I did a cryptography seminar in provable security in the fall 2018. We looked at e.g. security proofs for Chosen Plaintext Attacks (CPA) and Chosen Ciphertext Attacks (CCA/CCA2), using the Random Oracle Model (ROM) and more. This is the papers we looked at:

**M. Bellare, A. Desai, E. Jokipii, and P. Rogaway.**A concrete security treatment of symmetric encryption.**Mihir Bellare, Alexandra Boldyreva, and Adriana Palacio.**An uninstantiable random-oracle-model scheme for a hybrid-encryption problem.**Mihir Bellare, Anand Desai, David Pointcheval, and Phillip Rogaway.**Relations among notions of security for public-key encryption schemes.**Mihir Bellare and Chanathip Namprempre**. Authenticated encryption: Relations among notions and analysis of the generic composition paradigm.**Mihir Bellare and Phillip Rogaway.**Random oracles are practical: A paradigm for designing efficient protocols.**Daniel J. Bernstein, Daira Hopwood, Andreas Hülsing, Tanja Lange, Ruben Niederhagen, Louiza Papachristodoulou, Michael Schneider, Peter Schwabe, and Zooko Wilcox-O’Hearn.**SPHINCS: practical stateless hash-based signatures.**Dan Boneh and Matthew K. Franklin**. Identity-based encryption from the weil pairing.**Larry Carter and Mark N. Wegman**. Universal classes of hash functions.**Jean-Sébastien Coron**. On the exact security of full domain hash.**Ronald Cramer and Victor Shoup**. A practical public key cryptosystem secure against adaptive chosen cipher text attacks.**Ronald Cramer and Victor Shoup.**Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack.**Ivan Damgård.**Commitment schemes and zero-knowledge protocols.**Rosario Gennaro and Victor Shoup**. A note on an encryption scheme of Kurosawa and Desmedt.**Craig Gentry.**Fully homomorphic encryption using ideal lattices.**S. Goldwasser and S. Micali**. Probabilistic encryption.**S. Goldwasser, S. Micali, and R. Rivest.**A digital signature scheme secure against adaptive chosen-message attacks.**David Jao and Luca De Feo**. Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies.**Antoine Joux.**A one round protocol for tripartite diffie-hellman.**Neal Koblitz and Alfred Menezes.**Another look at “provable security”.**Hugo Krawczyk.**The order of encryption and authentication for protecting communications (or: How secure is SSL?) .**Kaoru Kurosawa and Yvo Desmedt**. A new paradigm of hybrid encryption scheme.**U. Maurer.**Towards the equivalence of breaking the Diffie-Hellman protocol and computing discrete logarithms.**Alfred Menezes**. Another look at HMQV.**Victor S. Miller**. The weil pairing, and its efficient calculation.**Oded Regev.**On lattices, learning with errors, random linear codes, and cryptography.**A. Shamir**. How to share a secret.**Victor Shoup**. Lower Bounds For Discrete Logarithms And Related Problems.**Victor Shoup.**A Proposal For An Iso Standard For Public Key Encryption.**Victor Shoup**. Sequences Of Games :a tool for taming complexity in security proofs.**Yodai Watanabe, Junji Shikata, and Hideki Imai.**Equivalence between semantic security and indistinguishability against chosen ciphertext attacks.**Moses Liskov, Ronald L. Rivest, David Wagner**: Tweakable Block Ciphers.**Pascal Paillier:**Public-Key Cryptosystems Based on Composite Degree Residuosity Classes.**Dan Boneh, Xavier Boyen, Hovav Shacham**: Short Group Signatures.**Ronald Cramer, Victor Shoup**: Signature Schemes Based on the Strong RSA Assumption.**David Cash, Eike Kiltz, Victor Shoup**: The Twin Diffie-Hellman Problem and Applications.**Kristian Gjøsteen**: The Norwegian Internet Voting Protocol.**Victor Shoup**: Practical Threshold Signatures.**Ronald Cramer, Rosario Gennaro, Berry Schoenmakers**: A secure and optimally efficient multi-authority election scheme.**Yael Tauman Kalai**: Smooth Projective Hashing and Two-Message Oblivious Transfer.**Victor Shoup, Rosario Gennaro:**Securing Threshold Cryptosystems against Chosen Ciphertext Attack.