Abstract
Many cryptographers believe that the only way to have confidence in the security of a cryptographic protocol is to have a mathematically rigorous proof that the protocol meets its stated goals under certain assumptions. However, it is often difficult to assess what such proofs really mean in practice especially if the proof is non-tight, the underlying assumptions are contrived, or the security definition is in the single-user setting. We will present some examples that illustrate this difficulty and highlight the important role that old-fashioned cryptanalysis and sound engineering practices continue to play in establishing and maintaining confidence in the security of a cryptographic protocol.
Chapter PDF
Similar content being viewed by others
References
Chatterjee, S., Menezes, A., Sarkar, P.: Another Look at Tightness. In: Vaudenay, S. (ed.) SAC 2011. LNCS, vol. 7118, pp. 293–319. Springer, Heidelberg (2011)
Koblitz, N., Menezes, A.: Another look at provable security, http://anotherlook.ca
Koblitz, N., Menezes, A.: Another look at security definitions, Cryptology ePrint Archive: Report 2011/343
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 International Association for Cryptologic Research
About this paper
Cite this paper
Menezes, A. (2012). Another Look at Provable Security. In: Pointcheval, D., Johansson, T. (eds) Advances in Cryptology – EUROCRYPT 2012. EUROCRYPT 2012. Lecture Notes in Computer Science, vol 7237. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29011-4_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-29011-4_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29010-7
Online ISBN: 978-3-642-29011-4
eBook Packages: Computer ScienceComputer Science (R0)