Souvik Sur

Souvik Sur

We propose two hard problems in cellular automata. In particular the problems are: [DDP$^M_{n,p}$] Given two \emph{randomly} chosen configurations $t$ and $s$ of a cellular automata of length $n$, find the number of transitions $τ$ between $s$ and $t$. [SDDP$^δ_{k,n}$] Given two \emph{randomly} chosen configurations $s$ of a cellular automata of length $n$ and $x$ of length $k<n$, find the configuration $t$ such that $k$ number of cells of $t$ is fixed to $x$ and $t$ is reachable from $s$ within $δ$ transitions. We show that the discrete logarithm problem over the finite field reduces to DDP$^M_{n,p}$ and the short integer solution problem over lattices reduces to SDDP$^δ_{k,n}$. The advantage of using such problems as the hardness assumptions in cryptographic protocols is that proving the security of the protocols requires only the reduction from these problems to the designed protocols. We design one such protocol namely a proof-of-work out of SDDP$^δ_{k,n}$.

Souvik Sur

We propose a proof-of-sequential-work (PoSW) that can be verified with only a single query to the random oracle for each random challenge. Proofs-of-sequential-work are protocols that facilitate a verifier to efficiently verify if a prover has executed a specified number of computations sequentially. Denoting this number of sequential computations with N , the prover with poly(N) parallelism must take $Ω(N)$-sequential time while the verifier verifies the computation in O(log N)-sequential time using upto O(log N) parallelism. We propose a PoSW that allows any verifier, even the one with no parallelism, to verify using just a single sequential computation on a single challenge. All the existing PoSWs [10, 5, 2, 6] mandate a prover to compute a sequence of responses from a random oracle against N-rounds of queries. Then the prover commits this sequence using a commitment scheme (e.g., Merkle root (like) commitment) predefined in the PoSWs. Now the verifier asks the prover to provide a set of proofs against t randomly chosen checkpoints, called challenges, in the computed sequence. The verifier finds out the commitment from each of these proofs spending O(log N) rounds of queries to the oracle. It can be reduced to a single round of queries only if the verifier owns O(log N) parallelism [6]. The verifier in our PoSW demands no parallelism but uses a single query to the random oracle in order to verify each of the t challenges. The key observation is that the commitment schemes themselves in the prior works demand O(log N ) oracle queries to verify.

Souvik Sur

A Verifiable Delay Function (VDF) is a function that takes a specified sequential time to be evaluated, but can be efficiently verified. VDFs are useful in several applications ranging from randomness beacons to sustainable blockchains but are really rare in practice. Most of the VDFs are based on algebraic assumptions like time-lock puzzle in unknown group orders [6, 8] and isogenies over pairing groups [4]. The number of modulo squaring required for verification in the time-lock puzzle based VDFs are proportional to their security parameter. This paper proposes a verifiable delay function that requires only 2- modulo squaring for verification. So the sequential effort required for verification is independent of the security parameter.