| The Random Oracle Model (ROM) is a setting where all parties, including the adversary, have black-box access to a "truly random function" (the random oracle). In this thesis, we present two results concerning security in the ROM. First, we show that, for every canonical identification scheme, the corresponding Fiat-Shamir signature scheme is secure in the ROM. Previously, only "non-trivial" canonical identification schemes were known to yield Fiat-Shamir signature schemes which are secure in the ROM. Second, we show how to modify a certain discrete logarithm-based public-key encryption scheme so that it becomes CCA2-secure in the ROM. In conclusion, we review several "uninstantiability" results which demonstrate that security in the ROM does not guarantee "real-world" security, and briefly survey a number of signature and public-key encryption schemes which are secure in the "real world". |
