Adapting the Weaknesses of the Random Oracle Model to the Generic Group Model
The generic group model has recently been used to prove the security of certain asymmetric encryption and signature schemes. This paper presents results that show that there exist problems in that are provably hard in the generic group model but easy to solve whenever the random encoding function is replaced with a specific encoding function (or one drawn from a specific set of encoding functions). In particular we show that there exist cryptographic schemes that are provably hard in the generic group model but easy to break in practice.
KeywordsHash Function Signature Scheme Random Oracle Discrete Logarithm Problem Random Oracle Model
- 1.M. Bellare and P. Rogaway. ‘Random Oracles are Practical: A Paradigm for Designing Effecient Protocols.’ Proceedings of the First ACM Conference on Computer and Communications Security, 1993.Google Scholar
- 2.D. Brown. ‘Generic Groups, Collision Resistance, and ECDSA’. Available from http://eprint.iacr.org/, 2002.
- 3.R. Canetti, O. Goldreich and S. Halevi. ‘The Random Oracle Methodology, Revisited.’ Proceedings of the 13th Annual ACM Symposium on Theory of Computing, 1998.Google Scholar
- 4.M. Fischlin. ‘A Note on Security Proofs in the Generic Model.’ Advances in Cryptology-Asiacrypt 2000, 2000.Google Scholar
- 5.S. Micali. ‘CS proofs.’ Proceedings of the 35th IEEE Symposium on Foundations of Computer Science, 1994.Google Scholar
- 6.C. Schnorr. ‘Efficient Signature Generation for Smart Cards.’ Journal of Cryptology, Vol 4, 1991.Google Scholar
- 7.C. Schnorr and M. Jakobsson. ‘Security of Signed El-Gamel Encryption.’ Advances in Cryptology-Asiacrypt 2000, 2000.Google Scholar
- 8.V. Shoup. ‘Lower Bounds for Discrete Logarithms and Related Problems.’ Theory and Application of Cryptographic Techniques, 1997.Google Scholar
- 9.N. Smart. ‘The Exact Security of ECIES in the Generic Group Model.’ Cryptography and Coding, 2001.Google Scholar