Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Random oracle
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{Short description|Cryptographic model of a random function}} {{for|random replies to random questions|Internet Oracle}} In [[cryptography]], a '''random oracle''' is an [[oracle machine|oracle]] (a theoretical [[black box (systems)|black box]]) that responds to every ''unique query'' with a (truly) [[random]] response chosen [[uniform distribution (discrete)|uniformly]] from its output domain. If a query is repeated, it responds the [[Deterministic algorithm | same way]] every time that query is submitted. Stated differently, a random oracle is a [[mathematical function]] chosen uniformly at random, that is, a function mapping each possible query to a (fixed) random response from its output domain. Random oracles first appeared in the context of complexity theory, in which they were used to argue that complexity class separations may face relativization barriers, with the most prominent case being the [[P vs NP problem]], two classes shown in 1981 to be distinct relative to a random oracle [[almost surely]].<ref name="bennett-gill">{{cite journal|first1=Charles|last1=Bennett|first2=John|last2=Gill|title= Relative to a Random Oracle A, N^A != NP^A != coNP^A with Probability 1|journal=SIAM Journal on Computing|year=1981|pages=96β113|doi=10.1137/0210008|doi-access=free}}</ref> They made their way into cryptography by the publication of [[Mihir Bellare]] and [[Phillip Rogaway]] in 1993, which introduced them as a formal cryptographic model to be used in reduction proofs.<ref name="bellrog">{{cite journal|first1=Mihir|last1=Bellare|author-link=Mihir Bellare|first2=Phillip|last2=Rogaway|author-link2=Phillip Rogaway|title=Random Oracles are Practical: A Paradigm for Designing Efficient Protocols|journal=ACM Conference on Computer and Communications Security|year=1993|pages=62β73|doi=10.1145/168588.168596 |s2cid=3047274 |doi-access=free}}</ref> They are typically used when the proof cannot be carried out using weaker assumptions on the [[cryptographic hash function]]. A system that is proven secure when every hash function is replaced by a random oracle is described as being secure in the '''random oracle model''', as opposed to secure in the [[Standard model (cryptography)|standard model of cryptography]].
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)