Query-Complexity Amplification for Random Oracles

Increasing the computational complexity of evaluating a hash function, both for the honest users as well as for an adversary, is a useful technique employed for example in password-based cryptographic schemes to impede brute-force attacks, and also in so-called proofs of work (used in protocols like Bitcoin) to show that a certain amount of computation was performed by a legitimate user. A natural approach to adjust the complexity of a hash function is to iterate it c times, for some parameter c, in the hope that any query to the scheme requires c evaluations of the underlying hash function. However, results by Dodis et al. (Crypto 2012) imply that plain iteration falls short of achieving this goal, and designing schemes which provably have such a desirable property remained an open problem.

[1]  Dipl . Math,et al.  A Theory of Secure Communication , 2014 .

[2]  Martijn Stam,et al.  Understanding Adaptivity: Random Systems Revisited , 2012, ASIACRYPT.

[3]  Ueli Maurer,et al.  Indistinguishability Amplification , 2007, CRYPTO.

[4]  William E. Burr,et al.  Recommendation for Password-Based Key Derivation Part 1: Storage Applications , 2010 .

[5]  Moni Naor,et al.  Moderately Hard Functions: From Complexity to Spam Fighting , 2003, FSTTCS.

[6]  Ueli Maurer Conditional equivalence of random systems and indistinguishability proofs , 2013, 2013 IEEE International Symposium on Information Theory.

[7]  Ueli Maurer,et al.  On the soundness of authenticate-then-encrypt: formalizing the malleability of symmetric encryption , 2010, CCS '10.

[8]  Stefano Tessaro,et al.  The equivalence of the random oracle model and the ideal cipher model, revisited , 2010, STOC '11.

[9]  Ueli Maurer,et al.  Indifferentiability, Impossibility Results on Reductions, and Applications to the Random Oracle Methodology , 2004, TCC.

[10]  Ueli Maurer,et al.  Indistinguishability of Random Systems , 2002, EUROCRYPT.

[11]  Mihir Bellare,et al.  The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs , 2006, EUROCRYPT.

[12]  David Mazières,et al.  The Advanced Computing Systems Association a Future-adaptable Password Scheme a Future-adaptable Password Scheme , 2022 .

[13]  Burton S. Kaliski,et al.  PKCS #5: Password-Based Cryptography Specification Version 2.0 , 2000, RFC.

[14]  Mihir Bellare,et al.  Multi-instance Security and Its Application to Password-Based Cryptography , 2012, CRYPTO.

[15]  Ueli Maurer,et al.  Abstract Cryptography , 2011, ICS.

[16]  John P. Steinberger,et al.  To Hash or Not to Hash Again? (In)differentiability Results for H2 and HMAC , 2012, IACR Cryptol. ePrint Arch..

[17]  Ueli Maurer,et al.  Constructive Cryptography - A New Paradigm for Security Definitions and Proofs , 2011, TOSCA.

[18]  Ken Thompson,et al.  Password security: a case history , 1979, CACM.

[19]  Moni Naor,et al.  Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.

[20]  Jean-Sébastien Coron,et al.  Merkle-Damgård Revisited: How to Construct a Hash Function , 2005, CRYPTO.

[21]  David Mazières,et al.  A future-adaptive password scheme , 1999 .

[22]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[23]  Ueli Maurer,et al.  Resource-Restricted Indifferentiability , 2013, IACR Cryptol. ePrint Arch..

[24]  Ueli Maurer,et al.  From Single-Bit to Multi-bit Public-Key Encryption via Non-malleable Codes , 2015, TCC.

[25]  Hovav Shacham,et al.  Careful with Composition: Limitations of the Indifferentiability Framework , 2011, EUROCRYPT.

[26]  Guido Bertoni,et al.  On the Indifferentiability of the Sponge Construction , 2008, EUROCRYPT.