Another look at generic groups

Neal Koblitz and Alfred Menezes
Advances in Mathematics of Communications, 1 (2007), 13-28.

Abstract: Starting with Shoup's seminal paper, the generic group model has been an important tool in reductionist security arguments. After an informal explanation of this model and Shoup's theorem, we discuss the danger of flaws in proofs. We next describe an ontological difference between the generic group assumption and the random oracle model for hash functions. We then examine some criticisms that have been leveled at the generic group model and raise some questions of our own.

Journal paper       Eprint paper