International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Towards realizing random oracles: Hash functions that hide all partial information

Authors:
Ran Canetti
Download:
URL: http://eprint.iacr.org/1997/007
Search ePrint
Search Google
Abstract: The random oracle model is a very convenient setting for designing cryptographic protocols. In this idealized model all parties have access to a common, public random function, called a random oracle. Protocols in this model are often very simple and efficient; also the analysis is often clearer. However, we do not have a general mechanism for transforming protocols that are secure in the random oracle model into protocols that are secure in real life. In fact, we do not even know how to meaningfully specify the properties required from such a mechanism. Instead, it is a common practice to simply replace - often without mathematical justification - the random oracle with a `cryptographic hash function' (e.g., MD5 or SHA). Consequently, the resulting protocols have no meaningful proofs of security.
BibTeX
@misc{eprint-1997-11289,
  title={Towards realizing random oracles: Hash functions that hide all partial information},
  booktitle={IACR Eprint archive},
  keywords={Random oracles, Hash functions, Collision resistance, Semantic security},
  url={http://eprint.iacr.org/1997/007},
  note={Appeared in the THEORY OF CRYPTOGRAPHY LIBRARY and has been included in the ePrint Archive. canetti@watson.ibm.com 10500 received June 2nd, 1997.},
  author={Ran Canetti},
  year=1997
}