How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Hash functions based on block ciphers: a synthetic approach
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
The random oracle methodology, revisited (preliminary version)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Handbook of Applied Cryptography
Handbook of Applied Cryptography
The Security of All-or-Nothing Encryption: Protecting against Exhaustive Key Search
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Separating Random Oracle Proofs from Complexity Theoretic Proofs: The Non-committing Encryption Case
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
One Way Hash Functions and DES
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
A Construction of a Cioher From a Single Pseudorandom Permutation
ASIACRYPT '91 Proceedings of the International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
Adapting the Weaknesses of the Random Oracle Model to the Generic Group Model
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On the Security of Randomized CBC-MAC Beyond the Birthday Paradox Limit: A New Construction
FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
The Decision Diffie-Hellman Problem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
SFCS '94 Proceedings of the 35th Annual Symposium on Foundations of Computer Science
Security proofs for signature schemes
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
On the Unprovable Security of 2-Key XCBC
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
The Random Oracle Model and the Ideal Cipher Model Are Equivalent
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Collision Resistance of Double-Block-Length Hash Function against Free-Start Attack
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Compression Functions Suitable for the Multi-Property-Preserving Transform
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
On the Analysis of Cryptographic Assumptions in the Generic Ring Model
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Pseudorandom functions and permutations provably secure against related-key attacks
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Critique of the related-key attack concept
Designs, Codes and Cryptography
On cipher-dependent related-key attacks in the ideal-cipher model
FSE'11 Proceedings of the 18th international conference on Fast software encryption
A domain extender for the ideal cipher
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Hi-index | 0.00 |
The Ideal-Cipher Model of a blockcipher is a well-known and widely-used model dating back to Shannon [25] and has seen frequent use in proving the security of various cryptographic objects and protocols. But very little discussion has transpired regarding the meaning of proofs conducted in this model or regarding the model’s validity. In this paper, we briefly discuss the implications of proofs done in the ideal-cipher model, then show some limitations of the model analogous to recent work regarding the Random-Oracle Model [2]. In particular, we extend work by Canetti, Goldreich and Halevi [5], and a recent simplification by Maurer, Renner, and Holenstein [15], to exhibit a blockcipher-based hash function that is provably-secure in the ideal-cipher model but trivially insecure when instantiated by any blockcipher.