Non-Constructivity in Security Proofs
Loading...
Date
2018-09-10
Authors
Soundararajan, Priya
Journal Title
Journal ISSN
Volume Title
Publisher
University of Waterloo
Abstract
In the field of cryptography, one generally obtains assurances for the
security of a cryptographic protocol by giving a reductionist security
proof, which is comprised of a reduction from breaking a mathematical
problem (that is well-studied and widely believed to be intractable)
to the breaking of the cryptographic protocol. While such reductions
are generally constructive, some authors give non-constructive
reductions (also called non-uniform reductions) in order to reduce
the tightness gap of the reduction. However, in order to assess the
concrete security that the proof provides, one also needs to assess
the intractability of the underlying mathematical problem against
non-constructive attacks. Unfortunately, there has been very little
work in the literature on non-constructive attacks on these problems,
and sometimes non-constructive attacks are found that are much faster
than their constructive counterparts. Thus, it is sometimes very
difficult to obtain meaningful security assurances about a cryptographic
protocol from a non-constructive reductionist security proof.
In this thesis, we examine three instances of non-constructive security
proofs for cryptographic protocols in the literature:
(1) a password-based key derivation function; (2) an HMAC-related message
authentication code scheme; and (3) a
round-optimal blind signature scheme.