On the black-box complexity of optimally-fair coin tossing
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Impossibility of blind signatures from one-way permutations
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Time-lock puzzles in the random oracle model
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
On black-box reductions between predicate encryption schemes
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
On the power of nonuniformity in proofs of security
Proceedings of the 4th conference on Innovations in Theoretical Computer Science
Limits of random oracles in secure computation
Proceedings of the 5th conference on Innovations in theoretical computer science
Hi-index | 0.00 |
We show that every black-box construction of one-time signature schemes from a random oracle achieves security at most poly(q)2^q, where q is the total number of queries to the oracle by the generation, signing, and verification algorithms. That is, any such scheme can be broken with probability close to 1 by a (computationally unbounded) adversary making poly(q)2^q queries to the oracle. This is tight up to a constant factor in the number of queries, since a simple modification of Lamport's scheme achieves 2^{(0.812 - o(1))q} security using q queries. Our results extend (with a loss of a constant factor in the number of queries) also to the random permutation and idealcipher oracles, and so can be taken as evidence of an inherent efficiency gap between signature schemes and symmetric primitives such as block ciphers, hash functions, and message authentication codes.