Concrete Instantiations for Idealized Models

Research Project, 2025 – 2030

The design of public key encryption and digital signature schemes almost universally follows a blueprint or transform. This allows cryptographers to design primitives with relatively weak properties and then generically strengthen the constructions using the transforms. While the transforms have served us well in the past, there is reason to worry: The validity of the transforms in their full generality relies necessarily on an idealized setting, the so-called random oracle model. We have long known that results in the random oracle model do not directly translate to security in the real world, and we can construct counterexamples where a real-world realization -- where a cryptographic hash function is used instead of a random oracle -- becomes insecure for any choice of hash function. Maybe more alarmingly, recent research shows that this affects even some natural, and commercially deployed cryptographic primitives. The goal of the project is to show that the transforms can, in fact, be securely used for a broad class of natural applications. To this end, we propose to both determine where transforms can be used and construct hash functions that, in these cases, yield secure cryptographic primitives. In addition, we will distil the requirements to admissible hash functions such that cryptanalysts have a “minimal example” to test whether common hash functions, such as SHA3, suffice.