Results 1 - 10
of
62,396
Non Observability in the Random Oracle Model
"... The Random Oracle Model, introduced by Bellare and Rogaway, provides a method to heuristically argue about the security of cryptographic primitives and protocols. The basis of this heuristic is that secure hash functions are close enough to random functions in their behavior, and so, a primitive tha ..."
Abstract
- Add to MetaCart
The Random Oracle Model, introduced by Bellare and Rogaway, provides a method to heuristically argue about the security of cryptographic primitives and protocols. The basis of this heuristic is that secure hash functions are close enough to random functions in their behavior, and so, a primitive
A Criterion and Schemes on the Random Oracle Model
, 2004
"... A study of the random oracle model seems to be concentrated to showing the gap between the schemes in the random oracle model and the schemes whose random oracles are replaced with functions chosen at random from some function ensembles. We consider a different direction on the study of the schemes ..."
Abstract
- Add to MetaCart
A study of the random oracle model seems to be concentrated to showing the gap between the schemes in the random oracle model and the schemes whose random oracles are replaced with functions chosen at random from some function ensembles. We consider a different direction on the study of the schemes
How Risky is the Random-Oracle Model?
"... Abstract. RSA-FDH and many other schemes secure in the Random-Oracle Model (ROM) require a hash function with output size larger than standard sizes. We show that the random-oracle instantiations proposed in the literature for such cases are weaker than a random oracle, including the proposals by Be ..."
Abstract
-
Cited by 14 (0 self)
- Add to MetaCart
Abstract. RSA-FDH and many other schemes secure in the Random-Oracle Model (ROM) require a hash function with output size larger than standard sizes. We show that the random-oracle instantiations proposed in the literature for such cases are weaker than a random oracle, including the proposals
1.1.1 The Random Oracle Model............................ 3
, 2002
"... We take a critical look at the relationship between the security of cryptographic schemes in the Random Oracle Model, and the security of the schemes that result from implementing the random oracle by so called “cryptographic hash functions”. The main result of this paper is a negative one: There ex ..."
Abstract
- Add to MetaCart
We take a critical look at the relationship between the security of cryptographic schemes in the Random Oracle Model, and the security of the schemes that result from implementing the random oracle by so called “cryptographic hash functions”. The main result of this paper is a negative one
The random oracle model and the ideal cipher model are equivalent
- Advances in Cryptology - CRYPTO 2008, LNCS 5157
, 2008
"... Abstract. The Random Oracle Model and the Ideal Cipher Model are two well known idealised models of computation for proving the security of cryptosystems. At Crypto 2005, Coron et al. showed that security in the random oracle model implies security in the ideal cipher model; namely they showed that ..."
Abstract
-
Cited by 26 (2 self)
- Add to MetaCart
Abstract. The Random Oracle Model and the Ideal Cipher Model are two well known idealised models of computation for proving the security of cryptosystems. At Crypto 2005, Coron et al. showed that security in the random oracle model implies security in the ideal cipher model; namely they showed
Short Signatures in the Random Oracle Model
- In Asiacrypt ’02, LNCS 2501
, 2002
"... We study how digital signature schemes can generate signatures as short as possible, in particular in the case where partial message recovery is allowed. We give a concrete proposition named OPSSR that achieves the lower bound for message expansion, and give an exact security proof of the scheme ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
of the scheme in the ideal cipher model. We extend it to the multi-key setting. We also show that this padding can be used for an asymmetric encryption scheme with minimal message expansion.
Short Signatures in the Random Oracle Model
- In Asiacrypt ’02, LNCS 2501
, 2002
"... We study how digital signature schemes can generate signatures as short as possible, in particular in the case where partial message recovery is allowed. We give a concrete proposition named OPSSR that achieves the lower bound for message expansion, and give an exact security proof of the scheme ..."
Abstract
- Add to MetaCart
of the scheme in the ideal cipher model. We extend it to the multi-key setting. We also show that this padding can be used for an asymmetric encryption scheme with minimal message expansion.
A Machine-Checked Formalization of the Random Oracle Model
- in "Proceedings of TYPES’04", Lecture Notes in Computer Science
, 2005
"... Abstract. Most approaches to the formal analysis of cryptography protocols make the perfect cryptographic assumption, which entails for example that there is no way to obtain knowledge about the plaintext pertaining to a ciphertext without knowing the key. Ideally, one would prefer to abandon the pe ..."
Abstract
-
Cited by 6 (0 self)
- Add to MetaCart
such as the Generic Model and the Random Oracle Model. Using the proof assistant Coq, we provide a machine-checked account of the Generic Model and the Random Oracle Model. We exploit this framework to prove the security of the ElGamal cryptosystem against adaptive chosen ciphertexts attacks. 1
Security of Encryption Schemes in Weakened Random Oracle Models
, 2010
"... Liskov proposed several weakened versions of the random oracle model, called weakened random oracle models (WROMs), to capture the vulnerability of ideal compression functions, which are expected to have the standard security of hash functions, i.e., collision resistance, second-preimage resistance, ..."
Abstract
- Add to MetaCart
Liskov proposed several weakened versions of the random oracle model, called weakened random oracle models (WROMs), to capture the vulnerability of ideal compression functions, which are expected to have the standard security of hash functions, i.e., collision resistance, second-preimage resistance
Results 1 - 10
of
62,396