Signatures with Memory-Tight Security in the Quantum Random Oracle Model
K Xagawa - Annual International Conference on the Theory and …, 2024 - Springer
Memory tightness of reductions in cryptography, in addition to the standard tightness related
to advantage and running time, is important when the underlying problem can be solved …
to advantage and running time, is important when the underlying problem can be solved …
Digital signatures with memory-tight security in the multi-challenge setting
The standard security notion for digital signatures is “single-challenge”(SC) EUF-CMA
security, where the adversary outputs a single message-signature pair and “wins” if it is a …
security, where the adversary outputs a single message-signature pair and “wins” if it is a …
Memory-tight multi-challenge security of public-key encryption
We give the first examples of public-key encryption schemes which can be proven to
achieve multi-challenge, multi-user CCA security via reductions that are tight in time …
achieve multi-challenge, multi-user CCA security via reductions that are tight in time …
[图书][B] Tradeoffs in Cryptography
A Ghoshal - 2023 - search.proquest.com
The primary objective of provable security is to characterize, as precisely as possible, the
resources an attacker needs to compromise the security of a cryptographic system. While the …
resources an attacker needs to compromise the security of a cryptographic system. While the …