Skip to main content
SpringerLink
Log in

Practice-Oriented Provable-Security

  • Chapter
  • First Online:
Lectures on Data Security (EEF School 1998)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1561))

Included in the following conference series:

Abstract

This short article is intended to complement my talk. I would like to try to introduce you to a certain, relatively new sub-area of cryptography that we have been calling practice-oriented provable-security. It is about applying the ideas of “provably security” to the derivation of practical, secure protocols. I believe it is a fruitful blend of theory and practice that is able to enrich both sides and has by now had some impact on real world security.

A few years ago, provable security was largely known only to theoreticians. This has been changing. We are seeing a growing appreciation of provable security in practice, leading in some cases to the use of such schemes in preference to other ones. Indeed it seems standards bodies and implementors now view provable security as an attribute of a proposed scheme. This means that a wider audience needs an understanding of the basic ideas behind provable security.

This article is directed at practioners and theoreticians alike. For the first I hope it will help to understand what provable security is and isn't, why it is useful, how to evaluate the provable security of a scheme, and where to look for such schemes. For the second group, it can serve to acquaint them with how the ideas with which they are familiar are being applied.

I will begin by describing the basic idea behind provable security. (For many of you, this will be mostly recall, but some novel viewpoints or examples may enter.) Next, I will discuss the practice-oriented approach. I will discuss its main ideas, the problems it has addressed, and briefly survey known results. I hope to leave you feeling there is scope here both for interesting research and for application.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. ANSI X9.9, “ American National Standard for Financial Institution Message Authentication (Wholesale),” American Bankers Association, 1981. Revised 1986.

    Google Scholar 

  2. ANSI X3.106, “American National Standard for Information Systems-Data Encryption Algorithm-Modes of Operation,” American National Standards Institute, 1983.

    Google Scholar 

  3. M. Bellare, R. Canetti AND H. Krawczyk, “Keying hash functions for message authentication,” Advances in Cryptology-Crypto 96 Proceedings, Lecture Notes in Computer Science Vol. 1109, N. Koblitz ed., Springer-Verlag, 1996.

    Google Scholar 

  4. M. Bellare, R. Canetti AND H. Krawczyk, “Psuedorandom functions revisited: The cascade construction and its concrete security,” Proceedings of the 37th Symposium on Foundations of Computer Science, IEEE, 1996.

    Google Scholar 

  5. M. Bellare, A. Deasi, E. Jokipii AND P. Rogaway, “ A concrete security treatment of symmetric encryption,” Proceedings of the 38th Symposium on Foundations of Computer Science, IEEE, 1997.

    Google Scholar 

  6. M. Bellare, R. Guérin AND P. Rogaway, “XOR MACs: New methods for message authentication using finite pseudorandom functions,” Advances in Cryptology-Crypto 95 Proceedings, Lecture Notes in Computer Science Vol. 963, D. Cupoppersmith ed., Springer-Verlag, 1995.

    Chapter  Google Scholar 

  7. M. Bellare, J. Kilian AND P. Rogaway, “The security of cipher block chaining,” Advances in Cryptology-Crypto 94 Proceedings, Lecture Notes in Computer Science Vol. 839, Y. Desmedt ed., Springer-Verlag, 1994.

    Google Scholar 

  8. M. Bellare AND P. Rogaway, “Entity authentication and key distribution,” Advances in Cryptology-Crypto 93 Proceedings, Lecture Notes in Computer Science Vol. 773, D. Stinson ed., Springer-Verlag, 1993.

    Google Scholar 

  9. M. Bellare AND P. Rogaway, “Random oracles are practical: a paradigm for designing efficient protocols,” Proceedings of the First Annual Conference on Computer and Communications Security, ACM, 1993.

    Google Scholar 

  10. M. Bellare AND P. Rogaway, “Optimal asymmetric encryption-How to encrypt with RSA,” Advances in Cryptology-Eurocrypt 95 Proceedings, Lecture Notes in Computer Science Vol. 921, L. Guillou and J. Quisquater ed., Springer-Verlag, 1995.

