Augmented Random Oracles
We propose a new paradigm for justifying the security of random oracle-based protocols, which we call the Augmented Random Oracle Model (AROM). We show that the AROM captures a wide range of important random oracle impossibility results. Thus a proof in the AROM implies some resiliency to such impos...
Saved in:
| Published in | Advances in Cryptology - CRYPTO 2022 Vol. 13509; pp. 35 - 65 |
|---|---|
| Main Author | |
| Format | Book Chapter |
| Language | English |
| Published |
Switzerland
Springer
2022
Springer Nature Switzerland |
| Series | Lecture Notes in Computer Science |
| Online Access | Get full text |
| ISBN | 9783031159817 3031159810 |
| ISSN | 0302-9743 1611-3349 |
| DOI | 10.1007/978-3-031-15982-4_2 |
Cover
| Summary: | We propose a new paradigm for justifying the security of random oracle-based protocols, which we call the Augmented Random Oracle Model (AROM). We show that the AROM captures a wide range of important random oracle impossibility results. Thus a proof in the AROM implies some resiliency to such impossibilities. We then consider three ROM transforms which are subject to impossibilities: Fiat-Shamir (FS), Fujisaki-Okamoto (FO), and Encrypt-with-Hash (EwH). We show in each case how to obtain security in the AROM by strengthening the building blocks or modifying the transform.
Along the way, we give a couple other results. We improve the assumptions needed for the FO and EwH impossibilities from indistinguishability obfuscation to circularly secure LWE; we argue that our AROM still captures this improved impossibility. We also demonstrate that there is no “best possible” hash function, by giving a pair of security properties, both of which can be instantiated in the standard model separately, which cannot be simultaneously satisfied by a single hash function. |
|---|---|
| ISBN: | 9783031159817 3031159810 |
| ISSN: | 0302-9743 1611-3349 |
| DOI: | 10.1007/978-3-031-15982-4_2 |