Emergent Chaos

Eric Rescorla writes:

Koblitz and Menezes are at it again. Back in 2004, they published Another Look at "Provable Security" arguing that the reduction proofs that are de rigeur for new cryptosystems don't add much security value. (See here for a summary.) Last week, K&M returned to the topic with Another Look at "Provable Security" which is about the difficulty of interpreting the reduction results. They take on the proofs for a number of well-known systems and argue that they don't show what you would like.

See "Provable Security (II)" if you want the rest of the details.