Why Provable Security Matters?
نویسنده
چکیده
Recently, methods from provable security, that had been developped for the last twenty years within the research community, have been extensively used to support emerging standards. This in turn has led researchers as well as practitioners to raise some concerns about this methodology. Should provable security be restricted to the standard computational model or can it rely on the so-called random oracle model? In the latter case, what is the practical meaning of security estimates obtained using this model? Also, the fact that proofs themselves need time to be validated through public discussion was somehow overlooked. Building on two case studies, we discuss these concerns. One example covers the public key encryption formatting scheme OAEP originally proposed in [3]. The other comes from the area of signature schemes and is related to the security proof of ESIGN [43]. Both examples show that provable security is more subtle than it at first appears.
منابع مشابه
On Management Matters: Why We Must Improve Public Health Management Through Action; Comment on “Management Matters: A Leverage Point for Health Systems Strengthening in Global Health”
Public health management is a pillar of public health practice. Only through effective management can research, theory, and scientific innovation be translated into successful public health action. With this in mind, the U.S. Centers for Disease Control and Prevention (CDC) has developed an innovative program called Improving Public Health Management for Action (IMPACT) which aims to address th...
متن کاملPractice-Oriented Provable-Security
This short article is intended to complement my talk. I would like to try to introduce you to a certain, relatively new sub-area of cryptography that we have been calling practice-oriented provable-security. It is about applying the ideas of “provably security” to the derivation of practical, secure protocols. I believe it is a fruitful blend of theory and practice that is able to enrich both s...
متن کاملOptimal Proximity Proofs
Provably secure distance-bounding is a rising subject, yet an unsettled one; indeed, very few distance-bounding protocols, with formal security proofs, have been proposed. In fact, so far only two protocols, namely SKI (by Boureanu et al.) and FO (by Fischlin and Onete), offer all-encompassing security guaranties, i.e., resistance to distance-fraud, mafia-fraud, and terrorist-fraud. Matters lik...
متن کاملProvable Security in Practice: Analysis of SSH and CBC mode with Padding
This thesis illustrates and examines the gap that exists between theoretical and practical cryptography. Provable security is a useful tool which allows cryptographers to perform formal security analyses within a strict mathematical framework. Unfortunately, the formal modelling of provable security sometimes fails to match how particular schemes or protocols are implemented in real life. We ex...
متن کاملContributions to provable security and efficient cryptography
This thesis deals with two main matters of modern public key cryptography: provable security and efficient implementation. Indubitably, security is the most important property of any cryptographic scheme. Nevertheless, cryptographic algorithms have often been designed on a trial-and-error basis, i. e., a system has been regarded as secure as long as it withstood cryptanalytic attacks. In contra...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2003