[liberationtech] Stanford, Mon, Dec. 1 -- Joseph Bonneau: Bitcoin as a source of verifiable public randomness (working paper)

[Yosem Companys]

From: Joe Zimmerman <jzim at cs.stanford.edu>

    Bitcoin as a source of verifiable public randomness
                      (working paper)

                       Joseph Bonneau

                  Monday, December 1, 2014
                       Talk at 4:15pm
                         Gates 463A

Abstract:

Many security protocols can be strengthened by a public randomness beacon:
a source of randomness which can be sampled by anybody after time t, but is
strongly unpredictable to anybody prior to time t. Applications include
public
lotteries, election auditing, and multiple cryptographic protocols such as
cut-and-choose or fair contract signing. Until recently, all proposals for
instantiating a beacon either rely on a trusted third party (such as the
NIST
beacon or random.org) or have difficult-to-evaluate security properties
(such
as hashing stock market data). In this talk we introduce a new construction
for
building a beacon based on Bitcoin's block chain. This beacon outputs 64
bits
of min-entropy every 10 minutes on average and we can prove strong financial
lower bounds on the cost of manipulating the output which are at least in
the tens of thousands of dollars. We discuss constructions for building a
manipulation-resistant lottery, a new security construction, on top of this
primitive which can make attacks even more expensive. Finally, we discuss
a number of interesting smart contracts that can be efficiently implemented
by extending Bitcoin script to enable sampling the beacon output, including
secure multi-party lotteries and self-enforcing non-interactive cut and
choose.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20141130/42270d07/attachment.html>