“…Related-key security was first studied in the context of symmetric encryption [10,46,33,4,3]. With time a number of cryptographic primitives with security against related-key attacks have emerged, including pseudorandom functions [7,43,5,1], hash functions [34], identity-based encryption [8,12], public-key encryption [8,57,12,45], signatures [8,12,11], and more [15,54,19].…”