Revision as of 07:37, 6 March 2024 edit Citation bot (talk \| contribs) Bots 5,867,392 edits Alter: title, template type. Add: s2cid, pages, chapter-url, isbn, series, chapter. Removed or converted URL. Removed parameters. Some additions/deletions were parameter name changes. \| Use this bot. Report bugs. \| Suggested by Headbomb \| Linked from Wikipedia:WikiProject_Academic_Journals/Journals_cited_by_Wikipedia/Maintenance/Misspellings \| #UCB_webform_linked 218/308 ← Previous edit		Revision as of 12:08, 6 March 2024 edit undo Achmad Rachmani (talk \| contribs) Extended confirmed users 98,341 edits →Post-quantum secure implementations: Altered title. Removed parameters. Next edit →
Line 230: constructions rely on discrete-log- or factoring-type hardness assumptions. These assumptions are known to fall with the rise of quantum computers."<ref name="oprf"/></blockquote> Two possible exceptions are [[Lattice-based cryptography\|lattice-based]] OPRFs<ref>{{cite journal \|last1=Albrecht \|first1=Martin \|last2=Davidson \|first2=Alex \|last3=Deo \|first3=Amit \|last4=Smart \|first4=Nigel \|title=Round-optimal Verifiable Oblivious Pseudorandom Functions From Ideal Lattices \|journal=Cryptology ePrint Archive \|date=2019 \|volume=Paper 2019/1271 \|url=https://eprint.iacr.org/2019/1271}}</ref> and [[Supersingular isogeny key exchange\|isogeny-based]] OPRFs,<ref>{{cite journal \|last1=Boneh \|first1=Dan \|last2=Kogan \|first2=Dmitry \|last3=Woo \|first3=Katharine \|~~chapter~~title=Oblivious Pseudorandom Functions from Isogenies \|series=Lecture Notes in Computer Science ~~\|title=Advances in Cryptology – ASIACRYPT 2020~~ \|journal=Advances in Cryptology \|date=2020 \|volume=ASIACRYPT 2020: 26th International Conference on the Theory and Application of Cryptology and Information Security \|pages=520–550 \|doi=10.1007/978-3-030-64834-3_18 \|isbn=978-3-030-64833-6 \|s2cid=228085090 ~~\|chapter-url=https://dl.acm.org/doi/10.1007/978-3-030-64834-3_18~~}}</ref> but more research is required to improve their efficiency and establish their security. Recent attacks on isogenies raise doubts on the security of the algorithm.<ref>{{cite book \|last1=Castryck \|first1=Wouter \|last2=Decru \|first2=Thomas \|chapter=An Efficient Key Recovery Attack on SIDH \|series=Lecture Notes in Computer Science \|title~~=Advances in Cryptology – EUROCRYPT 2023 \|journal~~=Advances in Cryptology \|date=2023 \|volume=EUROCRYPT 2023: 42nd Annual International Conference on the Theory and Applications of Cryptographic Techniques \|pages=423–447 \|doi=10.1007/978-3-031-30589-4_15 \|isbn=978-3-031-30588-7 \|s2cid=258240788 \|chapter-url=https://lirias.kuleuven.be/handle/20.500.12942/722100}}</ref> A more-secure, but less-efficient approach to realize a post-quantum secure OPRF is to use a [[secure two-party computation]] protocol to compute a PRF using a [[symmetric cryptography\|symmetric key]] construction, such as [[Advanced encryption standard\|AES]] or [[HMAC]].

Oblivious pseudorandom function: Difference between revisions