Filters








40 Hits in 3.0 sec

IND-CCA-Secure Key Encapsulation Mechanism in the Quantum Random Oracle Model, Revisited [chapter]

Haodong Jiang, Zhenfeng Zhang, Long Chen, Hong Wang, Zhi Ma
2018 Lecture Notes in Computer Science  
To fully assess the post-quantum security, security analysis in the quantum random oracle model (QROM) is preferred.  ...  Keywords: quantum random oracle model · key encapsulation mechanism · IND-CCA security · generic transformation An earlier version of this paper appeared with title "Post-quantum IND-CCA-secure KEM without  ...  We would like to thank anonymous reviews of Crypto 2018, Keita Xagawa, Takashi  ... 
doi:10.1007/978-3-319-96878-0_4 fatcat:upehez5hd5cwbmajd4g3i4zddq

Random Oracles in a Quantum World [article]

Dan Boneh, Özgür Dagdelen, Marc Fischlin, Anja Lehmann, Christian Schaffner, Mark Zhandry
2012 arXiv   pre-print
We then set out to develop generic conditions under which a classical random oracle proof implies security in the quantum-accessible random oracle model.  ...  We argue that to prove post-quantum security one needs to prove security in the quantum-accessible random oracle model where the adversary can query the random oracle with quantum states.  ...  Dan Boneh was supported by NSF, the Air Force Office of Scientific Research (AFO SR) under a MURI award, and by the Packard Foundation.  ... 
arXiv:1008.0931v2 fatcat:j6dgglfxtncsxhlnmwzwnrzkoa

Random Oracles in a Quantum World [chapter]

Dan Boneh, Özgür Dagdelen, Marc Fischlin, Anja Lehmann, Christian Schaffner, Mark Zhandry
2011 Lecture Notes in Computer Science  
We then set out to develop generic conditions under which a classical random oracle proof implies security in the quantum-accessible random oracle model.  ...  We argue that to prove post-quantum security one needs to prove security in the quantum-accessible random oracle model where the adversary can query the random oracle with quantum state.  ...  Dan Boneh was supported by NSF, the Air Force Office of Scientific Research (AFO SR) under a MURI award, and by the Packard Foundation.  ... 
doi:10.1007/978-3-642-25385-0_3 fatcat:vxobiu6twncctoke5ya3oyhg4i

A Modular Analysis of the Fujisaki-Okamoto Transformation [chapter]

Dennis Hofheinz, Kathrin Hövelmanns, Eike Kiltz
2017 Lecture Notes in Computer Science  
We note that we also analyze our transformations in the quantum random oracle model, which yields security guarantees in a post-quantum setting.  ...  secure symmetric encryption scheme into a Hybrid encryption scheme that is (IND-CCA) secure in the random oracle model [7] .  ...  Acknowledgments We would like to thank Andreas Hülsing, Christian Schaffner, and Dominique Unruh for interesting discussions on the FO transformation in the QROM.  ... 
doi:10.1007/978-3-319-70500-2_12 fatcat:f4m4fpehxfcxvbpybz4zsy6qeq

New Approach for CCA2-Secure Post-Quantum Cryptosystem Using Knapsack Problem [article]

Roohallah Rastaghi
2014 arXiv   pre-print
Chosen-ciphertext security, which guarantees confidentiality of encrypted messages even in the presence of a decryption oracle, has become the defacto notion of security for public-key encryption under  ...  In this manuscript, for the first time, we propose a new approach for constructing post-quantum cryptosystems secure against adaptive chosen ciphertext attack (CCA2-secure) in the standard model using  ...  in random oracle models, and the production of less efficient encryption schemes with full proofs of security in standard models.  ... 
arXiv:1211.6984v5 fatcat:f6nucc7pfrblbetoso7h6awf2e

Tighter Security Proofs for GPV-IBE in the Quantum Random Oracle Model [chapter]

Shuichi Katsumata, Shota Yamada, Takashi Yamakawa
2018 Advances in Industrial Control  
Since their proof was only made in the random oracle model (ROM) instead of the quantum random oracle model (QROM), it remained unclear whether the scheme was truly post-quantum or not.  ...  in one random oracle query.  ...  Quantum random oracle model. Boneh et al. [BDF + 11] introduced the quantum random oracle model (QROM), which is an extension of the usual random oracle model to the quantum setting.  ... 
doi:10.1007/978-3-030-03329-3_9 fatcat:eu7pme6fs5a3hilprgkdl7pory

KEM Combiners [chapter]

Federico Giacon, Felix Heuer, Bertram Poettering
2018 Lecture Notes in Computer Science  
In light of the recent NIST call for post-quantum secure PKE, the zoo of KEMs that are believed to be secure continues to grow.  ...  ' KEMs, yield a new KEM that is (CCA) secure as long as at least one of the ingredient KEMs is.  ...  Acknowledgments We are grateful to the anonymous PKC reviewers for their valuable comments.  ... 
doi:10.1007/978-3-319-76578-5_7 fatcat:bt4zzlp4bfhfbljyze4em2oi5m

