Generating Verifiable Random Numbers
Started Jun. 13, 2017; last modified Jun. 13, 2017
This short note presents another way to generate verifiable random numbers besides RFC 3797. Verifiable random numbers are defined in my randomness recommendations page as "random numbers that are disclosed along with all the information required to verify their generation."
Lenstra and Wesolowski (2015) describe a technique called "unicorn" to generate verifiable random numbers using publicly disclosed information. In essence:
- An announcement is made inviting the public to make public contributions to a random number within a specified window of time.
- After the window of time expires, a list of the contributions is publicly disclosed; the random number will be derived primarily from those contributions. The number is then generated using an unparallelizable hash function that deliberately takes time to run when generating that number, but runs much faster when verifying it (p. 4). (Optionally, additional data not yet disclosed in detail is also used to derive the random number, provided that data will be disclosed afterwards. See p. 10 of the paper for further details on this step.)
- After the random number is generated, it is publicly disclosed together with all information required to verify that number's generation.