Cryptology ePrint Archive: Report 2021/454

Measure-Rewind-Measure: Tighter Quantum Random Oracle Model Proofs for One-Way to Hiding and CCA Security

Veronika Kuchta and Amin Sakzad and Damien Stehle and Ron Steinfeld and Shi-Feng Sun

Abstract: We introduce a new technique called `Measure-Rewind-Measure' (MRM) to achieve tighter security proofs in the quantum random oracle model (QROM). We first apply our MRM technique to derive a new security proof for a variant of the `double-sided' quantum One-Way to Hiding Lemma (O2H) of Bindel et al. [TCC 2019] which, for the first time, avoids the square-root advantage loss in the security proof. In particular, it bypasses a previous `impossibility result' of Jiang, Zhang and Ma [IACR eprint 2019]. We then apply our new O2H Lemma to give a new tighter security proof for the Fujisaki-Okamoto transform for constructing a strong (INDCCA) Key Encapsulation Mechanism (KEM) from a weak (INDCPA) public-key encryption scheme satisfying a mild injectivity assumption.

Category / Keywords: public-key cryptography / QROM, security proof, public-key encryption

Original Publication (with minor differences): EUROCRYPT 2020

Date: received 7 Apr 2021

Contact author: ron steinfeld at monash edu

Available format(s): PDF | BibTeX Citation

Note: This is the full version of the Eurocrypt 2020 paper. The differences from the Eurocrypt 2020 version are as follows: - fixed the bug in the advantage of the optimal distinguisher discussed in the Introduction (Adv(A) = sqrt((2-p_x)*px) vs. Adv(A)=sqrt(p_x) in the conference version). - added two appendices: Appendix A for missing std definitions, and Appendix B for security loss computation details of Table 2.

Version: 20210408:122515 (All versions of this report)

Short URL: ia.cr/2021/454


[ Cryptology ePrint archive ]