The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
Ce travail se concentre sur une vulnérabilité des fonctions de hachage due à des utilisations ou des implémentations bâclées dans le monde réel. Si notre communauté de recherche en cryptographie réussissait à développer une fonction aléatoire parfaitement sécurisée comme l’oracle aléatoire, elle pourrait être brisée dans un certain sens par des utilisations non valides. Dans cet article, nous proposons une nouvelle variante du modèle oracle aléatoire afin d'analyser la sécurité des protocoles cryptographiques dans le cas d'une utilisation invalide des fonctions de hachage. Notre modèle permet aux adversaires d’obtenir arbitrairement le contenu de la liste de hachage des paires d’entrée et de sortie. Nous analysons également la sécurité de plusieurs protocoles dominants (FDH, OAEP, cryptosystème Cramer-Shoup, cryptosystème Kurosawa-Desmedt, NAXOS) dans notre modèle. À la suite d’analyses, nous clarifions que les cryptosystèmes FDH et Cramer-Shoup sont toujours sécurisés mais que d’autres ne le sont pas dans notre modèle. Ce résultat montre la séparation entre notre modèle et le modèle standard.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copier
Kazuki YONEYAMA, Satoshi MIYAGAWA, Kazuo OHTA, "Leaky Random Oracle" in IEICE TRANSACTIONS on Fundamentals,
vol. E92-A, no. 8, pp. 1795-1807, August 2009, doi: 10.1587/transfun.E92.A.1795.
Abstract: This work focuses on a vulnerability of hash functions due to sloppy usages or implementations in the real world. If our cryptographic research community succeeded in the development of a perfectly secure random function as the random oracle, it might be broken in some sense by invalid uses. In this paper, we propose a new variant of the random oracle model in order to analyze the security of cryptographic protocols under the situation of an invalid use of hash functions. Our model allows adversaries to obtain contents of the hash list of input and output pairs arbitrarily. Also, we analyze the security of several prevailing protocols (FDH, OAEP, Cramer-Shoup cryptosystem, Kurosawa-Desmedt cryptosystem, NAXOS) in our model. As the result of analyses, we clarify that FDH and Cramer-Shoup cryptosystem are still secure but others are insecure in our model. This result shows the separation between our model and the standard model.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.E92.A.1795/_p
Copier
@ARTICLE{e92-a_8_1795,
author={Kazuki YONEYAMA, Satoshi MIYAGAWA, Kazuo OHTA, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Leaky Random Oracle},
year={2009},
volume={E92-A},
number={8},
pages={1795-1807},
abstract={This work focuses on a vulnerability of hash functions due to sloppy usages or implementations in the real world. If our cryptographic research community succeeded in the development of a perfectly secure random function as the random oracle, it might be broken in some sense by invalid uses. In this paper, we propose a new variant of the random oracle model in order to analyze the security of cryptographic protocols under the situation of an invalid use of hash functions. Our model allows adversaries to obtain contents of the hash list of input and output pairs arbitrarily. Also, we analyze the security of several prevailing protocols (FDH, OAEP, Cramer-Shoup cryptosystem, Kurosawa-Desmedt cryptosystem, NAXOS) in our model. As the result of analyses, we clarify that FDH and Cramer-Shoup cryptosystem are still secure but others are insecure in our model. This result shows the separation between our model and the standard model.},
keywords={},
doi={10.1587/transfun.E92.A.1795},
ISSN={1745-1337},
month={August},}
Copier
TY - JOUR
TI - Leaky Random Oracle
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 1795
EP - 1807
AU - Kazuki YONEYAMA
AU - Satoshi MIYAGAWA
AU - Kazuo OHTA
PY - 2009
DO - 10.1587/transfun.E92.A.1795
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E92-A
IS - 8
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - August 2009
AB - This work focuses on a vulnerability of hash functions due to sloppy usages or implementations in the real world. If our cryptographic research community succeeded in the development of a perfectly secure random function as the random oracle, it might be broken in some sense by invalid uses. In this paper, we propose a new variant of the random oracle model in order to analyze the security of cryptographic protocols under the situation of an invalid use of hash functions. Our model allows adversaries to obtain contents of the hash list of input and output pairs arbitrarily. Also, we analyze the security of several prevailing protocols (FDH, OAEP, Cramer-Shoup cryptosystem, Kurosawa-Desmedt cryptosystem, NAXOS) in our model. As the result of analyses, we clarify that FDH and Cramer-Shoup cryptosystem are still secure but others are insecure in our model. This result shows the separation between our model and the standard model.
ER -