{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,17]],"date-time":"2025-12-17T08:48:46Z","timestamp":1765961326909,"version":"build-2065373602"},"publisher-location":"Cham","reference-count":36,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030648367"},{"type":"electronic","value":"9783030648374"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-64837-4_11","type":"book-chapter","created":{"date-parts":[[2020,12,5]],"date-time":"2020-12-05T16:02:55Z","timestamp":1607184175000},"page":"321-352","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":10,"title":["Post-Quantum Verification of Fujisaki-Okamoto"],"prefix":"10.1007","author":[{"given":"Dominique","family":"Unruh","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,12,6]]},"reference":[{"key":"11_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"269","DOI":"10.1007\/978-3-030-26951-7_10","volume-title":"Advances in Cryptology \u2013 CRYPTO 2019","author":"A Ambainis","year":"2019","unstructured":"Ambainis, A., Hamburg, M., Unruh, D.: Quantum security proofs using semi-classical oracles. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11693, pp. 269\u2013295. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-26951-7_10"},{"issue":"7779","key":"11_CR2","doi-asserted-by":"publisher","first-page":"505","DOI":"10.1038\/s41586-019-1666-5","volume":"574","author":"F Arute","year":"2019","unstructured":"Arute, F., et al.: Quantum supremacy using a programmable superconducting processor. Nature 574(7779), 505\u2013510 (2019)","journal-title":"Nature"},{"key":"11_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1007\/978-3-642-22792-9_5","volume-title":"Advances in Cryptology \u2013 CRYPTO 2011","author":"G Barthe","year":"2011","unstructured":"Barthe, G., Gr\u00e9goire, B., Heraud, S., B\u00e9guelin, S.Z.: Computer-aided security proofs for the working cryptographer. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 71\u201390. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-22792-9_5"},{"key":"11_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"180","DOI":"10.1007\/978-3-642-19074-2_13","volume-title":"Topics in Cryptology \u2013 CT-RSA 2011","author":"G Barthe","year":"2011","unstructured":"Barthe, G., Gr\u00e9goire, B., Lakhnech, Y., Zanella B\u00e9guelin, S.: Beyond provable security verifiable IND-CCA security of OAEP. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 180\u2013196. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-19074-2_13"},{"key":"11_CR5","doi-asserted-by":"crossref","unstructured":"Barthe, G., Gr\u00e9goire, B., Zanella B\u00e9guelin, S.: Formal certification of code-based cryptographic proofs. In: POPL, pp. 90\u2013101. ACM (2009)","DOI":"10.1145\/1594834.1480894"},{"key":"11_CR6","doi-asserted-by":"crossref","unstructured":"Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: CCS \u201993, pp. 62\u201373. ACM (1993)","DOI":"10.1145\/168588.168596"},{"key":"11_CR7","doi-asserted-by":"publisher","unstructured":"Bellare, M., Rogaway, P.: Optimal asymmetric encryption. In: De Santis A. (eds.) Advances in Cryptology \u2013 EUROCRYPT\u201994, Lecture Notes in Computer Science, vol. 950. Springer, Berlin, vol. 950, pp. 92\u2013111. (1994) https:\/\/doi.org\/10.1007\/BFb0053428","DOI":"10.1007\/BFb0053428"},{"key":"11_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"409","DOI":"10.1007\/11761679_25","volume-title":"Advances in Cryptology - EUROCRYPT 2006","author":"M Bellare","year":"2006","unstructured":"Bellare, M., Rogaway, P.: The security of triple encryption and a framework\u00a0for\u00a0code-based\u00a0game-playing\u00a0proofs. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 409\u2013426. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11761679_25"},{"key":"11_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/978-3-642-25385-0_3","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2011","author":"D Boneh","year":"2011","unstructured":"Boneh, D., Dagdelen, \u00d6., Fischlin, M., Lehmann, A., Schaffner, C., Zhandry, M.: Random oracles in a quantum world. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 41\u201369. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-25385-0_3"},{"key":"11_CR10","doi-asserted-by":"crossref","unstructured":"Bos, J., et al.: CRYSTALS - kyber: a CCA-secure module-lattice-based KEM. IACR ePrint 2017\/634 (2017)","DOI":"10.1109\/EuroSP.2018.00032"},{"key":"11_CR11","doi-asserted-by":"crossref","unstructured":"Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology, revisited. In: STOC 1998, pp. 209\u2013218. ACM (1998)","DOI":"10.1145\/276698.276741"},{"issue":"1","key":"11_CR12","first-page":"24","volume":"E83\u2013A","author":"E Fujisaki","year":"2000","unstructured":"Fujisaki, E., Okamoto, T.: How to enhance the security of public-key encryption at minimum cost. IEICE Trans. Fund. Electron. Commun. Comput. Sci. E83\u2013A(1), 24\u201332 (2000)","journal-title":"IEICE Trans. Fund. Electron. Commun. Comput. Sci."