Optimal asymmetric encryption padding

About: Optimal asymmetric encryption padding is a research topic. Over the lifetime, 299 publications have been published within this topic receiving 43101 citations. The topic is also known as: OAEP.

Improvement in RSA Cryptosystem

Abstract: Boneh and Shacham gave a nice survey on four variants (Batch RSA, MultiPrime RSA, MultiPower RSA, Rebalanced RSA). Rebalanced RSA and MultiPower RSA were then combined to increase the decryption/signature generation performance. This combination theoretically improves the decryption/signature generation time about 14 times than RSA with CRT and about 56 times than the standard RSA with key size 2048bits. On the encryption side, it increased the encryption time, thus making encryption/signature verification very costly. Here in this paper we further tried to increase the encryption/signature verification performance. The proposed scheme is semantically secure also.

A generic conversion with optimal redundancy

Abstract: In this paper, we present a generic asymmetric encryption conversion ROC, namely Redundancy Optimal Conversion, which has the optimal message redundancy for one-way trapdoor function in the random oracle model To our best knowledge, it is the first generic conversion to achieve such an optimal redundancy result for both one-way trapdoor permutation and not length-preserving function To obtain IND-CCA security, the conversion only needs the weaker requirement of the one-wayness, than the partial-domain one-wayness, which succeeds to greatly extend the application area of the generic conversion Further, plaintext awareness property of the encryption is not required any more, which also contributes to reduce the message redundancy and hence removes the re-encryption step of the decryption process, considerably reducing the computational burden Finally, it has simple construction of two cryptographic hash functions and two bitwise XORs, as same as the widely used OAEP conversion, but more generally useful

On hiding a plaintext length by preencryption

Abstract: It is a well known fact that encryption schemes cannot hide a plaintext length when it is unbounded. We thus admit that an approximation of it may leak and we focus on hiding its precise value. Some standards such as TLS or SSH offer to do it by applying some pad-then-encrypt techniques. In this study, we investigate the information leakage when these techniques are used. We define the notion of padding scheme and its associated security. We show that when a padding length is uniformly distributed, the scheme is nearly optimal. We also show that the insecurity degrades linearly with the padding length.

A Rational Secret-Sharing Scheme Based on RSA-OAEP

Abstract: In this paper, we propose a rational m-out-of-n secret sharing scheme, a dealer wishes to entrust a secret with a group of n players such that any subset of m or more players can reconstruct the secret, but a subset of less than m players cannot learn anything about the secret. The reconstruction protocol of our scheme is fair and stable in the rational settings, allowing all players to obtain the designated secret. Our scheme is based on RSA-OAEP with the distributed decryption. The security of our scheme relies on a computational assumption and uses the random oracles. The size of each share in our scheme is independent of the utility function and the computation cost of the reconstruction protocol is constant. Moreover, our scheme prevents the attacks with at most m-1 coalitions.

Multi-asymmetric cryptographic RSA scheme

Abstract: In this paper, we propose a version of RSA encryption that uses the Chinese Remainder Theorem (CRT) for the purpose of concealing multiple plain-texts in one cipher-text. This scheme allows the sender to possibly send different information to multiple receivers, and each receiver is only able to decrypt the message intended for them. We prove the algorithm mathematically. Furthermore, we prove our algorithm secure against the chosen plain-text (CPA) attack. We also compare textbook RSA against our algorithm and show the security and size advantages. The new algorithm can also take advantage of current methods that speed up the decryption process of RSA. This scheme will become a basis for further one to many public key cryptosystems.