Advertisement

Tight Verifiable Delay Functions

Conference paper
  • 419 Downloads
Part of the Lecture Notes in Computer Science book series (LNCS, volume 12238)

Abstract

A Verifiable Delay Function (VDF) is a function that takes at least T sequential steps to evaluate and produces a unique output that can be verified efficiently, in time essentially independent of T. In this work we study tight VDFs, where the function can be evaluated in time not much more than the sequentiality bound T.

On the negative side, we show the impossibility of a black-box construction from random oracles of a VDF that can be evaluated in time \(T + O(T^\delta )\) for any constant \(\delta < 1\). On the positive side, we show that any VDF with an inefficient prover (running in time cT for some constant c) that has a natural self-composability property can be generically transformed into a VDF with a tight prover efficiency of \(T+O(1)\). Our compiler introduces only a logarithmic factor overhead in the proof size and in the number of parallel threads needed by the prover. As a corollary, we obtain a simple construction of a tight VDF from any succinct non-interactive argument combined with repeated hashing. This is in contrast with prior generic constructions (Boneh et al., CRYPTO 2018) that required the existence of incremental verifiable computation, which entails stronger assumptions and complex machinery.

Notes

Acknowledgments

S. Garg is supported in part from DARPA SIEVE Award, AFOSR Award FA9550-15-1-0274, AFOSR Award FA9550-19-1-0200, AFOSR YIP Award, NSF CNS Award 1936826, DARPA and SPAWAR under contract N66001-15-C-4065, a Hellman Award, a Sloan Research Fellowship and research grants by the Okawa Foundation, Visa Inc., and Center for Long-Term Cybersecurity (CLTC, UC Berkeley). The views expressed are those of the author and do not reflect the official policy or position of the funding agencies.

References

  1. 1.
    Armknecht, F., Barman, L., Bohli, J.-M., Karame, G.O.: Mirror: enabling proofs of data replication and retrievability in the cloud. In: 25th SENIX Security Symposium (USENIX Security 16), pp. 1051–1068 (2016)Google Scholar
  2. 2.
    Ben-Sasson, E., Chiesa, A., Tromer, E., Virza, M.: Scalable zero knowledge via cycles of elliptic curves. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 276–294. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-44381-1_16CrossRefGoogle Scholar
  3. 3.
    Bitansky, N., Canetti, R., Chiesa, A., Tromer, E.: Recursive composition and bootstrapping for SNARKS and proof-carrying data. In: Boneh, D., Roughgarden, T., Feigenbaum, J. (eds.) 45th Annual ACM Symposium on Theory of Computing, Palo Alto, CA, USA, 1–4 June, pp. 111–120. ACM Press (2013)Google Scholar
  4. 4.
    Bitansky, N., Goldwasser, S., Jain, A., Paneth, O., Vaikuntanathan, V., Waters, B.: Time-lock puzzles from randomized encodings. In: Sudan, M. (ed.) ITCS 2016: 7th Conference on Innovations in Theoretical Computer Science, Cambridge, MA, USA, 14–16 January, pp. 345–356. Association for Computing Machinery (2016)Google Scholar
  5. 5.
    Boneh, D., Bonneau, J., Bünz, B., Fisch, B.: Verifiable delay functions. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10991, pp. 757–788. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-96884-1_25CrossRefGoogle Scholar
  6. 6.
    Boneh, D., Bünz, B., Fisch, B.: A survey of two verifiable delay functions. Cryptology ePrint Archive, Report 2018/712 (2018). https://eprint.iacr.org/2018/712
  7. 7.
    Buchmann, J., Williams, H.C.: A key-exchange system based on imaginary quadratic fields. J. Cryptol. 1(2), 107–118 (1988).  https://doi.org/10.1007/BF02351719MathSciNetCrossRefzbMATHGoogle Scholar
  8. 8.
  9. 9.
    Cohen, B.: Proofs of space and time. Blockchain protocol analysis and security engineering (2017). https://cyber.stanford.edu/sites/default/files/bramcohen.pdf
  10. 10.
    Cohen, B., Pietrzak, K.: Simple proofs of sequential work. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10821, pp. 451–467. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-78375-8_15CrossRefGoogle Scholar
  11. 11.
    Döttling, N., Lai, R.W.F., Malavolta, G.: Incremental proofs of sequential work. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11477, pp. 292–323. Springer, Cham (2019).  https://doi.org/10.1007/978-3-030-17656-3_11CrossRefGoogle Scholar
  12. 12.
    De Feo, L., Masson, S., Petit, C., Sanso, A.: Verifiable delay functions from supersingular isogenies and pairings. Cryptology ePrint Archive, Report 2019/166 (2019). https://eprint.iacr.org/2019/166
  13. 13.
    Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987).  https://doi.org/10.1007/3-540-47721-7_12CrossRefGoogle Scholar
  14. 14.
    Kilian, J.: A note on efficient zero-knowledge proofs and arguments (extended abstract). In: 24th Annual ACM Symposium on Theory of Computing, Victoria, BC, Canada, 4–6 May, pp. 723–732. ACM Press (1992)Google Scholar
  15. 15.
    Mahmoody, M., Moran, T., Vadhan, S.P.: Publicly verifiable proofs of sequential work. In: Kleinberg, R.D. (ed.) ITCS 2013: 4th Innovations in Theoretical Computer Science, Berkeley, CA, USA, 9–12 January, pp. 373–388. Association for Computing Machinery (2013)Google Scholar
  16. 16.
    Mahmoody, M., Smith, C., Wu, D.J.: A note on the (im)possibility of verifiable delay functions in the random oracle model. Cryptology ePrint Archive, Report 2019/663 (2019). https://eprint.iacr.org/2019/663
  17. 17.
    Micali, S.: CS proofs (extended abstracts). In: 35th Annual Symposium on Foundations of Computer Science, Santa Fe, NM, USA, 20–22 November, pp. 436–453. IEEE Computer Society Press (1994)Google Scholar
  18. 18.
    Pietrzak, K.: Simple verifiable delay functions. In: Blum, A. (ed.) ITCS 2019: 10th Innovations in Theoretical Computer Science Conference, San Diego, CA, USA, 10–12 January, vol. 124, pp. 60:1–60:15. LIPIcs (2019)Google Scholar
  19. 19.
    Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signature and public-key cryptosystems. Commun. Assoc. Comput. Mach. 21(2), 120–126 (1978)MathSciNetzbMATHGoogle Scholar
  20. 20.
    Rivest, R.L., Shamir, A., Wagner, D.A.: Time-lock puzzles and timed-release crypto. Technical Report MIT/LCS/TR-684 (1996)Google Scholar
  21. 21.
    Valiant, P.: Incrementally verifiable computation or proofs of knowledge imply time/space efficiency. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 1–18. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-78524-8_1CrossRefzbMATHGoogle Scholar
  22. 22.
    Wesolowski, B.: Efficient verifiable delay functions. Cryptology ePrint Archive, Report 2018/623 (2018). https://eprint.iacr.org/2018/623

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.CISPA Helmholtz Center for Information SecuritySaarbrückenGermany
  2. 2.University of CaliforniaBerkeleyUSA
  3. 3.Carnegie Mellon UniversityPittsburghUSA

Personalised recommendations