Computer-Aided Cryptographic Proofs

* Final gross prices may vary according to local VAT.

Get Access

Abstract

Provable security [6] is at the heart of modern cryptography. It advocates a mathematical approach in which the security of new cryptographic constructions is defined rigorously, and provably reduced to one or several assumptions, such as the hardness of a computational problem, or the existence of an ideal functionality. A typical provable security statement is of the form: for all adversary \(\mathcal{A}\) against the cryptographic construction \(\mathcal{S}\) , there exists an adversary \(\mathcal{B}\) against a security assumption \(\mathcal{H}\) , such that if \(\mathcal{A}\) has a high probability of breaking the scheme \(\mathcal{S}\) in time t, then \(\mathcal{B}\) has a high probability of breaking the assumption \(\mathcal{H}\) in time t′ (defined as a function of t).