Another look at generic groups
Neal Koblitz and Alfred Menezes
Advances in Mathematics of Communications, 1 (2007), 13-28.
Starting with Shoup's seminal paper, the generic group model has been
an important tool in reductionist security arguments. After an informal
explanation of this model and Shoup's theorem, we discuss the danger
of flaws in proofs. We next describe an ontological difference between
the generic group assumption and the random oracle model for hash
functions. We then examine some criticisms that have been leveled at
the generic group model and raise some questions of our own.
Journal paper Eprint paper