The random oracle methodology, revisited

Canetti, Ran; Goldreich, Oded; Halevi, Shai

Date Issued

2004

Publisher Version

10.1145/1008731.1008734

Author(s)

Canetti, Ran

Goldreich, Oded

Halevi, Shai

Export Citation

Download to BibTex

Download to EndNote/RefMan (RIS)

Metadata

Show full item record

Permanent Link

https://hdl.handle.net/2144/39024

Version

Accepted manuscript

Citation (published version)

R. Canetti, O. Goldreich, S. Halevi. 2004. "The random oracle methodology, revisited." Journal of the ACM, Volume 51, Issue 4, pp. 557 - 594. https://doi.org/10.1145/1008731.1008734

Abstract

We take a critical look at the relationship between the security of cryptographic schemes in the Random Oracle Model, and the security of the schemes that result from implementing the random oracle by so called “cryptographic hash functions”. The main result of this paper is a negative one: There exist signature and encryption schemes that are secure in the Random Oracle Model, but for which any implementation of the random oracle results in insecure schemes. In the process of devising the above schemes, we consider possible definitions for the notion of a “good implementation” of a random oracle, pointing out limitations and challenges

Collections

CAS: Computer Science: Scholarly Papers [257]
BU Open Access Articles [4757]