We show that there exists a natural protocol problem which has a simple solution in the random-oracle (RO) model and which has no solution in the complexity-theoretic (CT) model, namely the problem of constructing a non-interactive communication protocol secure against adaptive adversaries a.k.a. non-interactive non-committing encryption. This separation between the models is due to the so-call...

We study the power of two models of faulty teachers in Valiant’s PAC learning model and Angluin’s exact learning model. The first model we consider is learning from an incomplete membership oracle introduced by Angluin and Slonim (1994). In this model, the answers to a random subset of the learner’s membership queries may be missing. The second model we consider is random persistent classificat...

Cryptographic primitive of timed-release encryption (TRE) enables the sender to encrypt a message which only allows designated receiver decrypt after time. Combined with other technologies, TRE technology is applied variety scenarios, including regularly posting on social network and online sealed bidding. Nowadays, in order control decryption time while maintaining anonymity user identities, m...

Key-agreement protocols whose security is proven in the random oracle model are an important alternative to the more common public-key based key-agreement protocols. In the random oracle model, the parties and the eavesdropper have access to a shared random function (an “oracle”), but they are limited in the number of queries they can make to it. Unfortunately, as shown by Impagliazzo and Rudic...

In the random oracle model, the parties are given oracle access to a random member of a (typically huge) function family, and are assumed to have unbounded computational power (though they can only make a bounded number of oracle queries). This model provides powerful properties that allow proving the security of many protocols, even such that cannot be proved secure in the standard model (unde...

In this paper we construct and consider a new group-based digital signature scheme with evolving secret key, which is built using bilinear map. This map an asymmetric pairing of Type 3, although, for the reason paper, it treated in completely abstract fashion ought to be viewed as being actually defined over $E(\FF_{q^{n}})[p]\times E(\FF_{q^{nk}})[p]\to \FF_{q^{nk}}[p]$. The crucial element ke...

In this paper, we show that major cryptosystems such as FDH, OAEP, and RSA-KEM are secure under a hash function MD with Merkle-Damg̊ard (MD) construction that uses a random oracle compression function h. First, we propose two new ideal primitives called Traceable Random Oracle (T RO) and Extension Attack Simulatable Random Oracle (ERO) which are weaker than a random oracle (RO). Second, we show ...

We revisit previous formulations of zero knowledge in the random oracle model due to Bellare and Rogaway (CCS ’93) and Pass (Crypto ’03), and present a hierarchy for zero knowledge that includes both of these formulations. The hierarchy relates to the programmability of the random oracle, previously studied by Nielsen (Crypto ’02). – We establish a subtle separation between the Bellare-Rogaway ...