The authors discuss what is provable security in cryptography. Think that provable security is asymptotic, relative, and dynamic, and only a supplement to but not a replacement of exact security analysis. Because the conjecture P != NP has not been proven yet, and it is possible in terms of the two incompleteness theorems of Kurt Godel that there is some cryptosystem of which the security cannot or only ideally be proven in the random oracle model, the security of a cryptosystem is between provability and unprovability, and any academic conclusion must be checked and verified with practices or experiments as much as possible. Extra, a new approach to proof of P != NP is pointed out. Lastly, a reward is offered for the subexponential time solutions to the three REESSE1+ problems: MPP, ASPP, and TLP with n >= 80 and lg M >= 80, which may be regarded as a type of security proof by experiment.
تحميل البحث