搜索结果: 1-8 共查到“密码学 RSA-OAEP”相关记录8条 . 查询时间(0.09 秒)
We give the first positive results about instantiability of the widely implemented and standardized RSA-OAEP encryption scheme of Bellare and Rogaway (EUROCRYPT 1994) and variants under chosen-ciphert...
Identification Based Encryption with RSA-OAEP. Using SEM and Without
IBE mRSA SEM RSA-IBE Classic RSA OAEP CPA
2012/6/14
In this article we show how we can integrate the RSA (RSA-OAEP) into the IBE. Our prove can be make with either Standard Model or Random Oracle. We firstly develop the basic ideas made in this directi...
Identification Based Encryption with RSA-OAEP. Using SEM and Without
public-key cryptography / IBE mRSA SEM RSA-IBE Classic RSA OAEP CPA CCA2 authentication Shamir signature
2012/3/20
In this article we show how we can integrate the RSA (RSA-OAEP) into the IBE. Our prove can be make with either Standard Model or Random Oracle. We firstly develop the basic ideas made in this directi...
Instantiability of RSA-OAEP under Chosen-Plaintext Attack
public-key cryptography / RSA OAEP padding-based encryption lossy trapdoor functions leftover hash lemma standard model
2012/3/23
We show that the widely deployed RSA-OAEP encryption scheme of Bellare and Rogaway (Eurocrypt 1994), which combines RSA with two rounds of an underlying Feistel network whose hash ({\em i.e.}, round) ...
Instantiability of RSA-OAEP under Chosen-Plaintext Attack
public-key cryptography / RSA OAEP padding-based encryption lossy trapdoor functions leftover hash lemma standard model
2012/3/23
We show that the widely deployed RSA-OAEP encryption scheme of Bellare and Rogaway (Eurocrypt 1994), which combines RSA with two rounds of an underlying Feistel network whose hash ({\em i.e.}, round) ...
Recently Victor Shoup noted that there is a gap in the widely-believed security
result of OAEP against adaptive chosen-ciphertext attacks. Moreover,
he showed that, presumably, OAEP cannot be proven...
A Weak-Randomizer Attack on RSA-OAEP with e = 3
Weak-Randomizer Attack RSA-OAEP Coppersmith's heuristic algorithm
2009/2/13
Coppersmith's heuristic algorithm for finding small roots of bivariate modular equations
can be applied against low-exponent RSA-OAEP if its randomizer is weak. An adversary that
knows the randomize...
Firstly, we demonstrate a pathological hash function choice that makes RSA-OAEP insecure.
This shows that at least some security property is necessary for the hash functions used in RSAOAEP.