Random oracles are practical: A paradigm for designing efficient protocols
Proceedings of the 1st ACM Conference on Computer and Communications Security, 1993•dl.acm.org
We argue that the random oracle model—where all parties have access to a public random
oracle—provides a bridge between cryptographic theory and cryptographic practice. In the
paradigm we suggest, a practical protocol P is produced by first devising and proving correct
a protocol PR for the random oracle model, and then replacing oracle accesses by the
computation of an “appropriately chosen” function h. This paradigm yields protocols much
more efficient than standard ones while retaining many of the advantages of provable …
oracle—provides a bridge between cryptographic theory and cryptographic practice. In the
paradigm we suggest, a practical protocol P is produced by first devising and proving correct
a protocol PR for the random oracle model, and then replacing oracle accesses by the
computation of an “appropriately chosen” function h. This paradigm yields protocols much
more efficient than standard ones while retaining many of the advantages of provable …
We argue that the random oracle model—where all parties have access to a public random oracle—provides a bridge between cryptographic theory and cryptographic practice. In the paradigm we suggest, a practical protocol P is produced by first devising and proving correct a protocol PR for the random oracle model, and then replacing oracle accesses by the computation of an “appropriately chosen” function h. This paradigm yields protocols much more efficient than standard ones while retaining many of the advantages of provable security. We illustrate these gains for problems including encryption, signatures, and zero-knowledge proofs.
ACM Digital Library