Public-key cryptography from different assumptions
Proceedings of the forty-second ACM symposium on Theory of computing
On the black-box complexity of optimally-fair coin tossing
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Limits on the power of zero-knowledge proofs in cryptographic constructions
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Impossibility of blind signatures from one-way permutations
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Time-lock puzzles in the random oracle model
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Merkle puzzles in a quantum world
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Weak oblivious transfer from strong one-way functions
ProvSec'11 Proceedings of the 5th international conference on Provable security
On black-box reductions between predicate encryption schemes
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
On the power of nonuniformity in proofs of security
Proceedings of the 4th conference on Innovations in Theoretical Computer Science
Limits on the usefulness of random oracles
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
Limits of random oracles in secure computation
Proceedings of the 5th conference on Innovations in theoretical computer science
| Hi-index | 0.00 |
We prove that every key exchange protocol in the random oracle model in which the honest users make at most n queries to the oracle can be broken by an adversary making O(n 2) queries to the oracle. This improves on the previous $\Tilde{\Omega}(n^6)$ query attack given by Impagliazzo and Rudich (STOC '89), and answers an open question posed by them. Our bound is optimal up to a constant factor since Merkle (CACM '78) gave a key exchange protocol that can easily be implemented in this model with n queries and cannot be broken by an adversary making o(n 2) queries.