International Association for Cryptologic Research

International Association
for Cryptologic Research


Simplifying Game-Based Definitions

Phillip Rogaway
Yusi Zhang
DOI: 10.1007/978-3-319-96881-0_1 (login may be required)
Search ePrint
Search Google
Presentation: Slides
Conference: CRYPTO 2018
Abstract: Often the simplest way of specifying game-based cryptographic definitions is apparently barred because the adversary would have some trivial win. Disallowing or invalidating these wins can lead to complex or unconvincing definitions. We suggest a generic way around this difficulty. We call it indistinguishability up to correctness, or IND$$\vert $$C. Given games $${{\text {G}}}$$ and $${{\text {H}}}$$ and a correctness condition $${{\text {C}}}$$ we define an advantage measure $${\mathbf {Adv}_{{{\text {G}}},{{\text {H}}},{{\text {C}}}}^{{\text {indc}}}}$$ wherein $${{{\text {G}}}}$$/$${{{\text {H}}}}$$ distinguishing attacks are effaced to the extent that they are inevitable due to $${{\text {C}}}$$. We formalize this in the language of oracle silencing, an alternative to exclusion-style and penalty-style definitions. We apply our ideas to a domain where game-based definitions have been cumbersome: stateful authenticated-encryption (sAE). We rework existing sAE notions and encompass new ones, like replay-free AE permitting a specified degree of out-of-order message delivery.
Video from CRYPTO 2018
  title={Simplifying Game-Based Definitions},
  booktitle={Advances in Cryptology – CRYPTO 2018},
  series={Lecture Notes in Computer Science},
  author={Phillip Rogaway and Yusi Zhang},