    Google Scholar 

  11. M. Bellare AND P. Rogaway, “Provably secure session key distribution-the three party case,” Proceedings of the 27th Annual Symposium on the Theory of Computing, ACM, 1995.

    Google Scholar 

  12. M. Bellare AND P. Rogaway, “The exact security of digital signatures: How tosign with RSA and Rabin,” Advances in Cryptology-Eurocrypt 96 Proceedings, Lecture Notes in Computer Science Vol. 1070, U. Maurer ed., Springer-Verlag, 1996.

    Google Scholar 

  13. M. Bellare AND D. Micciancio, “A new paradigm for collision-free hashing:Incrementality at reduced cost,” Advances in Cryptology-Eurocrypt 97 Proceedings, Lecture Notes in Computer Science Vol. 1233, W. Fumy ed., Springer-Verlag, 1997.

    Google Scholar 

  14. E. Biham AND A. Shamir, “Differential fault analysis of secret key cryptosystems,” Advances in Cryptology-Crypto 97 Proceedings, Lecture Notes in Computer Science Vol. 1294, B. Kaliski ed., Springer-Verlag, 1997.

    Chapter  Google Scholar 

  15. D. Bleichenbacher, A chosen ciphertext attack against protocols based on the RSA encryption standard PKCS #1, Advances in Cryptology-Crypto 98 Proceedings, Lecture Notes in Computer Science Vol. 1462, H. Krawczyk ed., Springer-Verlag, 1998.

    Google Scholar 

  16. M. Blum AND S. Michali, “How to generate cryptographically strong sequences of pseudo-random bits,” SIAM Journal on Computing, Vol. 13, No. 4, November 1984, pp. 850–864.

    Article  MATH  MathSciNet  Google Scholar 

  17. D. Boneh, “The decision Diffie-Hellman problem,” Invited paper for the Third Algorithmic Number Theory Symposium (ANTS), Lecture Notes in ComputerScience Vol. 1423, Springer-Verlag, 1998. Available at http://theory.stanford.edu/dabo/abstracts/DDH.html.

  18. D. Boneh, R. DeMillo AND R. Lipton, “On the importance of checking cryptographic protocols for faults,” Advances in Cryptology-Eurocrypt 97 Proceedings, Lecture Notes in Computer Science Vol. 1233, W. Fumy ed., Springer-Verlag, 1997.

    Google Scholar 

  19. R. Canetti, O. Goldreich, AND S. Halevi, “The random oracle methodology, revisited,” Proceedings of the 30th Annual Symposium on the Theory of Computing, ACM, 1998.

    Google Scholar 

  20. R. Cramer AND V. Shoup, “A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack,” Advances in Cryptology-Crypto 98 Proceedings, Lecture Notes in Computer Science Vol. 1462, H. Krawczyk ed., Springer-Verlag, 1998.

    Google Scholar 

  21. H. Dobbertin, A. Bosselaers AND B. Preneel, “RIPEMD-160: A strengthened version of RIPEMD,” Fast Software Encryption, Lecture Notes in Computer Science 1039, D. Gollmann, ed., Springer-Verlag, 1996.

    Google Scholar 

  22. D. Dolev, C. Dwork AND M. Naor, “Non-malleable cryptography,” Proceedings of the 23rd Annual Symposium on the Theory of Computing, ACM, 1991.

    Google Scholar 

  23. R. Gennaro AND V. Shoup, “Securing threshold cryptosystems against chosen-ciphertext attack,” Advances in Cryptology-Eurocrypt 98 Proceedings, Lecture Notes in Computer Science Vol. 1403, K. Nyberg ed., Springer-Verlag, 1998.

    Google Scholar 

  24. O. Goldreich, “On the foundations of modern cryptography,” Advances in Cryptology-Crypto 97 Proceedings, Lecture Notes in Computer Science Vol. 1294, B. Kaliski ed., Springer-Verlag, 1997.

    Google Scholar 

  25. O. Goldreich, S. Goldwasser AND S. Micali, “ How to construct random functions,” Journal of the ACM, Vol. 33, No. 4, October 1986, pp. 792–807.

