Book ChapterDOI
A Chosen Ciphertext Attack on RSA Optimal Asymmetric Encryption Padding (OAEP) as Standardized in PKCS #1 v2.0
James Manger
- pp 230-238
TLDR
In this article, an adaptive chosen ciphertext attack against PKCS #1 v20 RSA OAEP encryption is described, which recovers the plaintext -not the private key - from a given ciphertext in a little over log 2 n queries of an oracle implementing the algorithm, where n is the RSA modulus.Abstract:
An adaptive chosen ciphertext attack against PKCS #1 v20 RSA OAEP encryption is described It recovers the plaintext - not the private key - from a given ciphertext in a little over log2 n queries of an oracle implementing the algorithm, where n is the RSA modulus The high likelihood of implementations being susceptible to this attack is explained as well as the practicality of the attack Improvements to the algorithm to defend against the attack are discussedread more
Citations
More filters
Book
Guide to Elliptic Curve Cryptography
TL;DR: This guide explains the basic mathematics, describes state-of-the-art implementation methods, and presents standardized protocols for public-key encryption, digital signatures, and key establishment, as well as side-channel attacks and countermeasures.
Journal ArticleDOI
Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack
Ronald Cramer,Victor Shoup +1 more
TL;DR: In this paper, a new public-key encryption scheme, along with several variants, is proposed and analyzed, and its variants are proved secure against adaptive chosen ciphertext attack under standard intractability assumptions.
Posted Content
Intel SGX Explained.
Victor Costan,Srinivas Devadas +1 more
TL;DR: In this article, the authors present a detailed and structured presentation of the publicly available information on SGX, a series of intelligent guesses about some important but undocumented aspects of SGX.
Proceedings ArticleDOI
OCB: a block-cipher mode of operation for efficient authenticated encryption
TL;DR: It is proved OCB secure, quantifying the adversary's ability to violate the mode's privacy or authenticity in terms of the quality of its block cipher as a pseudorandom permutation (PRP) or as a strong PRP, respectively.
Journal ArticleDOI
Another Look at Provable Security
Neal Koblitz,Alfred Menezes +1 more
TL;DR: It is argued that the theorem-proof paradigm of theoretical mathematics is often of limited relevance here and frequently leads to papers that are confusing and misleading.
References
More filters
Book ChapterDOI
Optimal asymmetric encryption
Mihir Bellare,Phillip Rogaway +1 more
TL;DR: A slightly enhanced scheme is shown to have the property that the adversary can create ciphertexts only of strings for which she “knows” the corresponding plaintexts—such a scheme is not only semantically secure but also non-malleable and secure against chosen-ciphertext attack.
Book ChapterDOI
Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1
TL;DR: A new adaptive chosen ciphertext attack against certain protocols based on RSA is introduced if the attacker has access to an oracle that returns only one bit telling whether the ciphertext corresponds to some unknown block of data encrypted using PKCS #1.0.
Proceedings Article
Optimal Asymmetric Encryption-How to Encrypt with RSA
TL;DR: A slightly enhanced scheme is shown to have the property that the adversary can create ciphertexts only of strings for which the adversary knows the corresponding plaintexts, and is not only semantically secure but also non-malleable and secure against chosen-ciphertext attack.