Distributed Random Number Generation for the Needs of Public Governance

We propose distributed protocol for generation of random numbers via computer systems. The protocol is specifically designed to fit the needs of random selection as it is performed in public sphere and is inspired by real problems, which are posing difficulties for Bulgarian judicial system. Random selection in public sphere is meant to be mechanism for increasing the transparency and reducing the possibilities of collusion between various government actors. Usage of computers reduces transparency and when done improperly, can lead to disastrous consequences concerning the public trust in the institutions of government. This protocol tries to provide technical solution to the transparency problem by allowing third parties to guarantee for the fairness of the random selection without giving these parties the ability to influence maliciously the result.

💡 Research Summary

**
The paper addresses a concrete problem observed in the Bulgarian judicial system: the electronic assignment of court cases to judges was vulnerable to manipulation because the entire process relied on a single, locally‑run application. Deleting or restoring the program’s data files allowed an insider to repeat the random draw until a favorable outcome was obtained. The authors argue that this lack of transparency undermines public trust and that a more robust, distributed solution is needed for any public‑sector random selection (e.g., jury composition, tender tie‑breakers, panel appointments).

Building on the classic distributed random‑number generation concept introduced by Manuel Blum in the early 1980s, the authors propose a concrete protocol tailored to the social‑policy context. The protocol’s security rests on two well‑known cryptographic primitives: (1) a method for combining the contributions of multiple parties so that the final result is uniformly distributed even if a coalition of participants colludes, and (2) a commitment scheme that forces each participant to fix its contribution before learning the others’ inputs.

For (1) the authors first discuss the naïve XOR‑of‑independent‑random‑numbers approach, noting that XOR yields a uniform result provided at least one input is uniform and that the target interval is a power of two. To avoid the “out‑of‑range” problem when the interval is arbitrary, they replace the XOR of raw numbers with a scheme where one participant supplies a uniformly drawn integer in (