Standard Model (cryptography)

Standard Model (cryptography)

In cryptography the standard model is the model of computation in which the adversary is only limited by the amount of time and computational power available. Other names used are bare model and plain model.

Cryptographic schemes are usually based on complexity assumptions, which state that some problem, e.g. factorization, cannot be solved in polynomial time. Schemes which can be proven secure using only complexity assumptions are said to be secure in the standard model. Security proofs are notoriously difficult to achieve in the standard model, so in many proofs, cryptographic primitives are replaced by idealized versions. The most usual example of this technique, known as the random oracle model [cite conference
author = Mihir Bellare
coauthors = Phillip Rogaway
title = Random Oracles are Practical: A Paradigm for Designing Efficient Protocols
booktitle = ACM Conference on Computer and Communications Security
pages = 62-73 | publisher = ACM
date = 1993
url = http://www.cs.ucsd.edu/users/mihir/papers/ro.html
accessdate = 2007-11-01
] [ cite conference
author = Ran Canetti
coauthors = Oded Goldreich and Shai Halevi
title = The Random Oracle Methodology Revisited
booktitle = Proceedings of the thirtieth annual ACM symposium on Theory of computing
pages = 209-218
publisher = ACM
date = 1998
url = http://eprint.iacr.org/1998/011
accessdate = 2007-11-01
] , involves replacing a cryptographic hash function with a genuinely random function. Another example is the generic group model [ cite conference
author = Victor Shoup
title = Lower bounds for discrete logarithms and related problems
conference = Advances in Cryptology – Eurocrypt ’97
booktitle = Lecture Notes in Computer Science
volume = 1233
pages = 256-266
publisher = Springer-Verlag
date = 1997
url = http://www.shoup.net/papers/evalbound.pdf
format = pdf
accessdate = 2007-11-01
] [ cite conference
author = Ueli Maurer
title = Abstract models of computation in cryptography
conference = 10th IMA Conference On Cryptography and Coding
booktitle = Lecture Notes in Computer Science
volume = 2796
pages = 1-12
publisher = Springer-Verlag
date = 2005
url = ftp://ftp.inf.ethz.ch/pub/crypto/publications/Maurer05.pdf
format = pdf
accessdate = 2007-11-01
] , where the adversary is given access to a randomly chosen encoding of a group, instead of the finite field or elliptic curve groups used in practice.

Other models used invoke trusted third parties to perform some task without cheating -- for example, the public key infrastructure (PKI) model requires a certificate authority, which if it were dishonest, could produce fake certificates and use them to forge signatures, or mount a man in the middle attack to read encrypted messages. Other examples of this type are the common random string model and the common reference string model, where it is assumed that all parties have access to some string chosen uniformly at random or a string chosen according to some other probability distribution respectively. These models are often used for Non-interactive zero-knowledge proofs (NIZK). In some applications, such as the Dolev-Dwork-Naor encryption scheme [ cite conference
author = Danny Dolev
coauthors = Cynthia Dwork and Moni Naor
title = Non-Malleable Cryptography
booktitle = Proceedings of the Twenty Third Annual ACM Symposium on Theory of Computing
pages = 542-552
publisher = ACM
date = 1991
] , it makes sense for a particular party to generate the common reference string, while in other applications, the common reference string must be generated by a trusted third party. Collectively, these models are referred to as models with special setup assumptions.

References

ee also

* Random oracle


Wikimedia Foundation. 2010.

См. также в других словарях:

  • Standard model (disambiguation) — Standard model may refer to: * the standard model of particle physics * The mathematical formation of the standard model of particle physics. * The standard model in cryptography * The standard models of mathematical logic * The standard models… …   Wikipedia

  • Cryptography — Secret code redirects here. For the Aya Kamiki album, see Secret Code. Symmetric key cryptography, where the same key is used both for encryption and decryption …   Wikipedia

  • Topics in cryptography — This article is intended to be an analytic glossary , or alternatively, an organized collection of annotated pointers.Classical ciphers*Autokey cipher *Permutation cipher*Polyalphabetic substitution **Vigenère cipher*Polygraphic substitution… …   Wikipedia

  • Public-key cryptography — In an asymmetric key encryption scheme, anyone can encrypt messages using the public key, but only the holder of the paired private key can decrypt. Security depends on the secrecy of that private key …   Wikipedia

  • Outline of cryptography — See also: Index of cryptography articles The following outline is provided as an overview of and topical guide to cryptography: Cryptography (or cryptology) – practice and study of hiding information. Modern cryptography intersects the… …   Wikipedia

  • Financial cryptography — (FC) is the use of cryptography in applications in which financial loss could result from subversion of the message system.Cryptographers think of the field as originating in the work of Dr David Chaum who invented the blinded signature. This… …   Wikipedia

  • Java Platform, Standard Edition 6 — Die Java Plattform (englisch Java Platform) definiert die Ablaufumgebung (Java Virtual Machine) und Programmierschnittstellen (Java Application Programming Interface) innerhalb der Java Technologie. Der Kern der Java Plattform ist die Java… …   Deutsch Wikipedia

  • Random oracle — In cryptography, a random oracle is an oracle (a theoretical black box) that responds to every query with a (truly) random response chosen uniformly from its output domain, except that for any specific query, it responds the same way every time… …   Wikipedia

  • Mathematics and Physical Sciences — ▪ 2003 Introduction Mathematics       Mathematics in 2002 was marked by two discoveries in number theory. The first may have practical implications; the second satisfied a 150 year old curiosity.       Computer scientist Manindra Agrawal of the… …   Universalium

  • Optimal asymmetric encryption padding — This article is about the padding scheme used in public key cryptography. For the division of the Thailand Ministry of Science Technology and Environment entitled Office of Atomic Energy for Peace, see [1]. In cryptography, Optimal Asymmetric… …   Wikipedia


Поделиться ссылкой на выделенное

Прямая ссылка:
Нажмите правой клавишей мыши и выберите «Копировать ссылку»