RSA-OAEP Is Secure under the RSA Assumption

被引:0
|
作者
Eiichiro Fujisaki
Tatsuaki Okamoto
David Pointcheval
Jacques Stern
机构
[1] NTT Labs,
[2] 1-1 Hikarino-oka,undefined
[3] Yokosuka-shi 239-0847,undefined
[4] Département d’Informatique,undefined
[5] ENS – CNRS,undefined
[6] 45 rue d’Ulm,undefined
[7] 75230 Paris Cedex 05,undefined
来源
Journal of Cryptology | 2004年 / 17卷
关键词
Public-key encryption; Provable security; RSA; OAEP;
D O I
暂无
中图分类号
学科分类号
摘要
Recently Victor Shoup noted that there is a gap in the widely believed security result of OAEP against adaptive chosen-ciphertext attacks. Moreover, he showed that, presumably, OAEP cannot be proven secure from the one-wayness of the underlying trapdoor permutation. This paper establishes another result on the security of OAEP. It proves that OAEP offers semantic security against adaptive chosen-ciphertext attacks, in the random oracle model, under the partial-domain one-wayness of the underlying permutation. Therefore, this uses a formally stronger assumption. Nevertheless, since partial-domain one-wayness of the RSA function is equivalent to its (full-domain) onewayness, it follows that the security of RSA-OAEP can actually be proven under the sole RSA assumption, although the reduction is not tight.
引用
收藏
页码:81 / 104
页数:23
相关论文
共 50 条
  • [41] A Multi-Trapdoor Commitment Scheme from the RSA Assumption
    Nishimaki, Ryo
    Fujisaki, Eiichiro
    Tanaka, Keisuke
    IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, 2012, E95A (01) : 176 - 184
  • [42] All-But-Many Lossy Trapdoor Functions under Decisional RSA Subgroup Assumption and Application
    Cao, Nanyuan
    Cao, Zhenfu
    Liu, Zhen
    Dong, Xiaolei
    Zhao, Xiaopeng
    COMPUTER JOURNAL, 2019, 62 (08): : 1148 - 1157
  • [43] Secure digital certificate design based on the RSA algorithm
    Zhong, Y. (ashunjz@sohu.com), 1600, Digital Information Research Foundation, 2 Srinivasamoorthy Avenue, L.B Road, Adyar, Chennai, 600 020, India (11):
  • [44] Improved secure RSA cryptosystem for data confidentiality in cloud
    Thangavel M.
    Varalakshmi P.
    Thangavel, M. (thangavelmuruganme@gmail.com), 1600, Inderscience Publishers, 29, route de Pre-Bois, Case Postale 856, CH-1215 Geneva 15, CH-1215, Switzerland (09): : 261 - 277
  • [45] Secure Convertible Authenticated Encryption Scheme Based on RSA
    Wu, Tzong-Sun
    Lin, Han-Yu
    INFORMATICA-JOURNAL OF COMPUTING AND INFORMATICS, 2009, 33 (04): : 481 - 486
  • [46] CCA SECURE CERTIFICATELESS ENCRYPTION SCHEMES BASED ON RSA
    Vivek, S. Sree
    Selvi, S. Shamila Deva
    Rangan, C. Pandu
    SECRYPT 2011: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY, 2011, : 208 - 217
  • [47] Secure batch verification protocol for RSA signature scheme
    Jia, ZP
    Li, QC
    Li, ZC
    CHINESE JOURNAL OF ELECTRONICS, 2005, 14 (01): : 54 - 57
  • [48] Image Steganography using RSA Algorithm for Secure Communication
    Preksha, B.
    Harish, Rishika
    Sreenivas, B.
    Vasanthalakshmi, M.
    2021 IEEE INTERNATIONAL CONFERENCE ON MOBILE NETWORKS AND WIRELESS COMMUNICATIONS (ICMNWC), 2021,
  • [49] Digital RSA versus manual RSA
    Valstar, ER
    Vrooman, HA
    Toksvig-Larsen, S
    Ryd, L
    Nelissen, RGHH
    SIROT 99, 1999, : 363 - 368
  • [50] An Efficient Synchronized Aggregate Signature Scheme From Standard RSA Assumption
    Quo, Xinshun
    Wang, Zhiwei
    INTERNATIONAL JOURNAL OF FUTURE GENERATION COMMUNICATION AND NETWORKING, 2014, 7 (03): : 229 - 240
12345