Sciweavers

Free Online Productivity Tools i2Speak i2Symbol i2OCR iTex2Img iWeb2Print iWeb2Shot i2Type iPdf2Split iPdf2Merge i2Bopomofo i2Arabic i2Style i2Image i2PDF iLatex2Rtf Sci2ools

16

CORR
2000
Springer

favoriteEmaildiscussreport

93views Education» more CORR 2000»

The Random Oracle Methodology, Revisited

13 years 4 months ago

The Random Oracle Methodology, Revisited

Download eprint.iacr.org

We take a critical look at the relationship between the security of cryptographic schemes in the Random Oracle Model, and the security of the schemes that result from implementing the random oracle by so called "cryptographic hash functions". The main result of this paper is a negative one: There exist signature and encryption schemes that are secure in the Random Oracle Model, but for which any implementation of the random oracle results in insecure schemes. In the process of devising the above schemes, we consider possible definitions for the notion of a "good implementation" of a random oracle, pointing out limitations and challenges.

Ran Canetti, Oded Goldreich, Shai Halevi

Real-time Traffic

CORR 2000 | Cryptographic Schemes | Education | Random Oracle | Random Oracle Model |

claim paper

Related Content

» On the RandomOracle Methodology as Applied to LengthRestricted Signature Schemes

» Random Oracles in a Quantum World

» Fair Blind Signatures without Random Oracles

» On Deniability in the Common Reference String and Random Oracle Model

» Optimistic Fair Exchange in a Multiuser Setting

» Lattice Signatures without Trapdoors

» Security under keydependent inputs

» Compact ECash and Simulatable VRFs Revisited

» The IdealCipher Model Revisited An Uninstantiable BlockcipherBased Hash Function

Post Info
More Details (n/a)

Added	17 Dec 2010
Updated	17 Dec 2010
Type	Journal
Year	2000
Where	CORR
Authors	Ran Canetti, Oded Goldreich, Shai Halevi

Comments (0)