Verifiable random functions from (Leveled) multilinear maps

Abstract

Verifiable random functions (VRFs), firstly proposed by Micali, Rabin, and Vadhan (FOCS 99), are pseudorandom functions with the additional property that the party holding the seed sk can generate a non-interactive, publicly verifiable proof π for the statements “Fsk(x) = y”, for any input x. To date only a few VRF schemes are known and most known constructions either allow only a small input space, or don’t achieve full adaptive security under a non-interactive complexity assumption. The only known adaptively secure VRF scheme with exponentially-large input space is based on _-Decisional Diffie-Hellman Exponent assumption (Hohenberger and Waters, Eurocrypt 2010). In this work, we present a VRF scheme which is proved adaptively secure for exponentially-large input spaces under (n, k)-Modified Multilinear Decisional Diffie-Hellman Exponent assumption. Our construction is directly derived from the construction of constrained VRFs given by Fuchsbauer (SCN 14) based on (leveled) multilinear-maps. Since in Fuchsbauer’s scheme the adaptive security is obtained via complexity leveraging, which leads to a security loss that is exponential in the input length. Our core idea is to apply a simulation technique similar to the VRF analysis of Hohenberger (Eurocrypt 2010), where we partition the input space into those for which we can provide a proof and those for which we cannot. We then show that with non-negligible probability, the adversary will only query us on inputs for which we can provide proofs, except for the challenge query, for which the proof is unknown.