- Uses
- References
In cryptography, the concept of a verifiable random function (VRF) was introduced by Micali, Rabin, and Vadhan.[1] It is a pseudo-random function that provides publicly verifiable proofs of its outputs' correctness. Given an input value x, the owner of the secret key SK can compute the function value y = FSK(x) and the proof pSK(x). Using the proof and the public key 
, everyone can check that the value y = FSK(x) was indeed computed correctly, yet this information cannot be used to find the secret key.
The original construction was rather inefficient. Later, an efficient and practical verifiable random function was proposed by Yevgeniy Dodis and Aleksandr Yampolskiy.[2] The following is only for intuition and is secure only when the input 
is from a small domain (the authors then extend it to a larger domain):
where e(·,·) is a bilinear map.
To verify whether 
was computed correctly or not, one can check
if 
and 
.
The proof of security relies on a new decisional bilinear Diffie-Hellman inversion assumption, which asks given 
as input to distinguish 
from random.
Uses
VRFs provide deterministic precommitments which can be revealed at a later time using proofs which can only be generated by a private key. This is useful for providing a 1:1 mapping of low entropy inputs (e.g. names, email addresses, phone numbers) to some random values which can be committed to in advance, e.g. through a timestamping service such as a transparency log.
Unlike traditional digital signature algorithms, VRF outputs can be published publicly without being subject to a preimage attack, even if the verifier knows the public key (but not the proof). This is useful to prevent enumeration of the names/identifiers in a directory which is using a transparency system.
References
2. ^{{cite conference | first = Yevgeniy | last = Dodis|author2=Yampolskiy, Aleksandr. | title = A Verifiable Random Function With Short Proofs and Keys | booktitle = 8th International Workshop on Theory and Practice in Public Key Cryptography | pages = 416–431 | year = 2005}}
- Air Marshal Tanvir Mahmood Ahmed
- Air-Mass Thunderstorm
- Air-mass thunderstorm
- Air Material Command
- Air Mauritania
- Air Mauritius Destinations
- Air Max
- Air Maëstro
- Air Mediterranee
- Air Melo Line
- Air Member for Personnel
- AIRMET
- Air Methods
- Air Methods, Corp.
- Air Miami
- Airmiles
- AIRMILES
- AIR MILES
- Air miles
- AirMiles
- Air Military Forces
- Air Minas
- Air-mine
- Air Ministry Experimental Station
- Air Ministry Specification