},{"key":"11_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"260","DOI":"10.1007\/3-540-44647-8_16","volume-title":"Advances in Cryptology \u2014 CRYPTO 2001","author":"E Fujisaki","year":"2001","unstructured":"Fujisaki, E., Okamoto, T., Pointcheval, D., Stern, J.: RSA-OAEP is secure under the RSA assumption. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 260\u2013274. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-44647-8_16"},{"issue":"2","key":"11_CR14","doi-asserted-by":"publisher","first-page":"81","DOI":"10.1007\/s00145-002-0204-y","volume":"17","author":"E Fujisaki","year":"2004","unstructured":"Fujisaki, E., Okamoto, T., Pointcheval, D., Stern, J.: RSA-OAEP is secure under the RSA assumption. J. Crypto 17(2), 81\u2013104 (2004)","journal-title":"J. Crypto"},{"key":"11_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"341","DOI":"10.1007\/978-3-319-70500-2_12","volume-title":"Theory of Cryptography","author":"D Hofheinz","year":"2017","unstructured":"Hofheinz, D., H\u00f6velmanns, K., Kiltz, E.: A modular analysis of the Fujisaki-Okamoto transformation. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017. LNCS, vol. 10677, pp. 341\u2013371. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70500-2_12"},{"key":"11_CR16","unstructured":"H\u00f6velmanns, K., Kiltz, E., Sch\u00e4ge, S., Unruh, D.: Generic authenticated key exchange in the quantum random oracle model. IACR ePrint 2018\/928, rev. February 14, 2019 (2019), preliminary version of [17]"},{"key":"11_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"389","DOI":"10.1007\/978-3-030-45388-6_14","volume-title":"Public-Key Cryptography \u2013 PKC 2020","author":"K H\u00f6velmanns","year":"2020","unstructured":"H\u00f6velmanns, K., Kiltz, E., Sch\u00e4ge, S., Unruh, D.: Generic authenticated key exchange in\u00a0the quantum random oracle model. In: Kiayias, A., Kohlweiss, M., Wallden, P., Zikas, V. (eds.) PKC 2020. LNCS, vol. 12111, pp. 389\u2013422. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-45388-6_14"},{"key":"11_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-030-26948-7_1","volume-title":"Advances in Cryptology \u2013 CRYPTO 2019","author":"A Inoue","year":"2019","unstructured":"Inoue, A., Iwata, T., Minematsu, K., Poettering, B.: Cryptanalysis of OCB2: attacks on authenticity and confidentiality. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11692, pp. 3\u201331. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-26948-7_1"},{"key":"11_CR19","unstructured":"ISO: Information technology - security techniques - authenticated encryption. International Standard ISO\/IEC 19772 (2009)"},{"key":"11_CR20","unstructured":"Naehrig, M., et al.: Frodokem. Technical Report, National Institute of Standards and Technology (2017)"},{"key":"11_CR21","unstructured":"Nipkow, T.: Programming and proving in isabelle\/hol. https:\/\/isabelle.in.tum.de\/website-Isabelle2019\/dist\/Isabelle2019\/doc\/prog-prove.pdf (2019), version for Isabelle 2019"},{"key":"11_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-45949-9","volume-title":"Isabelle\/HOL","year":"2002","unstructured":"Nipkow, T., Wenzel, M., Paulson, L.C. (eds.): Isabelle\/HOL. LNCS, vol. 2283. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-45949-9"},{"key":"11_CR23","unstructured":"NIST: Post-quantum crypto standardization - call for proposals. http:\/\/csrc.nist.gov\/groups\/ST\/post-quantum-crypto\/call-for-proposals-2016.html (2016)"},{"key":"11_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1007\/978-3-540-30539-2_2","volume-title":"Advances in Cryptology - ASIACRYPT 2004","author":"P Rogaway","year":"2004","unstructured":"Rogaway, P.: Efficient instantiations of tweakable blockciphers and refinements to modes OCB and PMAC. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 16\u201331. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-30539-2_2"},{"key":"11_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"520","DOI":"10.1007\/978-3-319-78372-7_17","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"T Saito","year":"2018","unstructured":"Saito, T., Xagawa, K., Yamakawa, T.: Tightly-secure key-encapsulation mechanism in the quantum random oracle model. