Correcting Subverted Random Oracles

被引：18

作者：

Russell, Alexander ^{[1
]}

Tang, Qiang ^{[2
]}

Yung, Moti ^{[3
]}

Zhou, Hong-Sheng ^{[4
]}

机构：

[1] Univ Connecticut, Mansfield, PA USA

[2] New Jersey Inst Technol, Newark, NJ 07102 USA

[3] Columbia Univ, New York, NY USA

[4] Virginia Commonwealth Univ, Richmond, VA USA

来源：

ADVANCES IN CRYPTOLOGY - CRYPTO 2018, PT II | 2018年 / 10992卷

关键词：

IDEAL CIPHER; SECURITY; HASH; INDIFFERENTIABILITY; ENCRYPTION; SCHEMES;

D O I：

10.1007/978-3-319-96881-0_9

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

The random oracle methodology has proven to be a powerful tool for designing and reasoning about cryptographic schemes, and can often act as an effective bridge between theory and practice. In this paper, we focus on the basic problem of correcting faulty-or adversarially corrupted-random oracles, so that they can be confidently applied for such cryptographic purposes. We prove that a simple construction can transform a "subverted" random oracle-which disagrees with the original one at a negligible fraction of inputs-into a construction that is indifferentiable from a random function. Our results permit future designers of cryptographic primitives in typical kleptographic settings (i.e., with adversaries who may subvert the implementation of cryptographic algorithms but undetectable via blackbox testing) to use random oracles as a trusted black box, in spite of not trusting the implementation. Our analysis relies on a general rejection re-sampling lemma which is a tool of possible independent interest.

引用

页码：241 / 271

页数：31

共 55 条

[1] Keys Under Doormats
Abelson, Harold Hal
Anderson, Ross
Bellovin, Steven M.
Benaloh, Josh
Blaze, Matt
Diffie, Whitfield Whit
Gilmore, John
Green, Matthew
Landau, Susan
Neumann, Peter G.
Rivest, Ronald L.
Schiller, Jeffrey I.
Schneier, Bruce
Specter, Michael A.
Weitzner, Daniel J.
[J]. COMMUNICATIONS OF THE ACM, 2015, 58 (10) : 24 - 26
[2] [Anonymous], 1993, ACM CCS 1993, DOI DOI 10.1145/168588.168596
[3] Subversion-Resilient Signature Schemes
Ateniese, Giuseppe
Magri, Bernardo
Venturi, Daniele
[J]. CCS'15: PROCEEDINGS OF THE 22ND ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2015, : 364 - 375
[4] Mass-surveillance without the State: Strongly Undetectable Algorithm-Substitution Attacks
Bellare, Mihir
Jaeger, Joseph
Kane, Daniel
[J]. CCS'15: PROCEEDINGS OF THE 22ND ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2015, : 1431 - 1440
[5] Bellare M, 2014, LECT NOTES COMPUT SC, V8616, P1, DOI 10.1007/978-3-662-44371-2_1
[6] Resisting Randomness Subversion: Fast Deterministic and Hedged Public-Key Encryption in the Standard Model
Bellare, Mihir
Viet Tung Hoang
[J]. ADVANCES IN CRYPTOLOGY - EUROCRYPT 2015, PT II, 2015, 9057 : 627 - 656
[7] Bellare M, 2013, LECT NOTES COMPUT SC, V8043, P398, DOI 10.1007/978-3-642-40084-1_23
[8] Going Bright: Wiretapping without Weakening Communications Infrastructure
Bellovin, Steven M.
Blaze, Matt
Clark, Sandy
Landau, Susan
[J]. IEEE SECURITY & PRIVACY, 2013, 11 (01) : 62 - 72
[9] BLUM M, 1990, PROCEEDINGS OF THE TWENTY SECOND ANNUAL ACM SYMPOSIUM ON THEORY OF COMPUTING, P73, DOI 10.1145/100216.100225
[10] Blum M., 1989, Proceedings of the Twenty First Annual ACM Symposium on Theory of Computing, P86, DOI 10.1145/73007.73015

← 1 2 3 4 5 6 →