Search CORE

4,918 research outputs found

Random Oracles in a Quantum World

Author: C.H. Bennett
D. Boneh
D. Cash
D. Pointcheval
D. Unruh
E. Fujisaki
E. Fujisaki
G. Brassard
G. Brassard
J. Watrous
J.-S. Coron
L.K. Grover
M. Fischlin
N.H. Bshouty
O. Goldreich
P. Shor
P.-L. Cayrel
R.A. Servedio
S. Aaronson
S. Agrawal
S. Agrawal
S. Goldwasser
S. Hallgren
S.D. Gordon
X. Boyen
Y. Dodis
Publication venue
Publication date: 01/01/2011
Field of study

The interest in post-quantum cryptography - classical systems that remain secure in the presence of a quantum adversary - has generated elegant proposals for new cryptosystems. Some of these systems are set in the random oracle model and are proven secure relative to adversaries that have classical access to the random oracle. We argue that to prove post-quantum security one needs to prove security in the quantum-accessible random oracle model where the adversary can query the random oracle with quantum states. We begin by separating the classical and quantum-accessible random oracle models by presenting a scheme that is secure when the adversary is given classical access to the random oracle, but is insecure when the adversary can make quantum oracle queries. We then set out to develop generic conditions under which a classical random oracle proof implies security in the quantum-accessible random oracle model. We introduce the concept of a history-free reduction which is a category of classical random oracle reductions that basically determine oracle answers independently of the history of previous queries, and we prove that such reductions imply security in the quantum model. We then show that certain post-quantum proposals, including ones based on lattices, can be proven secure using history-free reductions and are therefore post-quantum secure. We conclude with a rich set of open problems in this area.Comment: 38 pages, v2: many substantial changes and extensions, merged with a related paper by Boneh and Zhandr

arXiv.org e-Print Archive

CiteSeerX

The Random Oracle Methodology, Revisited

Author: Canetti Ran
Goldreich Oded
Halevi Shai
Publication venue
Publication date: 11/10/2000
Field of study

We take a critical look at the relationship between the security of cryptographic schemes in the Random Oracle Model, and the security of the schemes that result from implementing the random oracle by so called "cryptographic hash functions". The main result of this paper is a negative one: There exist signature and encryption schemes that are secure in the Random Oracle Model, but for which any implementation of the random oracle results in insecure schemes. In the process of devising the above schemes, we consider possible definitions for the notion of a "good implementation" of a random oracle, pointing out limitations and challenges.Comment: 31 page

arXiv.org e-Print Archive

CiteSeerX

Boston University Institutional Repository (OpenBU)