Verifiable Random Functions (VRFs)

Document Type Replaced Internet-Draft (individual)
Authors Sharon Goldberg  , Dimitrios Papadopoulos  , Jan Včelák 
Last updated 2017-07-21 (latest revision 2017-06-30)
Replaced by draft-irtf-cfrg-vrf
Stream Internet Research Task Force (IRTF)
Intended RFC status (None)
Expired & archived
plain text xml htmlized pdfized bibtex
Stream IRTF state (None)
Consensus Boilerplate Unknown
Document shepherd No shepherd assigned
IESG IESG state Replaced by draft-irtf-cfrg-vrf
Telechat date
Responsible AD (None)
Send notices to

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


A Verifiable Random Function (VRF) is the public-key version of a keyed cryptographic hash. Only the holder of the private key can compute the hash, but anyone with public key can verify the correctness of the hash. VRFs are useful for preventing enumeration of hash-based data structures. This document specifies several VRF constructions that are secure in the cryptographic random oracle model. One VRF uses RSA and the other VRF uses Eliptic Curves (EC).


Sharon Goldberg (
Dimitrios Papadopoulos (
Jan Včelák (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)