Adaptively Secure Constrained Verifiable Random Function

TL;DR: This paper presents a generic construction of Constrained Verifiable Random Function (CVRF) achieving adaptive security, leveraging Indistinguishability Obfuscation and Partition Scheme, and provides a proof technique for achieving adaptive security in related scenarios, with implications for micro-payment systems.

Abstract: Constrained Verifiable Random Function (CVRF) is a powerful variant of Pseudorandom Function (PRF). Simply put, CVRF asks the outputs of PRF to be verifiable and the secret key of PRF to be delegatable, thus simultaneously resolving the PRF’s trust and “all or nothing” problems. Among the existing constructions of CVRF, the optimal implementation of security, to our knowledge, should be the semi-adaptive security of [SCN 2019] where an adversary can make some queries before issuing its attack target but get critical public information only after the attack. Here we give a generic construction of CVRF that achieves a stronger security, called adaptive security: the adversary has access to this public information at the beginning of the security experiment. Concretely, we first define a slightly weaker security of CVRF, called single-key security, and prove its existence. Then, using it and Indistinguishability Obfuscation and Partition Scheme, we construct an adaptively secure CVRF. Notably, our proof technique may provide a direction for achieving adaptive security in scenarios related to Indistinguishability Obfuscation, where puncturable techniques have been commonly used before. Beyond this, we analyze the possible implications of our proposed construction in the micro-payment scenario.