Encryption Schemes using Random Oracles: from Classical to Post-Quantum Security

The security proofs of post-quantum cryptographic schemes often consider only classical adversaries. Therefore, whether such schemes are really post-quantum secure remains unknown until the proofs take quantum adversaries into account. Switching to a quantum adversary might require to adapt the security notion. In particular, post-quantum security proofs for schemes which use random oracles have to be in the quantum random oracle model (\(\mathrm {QROM}\)), while classical security proofs are in the random oracle model (\(\mathrm {ROM}\)). We remedy this state of affairs by introducing a framework to obtain post-quantum security of public key encryption schemes which use random oracles. We define a class of encryption schemes, called oracle-simple, and identify game hops which are used to prove such schemes secure in the \(\mathrm {ROM}\). For these game hops, we state both simple and sufficient conditions to validate that a proof also holds in the \(\mathrm {QROM}\). The strength of our framework lies in its simplicity, its generality, and its applicability. We demonstrate this by applying it to the code-based encryption scheme \(\mathrm {ROLLO{\hbox {-}}II}\) (Round 2 NIST candidate) and the lattice-based encryption scheme \(\mathrm {LARA}\) (FC 2019). Thereby we prove that both schemes are post-quantum secure, which had not been shown before.

[1]  Mihir Bellare,et al.  The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs , 2006, EUROCRYPT.

[2]  Michael Hamburg,et al.  Tighter proofs of CCA security in the quantum random oracle model , 2019, IACR Cryptol. ePrint Arch..

[3]  Mark Zhandry,et al.  Secure Identity-Based Encryption in the Quantum Random Oracle Model , 2012, CRYPTO.

[4]  Hong Wang,et al.  IND-CCA-Secure Key Encapsulation Mechanism in the Quantum Random Oracle Model, Revisited , 2018, CRYPTO.

[5]  Tommaso Gagliardoni,et al.  The Fiat-Shamir Transformation in a Quantum World , 2013, IACR Cryptol. ePrint Arch..

[6]  Mark Zhandry,et al.  How to Record Quantum Queries, and Applications to Quantum Indifferentiability , 2019, IACR Cryptol. ePrint Arch..

[7]  Rachid El Bansarkhani LARA - A Design Concept for Lattice-based Encryption , 2019, IACR Cryptol. ePrint Arch..

[8]  Eike Kiltz,et al.  Generic Authenticated Key Exchange in the Quantum Random Oracle Model , 2020, IACR Cryptol. ePrint Arch..

[9]  Erdem Alkim,et al.  Revisiting TESLA in the Quantum Random Oracle Model , 2017, PQCrypto.

[10]  Isaac L. Chuang,et al.  Quantum Computation and Quantum Information (10th Anniversary edition) , 2011 .

[11]  Eike Kiltz,et al.  A Modular Analysis of the Fujisaki-Okamoto Transformation , 2017, TCC.

[12]  Eike Kiltz,et al.  A Concrete Treatment of Fiat-Shamir Signatures in the Quantum Random-Oracle Model , 2018, IACR Cryptol. ePrint Arch..

[13]  Mark Zhandry,et al.  Random Oracles in a Quantum World , 2010, ASIACRYPT.

[14]  Tommaso Gagliardoni,et al.  Quantum Security of Cryptographic Primitives , 2017, ArXiv.

[15]  Dominique Unruh,et al.  Post-quantum Security of Fiat-Shamir , 2017, ASIACRYPT.

[16]  Dominique Unruh,et al.  Post-Quantum Security of the Fujisaki-Okamoto and OAEP Transforms , 2016, TCC.

[17]  Tatsuaki Okamoto,et al.  Secure Integration of Asymmetric and Symmetric Encryption Schemes , 1999, Journal of Cryptology.

[18]  Kenneth G. Paterson,et al.  Tightly Secure Ring-LWE Based Key Encapsulation with Short Ciphertexts , 2017, ESORICS.

[19]  Mark Zhandry,et al.  Revisiting Post-Quantum Fiat-Shamir , 2019, IACR Cryptol. ePrint Arch..

[20]  Fang Song,et al.  Mitigating Multi-Target Attacks in Hash-based Signatures , 2016, IACR Cryptol. ePrint Arch..

[21]  Takashi Yamakawa,et al.  (Tightly) QCCA-Secure Key-Encapsulation Mechanism in the Quantum Random Oracle Model , 2019, IACR Cryptol. ePrint Arch..

[22]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[23]  Andris Ambainis,et al.  Quantum security proofs using semi-classical oracles , 2019, IACR Cryptol. ePrint Arch..

[24]  Dominique Unruh,et al.  Revocable Quantum Timed-Release Encryption , 2014, J. ACM.

[25]  Victor Shoup,et al.  Sequences of games: a tool for taming complexity in security proofs , 2004, IACR Cryptol. ePrint Arch..

[26]  Fang Song,et al.  A Note on Quantum Security for Post-Quantum Cryptography , 2014, PQCrypto.

[27]  Serge Fehr,et al.  Security of the Fiat-Shamir Transformation in the Quantum Random-Oracle Model , 2019, IACR Cryptol. ePrint Arch..