    Article  MathSciNet  Google Scholar 

  26. S. Goldwasser AND S. Micali, “Probabilistic encryption,” J. of Computer and System Sciences, Vol. 28, April 1984, pp. 270–299.

    Google Scholar 

  27. S. Goldwasser, S. Micali AND R. Rivest, “A digital signature scheme secure against adaptive chosen-message attacks,” SIAM Journal of Computing, Vol. 17, No. 2, April 1988, pp. 281–308.

    Article  MATH  MathSciNet  Google Scholar 

  28. ISO 8372, “ Information processing-Modes of operation for a 64-bit block cipher algorithm,” International Organization for Standardization, Geneva, Switzerland, 1987.

    Google Scholar 

  29. P. Kocher, “ Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems,” Advances in Cryptology-Crypto 96 Proceedings, Lecture Notes in Computer Science Vol. 1109, N. Koblitz ed., Springer-Verlag, 1996.

    Google Scholar 

  30. P. Kocher, “Differential power analysis,” http://www.cryptography.com/dpa/index.html.

  31. M. Luby AND C. Rackoff, “ How to construct pseudorandom permutations from pseudorandom functions,” SIAM J. Computation, Vol. 17, No. 2, April 1988.

    Google Scholar 

  32. National Bureau of Standards, NBS FIPS PUB 81, “DES modes of operation,” U.S Department of Commerce, 1980.

    Google Scholar 

  33. National Institute of Standards, FIPS 180-1, “Secure hash standard,” April 1995.

    Google Scholar 

  34. K. Ohta AND T. Okamato, “ On concrete security treatment of signatures derived from identification,” Advances in Cryptology-Crypto 98 Proceedings, Lecture Notes in Computer Science Vol. 1462, H. Krawczyk ed., Springer-Verlag, 1998.

    Google Scholar 

  35. D. Pointcheval AND J. Stern, “ Security proofs for signatures,” Advances in Cryptology-Eurocrypt 96 Proceedings, Lecture Notes in Computer Science Vol. 1070, U. Maurer ed., Springer-Verlag, 1996.

    Google Scholar 

  36. D. Pointcheval AND J. Stern, “Provably secure blind signature schemes,” Advances in Cryptology-ASIACRYPT 96 Proceedings, Lecture Notes in Computer Science Vol. 1163, M.Y. Rhee and K. Kim ed., Springer-Verlag, 1996.

    Chapter  Google Scholar 

  37. B. Preneel AND P. VAN Oorschot, “ MD-x MAC and building fast MACs from hash functions,” Advances in Cryptology-Crypto 95 Proceedings, Lecture Notes in Computer Science Vol. 963, D. Coppersmith ed., Springer-Verlag, 1995.

    Chapter  Google Scholar 

  38. RSA Laboratories, “PKCS,” http://www.rsa.com/rsalabs/pubs/PKCS/.

  39. V. Shoup AND A. Rubin, “ Session key distribution using smart cards,“ Advances in Cryptology-Eurocrypt 96 Proceedings, Lecture Notes in Computer Science Vol. 1070, U. Maurer ed., Springer-Verlag, 1996.

    Google Scholar 

  40. A.C. Yao, “ Theory and applications of trapdoor functions,” Proceedings of the 23rd Symposium on Foundations of Computer Science, IEEE, 1982.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Computer Science & Engineering, University of California at San Diego, 9500 Gilman Drive, La Jolla, CA, 92093, USA

    Mihir Bellare

Authors
  1. Mihir Bellare
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. BRICS, University of Aarhus, Ny Munkegade, Building 540, DK-8000, Aarhus C, Denmark

    Ivan Bjerre Damgård

Rights and permissions

Reprints and permissions

Copyright information

© 1999 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Bellare, M. (1999). Practice-Oriented Provable-Security. In: Damgård, I.B. (eds) Lectures on Data Security. EEF School 1998. Lecture Notes in Computer Science, vol 1561. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48969-X_1

Download citation

  • DOI: https://doi.org/10.1007/3-540-48969-X_1

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-65757-6

  • Online ISBN: 978-3-540-48969-6

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation