Paper 2023/1682

Selective Opening Security in the Quantum Random Oracle Model, Revisited

Jiaxin Pan, University of Kassel
Runzhi Zeng, Norwegian University of Science and Technology

We prove that two variants of the Fujisaki-Okamoto (FO) transformations are selective opening secure (SO) against chosen-ciphertext attacks in the quantum random oracle model (QROM), assuming that the underlying public-key encryption scheme is one-way secure against chosen-plaintext attacks (OW-CPA). The two variants we consider are $\mathsf{FO}^{\not{\bot}}$ (Hofheinz, Hövelmanns, and Kiltz, TCC 2017) and $\mathsf{U}^{\not{\bot}}_\mathsf{m}$ (Jiang et al., CRYPTO 2018). This is the first correct proof in the QROM. The previous work of Sato and Shikata (IMACC 2019) showed the SO security of $\mathsf{FO}^{\not{\bot}}$ in the QROM. However, we identify a subtle gap in their work. To close this gap, we propose a new framework that allows us to adaptively reprogram a QRO with respect to multiple queries that are computationally hard to predict. This is a property that can be easily achieved by the classical ROM, but is very hard to achieve in the QROM. Hence, our framework brings the QROM closer to the classical ROM. Under our new framework, we construct the first tightly SO secure PKE in the QROM using lossy encryption. Our final application is proving $\mathsf{FO}^{\not{\bot}}$ and $\mathsf{U}^{\not{\bot}}_\mathsf{m}$ are bi-selective opening (Bi-SO) secure in the QROM. This is a stronger SO security notion, where an adversary can additionally corrupt some users' secret keys.

Available format(s)
Public-key cryptography
Publication info
Selective opening securityquantum random oracle modelFujisaki-Okamoto transformationtight security
Contact author(s)
jiaxin pan @ uni-kassel de
runzhi zeng @ ntnu no
2023-11-03: approved
2023-10-30: received
See all versions
Short URL
Creative Commons Attribution


      author = {Jiaxin Pan and Runzhi Zeng},
      title = {Selective Opening Security in the Quantum Random Oracle Model, Revisited},
      howpublished = {Cryptology ePrint Archive, Paper 2023/1682},
      year = {2023},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.