Abstract
A discrete-logarithm algorithm is called generic if it does not exploit the specific representation of the cyclic group for which it is supposed to compute discrete logarithms. Such algorithms include the well-known Baby-Step-Giant-Step procedure as well as the PohligHellman algorithm. In particular, these algorithms match a lower bound of Nachaev showing that generic discrete-log algorithms require exponentially many group operations. Building on this lower bound, Shoup and subsequently Schnorr and Jakobsson proved other discrete-log-based protocols to be intractable in the generic model. Here, we discuss pitfalls when applying the generic model to other schemes than the discrete-log problem and when interpreting such lower bounds as security proofs for these schemes.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
M. ABDALLA, M. BELLARE, P. ROGAWAY: DHAES: An Encryption Scheme Based on the Diffie-Hellmann Problem, available at http://www-cse.ucsd.edu/users/mihir/, 1998.
M. BELLARE, A. DESAI, D. POINTCHEVAL, P. ROGAWAY: Relations Among Notions of Security for Public-Key Encryption Schemes, Crypto’ 98, Lecture Notes in Computer Science, Vol. 1462, Springer-Verlag, pp. 26–45, 1998.
M. BELLARE, S. MICALI: Non-Interactive Oblivious Transfer and Applications, Crypto’ 89, Lecture Notes in Computer Science, Vol. 435, Springer-Verlag, pp. 547–559, 1990.
M. BELLARE, P. ROGAWAY: Random Oracles are Practical: A Paradigm for Designing Efficient Protocols, ACM Conference on Computer and Communication Security, pp. 62–73, 1993.
M. BELLARE, P. ROGAWAY: Optimal Assymetric Encryption, Eurocrypt’ 94, Lecture Notes in Computer Science, Vol. 950, Springer-Verlag, pp. 92–111, 1994.
D. BONEH: The Decision Diffie-Hellman Problem, Third Algorithmic Number Theory Symposium, Lecture Notes in Computer Science, Vol. 1423, Springer-Verlag, pp. 48–63, 1998.
R. CANETTI, O. GOLDREICH, S. HALEVI: The Random Oracle Methodology, Revisited, Proceedings of the 30th Annual ACM Symposium on the Theory of Computing, pp. 209–218, 1998.
R. CRAMER, V. SHOUP: A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attacks, Crypto’ 98, Lecture Notes in Computer Science, Vol. 1462, Springer-Verlag, pp. 13–25, 1998.
A. DE SANTIS, G. DI CRESCENZO, G. PERSIANO: Public-Key Cryptography and Zero-Knowledge Arguments, Information and Computation, Vol. 121, No. 1, pp. 23–40, 1995.
W. DIFFIE, M. HELLMAN: New Directions in Cryptography, IEEE Transaction on Information Theory, Vol. 22, pp. 644–654, 1976.
T. ELGAMAL: A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms, IEEE Transaction on Information Theory, Vol. 31, pp. 469–472, 1985.
O. GOLDREICH: Foundations of Cryptography (Fragments of a Book), available at http://www.wisdom.weizmann.ac.il/home/oded/public html/index.html, 1998.
O. GOLDREICH, H. KRAWCZYK: On the Composition of Zero-Knowledge Proof Systems, SIAM Journal on Computing, Vol. 25, pp. 169–192, 1996.
S. GOLDWASSER, S. MICALI: Probabilistic Encryption, Journal of Computer and System Sciences, Vol. 28(2), pp. 270–299, 1984.
S. GOLDWASSSER, S. MICALI, C. RACKOFF: The Knowledge Complexity of Interactive Proof Systems, SIAM Journal on Computing, Vol. 18, pp. 186–208, 1989.
S. HADA, T. TANAKA: On the Existence of 3-Round Zero-Knowledge Protocols, Crypto’ 98, Lecture Notes in Computer Science, Vol. 1462, Springer-Verlag, pp. 408–423, 1998.
M. JAKOBSSON: A Practical Mix, Eurocrypt’ 98, Lecture Notes in Computer Science, Vol. 1403, Springer-Verlag, pp. 448–461, 1998.
J. KILIAN, S, MICALI, R. OSTROVSKY: Minimum Resource Zero-Knowledge Proofs, Proceedings of the 30th IEEE Symposium on Foundations of Computer Science, 1989.
S. MICALI, L. REYZIN: Signing with Partially Adversarial Hashing, available at http://theory.lcs.mit.edu/~reyzin, 2000.
V. NECHAEV: Complexity of a Determinate Algorithm for the Discrete Logarithm, Mathematical Notes, Vol. 55, pp. 165–172, 1994.
R. PERALTA: On the Distribution of Quadratic Residues and Non-Residues Modu lo a Prime Number, Mathematical Notes, Vol. 58, 1995.
C. RACKOFF, D. SIMON: Non-Interactive Zero-Knowledge Proofs of Knowledge and Chosen Ciphertext Attacks, Crypto’ 92, Lecture Notes in Computer Science, Vol. 576, Springer-Verlag, pp. 433–444, 1998.
C. SCHNORR: Efficient Signature Generation for Smart Cards, Journal of Cryptology, Vol. 4, pp. 161–174, 1991.
C. SCHNORR, M. JAKOBSSON: Security of Signed ElGamal Encryption, Asiacrypt 2000, Lecture Notes in Computer Science, Springer-Verlag, 2000.
V. SHOUP: Lower Bounds for Discrete-Logarithm and Related Problems, Eurocrypt’ 97, Lecture Notes in Computer Science, Vol. 1233, Springer-Verlag, pp. 256–266, 1997.
J. SILVERMAN, J. SUZUKI: Elliptic Curve Discrete Logarithms and the Index Calculus, Asiacrypt’ 98, Lecture Notes in Computer Science, Vol. 1514, Springer-Verlag, pp. 110–125, 1998.
Y. TSIOUNIS, M. YUNG: On the Security of ElGamal Based Encryption, PKC’ 98, Lecture Notes in Computer Science, Vol. 1431, Springer-Verlag, pp. 117–134, 1998.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Fischlin, M. (2000). A Note on Security Proofs in the Generic Model. In: Okamoto, T. (eds) Advances in Cryptology — ASIACRYPT 2000. ASIACRYPT 2000. Lecture Notes in Computer Science, vol 1976. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44448-3_35
Download citation
DOI: https://doi.org/10.1007/3-540-44448-3_35
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41404-9
Online ISBN: 978-3-540-44448-0
eBook Packages: Springer Book Archive