Completed
Does tightness matter?
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Another Look at Provable Security
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 What this talk is about
- 3 Example of a non-tight reduction The classic Bellare-Rogaway proof for RSA-FDH in the random oracle model has a tightness gap of y, where is the number of hash function queries
- 4 Identity-based encryption schemes
- 5 Does tightness matter?
- 6 MACs in the multi-user setting
- 7 Security proof for MAC* The proof is a reduction from breaking MAC1 to breaking MAC
- 8 Provably secure, but insecure
- 9 MAC* in other protocols
- 10 Single-user vs. multi-user
- 11 Bellare's security theorem for NMAC
- 12 PRF security Security assumption: f is (t,c,q)-secure. That is, adversaries
- 13 PRF security in the non-uniform model
- 14 Interpreting Bellare's proof in practice
- 15 Is HMAC-MD5 provably secure?
- 16 Non-uniform complexity model
- 17 Significance of our work
- 18 COPS: Cryptanalysis of Provable Security
- 19 A radical proposal
- 20 In conclusion....
