Canetti et al's Paradoxical Encryption Scheme - Cronokirby

- Read more: https://cronokirby.com/posts/2022/04/canettis-paradoxical-encryption-scheme/

**Hasnain says:**

Great read on cryptography. It takes a simple question: “do there exist cryptographic schemes which are secure under the random oracle model but are insecure when implemented with a concrete hash function?”, and answers it while explaining a bunch of the theory from the ground up.

“At this point, one question should be: can proofs in the random oracle model be trusted? I think I want to say yes to this question. Obviously, we shouldn’t take the random oracle model as a trivial assumption, and if a proof can avoid relying on it, that’s all for the better. On the other hand, there are now many proofs relying on this model, and the only major flaw I know of resulting from the use of this model is perhaps the presence of Length Extension Attacks, and other similar issues with message concatenation.

There are assumptions that we have to rely on in Cryptography, like the hardness of certain problems, and maybe the random oracle model is just one of the assumptions we’ll have to concede.”