Optimal Asymmetric Encryption Padding Article Index for
Optimal 		Website Links For
Encryption 		 

Information About

Optimal Asymmetric Encryption Padding
  CATEGORIES ABOUT OPTIMAL ASYMMETRIC ENCRYPTION PADDING
   
asymmetric-key cryptosystems
   
APPAREL
BABY
BEAUTY
BOOKS
CAR TOYS
CELL PHONES
DVD'S
ELECTRONICS
GOURMET FOOD
GROCERIES
HEALTH & PERSONAL
HOME & GARDEN
JEWELRY
MUSIC
MUSIC INSTRUMENTS
OFFICE PRODUCTS
SOFTWARE
SPORTING GOODS
TOOLS & HARDWARE
TOYS
VIDEO GAMES
SHOPPING HOME
MORE SHOPPING...



OAEP satisfies the following two goals:

#Add an element of randomness which can be used to convert a Deterministic Encryption scheme (e.g., traditional RSA ) into a Probabilistic scheme.
#Prevent partial decryption of ciphertexts (or other information leakage) by ensuring that an adversary cannot recover any portion of the plaintext without completely defeating the Trapdoor One-way Function f.

The original version of OAEP (Bellare/Rogaway, 1994) claimed a form of " Plaintext Awareness " that implied security against Chosen Ciphertext Attack . Subsequent results contradicted this result. However, for various reasons, the original scheme ''was'' found to be secure when OAEP is used with the RSA function using standard encryption exponents, as in the case of RSA-OAEP. An improved scheme called OAEP+ was offered by Shoup to solve this problem.


REFERENCES

  • M. Bellare, P. Rogaway. ''Optimal Asymmetric Encryption -- How to encrypt with RSA''. Extended abstract in Advances in Cryptology - Eurocrypt 94 Proceedings, Lecture Notes in Computer Science Vol. 950, A. De Santis ed, Springer-Verlag, 1995. full version (pdf)


  • Shoup, Victor. ''OAEP Reconsidered''. IBM Zurich Research Lab, Saumerstr. 4, 8803 Ruschlikon, Switzerland. September 18, 2001. full version (pdf)