Separating Random Oracle Proofs from Complexity Theoretic Proofs: The Non-committing Encryption Case

  • Jesper Buus Nielsen
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2442)


We show that there exists a natural protocol problem which has a simple solution in the random-oracle (RO) model and which has no solution in the complexity-theoretic (CT) model, namely the problem of constructing a non-interactive communication protocol secure against adaptive adversaries a.k.a. non-interactive non-committing encryption. This separation between the models is due to the so-called programability of the random oracle. We show this by providing a formulation of the RO model in which the oracle is not programmable, and showing that in this model, there does not exist non-interactive non-committing encryption.


Encryption Scheme Secure Protocol Random Oracle Ideal Functionality Probabilistic Polynomial Time 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. Bea97.
    D. Beaver. Plug and play encryption. In Crypto’ 97, pages 75–89, Berlin, 1997. Springer. LNCS Vol. 1294.Google Scholar
  2. BFM88.
    Manuel Blum, Paul Feldman, and Silvio Micali. Non-interactive zero-knowledge and its applications (extended abstract). In [ACM88], pages 103–112.Google Scholar
  3. BGW88.
    Michael Ben-Or, Shafi Goldwasser, and Avi Wigderson. Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract). In [ACM88], pages 1–10.Google Scholar
  4. BH92.
    D. Beaver and S. Haber. Cryptographic protocols provably secure against dynamic adversaries. In EuroCrypt’ 92, pages 307–323, Berlin, 1992. Springer. LNCS Vol. 658.Google Scholar
  5. BR93.
    Mihir Bellare and Phillip Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In First ACM Conference on Computing and Communications Security, pages 62–73. ACM, 1993.Google Scholar
  6. BR95.
    M. Bellare and P. Rogaway. Optimal asymmetric encryption. In EuroCrypt’94, pages 92–111, Berlin, 1995. Springer. LNCS Vol. 950.Google Scholar
  7. Can00.
    Ran Canetti. Security and composition of multiparty cryptographic protocols. Journal of Cryptology, 13(1):143–202, winter 2000.zbMATHCrossRefMathSciNetGoogle Scholar
  8. Can01.
    Ran Canetti. Universally composable security: A new paradigm for cryptographic protocols. In 42th Annual Symposium on Foundations of Computer Science. IEEE, 2001.Google Scholar
  9. CCD88.
    David Chaum, Claude Crépeau, and Ivan Damgøard. Multiparty unconditionally secure protocols (extended abstract). In [ACM88], pages 11–19.Google Scholar
  10. CFGN96.
    Ran Canetti, Uri Feige, Oded Goldreich, and Moni Naor. Adaptively secure multi-party computation. In Proceedings of the Twenty-Eighth Annual ACM Symposium on the Theory of Computing, pages 639–648, Philadelphia, Pennsylvania, 22–24 May 1996.Google Scholar
  11. CGH98.
    Ran Canetti, Oded Goldreich, and Shai Halevi. The random oracle methodology, revisited (preliminary version). In Proceedings of the Thirtieth Annual ACM Symposium on the Theory of Computing, pages 209–218, Dallas, TX, USA, 24–26 May 1998.Google Scholar
  12. DN00.
    Ivan Damgøard and Jesper B. Nielsen. Improved non-committing encryption schemes based on a general complexity assumption. In Crypto 2000, pages 432–450, Berlin, 2000. Springer. LNCS Vol. 1880.CrossRefGoogle Scholar
  13. FS86.
    A. Fiat and A. Shamir. How to prove yourself: practical solutions to identification and signature problems. In Crypto’ 86, pages 186–194, Berlin, 1986. Springer. LNCS Vol. 263.Google Scholar
  14. GK90.
    O. Goldreich and H. Krawczyk. On the composition of zero knowledge proof systems. In Proceedings of ICALP 90, Berlin, 1990. Springer. LNCS Vol. 443.Google Scholar
  15. Sho01.
    Victor Shoup. OAEP reconsidered. In Crypto 2001, pages 239–259, Berlin, 2001. Springer. LNCS Vol. 2139.CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Jesper Buus Nielsen
    • 1
  1. 1.BRICS Department of Computer ScienceUniversity of AarhusArhus CDenmark

Personalised recommendations