M. Bellare, P. Rogaway: Random Oracles are Practical: a Paradigm for Designing E#cient Protocols. Proc. of 1st ACM Conference on Computer and Communications Security. 62--73 (1993) Home/Search Document Not in Database Summary ACM TOC Related Articles Check |
This paper is cited in the following contexts:
First 50 documents
Formal Proofs for the Security of Signcryption - Baek, Steinfeld, Zheng (2002) (14 citations) (Correct)
....decryption oracle. Afterwards, schemes with security proofs against such an attack in the reductionist style (in other words, proofs of reduction from attacking the asymmetric encryption schemes to solving a computationally hard problems) under the heuristic assumption called random oracle model [6], were followed [5] 10] 17] Moreover, the asymmetric encryption scheme with security proof without such an assumption was also proposed [7] and received great attention. For provable security of digital signature schemes, slight modifications of the schemes in [8] and [19] were proved [18] 15] ....
....schemes. Another signcryption scheme derived from SDSS2 can be described and analyzed in a very similar manner presented in this paper. So we only consider the SDSS1 type signcryption scheme. Note also that the hash functions used in the signcryption scheme are assumed to be random oracles [6] in this paper. And the bind information, which is hashed in the signcryption process, contains such information as Alice and Bob s public keys. We remark that #, which is a Di#e Hellman key, is directly provided as input to random oracle H without being hashed by the random oracle G in our ....
M. Bellare and P. Rogaway: Random Oracles are Practical: A Paradigm for Designing E#cient Protocols, Proceedings of First ACM Conference on Computer and Communications Security 1993, pages 62--73.
Simple and Efficient Threshold Cryptosystem from the Gap.. - Baek, Zheng (Correct)
....and Lee s observation in Section 2.1. As mentioned in the preceding section, Shoup and Gennaro [34] first formalized security notions for threshold cryptosystem, proposed two practical schemes and proved their schemes are secure against adaptive chosen ciphertext attack in the random oracle model [6]. Their first intention might have been adding a non interactive zero knowledge proof of knowledge of discrete logarithm similar to the Schnorr signature to construct publicly checkable cryptosystem as Tsiounis and Yung did in [36] But they realized that it is di#cult to prove such schemes be ....
....Checkable Encryption Scheme From the GDH Group 2.1 Discussions on Publicly Checkable Encryption It is a common practice in designing public key crytosystems secure against chosen ciphertext attacks to include validity check of ciphertexts. However, in many public key cryptosystems, e.g. [1, 5, 6, 12, 17, 26, 27, 37], validity check can be done only if the verifier (or receiver) knows the private key. Only a few schemes have known to be publicly checkable, e.g. 2, 24, 35, 36] But, as observed by Lim and Lee [22] publicly checkable cryptosystems are particularly useful for designing threshold ....
[Article contains additional citation context not shown here]
M. Bellare and P. Rogaway: Random Oracles are Practical: A Paradigm for Designing E#cient Protocols, Proceedings of First ACM Conference on Computer and Communications Security 1993, pages 62--73.
Designing Identification Schemes with Keys of Short Size - Stern (1994) (13 citations) (Correct)
....of the values of the unknowns in S and T are basically public data. This does not contradict zero knowledge as they leak equally from the actual executions and the simulated ones. 2. Hash values make the simulation a bit harder: a convenient setting is the so called random oracle model (see [2]) Alternatively, one has to assume specific statistical independance properties for the hash function. 6 Performances of the Scheme. The performances of our scheme are very comparable to those of [8, 11] and we will restrict ourselves to various remarks. 1. As for previous schemes of the same ....
M. Bellare and P. Rogaway: Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, 1993, pp. 62-73.
A Variant of the Cramer-Shoup Cryptosystem for Groups of Unknown.. - Lucks (2002) (1 citation) (Correct)
....and Naor [9] described a scheme provably secure against ACC attacks under standard assumptions. However, their scheme is too inecient for practical applications. The research for provably secure and practically ecient cryptosystems has led to schemes provably secure in the random oracle model [2], and to schemes provably secure under non standard assumptions such as the oracle Die Hellman assumption [1] The Cramer Shoup cryptosystem [5] is the only cryptosystem known to be both practical and provably secure under standard assumptions mainly, the decisional Die Hellman assumption in ....
M. Bellare, P. Rogaway: \Random oracles are practical: a paradigm for designing ecient protocols", ACM Computer and Communication Security '93, ACM Press.