CRYSTALS - Kyber: A CCA-Secure Module-Lattice-Based KEM

Joppe Bos, Leo Ducas, Eike Kiltz, T Lepoint, Vadim Lyubashevsky, John M. Schanck, Peter Schwabe, Gregor Seiler, Damien Stehle
2018 2018 IEEE European Symposium on Security and Privacy (EuroS&P)  
The security of our primitives is based on the hardness of Module-LWE in the classical and quantum random oracle models, and our concrete parameters conservatively target more than 128 bits of post-quantum  ...  We first introduce a CPA-secure public key encryption scheme, apply a variant of the Fujisaki-Okamoto transform to create a CCA-secure KEM, and eventually construct, in a black-box manner, CCA-secure encryption  ...  However, it is crucial for a proof in the quantum random oracle model. Concretely [44, 69] proved that Kyber is CCA secure in the quantum random oracle model, provided that Kyber.CPA is CPA-secure.  ... 
doi:10.1109/eurosp.2018.00032 dblp:conf/eurosp/BosDKLLSSSS18 fatcat:o7dl5wpwcndarjp3wtm2eqwycm

DAGS: Key encapsulation using dyadic GS codes

Gustavo Banegas, Paulo S. L. M. Barreto, Brice Odilon Boidje, Pierre-Louis Cayrel, Gilbert Ndollane Dione, Kris Gaj, Cheikh Thiécoumba Gueye, Richard Haeussler, Jean Belo Klamti, Ousmane N'diaye, Duc Tri Nguyen, Edoardo Persichetti (+1 others)
2018 Journal of Mathematical Cryptology  
The scheme is proved to be IND-CCA secure in both random oracle model and quantum random oracle model.  ...  Code-based cryptography is one of the main areas of interest for NIST's Post-Quantum Cryptography Standardization call.  ...  Now, the generation of the error vector is random, hence we can assume the probability of having an error in position i to be around st/2n; since the codes give the best performance when mst is close to  ... 
doi:10.1515/jmc-2018-0027 fatcat:grjhydflwffnrjsv62viehvsmi

Another Look at Tightness II: Practical Issues in Cryptography [chapter]

Sanjit Chatterjee, Neal Koblitz, Alfred Menezes, Palash Sarkar
2017 Lecture Notes in Computer Science  
How to deal with large tightness gaps in security proofs is a vexing issue in cryptography.  ...  Even when analyzing protocols that are of practical importance, leading researchers often fail to treat this question with the seriousness that it deserves.  ...  Of course, none of them is responsible for any of the opinions expressed in this article.  ... 
doi:10.1007/978-3-319-61273-7_3 fatcat:auyw65hh2rfh3k3hphhrf6mcra

URDP: General Framework for Direct CCA2 Security from any Lattice-Based PKE Scheme [article]

Roohallah Rastaghi
2013 arXiv   pre-print
IND-CCA2 security of this scheme can be tightly reduced in the standard model to the assumption that the underlying primitive is an one-way trapdoor function.  ...  hardness problems in (ideal) lattice in the standard model, resolving a problem that has remained open till date.  ...  We showed that this scheme has extra advantages, namely, its IND-CCA security remains tightly related (in the standard model) to the worst-case hardness problems in lattice.  ... 
arXiv:1302.6352v2 fatcat:e4k3nyenjfa6pd7crppaqflcf4

Security Protocols in a Nutshell [article]

Mohsen Toorani
2016 arXiv   pre-print
Furthermore, a survey on computational security models for authenticated key exchange (AKE) and password-authenticated key exchange (PAKE) protocols, as the most important and well-studied type of security  ...  It reviews foundations of security protocols, taxonomy of attacks on security protocols and their implementations, and different methods and models for security analysis of protocols.  ...  Acknowledgment The author would like to thank Øyvind Ytrehus for helpful comments and discussions.  ... 
arXiv:1605.09771v2 fatcat:mkbc3in6tvdo7madnvqaxogbfq

Lossy Trapdoor Functions and Their Applications

Chris Peikert, Brent Waters
2011 SIAM journal on computing (Print)  
Until now, witness-recovering CCA-secure cryptosystems were known to exist only in the random oracle model [8, 28] .  ...  Unfortunately, it is still not known how to realize TDFs and CCA security (in the standard model) based on all the types of assumptions described above.  ...  Acknowledgments We are grateful to Dan Boneh for offering important insights in the early stages of this work, to Cynthia Dwork and Salil Vadhan for helpful comments, to Daniele Micciancio for suggesting  ... 
doi:10.1137/080733954 fatcat:aar54oj7angjfowcrtacu2hqye

Lossy trapdoor functions and their applications

Chris Peikert, Brent Waters
2008 Proceedings of the fourtieth annual ACM symposium on Theory of computing - STOC 08  
Until now, witness-recovering CCA-secure cryptosystems were known to exist only in the random oracle model [8, 28] .  ...  Unfortunately, it is still not known how to realize TDFs and CCA security (in the standard model) based on all the types of assumptions described above.  ...  Acknowledgments We are grateful to Dan Boneh for offering important insights in the early stages of this work, to Cynthia Dwork and Salil Vadhan for helpful comments, to Daniele Micciancio for suggesting  ... 
doi:10.1145/1374376.1374406 dblp:conf/stoc/PeikertW08 fatcat:x5livcstg5ajtmltxzhgatovmy

Critical perspectives on provable security: Fifteen years of "another look" papers

Neal Koblitz, Alfred Menezes
2019 Advances in Mathematics of Communications  
We give an overview of our critiques of "proofs" of security and a guide to our papers on the subject that have appeared over the past decade and a half.  ...  On the contrary, in the case of one of the most important idealized models -random oracles -we have argued that their use in security proofs is relatively innocuous.  ...  Roughly speaking, this means that any cryptographic protocol that is secure in the random oracle model remains secure when the random oracle model is replaced by the hash function that is constructed from  ... 
doi:10.3934/amc.2019034 fatcat:gpftyd4hxjebfpzdqwdes345na
« Previous Showing results 1 — 15 out of 40 results