Non-Uniform Bounds in the Random-Permutation, Ideal-Cipher, and Generic-Group Models

The random-permutation model (RPM) and the ideal-cipher model (ICM) are idealized models that offer a simple and intuitive way to assess the conjectured standard-model security of many important symmetric-key and hash-function constructions. Similarly, the generic-group model (GGM) captures generic algorithms against assumptions in cyclic groups by modeling encodings of group elements as random injections and allows to derive simple bounds on the advantage of such algorithms.

[1]  Martin E. Hellman,et al.  A cryptanalytic time-memory trade-off , 1980, IEEE Trans. Inf. Theory.

[2]  Ronald L. Rivest The MD 6 hash function A proposal to NIST for SHA-3 , 2008 .

[3]  Mihir Bellare,et al.  An Uninstantiable Random-Oracle-Model Scheme for a Hybrid-Encryption Problem , 2004, EUROCRYPT.

[4]  Ronald L. Rivest,et al.  Indifferentiability of Permutation-Based Compression Functions and Tree-Based Modes of Operation, with Applications to MD6 , 2009, FSE.

[5]  Stefano Tessaro,et al.  Security Amplification for the Cascade of Arbitrarily Weak PRPs: Tight Bounds via the Interactive Hardcore Lemma , 2011, TCC.

[6]  Yishay Mansour,et al.  A Construction of a Cioher From a Single Pseudorandom Permutation , 1991, ASIACRYPT.

[7]  David Pointcheval,et al.  Chosen-Ciphertext Security without Redundancy , 2003, ASIACRYPT.

[8]  Tanja Lange,et al.  Non-uniform cracks in the concrete: the power of free precomputation , 2012, IACR Cryptol. ePrint Arch..

[9]  Yehuda Lindell,et al.  Introduction to Modern Cryptography (Chapman & Hall/Crc Cryptography and Network Security Series) , 2007 .

[10]  Mohammad Mahmoody,et al.  On the Power of Hierarchical Identity-Based Encryption , 2016, EUROCRYPT.

[11]  Jesper Buus Nielsen,et al.  Separating Random Oracle Proofs from Complexity Theoretic Proofs: The Non-committing Encryption Case , 2002, CRYPTO.

[12]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[13]  Antoine Joux,et al.  Multi-user Collisions: Applications to Discrete Logarithm, Even-Mansour and PRINCE , 2014, ASIACRYPT.

[14]  John P. Steinberger,et al.  Random Oracles and Non-Uniformity , 2018, IACR Cryptol. ePrint Arch..

[15]  Victor Shoup,et al.  Lower Bounds for Discrete Logarithms and Related Problems , 1997, EUROCRYPT.

[16]  John P. Steinberger,et al.  On the Indifferentiability of Key-Alternating Ciphers , 2013, IACR Cryptol. ePrint Arch..

[17]  Stefano Tessaro,et al.  Provably Robust Sponge-Based PRNGs and KDFs , 2016, EUROCRYPT.

[18]  Guido Bertoni,et al.  On the Indifferentiability of the Sponge Construction , 2008, EUROCRYPT.

[19]  G. V. Assche,et al.  On the security of the keyed sponge construction , 2011 .

[20]  Serge Fehr,et al.  Perfect NIZK with Adaptive Soundness , 2007, TCC.

[21]  Yevgeniy Dodis,et al.  Key Derivation without Entropy Waste , 2014, EUROCRYPT.

[22]  Louis Granboulan,et al.  Short Signatures in the Random Oracle Model , 2002, ASIACRYPT.

[23]  Thomas Shrimpton,et al.  Building a Collision-Resistant Compression Function from Non-compressing Primitives , 2008, ICALP.

[24]  Ran Canetti,et al.  On the Random-Oracle Methodology as Applied to Length-Restricted Signature Schemes , 2004, TCC.

[25]  Philippe Oechslin,et al.  Making a Faster Cryptanalytic Time-Memory Trade-Off , 2003, CRYPTO.

[26]  Jakob Jonsson,et al.  An OAEP Variant With a Tight Security Proof , 2002, IACR Cryptol. ePrint Arch..

[27]  Jonathan Katz,et al.  Introduction to Modern Cryptography: Principles and Protocols , 2007 .

[28]  Kai-Min Chung,et al.  On the power of nonuniformity in proofs of security , 2013, ITCS '13.

[29]  Jonathan Katz,et al.  Fixing Cracks in the Concrete: Random Oracles with Auxiliary Input, Revisited , 2017, EUROCRYPT.

[30]  Yael Tauman Kalai,et al.  On the (In)security of the Fiat-Shamir paradigm , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[31]  Luca Trevisan,et al.  Lower bounds on the efficiency of generic cryptographic constructions , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[32]  John P. Steinberger,et al.  Tight Security Bounds for Key-Alternating Ciphers , 2014, EUROCRYPT.

[33]  Madhur Tulsiani,et al.  Time Space Tradeoffs for Attacks against One-Way Functions and PRGs , 2010, CRYPTO.

[34]  Joseph P. Mihalcik An Analysis of Algorithms for Solving Discrete Logarithms in Fixed Groups , 2010 .

[35]  Yishay Mansour,et al.  A construction of a cipher from a single pseudorandom permutation , 1997, Journal of Cryptology.

[36]  Hugo Krawczyk,et al.  On the Composition of Zero-Knowledge Proof Systems , 1990, ICALP.

[37]  John Black,et al.  Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV , 2002, CRYPTO.

[38]  Shachar Lovett,et al.  Rectangles Are Nonnegative Juntas , 2015, SIAM J. Comput..

[39]  John P. Steinberger,et al.  Constructing Cryptographic Hash Functions from Fixed-Key Blockciphers , 2008, CRYPTO.

[40]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[41]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[42]  Adi Shamir,et al.  Minimalism in Cryptography: The Even-Mansour Scheme Revisited , 2012, EUROCRYPT.

[43]  Dominique Unruh,et al.  Random Oracles and Auxiliary Input , 2007, CRYPTO.

[44]  John Black,et al.  An Analysis of the Blockcipher-Based Hash Functions from PGV , 2010, Journal of Cryptology.

[45]  Henry Corrigan-Gibbs,et al.  The Discrete-Logarithm Problem with Preprocessing , 2018, IACR Cryptol. ePrint Arch..

[46]  John Black,et al.  The Ideal-Cipher Model, Revisited: An Uninstantiable Blockcipher-Based Hash Function , 2006, FSE.

[47]  Oded Goldreich,et al.  Definitions and properties of zero-knowledge proof systems , 1994, Journal of Cryptology.

[48]  Robert S. Winternitz A Secure One-Way Hash Function Built from DES , 1984, 1984 IEEE Symposium on Security and Privacy.

[49]  Prasad Raghavendra,et al.  Approximating rectangles by juntas and weakly-exponential lower bounds for LP relaxations of CSPs , 2016, STOC.

[50]  Alexander W. Dent,et al.  The Hardness of the DHK Problem in the Generic Group Model , 2006, IACR Cryptol. ePrint Arch..