SPEAKER:
Prashant Puniya
NYU

TITLE: 
On the Relation Between the Ideal Cipher and the Random Oracle Models


ABSTRACT:
The Random Oracle Model and the Ideal Cipher Model are two of the
most popular idealized models in cryptography. It is a fundamentally
important practical and theoretical problem to compare the relative
strengths of these models and to see how they relate to each other.
Recently, Coron et al. [8] proved that one can securely instantiate
a random oracle in the ideal cipher model. In this paper, we investigate 
if it is possible to instantiate an ideal block cipher in the random 
oracle model, which is a considerably more challenging question. 
We conjecture that the Luby-Rackoff construction [19] with a sufficient 
number of rounds should suffice to show this implication. This does not 
follow from the famous Luby-Rackoff result [19] showing that 4 rounds 
are enough to turn a pseudorandom function into a pseudorandom permutation, 
since the results of the intermediate rounds are known to everybody. 
As a partial step toward resolving this conjecture, we show that random 
oracles imply ideal ciphers in the honest-but-curious model, where all 
the participants are assumed to follow the protocol, but keep all their 
intermediate results. Namely, we show that the Luby-Rackoff construction 
with a superlogarithmic number of rounds can be used to instantiate the 
ideal block cipher in any honest-but-curious cryptosystem, and result in 
a similar honest-but-curious cryptosystem in the random oracle model. 
We also show that securely instantiating the ideal cipher using the Luby 
Rackoff construction with up to a logarithmic number of rounds is 
equivalent in the honest-but-curious and malicious models.
        
Apart from the results, I'll also try to give an intuition of the proof
technique, if time permits.

Joint work with Y. Dodis (NYU)