Internet Archive Scholar

The random oracle methodology, revisited

Ran Canetti, Oded Goldreich, Shai Halevi
2004 Journal of the ACM  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (369.4 kB)
https://web.archive.org/web/20101011110632/http://eprint.iacr.org:80/1998/011.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2010; you can also visit the original URL. The file type is application/pdf.

We take a critical look at the relationship between the security of cryptographic schemes in the Random Oracle Model, and the security of the schemes that result from implementing the random oracle by so called "cryptographic hash functions". The main result of this paper is a negative one: There exist signature and encryption schemes that are secure in the Random Oracle Model, but for which any implementation of the random oracle results in insecure schemes. In the process of devising the
more » ... schemes, we consider possible definitions for the notion of a "good implementation" of a random oracle, pointing out limitations and challenges.
doi:10.1145/1008731.1008734 fatcat:i72j7bjkfzcahcytw7bwqqrd3a
Citation

Ran Canetti, Oded Goldreich, Shai Halevi. "The random oracle methodology, revisited." Journal of the ACM (2004) 557-594