Non-Committing Encryption is Too Easy in the Random Oracle Model
نویسنده
چکیده
The non-committing encryption problem arises in the setting of adaptively secure cryptographic protocols, as the task of implementing secure channels. We prove that in the random oracle model, where the parties have oracle access to a uniformly random function, non-committing encryption can be implemented efficiently using any trapdoor permutation. We also prove that no matter how the oracle is instantiated in practice the resulting scheme will never be non-committing, and we give a short discussion of the random oracle model in light of this.
منابع مشابه
Separating Random Oracle Proofs from Complexity Theoretic Proofs: The Non-committing Encryption Case
We show that there exists a natural protocol problem which has a simple solution in the random-oracle (RO) model and which has no solution in the complexity-theoretic (CT) model, namely the problem of constructing a non-interactive communication protocol secure against adaptive adversaries a.k.a. non-interactive non-committing encryption. This separation between the models is due to the so-call...
متن کاملProgrammability in the Generic Ring and Group Models
The programmability has long been used as a tool to prove security of schemes in the random oracle model (ROM) even in the cases where schemes do not seem to have a security proof in the standard model [3, 8, 10]. On the other hand, it seems that a similar property has never been studied in the generic models, i.e., the generic ring and group models, respectively the GRM and the GGM. This work ...
متن کاملThe Wonderful World of Global Random Oracles
The random-oracle model by Bellare and Rogaway (CCS’93) is an indispensable tool for the security analysis of practical cryptographic protocols. However, the traditional random-oracle model fails to guarantee security when a protocol is composed with arbitrary protocols that use the same random oracle. Canetti, Jain, and Scafuro (CCS’14) put forth a global but non-programmable random oracle in ...
متن کاملNon-adaptive programmability of random oracle
Random Oracles serve as an important heuristic for proving security of many popular and important cryptographic primitives. But, at the same time they are criticized due to the impossibility of practical instantiation. Programmability is one of the most important feature behind the power of Random Oracles. Unfortunately, in the standard hash functions, the feature of programmability is limited....
متن کاملThreshold Identity Based Encryption Scheme without Random Oracles
The first threshold identity-based encryption scheme secure against chosen identity and ciphertext attacks is proposed in this paper. Our construction is based on the recently proposed identity-based encryption scheme of Waters in EUROCRYPT 2005. The new threshold identity-based encryption scheme is non-interactive and does not rely on the random oracle model.
متن کامل