scispace - formally typeset
Search or ask a question
Topic

Optimal asymmetric encryption padding

About: Optimal asymmetric encryption padding is a research topic. Over the lifetime, 299 publications have been published within this topic receiving 43101 citations. The topic is also known as: OAEP.


Papers
More filters
Posted Content
TL;DR: This work introduces an efficient universal random data padding (URDP) scheme, and shows how it can be used to construct a "direct" CCA2-secure encryption scheme from "any" worst-case hardness problems in (ideal) lattice in the standard model, resolving a problem that has remained open till date.
Abstract: Design efficient lattice-based cryptosystem secure against adaptive chosen ciphertext attack (IND-CCA2) is a challenge problem. To the date, full CCA2-security of all proposed lattice-based PKE schemes achieved by using a generic transformations such as either strongly unforgeable one-time signature schemes (SU-OT-SS), or a message authentication code (MAC) and weak form of commitment. The drawback of these schemes is that encryption requires "separate encryption". Therefore, the resulting encryption scheme is not sufficiently efficient to be used in practice and it is inappropriate for many applications such as small ubiquitous computing devices with limited resources such as smart cards, active RFID tags, wireless sensor networks and other embedded devices. In this work, for the first time, we introduce an efficient universal random data padding (URDP) scheme, and show how it can be used to construct a "direct" CCA2-secure encryption scheme from "any" worst-case hardness problems in (ideal) lattice in the standard model, resolving a problem that has remained open till date. This novel approach is a "black-box" construction and leads to the elimination of separate encryption, as it avoids using general transformation from CPA-secure scheme to a CCA2-secure one. IND-CCA2 security of this scheme can be tightly reduced in the standard model to the assumption that the underlying primitive is an one-way trapdoor function.
Proceedings ArticleDOI
18 Nov 2008
TL;DR: A new identity-based encryption scheme, which has short system parameters and is provably secure in the random oracle model is built, and it is shown that the scheme is efficient too.
Abstract: In this paper we build a new identity-based encryption scheme, which has short system parameters and is provably secure in the random oracle model. Comparing with the identity-based encryption scheme proposed by gentry, we all has short system parameters, but in contrast the security of our identity-based encryption scheme based on a stronger and commonly used assumption, namely bilinear decision Diffie-HelIman assumption. So informally, our identity-based encryption scheme is more secure. At last, by comparing the degree of reduction with the identity-based encryption scheme proposed by Boneh and Franklin, we can show that our scheme is efficient too.
Network Information
Related Topics (5)
Public-key cryptography
27.2K papers, 547.7K citations
84% related
Cryptography
37.3K papers, 854.5K citations
80% related
Encryption
98.3K papers, 1.4M citations
79% related
Password
35K papers, 389.6K citations
78% related
Hash function
31.5K papers, 538.5K citations
77% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
20211
20204
20192
20186
201714
201613