Authors:
Thomas Lavaur
1
;
2
and
Jérôme Lacan
1
Affiliations:
1
ISAE-Supaero, Université de Toulouse, France
;
2
Paul Sabatier, Université de Toulouse, France
Keyword(s):
Randomness Beacon, Random Number Generation, zk-SNARK, zk-STARK, Verifiable Computation.
Abstract:
The generation of random numbers by a trusted third-party is essential to many cryptographic protocols. Recently, the NIST proposed the standardization of randomness beacons, which are hash-based chains of pulses. Each pulse contains a random number and is generated at regular time intervals. However, if the owner of the beacon generator is untrusted, several attacks allow the manipulation of the provided random numbers. In this paper, we firstly suggest protecting the first hash functions of the NIST scheme by adding a verifiable argument of knowledge. More precisely, we propose furnishing a zk-SNARK or a zk-STARK with the hash to make the system more transparent and resistant to randomness manipulation. Secondly, we propose a verifiable computation-based interactive protocol to allow a client, with the help of the beacon, to generate proven randomness. Then, we show that connecting this system to a blockchain could have several benefits. We provide a security analysis with a model
allowing a malicious beacon generator. We prove that our first application improves the resilience of the system against randomness manipulation attacks and that the interactive protocol rules out timing attacks for the client and ensures the non-predictability of the random numbers. Finally, we evaluated the computation cost with zk-SNARKs.
(More)