RFC 9381

Verifiable Random Functions (VRFs), August 2023

File formats:

icon for HTML icon for text file icon for v3pdf icon for XML
Also available: XML file for editing
S. Goldberg
L. Reyzin
D. Papadopoulos
J. Včelák

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC9381

Discuss this RFC: Send questions or comments to the mailing list cfrg@irtf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 9381


A Verifiable Random Function (VRF) is the public key version of a keyed cryptographic hash. Only the holder of the secret key can compute the hash, but anyone with the public key can verify the correctness of the hash. VRFs are useful for preventing enumeration of hash-based data structures. This document specifies VRF constructions based on RSA and elliptic curves that are secure in the cryptographic random oracle model.

This document is a product of the Crypto Forum Research Group (CFRG) in the IRTF.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.

Advanced Search