Cryptology ePrint Archive: Report 2005/210
The Ideal-Cipher Model, Revisited: An Uninstantiable Blockcipher-Based Hash Function
Abstract: The Ideal-Cipher Model of a blockcipher is a well-known and widely-used model dating back to Shannon and has seen frequent use in proving the security of various cryptographic objects and protocols.
But very little discussion has transpired regarding the meaning of
proofs conducted in this model or regarding the model's validity.
In this paper, we briefly discuss the implications of proofs done
in the ideal-cipher model, then show some limitations of the model analogous to recent work regarding the Random-Oracle Model.
In particular, we extend work by Canetti, Goldreich and Halevi,
and a recent simplification by Maurer, Renner, and Holenstein,
to exhibit a blockcipher-based hash function that is provably-secure in the ideal-cipher model but trivially insecure when instantiated by any blockcipher.
Category / Keywords: foundations / Ideal-Cipher Model, Information-Theoretic Cryptography, Random-Oracle Model
Publication Info: Unpublished
Date: received 1 Jul 2005
Contact author: jrblack at cs colorado edu
Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation
Version: 20050705:215032 (All versions of this report)
Short URL: ia.cr/2005/210
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]