Abstract
Recently, methods from provable security, that had been developped for the last twenty years within the research community, have been extensively used to support emerging standards. This in turn has led researchers as well as practitioners to raise some concerns about this methodology. Should provable security be restricted to the standard computational model or can it rely on the so-called random oracle model? In the latter case, what is the practical meaning of security estimates obtained using this model? Also, the fact that proofs themselves need time to be validated through public discussion was somehow overlooked. Building on two case studies, we discuss these concerns. One example covers the public key encryption formatting scheme OAEP originally proposed in [3]. The other comes from the area of signature schemes and is related to the security proof of ESIGN [43]. Both examples show that provable security is more subtle than it at first appears. © International Association for Cryptologic Research 2003.
Cite
CITATION STYLE
Stern, J. (2003). Why provable security matters? Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2656, 449–461. https://doi.org/10.1007/3-540-39200-9_28
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
