学术文献库

A Verifiable Delay Function (VDF) is a function that takes a specified sequential time $T$ to be evaluated, but can be verified in $Ω(\log{T})$-time. For meaningful security, $T$ can be at most subexponential in the security parameter $λ$ but has no lower bound. VDFs are useful in several applications ranging from randomness beacons to sustainable blockchains but are really rare in practice. The verification in all of these VDFs requires $Ω(λ, \log{T})$ sequential time. This paper derives a verifiable delay function that is verifiable in $O(1)$-sequential time. The key observation is that the prior works use subexponentially-hard algebraic assumptions for their sequentiality. On the contrary, we derive our VDF from a polynomially-hard sequential assumption namely the time-lock puzzle over the group of known order. In particular, we show that time-lock puzzle can be sequentially-hard even when the order of the group is known but the delay parameter is polynomially-bounded i.e., $T \le \mathtt{poly}(λ)$. As an add-on advantage, our VDF requires only one sequential squaring to verify. Thus, in our VDF, the sequential effort required for verification is fixed and independent of the delay parameter $T$.