EPFL helps launch globally distributed randomness generator

The League of Entropy network will  generate publicly verifiable random values every 60 seconds. © 2019 Cloudflare

The League of Entropy network will generate publicly verifiable random values every 60 seconds. © 2019 Cloudflare

The EPFL School of Computer and Communication Sciences (IC) Decentralized and Distributed Systems (DEDIS) lab has participated in the launch of an international consortium to put its research on publicly verifiable, distributed randomness into practice.

On June 17, web performance and security company Cloudflare, along with Protocol Labs, Kudelski Security, the University of Chile and EPFL, announced the “League of Entropy”: a global consortium whose founding members are combining their resources to produce a publicly available, distributed randomness beacon. The service will provide unpredictable, unbiasable, third-party verifiable random numbers at regular intervals.

The League of Entropy (named for the measure of a number’s unpredictability) comprises a network of servers running a distributed randomness beacon software called drand (pronounced “dee-rand”) – which has its roots at EPFL – to generate publicly verifiable random values every 60 seconds. That means that users will be able to retrieve 1440 fresh random values each day.

The announcement was made as part of Cloudflare’s 2019 CryptoWeek series on free cryptographic tools that can be used “to build a more secure, trustworthy Internet”.

Why random numbers?

Random numbers are essential for the field of cryptography – the study and practice of techniques for secure communication. The most well-known use of randomness in cryptography is for deriving encryption and signing keys to protect sensitive data. To maintain security, it is crucial that the randomness used is kept secret; otherwise, anyone who knows the values can recover the secret keys, and decrypt ciphertexts or issue valid signatures.

Public randomness is a type of randomness that is required for processes that rely on transparency and public auditability, such as election audits, lotteries, and distributed ledger systems. According to Ewa Syta, Assistant Professor of Computer Science at Trinity College Hartford and a collaborator on the randomness research project, producing and handling public randomness securely is an even greater challenge:

“When it comes to public randomness, it is not enough to ensure its high entropy. When a single source produces such randomness, they may arbitrarily bias public random choices toward their advantage. A securely decentralized randomness beacon that is run by independent organizations can ensure an appropriate level of trust in the produced values.”

A collaborative effort

The drand project originated from a research paper, Scalable Bias-Resistant Distributed Randomness, which was published at the 2017 IEEE Symposium on Security and Privacy. The development of drand in its current form started shortly thereafter and was driven by researchers Nicolas Gailly, Philipp Jovanovic, and Mathilde Raynal in the DEDIS lab, led by IC professor Bryan Ford. Since then, drand has become a collaborative project across several organizations.

Currently, The League of Entropy consortium comprises EPFL, Cloudflare, Protocol Labs, Random UChile and Kudelski Security, as well as lead drand developer Nicolas Gailly – now a researcher at Protocol Labs – and DEDIS lab researchers Philipp Jovanovic and Ludovic Barman. This is only the beginning, however. The League of Entropy plans to grow to make its public randomness generation process even more secure and distributed in the future.