About Opentopia
Opentopia Directory Encyclopedia Tools

Optimal Asymmetric Encryption Padding

Encyclopedia : O : OP : OPT : Optimal Asymmetric Encryption Padding

 

In cryptography, Optimal Asymmetric Encryption Padding (OAEP) is a padding scheme often used together with RSA encryption. The OAEP algorithm is a form of feistel network which uses a pair of random oracles G and H to process the plaintext prior to asymmetric encryption. When combined with any secure trapdoor one-way function [f], this processing results in a combined scheme which is semantically secure under chosen plaintext attack (IND-CPA). When implemented with certain trapdoor functions (e.g., RSA-OAEP), OAEP is also secure against chosen ciphertext attack.

OAEP satisfies the following two goals:

  1. Add an element of randomness which can be used to convert a deterministic encryption scheme (e.g., traditional RSA) into a probabilistic scheme.
  2. Prevent partial decryption of ciphertexts (or other information leakage) by ensuring that an adversary cannot recover any portion of the plaintext without completely defeating the trapdoor one-way function [f].
The original version of OAEP (Bellare/Rogaway, 1994) claimed a form of "plaintext awareness" that implied security against chosen ciphertext attack. Subsequent results contradicted this result. However, for various reasons, the original scheme was found to be secure when OAEP is used with the RSA function using standard encryption exponents, as in the case of RSA-OAEP. An improved scheme called OAEP+ was offered by Shoup to solve this problem.

References

 

From Wikipedia, the Free Encyclopedia. Original article here. Support Wikipedia by contributing or donating.
All text is available under the terms of the GNU Free Documentation License See Wikipedia Copyrights for details.

Search Titles
0123456789
ABCDEFGHIJ
KLMNOPQRST
UVWXYZ?

E-mail this article to:

Personal Message: