[PDF] Top 20 Query-Complexity Amplification for Random Oracles

... a random oracle and exploiting the well-established notion of ...a random oracle and its second iterate: more precisely, they investigated the indiffer- entiability of the 2-iteration of a random ... See full document

... a random string r, the reconstructor of [17] could locally reconstruct g at any point x, such that all answers were consistent with some function g, which for most random strings r was ...one random ... See full document

... the query complexity of quantum algorithms that test the monotonicity of Boolean ...quantum query complexity of the monotonicity testing problem has not been explicitly studied before, we can ... See full document

... In this work, we tackle another natural property of random oracles and implement it in the standard model. The property we focus on is non-malleability, where it is required that the output on an input ... See full document

... Our contribution: Our main observation is that if some fixed part of the plaintext is made random then due to the construction of the cryptosystem it makes the ciphertext pseudorandom from the attacker’s point of ... See full document

... In this section, we motivate the formalization of a new security requirement, “Ambiguity”. It helps prevent an adversary from determining whether a signer A or a user B has involved in the generation of an alleged ... See full document

... Our Contribution. Our main contribution is the first blind ring signature schemes that do not rely on idealized assumptions. This solves a problem that remained open since 2006 [37]. To realize our con- structions ... See full document

... the random oracle model, ...communication complexity linear in the number of ...on random oracles, thus attaining anonymous broadcast encryption with efficient decryption in the standard ... See full document

... Quantum query complexity results for ...the query complexity. On the other hand, for random or arbitrary functions, n is the more appropriate way to measure query ...For ... See full document

... encryption query, the plaintext extractor should call the image oracle for G, where in addition to G(x) for random x it receives the hint of RSA on ... See full document

... Two main lines of research have emerged in order to circumvent these impossibility results. The first concerns with the use of trusted setup assumptions such as a common random string, strong public key ... See full document

... the complexity of any one ...expected query workloads are useful in designing the interface, these query sets are often unavailable or hard to obtain prior to the database even being ... See full document

... The rest of this paper is organized as follows. In Section 2, we discuss the related work about TRS. In Section 3, we review the bilinear pairings and complexity assumptions on which we build. In Section 4, we ... See full document

... In this section, we give the security analysis of our RIBS scheme. In order to simplify the security analysis, we consider two types of adversaries, namely, outside adversary and inside adversary (or revoked user). We ... See full document

... Our second contribution is a generic construction which yields practical schemes in the standard model. We provide two example instantiations of the construction, the first of which is solely based on non-interactive ... See full document

... is complexity-theoretic in nature, which is due to using an additional complexity-theoretic primitive by the constructions; namely, the former uses a trapdoor one-way permutation (in construction of TE) and ... See full document

... backdoor oracles and even when arbitrary backdoor capabilities are ...communication complexity. Communication complexity. The communication complexity [37,23] of a two-party task f (S, T ) is ... See full document

... As a comparison, we consider the existing SDVS schemes in the standard model as shown in Table 1. Security of our scheme is only based on standard complexity assumptions, while the security of Huang et al. scheme ... See full document

... programmable random oracle is simple: we can define a commitment that uses the random-oracle output, and the adversary can later change the com- mitted message by programming the random ...the ... See full document

... a random execution of e π does (actually, the above facts hold for any reasonable definition of Finder 4 and for any function ...oracle query q and output the query/answer pair (q, ...the ... See full document