Paper 2004/152

Another Look at ``Provable Security''

Neal Koblitz and Alfred Menezes


We give an informal analysis and critique of several typical ``provable security'' results. In some cases there are intuitive but convincing arguments for rejecting the conclusions suggested by the formal terminology and ``proofs,'' whereas in other cases the formalism seems to be consistent with common sense. We discuss the reasons why the search for mathematically convincing theoretical evidence to support the security of public-key systems has been an important theme of researchers. But we argue that the theorem-proof paradigm of theoretical mathematics is of limited relevance here and often leads to papers that are confusing and misleading. Because our paper is aimed at the general mathematical public, it is self-contained and as jargon-free as possible.

Note: final version

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. Also available at
Contact author(s)
ajmeneze @ uwaterloo ca
2011-08-15: last of 7 revisions
2004-07-07: received
See all versions
Short URL
Creative Commons Attribution


      author = {Neal Koblitz and Alfred Menezes},
      title = {Another Look at ``Provable Security''},
      howpublished = {Cryptology ePrint Archive, Paper 2004/152},
      year = {2004},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.