Security of Signed ElGamal Encryption - Schnorr, Jakobsson (2000) (27 citations) (Correct)
....Our approach has practical consequences. It yields very practical cryptographic schemes that are provably secure in a reasonable, new security model, the random oracle and generic model (ROM GM) The ROM goes back to Fiat and Shamir [FS86] and has been further enhanced by Bellare and Rogaway [BR93], while the generic model (GM) goes back to Nechaev [Ne94] and Shoup [Sh97] We introduce the combination of these two models, the result of which seems to cover all practical attacks at hand. Namely, security in ROM GM allows a separation of potential weaknesses of the group G, the hash function ....
M. Bellare and P. Rogaway : Random Oracles are Practical: a Paradigms for Designing E#cient Protocols. 1st ACM Conference on Computer Communication Security, pp. 62--73, 1993.
Efficient Non-Malleable Commitment Schemes - Fischlin, Fischlin (2000) (6 citations) (Correct)
....commitment scheme with logarithmically many rounds based on any one way function. Yet, their solutions involve cumbersome non interactive and interactive zero knowledge proofs, respectively. While e#cient non malleable encryption schemes under various assumptions have appeared since then [BR93,BR94,CS98], as far as we know more e# cient non malleable commitment protocols are still missing. Di Crescenzo et al. DIO98] present a non interactive and non malleable commitment scheme based on any one way function in the common random string model. Though being non interactive, their system is rather ....
M. Bellare and P. Rogaway: Random Oracles are Practical: a Paradigm for Designing E#cient Protocols, First ACM Conference on Computer and Communication Security, ACM Press, pp. 62--73, 1993.
Security of Signed ElGamal Encryption - Schnorr, Jakobsson (1999) (27 citations) (Correct)
....Our approach has practical consequences. It yields very practical cryptographic schemes that are provably secure in a reasonable, new security model, the random oracle and generic model (ROM GM) The ROM goes back to Fiat and Shamir [FS86] and has been further enhanced by Bellare and Rogaway [BR93], while the generic model (GM) goes back to Nechaev [Ne94] and Shoup [Sh97] We introduce the combination of these two models, the result of which seems to cover all practical attacks at hand. Namely, security in ROM GM allows a separation of potential weaknesses of the group G, the hash function ....
M. Bellare and P. Rogaway : Random Oracles are Practical: a Paradigms for Designing Ecient Protocols. 1st ACM Conference on Computer Communication Security, pp. 62-73, 1993.
An efficient NICE-Schnorr-type signature scheme - Hühnlein, Merkle (2000) (Correct)
....as hard as the full DL problem. Thus the assumption that the DL problem in a subgroup of Ker(OE Gamma1 Cl ) is computational equivalent to the DL problem in Ker(OE Gamma1 Cl ) itself is denoted by (subgroup DL) If we furthermore assume that our hash function acts like a random oracle [1], denoted by (ROM) then it is easy to prove the following result in complete analogy to [19, Theorem 5] Theorem 2. Assume (ROM) If an existential forgery of the NICE Schnorr signature scheme, under an adaptively chosen message attack, has non negligible probability of success, then the ....
M. Bellare, P. Rogaway: Random Oracles are Practical: a Paradigm for Designing Efficient Protocols in Proceedings of the 1st ACM Conference on Computer and Communcations Security, Fairfax, Virginia, USA, ACM press, 1993, pp. 62-73
Universally Convertible Directed Signatures - Fabien Laguillaumie Pascal (Correct)
No context found.
M. Bellare, P. Rogaway: Random Oracles are Practical: a Paradigm for Designing E#cient Protocols. Proc. of 1st ACM Conference on Computer and Communications Security. 62--73 (1993)
Designated Verifier Signatures: Anonymity and - Ecient Construction From (Correct)
No context found.
M. Bellare, P. Rogaway: Random Oracles are Practical: a Paradigm for Designing E#cient Protocols. Proc. of 1st ACM Conference on Computer and Communications Security, 62--73 (1993)
Multi-Designated Verifiers Signatures - Fabien Laguillaumie And (2004) (2 citations) (Correct)
No context found.
M. Bellare, P. Rogaway: Random Oracles are Practical: a Paradigm for Designing E#cient Protocols. Proc. of 1st ACM Conference on Computer and Communications Security, 62--73 (1993)
Time-Selective Convertible Undeniable Signatures - Fabien Laguillaumie And (Correct)
No context found.
