Elliptic Curve VRF

WINR VRF represents an instantiation of a specific kind of cryptographic algorithm that aims at producing random output in a deterministic way, and meanwhile, in a verifiable manner. This section makes a simple try to describe how the Elliptical Curve VRF works in an easily understandable approach.

The understanding of Elliptic Curve VRF demands some knowledge regarding elliptic curves. In layman's terms, the elliptic curve can be simply described by an equation of the form:

Some properties that make these types of curves useful in cryptography are that they easily enable secure cryptographic operations such as encryption, digital signatures, and random number generation.

The operation of the VRF of the Elliptic Curve algorithm takes in most cases the secret key (sk), public key (pk), and the input (x) and produces two outputs: a random value (y), and a proof (π). This is done through the sequence of operations below:

• Key-pair generation: Through an indirect process, a user triggers the generation of a pair of cryptographic keys: a secret key (sk) and its corresponding public key (pk), both directly connected with the properties of an elliptic curve and unique to them.

• Random Output Generation: VRF can take the secret key along with the input, desired from any user, and generate a random output. Further, many mathematical operations would be performed upon this information, such as elliptic curve arithmetic for generating a random output, y. This result shall be deterministic. For the same input value x, using the same secret key sk, the output value y generated would always remain the same.

• VRF algorithm outputs: Apart from the random output y, the VRF algorithm produces a proof π, which is an attestation of the validity of the output. The latter allows anyone to verify that indeed the output was generated correctly without knowing the secret key of the user. The proof is obtained by using cryptographic techniques dependent on the properties of elliptic curves.

• Verification: The correctness of the random output y ∈ (0, 1] with its proof π can be publicly verifiable using the user's public key pk and the input x. It means carrying out some cryptographic operations on the input, the random output, and the proof, checking some mathematical equations that should hold. If it is verified, it would offer assurance that the random output indeed was generated correctly by the specified user.