In this paper we investigate the problem of secure instantiation of the random oracle, based on the concepts and methods of algorithmic randomness. We show that, for any secure signature scheme in the random oracle model, there exists a specific computable function which can instantiate the random oracle while keeping the security originally proved in the random oracle model. Our results use th...

We formally study iterated block ciphers that alternate between two sequences of independent and identically distributed (i.i.d.) rounds. It is demonstrated that, in some cases the effect of alternating increases security, while in other cases the effect may strictly decrease security relative to the corresponding product of one of its component sequences. As this would appear to contradict con...

Recently, Wen, Lee, and Hwang proposed a three-party password-authenticated key exchange protocol making use of the Weil pairing. The protocol was claimed to be provably secure. But despite the claim of provable security, the protocol is in fact insecure in the presence of an active adversary. We demonstrate this by presenting an attack that completely compromises the authentication mechanism o...

Media encryption technologies actively play the first line of defense in securing the access of multimedia data. Traditional cryptographic encryption can achieve provable security but is unfortunately sensitive to a single bit error, which will cause an unreliable packet to be dropped to create packet loss. In order to achieve robust media encryption, error resilience in media encryption can be...

Within the security architecture of the 3GPP system there is a standardised encryption mode f8 based on the block cipher KASUMI. In this work we examine the pseudorandomness of the block cipher KASUMI and the provable security of f8. First we show that the three round KASUMI is not a pseudorandom permutation ensemble but the four round KASUMI is a pseudorandom permutation ensemble under the ada...

This thesis illustrates and examines the gap that exists between theoretical and practical cryptography. Provable security is a useful tool which allows cryptographers to perform formal security analyses within a strict mathematical framework. Unfortunately, the formal modelling of provable security sometimes fails to match how particular schemes or protocols are implemented in real life. We ex...

We propose secret-key cryptosystems MISTY1 andMISTY2, which are block ciphers with a 128-bit key, a 64-bit block and a variable number of rounds. MISTY is a generic name for MISTY1 and MISTY2. They are designed on the basis of the theory of provable security against di erential and linear cryptanalysis, and moreover they realize high speed encryption on hardware platforms as well as on software...

We propose secret-key cryptosystems MISTY1 andMISTY2, which are block ciphers with a 128-bit key, a 64-bit block and a variable number of rounds. MISTY is a generic name for MISTY1 and MISTY2. They are designed on the basis of the theory of provable security against di erential and linear cryptanalysis, and moreover they realize high speed encryption on hardware platforms as well as on software...

We present three security claims for iterated MAC functions. Next, we propose Alred, a construction method for MAC functions based on a block cipher that has provable security in the absence of internal collisions. We apply this construction to AES resulting in two MAC functions: Alpha-MAC and Pelican. We provide a model for describing different types of internal collisions in Alred and provide...

We provide a concrete security treatment of several “provably secure” hash functions. Interpreting arguments behind MQ-HASH, FSB, SWIFFTX and VSH we identify similar lines of reasoning. We aim to formulate the main security claims in a language closer to that of attacks. We evaluate designers’ claims of provable security and quantify them more precisely, deriving “second order” bounds on bounds...