Robust Distributed Pseudorandom Functions for mNP Access Structures

Abstract

Distributed pseudorandom functions (DPRFs) formally defined by Naor et al. (EUROCRYPT’99) provide the properties of regular PRFs as well as the ability to distribute the evaluation of the PRF function; rendering them useful against single point of failures in multiple settings (e.g., key distribution centres). To avoid the corruption of the partial PRF values computed by distributed servers, Naor et al. proposed the notion of robust distributed PRFs, which not only allows the evaluation of the PRF value by a set of distributed servers, but also allows to verify if the partial evaluation values are computed correctly. In this paper, we investigate different approaches to build non-interactive robust distributed PRFs for a general class of access structures, going beyond the existing threshold and monotone span programs (MSP). More precisely, our contributions are two fold: (i) we first adapt the notion of single round robust distributed PRFs for threshold access structures to one for any mNP access structure (monotone functions in NP), and (ii) we provide a provably secure general construction of robust distributed PRFs by employing puncturable PRFs, a non-interactive witness indistinguishable proof (NIWI) and indistinguishable obfuscation. We compare our robust DPRF with existing DPRFs in terms of security guarantees, underlying assumptions and required primitives.