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10822, pp. 520\u2013551. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78372-7_17"},{"key":"11_CR26","unstructured":"Shor, P.W.: Algorithms for quantum computation: discrete logarithms and factoring. In: FOCS 1994, pp. 124\u2013134. IEEE (1994)"},{"issue":"4","key":"11_CR27","doi-asserted-by":"publisher","first-page":"223","DOI":"10.1007\/s00145-002-0133-9","volume":"15","author":"V Shoup","year":"2002","unstructured":"Shoup, V.: OAEP reconsidered. J. Crypto 15(4), 223\u2013249 (2002)","journal-title":"J. Crypto"},{"key":"11_CR28","unstructured":"Shoup, V.: Sequences of games: a tool for taming complexity in security proofs. Cryptology ePrint 2004\/332 (2004)"},{"key":"11_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"192","DOI":"10.1007\/978-3-662-53644-5_8","volume-title":"Theory of Cryptography","author":"EE Targhi","year":"2016","unstructured":"Targhi, E.E., Unruh, D.: Post-quantum security of the Fujisaki-Okamoto and OAEP transforms. In: Hirt, M., Smith, A. (eds.) TCC 2016. LNCS, vol. 9986, pp. 192\u2013216. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53644-5_8"},{"key":"11_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"135","DOI":"10.1007\/978-3-642-29011-4_10","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2012","author":"D Unruh","year":"2012","unstructured":"Unruh, D.: Quantum proofs of knowledge. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 135\u2013152. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29011-4_10"},{"key":"11_CR31","unstructured":"Unruh, D.: dominique-unruh\/qrhl-tool: Proof assistant for qRHL. GitHub, https:\/\/github.com\/dominique-unruh\/qrhl-tool (2017\u20132020), binaries of the correct version are at https:\/\/github.com\/dominique-unruh\/qrhl-tool\/releases\/tag\/v0.5"},{"key":"11_CR32","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3290346","volume":"3","author":"D Unruh","year":"2019","unstructured":"Unruh, D.: Quantum relational Hoare logic. Proc. ACM Program. Lang. 3, 1\u201331 (2019)","journal-title":"Proc. ACM Program. Lang."},{"key":"11_CR33","unstructured":"Unruh, D.: GitHub, https:\/\/github.com\/dominique-unruh\/hksu-verification\/tree\/asiacrypt2020 (2020), source code of the proofs described here"},{"key":"11_CR34","doi-asserted-by":"crossref","unstructured":"Unruh, D.: Local variables and quantum relational hoare logic. arXiv:2007.14155 [cs.LO] (2020)","DOI":"10.1145\/3290346"},{"key":"11_CR35","doi-asserted-by":"crossref","unstructured":"Unruh, D.: Post-quantum verification of Fujisaki-Okamoto. IACR ePrint 2020\/962 (2020), full version of this paper","DOI":"10.1007\/978-3-030-64837-4_11"},{"issue":"1","key":"11_CR36","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1137\/060670997","volume":"39","author":"J Watrous","year":"2009","unstructured":"Watrous, J.: Zero-knowledge against quantum attacks. SIAM J. Comput. 39(1), 25\u201358 (2009)","journal-title":"SIAM J. Comput."}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 ASIACRYPT 2020"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-64837-4_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,13]],"date-time":"2024-03-13T18:28:30Z","timestamp":1710354510000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-64837-4_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030648367","9783030648374"],"references-count":36,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-64837-4_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"6 December 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ASIACRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on the Theory and Application of Cryptology and Information Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Daejeon","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Korea (Republic of)","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7 December 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 December 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"asiacrypt2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/asiacrypt.iacr.org\/2020\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"websubrev","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"316","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"85","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"27% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"19","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference will take place virtually due to the COVID-19 pandemic.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}