The random oracle methodology, revisited

Canetti, Ran; Goldreich, Oded; Halevi, Shai

The random oracle methodology, revisited

Files

0010019v1.pdf(400.01 KB)

Accepted manuscript

Date

2004

DOI

10.1145/1008731.1008734

Authors

Canetti, Ran

Goldreich, Oded

Halevi, Shai

Version

Accepted manuscript

URI

https://hdl.handle.net/2144/39024

Citation

R. Canetti, O. Goldreich, S. Halevi. 2004. "The random oracle methodology, revisited." Journal of the ACM, Volume 51, Issue 4, pp. 557 - 594. https://doi.org/10.1145/1008731.1008734

Abstract

We take a critical look at the relationship between the security of cryptographic schemes in the Random Oracle Model, and the security of the schemes that result from implementing the random oracle by so called “cryptographic hash functions”. The main result of this paper is a negative one: There exist signature and encryption schemes that are secure in the Random Oracle Model, but for which any implementation of the random oracle results in insecure schemes. In the process of devising the above schemes, we consider possible definitions for the notion of a “good implementation” of a random oracle, pointing out limitations and challenges

Collections

BU Open Access Articles
CAS: Computer Science: Scholarly Papers

Full item page