One of the cornerstones of modern cryptography is that new constructions of cryptographic protocols should be accompanied by a proof of security. Such proofs show that a construction satisfies a given definition of security, under certain assumptions and in a specific model. Widely used models include various forms of setup (such as the existence of a public-key infrastructure or common reference string); idealized models such as the random oracle model where a hash function is treated as a truly random function; or hardware models where physical devices with some additional functionality are assumed.
Many of the models used widely in cryptography are still poorly understood, especially insofar as their relation to practice. The goal of this work is to develop a better understanding of these models, investigating in particular their relations and implications; the possibility of constructing cryptographic protocols in weaker (or at least incomparable) models; and the feasibility of designing schemes with "fallback" security that provide more basic security guarantees in case the assumed model fails.