On the Security of OAEP

14 years 3 months ago

Download www.cc.gatech.edu

Currently, the best and only evidence of the security of the OAEP encryption scheme is a proof in the contentious random oracle model. Here we give further arguments in support of the security of OAEP. We first show that partial instantiations, where one of the two random oracles used in OAEP is instantiated by a function family, can be provably secure (still in the random oracle model). For various security statements about OAEP we specify sufficient conditions for the instantiating function families that, in some cases, are realizable through standard cryptographic primitives and, in other cases, may currently not be known to be achievable but appear moderate and plausible. Furthermore, we give the first non-trivial security result about fully instantiated OAEP in the standard model, where both oracles are instantiated simultaneously. Namely, we show that instantiating both random oracles in OAEP by modest functions implies non-malleability under chosen plaintext attacks for random ...

Alexandra Boldyreva, Marc Fischlin

Real-time Traffic

ASIACRYPT 2006 | Contentious Random Oracle | Cryptology | Random Oracle Model | Random Oracles |

claim paper

Post Info
More Details (n/a)

Added	20 Aug 2010
Updated	20 Aug 2010
Type	Conference
Year	2006
Where	ASIACRYPT
Authors	Alexandra Boldyreva, Marc Fischlin

Comments (0)

Sciweavers

On the Security of OAEP

ASIACRYPT 2006 | Contentious Random Oracle | Cryptology | Random Oracle Model | Random Oracles |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers