Paper 2023/1075
Streebog as a Random Oracle
, CryptoPro LLC, CryptoPro LLC, CryptoPro LLCAbstract
The random oracle model is an instrument used for proving that protocol has no structural flaws when settling with standard hash properties is impossible or fairly difficult. In practice, however, random oracles have to be instantiated with some specific hash functions, which are not random oracles. Hence, in the real world, an adversary has broader capabilities than considered in the random oracle proof — it can exploit the peculiarities of a specific hash function to achieve its goal. In a case when a hash function is based on some building block, one can go further and show that even if the adversary has access to that building block, the hash function still behaves like a random oracle under some assumptions made about the building block. Thereby, the protocol can be proved secure against more powerful adversaries under less complex assumptions. The indifferentiability notion formalizes that approach. In this paper we study whether Streebog, a Russian standardized hash function, can instantiate a random oracle from that point of view. We prove that Streebog is indifferentiable from a random oracle under an ideal cipher assumption for the underlying block cipher.
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. CTCrypt 2023 - 12th Workshop on Current Trends in Cryptology, Volgograd , June 6-9, 2023
- Keywords
- StreebogGOSTRandom OracleIndifferentiability
- Contact author(s)
-
lah @ cryptopro ru
babueva @ cryptopro ru
bozhko @ cryptopro ru - History
- 2023-07-11: approved
- 2023-07-10: received
- See all versions
- Short URL
- https://ia.cr/2023/1075
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/1075,
author = {Liliya Akhmetzyanova and Alexandra Babueva and Andrey Bozhko},
title = {Streebog as a Random Oracle},
howpublished = {Cryptology {ePrint} Archive, Paper 2023/1075},
year = {2023},
url = {https://eprint.iacr.org/2023/1075}
}
