Instantiability of RSA-OAEP under chosen-plaintext attack

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 6223 LNCS, Issue , 2010, Pages 295-313

  Kiltz, Eike ^a   O'Neill, Adam ^b   Smith, Adam ^c  

^a CWI   (Netherlands)

^b GEORGIA INSTITUTE OF TECHNOLOGY   (United States)

^c PENNSYLVANIA STATE UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

CHOSEN-PLAINTEXT ATTACK; DISTINGUISHERS; ENCRYPTION SCHEMES; INDISTINGUISHABILITY; NON-INTERACTIVE; NON-TRIVIAL; RANDOM ORACLE; THE STANDARD MODEL; TRAPDOOR PERMUTATIONS;

HASH FUNCTIONS;

EID: 77957001343     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-14623-7_16     Document Type: Conference Paper

References (43)

1. Abdalla, M., Bellare, M., Rogaway, P.: The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, p. 143. Springer, Heidelberg (2001)
2. Barak, B., Shaltiel, R., Tromer, E.: True Random Number Generators Secure in a Changing Environment. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 166-180. Springer, Heidelberg (2003)
3. Bellare, M., Rompel, J.: Randomness-Efficient Oblivious Sampling. In: FOCS 1994. ACM, New York (1994)
4. Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: The Conference on Computer and Communications Security. ACM, New York (1993)
5. Bellare, M., Rogaway, P.: Optimal asymmetric encryption: How to encrypt with RSA. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 92-111. Springer, Heidelberg (1995)
6. Boldyreva, A., Fehr, S., O'Neill, A.: On notions of security for deterministic encryption, and efficient constructions without random oracles. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 335-359. Springer, Heidelberg (2008)
7. Boldyreva, A., Fischlin, M.: Analysis of random oracle instantiation scenarios for OAEP and other practical schemes. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 412-429. Springer, Heidelberg (2005)
8. Boldyreva, A., Fischlin, M.: On the security of OAEP. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 210-225. Springer, Heidelberg (2006)
9. Boneh, D.: Simplified OAEP for the RSA and Rabin functions. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, p. 275. Springer, Heidelberg (2001)
10. Brown, D.: What hashes make RSA-OAEP secure? In: Cryptology ePrint Archive, Report 2006/223 (2006)
11. Boldyreva, A., Cash, C., Fischlin, M., Warinschi, B.: Efficient private bidding and auctions with an oblivious third party. In: ASIACRYPT 2009 (2009)
12. Cachin, C.: Efficient private bidding and auctions with an oblivious third party. In: CCS 1999. ACM, New York (1999)
13. Cachin, C., Micali, S., Stadler, M.: Computationally private information retrieval with polylogarithmic communication. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, p. 402. Springer, Heidelberg (1999), http://www.zurich. ibm.com/~cca/papers/cpir.pdf
14. Canetti, R.: Towards realizing random oracles: Hash functions that hide all partial information. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 455-469. Springer, Heidelberg (1997)
15. Canetti, R., Dakdouk, R.: Extractable Perfectly One-Way Functions. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 449-460. Springer, Heidelberg (2008)
16. Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology, revisited. J. ACM 51(4), 557-594 (2004)
17. Canetti, R., Micciancio, D., Reingold, O.: Perfectly one-way probabilistic hash functions. In: STOC 1998. ACM, New York (1998)
18. Coppersmith, D.: Small solutions to polynomial equations, and low exponent RSA vulnerabilities. J. Cryptology 10 (1997)
19. Coron, J.-S., Joye, M., Naccache, D., Paillier, P.: New Attacks on PKCS #1 v1.5 Encryption. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, p. 369. Springer, Heidelberg (2000)
20. Coron, J.-S., Joye, M., Naccache, D., Paillier, P.: Universal Padding Schemes for RSA. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, p. 226. Springer, Heidelberg (2002)
21. Dodis, Y., Oliveira, R., Pietrzak, K.: On the Generic Insecurity of the Full Domain Hash. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 449-466. Springer, Heidelberg (2005)
22. Dodis, Y., Smith, A.: Correcting errors without leaking partial information. In: STOC 2005. ACM Press, New York (2005)
23. Fujisaki, E., Okamoto, T., Pointcheval, D., Stern, J.: RSA-OAEP is secure under the RSA assumption. J. Cryptology 17(2), 81-104 (2004)
24. Gentry, C., Mackenzie, P., Ramzan, Z.: Password authenticated key exchange using hidden smooth subgroups. In: CCS 2005. ACM, New York (2005)
25. Hemenway, B., Ostrovsky, R.: Public-key locally-decodable codes. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 126-143. Springer, Heidelberg (2008)
26. Kazukuni, K., Imai, H.: OAEP++: A Very Simple Way to Apply OAEP to Deterministic OW-CPA Primitives. In: Cryptology ePrint Archive, Report 2002/130 (2002)
27. Kiltz, E., O'Neill, A., Smith, A.: Instantiability of RSA-OAEP under Chosen-Plaintexts Attacks. Full version of this paper
28. Kiltz, E., Pietrzak, K.: The Group of Signed Quadratic Residues and Applications. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 637-653. Springer, Heidelberg (2009)
29. Kiltz, E., Pietrzak, K.: On the security of padding-based encryption schemes (or: Why we cannot prove OAEP secure in the standard model). In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 389-406. Springer, Heidelberg (2009)
30. Kiltz, E., Pietrzak, K.: Personal Communication (2009)
31. Lenstra, A.K.: Unbelievable security: Matching AES security using public key systems. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, p. 67. Springer, Heidelberg (2001)
32. May, A.: Using LLL-Reduction for Solving RSA and Factorization Problems: A Survey. In: LLL+25 Conference in Honour of the 25th Birthday of the LLL Algorithm (2007)
33. Herrmann, M., May, A.: Solving Linear Equations Modulo Divisors: On Factoring Given Any Bits. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 406-424. Springer, Heidelberg (2008)
34. Paillier, P., Villar, J.: Trading one-wayness against chosen-ciphertext security in factoring-based encryption. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 252-266. Springer, Heidelberg (2006)
35. Pandey, O., Pass, R., Vaikuntanathan, V.: Adaptive One-Way Functions and Applications. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 57-74. Springer, Heidelberg (2008)
36. Peikert, C., Waters, B.: Lossy trapdoor functions and their applications. In: STOC 2008. ACM, New York (2008)
37. RSA Laboratories Public-Key Cryptography Standards, http://www.rsa.com/ rsalabs/pkcs/
38. Rivest, R., Shamir, A., Adelman, L.: A method for obtaining public-key cryp-tosystems and digital signatures. Technical Report MIT/LCS/TM-82 (1977)
39. Rivest, R., Shamir, A., Adelman, L.: Cryptographic communications system and method. U.S. Patent 4,405,829 (1983)
40. Schridde, C., Freisleben, B.: On the validity of the Φ-Hiding Assumption in cryptographic protocols. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 344-354. Springer, Heidelberg (2008)
41. Shoup, V.: OAEP Reconsidered. J. Cryptology 15(4), 223-249 (2002)
42. Trevisan, L., Vadhan, S.: Extracting Randomness from Samplable Distributions. In: FOCS 2000. ACM, New York (2000)
43. Yilek, S., Rescorla, E., Shacham, H., Enright, B., Savage, S.: When Private Keys are Public: Results from the 2008 Debian OpenSSL Debacle. In: IMC 2009 (2009)