Taxonomical Security Consideration of OAEP Variants(<Special Section>Discrete Mathematics and Its Applications)
スポンサーリンク
概要
- 論文の詳細を見る
We first model the variants of OAEP and SAEP by changing a construction and position of a redundancy, and establish a universal proof technique in the random oracle model, the comprehensive event dividing tree. We then make a taxonomical security consideration of the variants of OAEP and SAEP, based on the assumptions of one-wayness and partial-domain one-wayness of the encryption permutation, by applying the tree. Furthermore, we demonstrate the concrete attack procedures against all insecure schemes; we insist that the security proof failure leads to some attacks. From the security consideration, we find that one of the variants leads to a scheme without the redundancy; the scheme is not PA (plaintext aware) but IND-CCA2 secure. Finally, we conclude that some of them are practical in terms of security tightness and short bandwidth.
- 社団法人電子情報通信学会の論文
- 2006-05-01
著者
-
KOMANO Yuichi
Toshiba Corporation
-
OHTA Kazuo
University of Electro-Communications
-
Komano Yuichi
Toshiba Corp. Kawasaki‐shi Jpn
関連論文
- BS-CPA: Built-In Determined Sub-Key Correlation Power Analysis
- Cryptanalysis of Two MD5-Based Authentication Protocols: APOP and NMAC
- Extended Password Recovery Attacks against APOP, SIP, and Digest Authentication
- Toward the Fair Anonymous Signatures : Deniable Ring Signatures(Signatures,Cryptography and Information Security)
- Security of Cryptosystems Using Merkle-Damgård in the Random Oracle Model
- Extension of Secret Handshake Protocols with Multiple Groups in Monotone Condition
- Cryptanalysis of Two MD5-Based Authentication Protocols : APOP and NMAC
- Practical Password Recovery Attacks on MD4 Based Prefix and Hybrid Authentication Protocols
- Extended Password Recovery Attacks against APOP, SIP, and Digest Authentication
- A Strict Evaluation on the Number of Conditions for SHA-1 Collision Search
- New Message Differences for Collision Attacks on MD4 and MD5
- Improved Collision Attacks on MD4 and MD5(Hash Functions,Cryptography and Information Security)
- Universally composable client-to-client general authenticated key exchange (特集:情報システムを支えるコンピュータセキュリティ技術の再考)
- Universally Composable Hierarchical Hybrid Authenticated Key Exchange(Protocols,Cryptography and Information Security)
- Improved Collision Search for Hash Functions : New Advanced Message Modification
- Provably Secure Untraceable Electronic Cash against Insider Attacks(Discrete Mathematics and Its Applications)
- Fair Exchange of Signatures with Multiple Signers(Discrete Mathematics and Its Applications)
- OAEP-ES : Methodology of Universal Padding Technique (Asymmetric Cipher) (Cryptography and Information Security)
- Solutions to Security Problems of Rivest and Shamir's Pay Word Scheme(Application)(Cryptography and Information Security)
- Provably Secure Multisignatures in Formal Security Model and Their Optimality
- Taxonomical Security Consideration of OAEP Variants(Discrete Mathematics and Its Applications)
- BS-CPA : Built-In Determined Sub-Key Correlation Power Analysis
- Power Analysis against a DPA-Resistant S-Box Implementation Based on the Fourier Transform
- Near-Collision Attacks on MD4 : Applied to MD4-Based Protocols
- Security of Cryptosystems Using Merkle-Damgard in the Random Oracle Model
- Visual Secret Sharing Schemes for Multiple Secret Images Allowing the Rotation of Shares(Discrete Mathematics and Its Applications)
- Ring signatures: universally composable definitions and constructions (特集:情報システムを支えるコンピュータセキュリティ技術の再考)
- Leaky Random Oracle
- FOREWORD
- Universally Composable NBAC-Based Fair Voucher Exchange for Mobile Environments
- How to Shorten a Ciphertext of Reproducible Key Encapsulation Mechanisms in the Random Oracle Model
- Meet-in-the-Middle (Second) Preimage Attacks on Two Double-Branch Hash Functions RIPEMD and RIPEMD-128
- Toward Effective Countermeasures against an Improved Fault Sensitivity Analysis
- Proxiable Designated Verifier Signature
- A New Type of Fault-Based Attack: Fault Behavior Analysis