersburgUSA
  2. 2.Department of Electrical Engineering, ESAT/COSICKU LeuvenLeuvenBelgium

Personalised recommendations