An Introduction To How GINAR dRNG Works
December 21, 2018
- BY GINAR
GINAR is a random number generator that runs on a decentralized network. Discover what makes GINAR’s random numbers different?. In the previous article, we talked about multi-party random number generation. This is a mechanism to produce a single value from the contributions of multiple parties. GINAR is a multi-party random number generator. This article will describe how GINAR works in a straightforward way, using a real-life analogy. If you wish to understand the technical detail, you can refer to GINAR white paper here. Before going into detail, we introduce through some definitions that are building blocks composing the whole GINAR system. If you are familiar with these terms, you should go directly to the description of the protocol.
Encryption and DecryptionEncryption is a mechanism to transform data into a form unreadable by anyone not in possession of a secret decryption key. The purpose of encryption is to ensure the privacy of data by hiding it from unauthorized parties. Encryption is one of the most important methods for providing data security, especially for end-to-end protection of data transmitted across networks. Encryption has its root since ancient Greeks and Roman sent messages by substituting letters that are only readable if one has a secret key. The reverse procedure of encryption is called decryption which transforms meaningless message to a human-readable form. For example, imagine that you have a safe and a top-secret document that you want to keep it from people other than your partner. You and your partner both have the key to lock and unlock the safe. Encryption is when you lock the document inside the safe. Decryption is when your partner unlocks the safe and gets the document. Suppose that Alice wants to send a message to Bob but she needs to ensure that no one other than Bob can read the message. They first agree on a key. Alice uses the key to encrypt the message: Encryption: “I love GINAR” + key = “this is an unreadable message” and send the encrypted message to Bob. Bob uses the key to decrypt the message: Decryption: “this is an unreadable message” + key = “I love GINAR” In the above examples, we use the same key for encryption and decryption. This is call symmetric encryption scheme. In practice, Bob and Alice are residing on different places and exchanging the key over an insecure network without being compromised is not practical. Therefore, Alice uses one key to encrypt data and, and Bob uses another key to decrypt the received message. The encryption-decryption flow is as follows: Encryption: “I love GINAR” + key1 = “this is an unreadable message” Decryption: “this is an unreadable message” + key2 = “I love GINAR” This procedure is called asymmetric encryption scheme (also called public-key encryption). “key1” and “key2” have to satisfy some mathematical constraints in order for the decryption to be correct.
Homomorphic encryptionHomomorphic encryption is encryption that allows us to perform operations on encrypted data (such as additions or multiplications). Here is a very simple example of how a homomorphic encryption scheme: Suppose that Alice owns a jewelry store and she wants her employees to assemble raw precious materials (such as diamonds, gold) into finished products. However, she is worried about the materials being stolen. Alice resolves this by constructing glove boxes that only she has the key and putting the raw materials inside. The boxes are transparent so that the employees can see what they are doing. The employees use the gloves to do their job but they can not take anything out. Once the work is finished, Alice can use the key to open all the boxes and takes the finished products out. If we consider: Data: raw materials Encrypted data: raw materials are put inside the locked boxes Encryption: raw materials are put inside the boxes and the employees cannot take them out (but they can still see them) Decryption: Alice uses the key to open the boxes and takes the products out. As an analogy, homomorphic property here is the act of assembling (perform operations) of raw materials inside the locked boxes (encrypted data) by the employee.
GINAR architectureThe GINAR system consists of three main components as shown in the below figure.
- GINAR Service: a bridge between clients requesting random numbers and decentralized networks which is in charge of generating numbers.
- Core Layer: in charge of generating the random numbers. This component is running on a blockchain that consists of many nodes distributed throughout the network.
- Public blockchain: hosts a low-speed, open, multi-participatory RNG protocol to produce fair, verifiable numbers.
How GINAR worksGINAR operates through 2 phases, Initialize and Process. The Initialize phase is when a client sends a request to GINAR Service, exchanges necessary data such as the public key. We will focus mostly on the second phase as it is the main topic of this article. This phase operates as follows:
- After the request has been processed, GINAR Service forwards it to the Core Layer (along with the public key of the client).
- Each party in the Core Layer checks whether it is eligible to take part in the generation process. However, for simplicity, we assume that all parties in the Core Layer are eligible.
- Each party chooses a number to contribute and encrypts it using the public key of the client. In this step, we use homomorphic encryption to make sure that one can perform additions on encrypted numbers.
- Each party sends back the encrypted number to GINAR Service.
- GINAR Service calculates the sum of all received numbers.
- GINAR Service sends the total sum to the client
- The client uses his secret key to decrypt the number received from GINAR Service and obtains the random number.
- Every party in the Core Layer chooses a number to contribute. They put the number inside a magic box and lock it using the public key of the client (encryption right?).
- They send the box to GINAR Service and at here, all boxes are combined into a bigger box (homomorphically perform operations on encrypted data). Since only the client has the secret key to unlock, GINAR Service knows nothing about what is inside the bigger box.
- GINAR Service then sends this box to the client.
- The client uses his secret key to unlock the box to get all candies inside (decryption).