emu-11----Page:8
1 2 3 4 5 6 7 8 9 10
|
Provable Security Random Oracle Model [Bellare 93] Supported primitives all act like Random Oracles [Bellare 94, Bellare 96, Bellare 00] Assume probabilistic, polynomial-time attacker EAP-PAX is secure against: passive attacks if: PAX_STD without DH: Key O(2k) PAX_STD with DH: Key O(1) PAX_SEC without DH: Key O(2k) PAX_SEC with DH: Key O(1) active attacks if: PAX_STD: Key O(2k), auth limit O(kn) PAX_SEC with cert: Key O(kn), auth limit O(1) PAX_SEC without cert: Key O(2k), auth limit O(kn) |