[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Cryptography] A Scheme for Verifiable Lottery

On Tue, Nov 24, 2020, at 9:31 PM, Yunxiang Li wrote:
> The rationale for the repeated hashing is that since the randomness are picked
> by the organizer, there's no way to stop them from favoring someone by trying
> possible lucky numbers. Therefore with this scheme, they would need to give
> everyone else at least the same number of tries, making picking favorites
> impossible.

How do you select the lucky number to MAC?

Problem is that the security seems to be achieved first by relying on
the organizer to be fair, and then secondly by consensus of the participants.
First is easy, how do you pick the lucky number? Second is also easy,
the participants agreed on a scheme.

Relying on something like a personality handle is interesting. It is long-
lived and hard to change. But these qualities also preclude it from being
secret, so you're back to the organizer selecting a random number.
The cryptography mailing list
cryptography AT metzdowd.com