Cryptographic Module Functionalities for Randomness Beacons (G13c)
A secure implementation of a randomness beacon, such as specified by NISTIR 8213, poses a number of challenges related to the composition of various components and functions. For example, it requires the combination of multiple independent sources of randomness, proper time synchronization, and isolation / access control to a secret signing key. There is also a wish-list of functionalities that could conceivably be facilitated by cryptographic modules, such as the combined use of crypto acceleration and intentional slowness, and the use of post-quantum and/or threshold signatures. This talk will present various considerations about the NIST reference for randomness beacons, and will try to motivate external implementations thereof, which can be supported by cryptographic modules.