M. Bellare, P. Rogaway: Random Oracles are Practical: a Paradigm for Designing E#cient Protocols. Proc. of 1st ACM Conference on Computer and Communications Security. 62--73 (1993)
Efficient Simultaneous Contract Signing - Liskova, Stanek (Correct)
No context found.
M. Bellare, P. Rogaway: Random Oracles are Practical: a Paradigm for Designing E#cient Protocols, In 1st ACM Conference on Computer and Communication Security, 62--73, ACM Press, 1993.
Efficient and Optimistic Fair Exchanges Based on Standard.. - Zhang, Zhou, Feng (2004) (Correct)
No context found.
M. Bellare and P. Rogaway: Random oracles are practical: a paradigm for designing efficient protocols. Proceedings of the First Annual Conference on Computer and Commmunications Security, ACM, 1993.
An efficient NICE-Schnorr-type signature scheme - Huhnlein, Merkle (2000) (Correct)
No context found.
M. Bellare, P. Rogaway: Random Oracles are Practical: a Paradigm for Designing Efficient Protocols in Proceedings of the 1st ACM Conference on Computer and Communcations Security, Fairfax, Virginia, USA, ACM press, 1993, pp. 62-73
Security of Signed ElGamal Encryption - Schnorr, Jakobsson (1999) (27 citations) (Correct)
No context found.
M. Bellare and P. Rogaway : Random Oracles are Practical: a Paradigms for Designing E#cient Protocols. 1st ACM Conference on Computer Communication Security, pp. 62--73, 1993.
Security of Discrete Log Cryptosystems in the Random Oracle .. - Schnorr, Jakobsson (1999) (7 citations) (Correct)
No context found.
M. Bellare and P. Rogaway : Random Oracles are Practical: a Paradigms for Designing Efficient Protocols. Proc. of the 1st ACM Conference on Computer Communication Security, pp. 62--73, 1993.
Pseudorandom Function Tribe Ensembles Based on One-Way.. - Fischlin (1999) (7 citations) (Correct)
No context found.
M.Bellare, P.Rogaway: Random Oracles are Practical: A Paradigm for Designing Efficient Protocols, First ACM Conference on Computer and Communications Security, 1993.
Enhancing the Security of Perfect Blind DL-Signatures - Schnorr (2003) (Correct)
No context found.
M. Bellare and P. Rogaway : Random Oracles are Practical: a Paradigms for Designing Ecient Protocols. Proc. 1st ACM Conference on Computer Communication Security, pp. 62-73, 1993.
Security of Blind Discrete Log Signatures against Interactive.. - Schnorr (2001) (10 citations) (Correct)
No context found.
M. Bellare and P. Rogaway : Random Oracles are Practical: a Paradigms for Designing Ecient Protocols. Proc. 1st ACM Conference on Computer Communication Security, pp. 62-73, 1993.
Provably-Secure and Communication-Efficient Scheme for.. - Nam, Kim, Kim, Won (2004) (Correct)
No context found.
M. Bellare and P. Rogaway: Random oracles are practical: A paradigm for designing e#cient protocols. In Proc. of 1st ACM Conf. on Computer and Communications Security (CCS'93), pp.62--73, 1993.
DDH-based Group Key Agreement for Mobile Computing - Nam, Lee, Kim, Won (2004) (3 citations) (Correct)
No context found.
M. Bellare and P. Rogaway: Random oracles are practical: A paradigm for designing e#cient protocols, in: Proceedings of 1st ACM Conference on Computer and Communications Security (CCS'93), pp. 62--73, 1993.
The Representation Problem Based on Factoring - Fischlin, Fischlin (2002) (2 citations) (Correct)
No context found.
M. Bellare and P. Rogaway: Random Oracles are Practical: a Paradigm for Designing Ecient Protocols, First ACM Conference on Computer and Communication Security, ACM Press, pp. 62-73, 1993.
Security of Blind Discrete Log Signatures against Interactive.. - Schnorr (2001) (10 citations) (Correct)
No context found.
M. Bellare and P. Rogaway : Random Oracles are Practical: a Paradigms for Designing Ecient Protocols. Proc. 1st ACM Conference on Computer Communication Security, pp. 62-73, 1993.
Ciphertext Can Be Shorter in Multi-User Setting - Kurosawa (2001) (Correct)
No context found.
M.Bellare and P.Rogaway: \Random oracles are practical: A paradigm for designing ecient protocols", Proc. of the 1st CCS, pp.62-73, ACM Press, New York, 1993. (http://www-cse.ucsd.edu/users/mihir/crypto2k)
First 50 documents
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC