sg:pub.10.1007/s00145-016-9238-4 - Springer Nature SciGraph

Article Info

DATE

2016-09-19

AUTHORS

ABSTRACT

We show that the widely deployed RSA-OAEP encryption scheme of Bellare and Rogaway (Eurocrypt 1994), which combines RSA with two rounds of an underlying Feistel network whose hash ( i.e., round) functions are modeled as random oracles, meets indistinguishability under chosen-plaintext attack (IND-CPA) in the standard model based on simple, non-interactive, and non-interdependent assumptions on RSA and the hash functions. To prove this, we first give a result on a more general notion called “padding-based” encryption, saying that such a scheme is IND-CPA if (1) its underlying padding transform satisfies a “fooling" condition against small-range distinguishers on a class of high-entropy input distributions, and (2) its trapdoor permutation is sufficiently lossy as defined by Peikert and Waters (STOC 2008). We then show that the first round of OAEP satisfies condition (1) if its hash function is t-wise independent for t roughly proportional to the allowed message length. We clarify that this result requires the hash function to be keyed, and for its key to be included in the public key of RSA-OAEP. We also show that RSA satisfies condition (2) under the Φ\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\Phi $$\end{document}-Hiding Assumption of Cachin et al. (Eurocrypt 1999). This is the first positive result about the instantiability of RSA-OAEP. In particular, it increases confidence that chosen-plaintext attacks are unlikely to be found against the scheme. In contrast, RSA-OAEP’s predecessor in PKCS #1 v1.5 was shown to be vulnerable to such attacks by Coron et al. (Eurocrypt 2000). More... »

PAGES

889-919

References to SciGraph publications

2008-01-01. Public-Key Locally-Decodable Codes in ADVANCES IN CRYPTOLOGY – CRYPTO 2008

2013. Instantiating Random Oracles via UCEs in ADVANCES IN CRYPTOLOGY – CRYPTO 2013

2009. The Group of Signed Quadratic Residues and Applications in ADVANCES IN CRYPTOLOGY - CRYPTO 2009

1992. Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack in ADVANCES IN CRYPTOLOGY — CRYPTO ’91

2002-09-13. Universal Padding Schemes for RSA in ADVANCES IN CRYPTOLOGY — CRYPTO 2002

2014. On the Lossiness of the Rabin Trapdoor Function in PUBLIC-KEY CRYPTOGRAPHY – PKC 2014

2000-05-12. New Attacks on PKCS#1 v1.5 Encryption in ADVANCES IN CRYPTOLOGY — EUROCRYPT 2000

2011. Improved Cryptanalysis of the Multi-Prime φ - Hiding Assumption in PROGRESS IN CRYPTOLOGY – AFRICACRYPT 2011

2005. Analysis of Random Oracle Instantiation Scenarios for OAEP and Other Practical Schemes in ADVANCES IN CRYPTOLOGY – CRYPTO 2005

1999-04-15. Computationally Private Information Retrieval with Polylogarithmic Communication in ADVANCES IN CRYPTOLOGY — EUROCRYPT ’99

2005. On the Generic Insecurity of the Full Domain Hash in ADVANCES IN CRYPTOLOGY – CRYPTO 2005

1997. Towards realizing random oracles: Hash functions that hide all partial information in ADVANCES IN CRYPTOLOGY — CRYPTO '97

2013. Regularity of Lossy RSA on Subdomains and Its Applications in ADVANCES IN CRYPTOLOGY – EUROCRYPT 2013

2001-11-20. Unbelievable Security Matching AES Security Using Public Key Systems in ADVANCES IN CRYPTOLOGY — ASIACRYPT 2001

2007-01-01. Deterministic and Efficiently Searchable Encryption in ADVANCES IN CRYPTOLOGY - CRYPTO 2007

2009. On the Security of Padding-Based Encryption Schemes – or – Why We Cannot Prove OAEP Secure in the Standard Model in ADVANCES IN CRYPTOLOGY - EUROCRYPT 2009

2010. Instantiability of RSA-OAEP under Chosen-Plaintext Attack in ADVANCES IN CRYPTOLOGY – CRYPTO 2010

2001-04-02. The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES in TOPICS IN CRYPTOLOGY — CT-RSA 2001

1997-09. Small Solutions to Polynomial Equations, and Low Exponent RSA Vulnerabilities in JOURNAL OF CRYPTOLOGY

2008. On the Validity of the Φ-Hiding Assumption in Cryptographic Protocols in ADVANCES IN CRYPTOLOGY - ASIACRYPT 2008

2015. On the Regularity of Lossy RSA in THEORY OF CRYPTOGRAPHY

1990. Proving Security Against Chosen Ciphertext Attacks in ADVANCES IN CRYPTOLOGY — CRYPTO’ 88

2006. Trading One-Wayness Against Chosen-Ciphertext Security in Factoring-Based Encryption in ADVANCES IN CRYPTOLOGY – ASIACRYPT 2006

2015. Non-committing Encryption from Φ-hiding in THEORY OF CRYPTOGRAPHY

2006. On the Security of OAEP in ADVANCES IN CRYPTOLOGY – ASIACRYPT 2006

2004. Towards Plaintext-Aware Public-Key Encryption Without Random Oracles in ADVANCES IN CRYPTOLOGY - ASIACRYPT 2004

2011-11-11. More Constructions of Lossy and Correlation-Secure Trapdoor Functions in JOURNAL OF CRYPTOLOGY

2008-01-01. On Notions of Security for Deterministic Encryption, and Efficient Constructions without Random Oracles in ADVANCES IN CRYPTOLOGY – CRYPTO 2008

2002-08-12. RSA-OAEP Is Secure under the RSA Assumption in JOURNAL OF CRYPTOLOGY

2009. Foundations of Non-malleable Hash and One-Way Functions in ADVANCES IN CRYPTOLOGY – ASIACRYPT 2009

1995. Optimal asymmetric encryption in ADVANCES IN CRYPTOLOGY — EUROCRYPT'94

2003. True Random Number Generators Secure in a Changing Environment in CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS - CHES 2003

2001-08-02. Simplified OAEP for the RSA and Rabin Functions in ADVANCES IN CRYPTOLOGY — CRYPTO 2001

2002-09. OAEP Reconsidered in JOURNAL OF CRYPTOLOGY

2001-04-15. On Perfect and Adaptive Security in Exposure-Resilient Cryptography in ADVANCES IN CRYPTOLOGY — EUROCRYPT 2001

2000-12-01. The Notion of Security for Probabilistic Cryptosystems (Extended Abstract) in ADVANCES IN CRYPTOLOGY — CRYPTO’ 86

2008-01-01. Extractable Perfectly One-Way Functions in AUTOMATA, LANGUAGES AND PROGRAMMING

Journal

TITLE

Journal of Cryptology

ISSUE

VOLUME

Subjects

FOR: Information And Computing Sciences

FOR: Data Format

Author Affiliations

Ruhr-Universität Bochum, Bochum, Germany

Georgetown University, Washington, DC, USA

Pennsylvania State University, University Park, PA, USA

From Grant

Algorithms For Private Data Analysis

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/s00145-016-9238-4

DOI

http://dx.doi.org/10.1007/s00145-016-9238-4

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1035989082

Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool

Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Data Format", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Ruhr-Universit\u00e4t Bochum, Bochum, Germany", 
          "id": "http://www.grid.ac/institutes/grid.5570.7", 
          "name": [
            "Ruhr-Universit\u00e4t Bochum, Bochum, Germany"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Kiltz", 
        "givenName": "Eike", 
        "id": "sg:person.011110230247.96", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011110230247.96"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Georgetown University, Washington, DC, USA", 
          "id": "http://www.grid.ac/institutes/grid.213910.8", 
          "name": [
            "Georgetown University, Washington, DC, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "O\u2019Neill", 
        "givenName": "Adam", 
        "id": "sg:person.014355003777.71", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014355003777.71"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Pennsylvania State University, University Park, PA, USA", 
          "id": "http://www.grid.ac/institutes/grid.29857.31", 
          "name": [
            "Pennsylvania State University, University Park, PA, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Smith", 
        "givenName": "Adam", 
        "id": "sg:person.013307226666.21", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013307226666.21"
        ], 
        "type": "Person"
      }
    ], 
    "citation": [
      {
        "id": "sg:pub.10.1007/3-540-48910-x_28", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1017908723", 
          "https://doi.org/10.1007/3-540-48910-x_28"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-540-89255-7_21", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1015069617", 
          "https://doi.org/10.1007/978-3-540-89255-7_21"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-642-54631-0_22", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1003820973", 
          "https://doi.org/10.1007/978-3-642-54631-0_22"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/s00145-002-0133-9", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1030924084", 
          "https://doi.org/10.1007/s00145-002-0133-9"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-642-10366-7_31", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1030652162", 
          "https://doi.org/10.1007/978-3-642-10366-7_31"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/s001459900030", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1004544479", 
          "https://doi.org/10.1007/s001459900030"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-662-46494-6_25", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1042535398", 
          "https://doi.org/10.1007/978-3-662-46494-6_25"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/3-540-45353-9_12", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1023039026", 
          "https://doi.org/10.1007/3-540-45353-9_12"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-540-85174-5_8", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1004916209", 
          "https://doi.org/10.1007/978-3-540-85174-5_8"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/s00145-002-0204-y", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1037088098", 
          "https://doi.org/10.1007/s00145-002-0204-y"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-642-14623-7_16", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1003428365", 
          "https://doi.org/10.1007/978-3-642-14623-7_16"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/3-540-45708-9_15", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1032928311", 
          "https://doi.org/10.1007/3-540-45708-9_15"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-642-38348-9_4", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1041449845", 
          "https://doi.org/10.1007/978-3-642-38348-9_4"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-540-74143-5_30", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1002281087", 
          "https://doi.org/10.1007/978-3-540-74143-5_30"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/3-540-47721-7_27", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1021006744", 
          "https://doi.org/10.1007/3-540-47721-7_27"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-642-40084-1_23", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1021415438", 
          "https://doi.org/10.1007/978-3-642-40084-1_23"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/11535218_25", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1049732998", 
          "https://doi.org/10.1007/11535218_25"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/11935230_14", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1053291772", 
          "https://doi.org/10.1007/11935230_14"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/3-540-44987-6_19", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1015139947", 
          "https://doi.org/10.1007/3-540-44987-6_19"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-642-01001-9_23", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1041093246", 
          "https://doi.org/10.1007/978-3-642-01001-9_23"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/11535218_27", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1034562243", 
          "https://doi.org/10.1007/11535218_27"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/bfb0053428", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1035370576", 
          "https://doi.org/10.1007/bfb0053428"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/11935230_17", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1045271661", 
          "https://doi.org/10.1007/11935230_17"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/bfb0052255", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1033233326", 
          "https://doi.org/10.1007/bfb0052255"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-540-30539-2_4", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1044260446", 
          "https://doi.org/10.1007/978-3-540-30539-2_4"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-642-21969-6_6", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1002272846", 
          "https://doi.org/10.1007/978-3-642-21969-6_6"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/3-540-44647-8_17", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1048442413", 
          "https://doi.org/10.1007/3-540-44647-8_17"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-540-70583-3_37", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1006236942", 
          "https://doi.org/10.1007/978-3-540-70583-3_37"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/0-387-34799-2_20", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1007936646", 
          "https://doi.org/10.1007/0-387-34799-2_20"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-662-46494-6_24", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1039851442", 
          "https://doi.org/10.1007/978-3-662-46494-6_24"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/3-540-45539-6_25", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1000220017", 
          "https://doi.org/10.1007/3-540-45539-6_25"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/3-540-46766-1_35", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1038119898", 
          "https://doi.org/10.1007/3-540-46766-1_35"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-540-45238-6_14", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1045341369", 
          "https://doi.org/10.1007/978-3-540-45238-6_14"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/s00145-011-9112-3", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1019545133", 
          "https://doi.org/10.1007/s00145-011-9112-3"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/3-540-45682-1_5", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1013919939", 
          "https://doi.org/10.1007/3-540-45682-1_5"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-642-03356-8_37", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1011646169", 
          "https://doi.org/10.1007/978-3-642-03356-8_37"
        ], 
        "type": "CreativeWork"
      }, 
      {
        "id": "sg:pub.10.1007/978-3-540-85174-5_19", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1048809352", 
          "https://doi.org/10.1007/978-3-540-85174-5_19"
        ], 
        "type": "CreativeWork"
      }
    ], 
    "datePublished": "2016-09-19", 
    "datePublishedReg": "2016-09-19", 
    "description": "We show that the widely deployed RSA-OAEP encryption scheme of Bellare and Rogaway (Eurocrypt 1994), which combines RSA with two rounds of an underlying Feistel network whose hash ( i.e., round) functions are modeled as random oracles, meets indistinguishability under chosen-plaintext attack (IND-CPA) in the standard model based on simple, non-interactive, and non-interdependent assumptions on RSA and the hash functions. To prove this, we first give a result on a more general notion called \u201cpadding-based\u201d encryption, saying that such a scheme is IND-CPA if (1) its underlying padding transform satisfies a \u201cfooling\" condition against small-range distinguishers on a class of high-entropy input distributions, and (2) its trapdoor permutation is sufficiently lossy as defined by Peikert and Waters (STOC 2008). We then show that the first round of OAEP satisfies condition (1) if its hash function is t-wise independent for t roughly proportional to the allowed message length. We clarify that this result requires the hash function to be keyed, and for its key to be included in the public key of RSA-OAEP. We also show that RSA satisfies condition (2) under the \u03a6\\documentclass[12pt]{minimal}\n\t\t\t\t\\usepackage{amsmath}\n\t\t\t\t\\usepackage{wasysym}\n\t\t\t\t\\usepackage{amsfonts}\n\t\t\t\t\\usepackage{amssymb}\n\t\t\t\t\\usepackage{amsbsy}\n\t\t\t\t\\usepackage{mathrsfs}\n\t\t\t\t\\usepackage{upgreek}\n\t\t\t\t\\setlength{\\oddsidemargin}{-69pt}\n\t\t\t\t\\begin{document}$$\\Phi $$\\end{document}-Hiding Assumption of Cachin et al.\u00a0(Eurocrypt 1999). This is the first positive result about the instantiability of RSA-OAEP. In particular, it increases confidence that chosen-plaintext attacks are unlikely to be found against the scheme. In contrast, RSA-OAEP\u2019s predecessor in PKCS #1 v1.5 was shown to be vulnerable to such attacks by Coron et al.\u00a0(Eurocrypt 2000).", 
    "genre": "article", 
    "id": "sg:pub.10.1007/s00145-016-9238-4", 
    "inLanguage": "en", 
    "isAccessibleForFree": true, 
    "isFundedItemOf": [
      {
        "id": "sg:grant.3082012", 
        "type": "MonetaryGrant"
      }, 
      {
        "id": "sg:grant.3084991", 
        "type": "MonetaryGrant"
      }, 
      {
        "id": "sg:grant.3092817", 
        "type": "MonetaryGrant"
      }, 
      {
        "id": "sg:grant.3798711", 
        "type": "MonetaryGrant"
      }, 
      {
        "id": "sg:grant.7553629", 
        "type": "MonetaryGrant"
      }, 
      {
        "id": "sg:grant.3063698", 
        "type": "MonetaryGrant"
      }
    ], 
    "isPartOf": [
      {
        "id": "sg:journal.1136278", 
        "issn": [
          "0933-2790", 
          "1432-1378"
        ], 
        "name": "Journal of Cryptology", 
        "publisher": "Springer Nature", 
        "type": "Periodical"
      }, 
      {
        "issueNumber": "3", 
        "type": "PublicationIssue"
      }, 
      {
        "type": "PublicationVolume", 
        "volumeNumber": "30"
      }
    ], 
    "keywords": [
      "hash function", 
      "chosen-plaintext attack", 
      "RSA-OAEP", 
      "first positive results", 
      "positive results", 
      "RSA-OAEP encryption scheme", 
      "encryption scheme", 
      "random oracles", 
      "IND-CPA", 
      "first round", 
      "public key", 
      "such attacks", 
      "plaintext attack", 
      "Feistel network", 
      "trapdoor permutations", 
      "message length", 
      "Cachin et al", 
      "Coron et al", 
      "attacks", 
      "scheme", 
      "RSA", 
      "function", 
      "v1.5", 
      "rounds", 
      "encryption", 
      "input distribution", 
      "instantiability", 
      "Bellare", 
      "Rogaway", 
      "network", 
      "oracle", 
      "results", 
      "general notion", 
      "Peikert", 
      "key", 
      "Hiding Assumption", 
      "contrast", 
      "indistinguishability", 
      "conditions", 
      "distinguisher", 
      "length", 
      "et al", 
      "confidence", 
      "PKCs", 
      "standard model", 
      "permutations", 
      "predecessors", 
      "model", 
      "assumption", 
      "notion", 
      "satisfies", 
      "class", 
      "distribution", 
      "satisfies condition", 
      "al", 
      "water"
    ], 
    "name": "Instantiability of RSA-OAEP Under Chosen-Plaintext Attack", 
    "pagination": "889-919", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1035989082"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/s00145-016-9238-4"
        ]
      }
    ], 
    "sameAs": [
      "https://doi.org/10.1007/s00145-016-9238-4", 
      "https://app.dimensions.ai/details/publication/pub.1035989082"
    ], 
    "sdDataset": "articles", 
    "sdDatePublished": "2022-06-01T22:15", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220601/entities/gbq_results/article/article_710.jsonl", 
    "type": "ScholarlyArticle", 
    "url": "https://doi.org/10.1007/s00145-016-9238-4"
  }
]

Download the RDF metadata as: json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/s00145-016-9238-4'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/s00145-016-9238-4'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/s00145-016-9238-4'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/s00145-016-9238-4'

This table displays all metadata directly associated to this object as RDF triples.

294 TRIPLES 22 PREDICATES 118 URIs 73 LITERALS 6 BLANK NODES

	Subject	Predicate	Object
1	sg:pub.10.1007/s00145-016-9238-4	schema:about	anzsrc-for:08
2	″	″	anzsrc-for:0804
3	″	schema:author	Nde3a9ffebdde44d291b2f6efb11bc5cd
4	″	schema:citation	sg:pub.10.1007/0-387-34799-2_20
5	″	″	sg:pub.10.1007/11535218_25
6	″	″	sg:pub.10.1007/11535218_27
7	″	″	sg:pub.10.1007/11935230_14
8	″	″	sg:pub.10.1007/11935230_17
9	″	″	sg:pub.10.1007/3-540-44647-8_17
10	″	″	sg:pub.10.1007/3-540-44987-6_19
11	″	″	sg:pub.10.1007/3-540-45353-9_12
12	″	″	sg:pub.10.1007/3-540-45539-6_25
13	″	″	sg:pub.10.1007/3-540-45682-1_5
14	″	″	sg:pub.10.1007/3-540-45708-9_15
15	″	″	sg:pub.10.1007/3-540-46766-1_35
16	″	″	sg:pub.10.1007/3-540-47721-7_27
17	″	″	sg:pub.10.1007/3-540-48910-x_28
18	″	″	sg:pub.10.1007/978-3-540-30539-2_4
19	″	″	sg:pub.10.1007/978-3-540-45238-6_14
20	″	″	sg:pub.10.1007/978-3-540-70583-3_37
21	″	″	sg:pub.10.1007/978-3-540-74143-5_30
22	″	″	sg:pub.10.1007/978-3-540-85174-5_19
23	″	″	sg:pub.10.1007/978-3-540-85174-5_8
24	″	″	sg:pub.10.1007/978-3-540-89255-7_21
25	″	″	sg:pub.10.1007/978-3-642-01001-9_23
26	″	″	sg:pub.10.1007/978-3-642-03356-8_37
27	″	″	sg:pub.10.1007/978-3-642-10366-7_31
28	″	″	sg:pub.10.1007/978-3-642-14623-7_16
29	″	″	sg:pub.10.1007/978-3-642-21969-6_6
30	″	″	sg:pub.10.1007/978-3-642-38348-9_4
31	″	″	sg:pub.10.1007/978-3-642-40084-1_23
32	″	″	sg:pub.10.1007/978-3-642-54631-0_22
33	″	″	sg:pub.10.1007/978-3-662-46494-6_24
34	″	″	sg:pub.10.1007/978-3-662-46494-6_25
35	″	″	sg:pub.10.1007/bfb0052255
36	″	″	sg:pub.10.1007/bfb0053428
37	″	″	sg:pub.10.1007/s00145-002-0133-9
38	″	″	sg:pub.10.1007/s00145-002-0204-y
39	″	″	sg:pub.10.1007/s00145-011-9112-3
40	″	″	sg:pub.10.1007/s001459900030
41	″	schema:datePublished	2016-09-19
42	″	schema:datePublishedReg	2016-09-19
43	″	schema:description	We show that the widely deployed RSA-OAEP encryption scheme of Bellare and Rogaway (Eurocrypt 1994), which combines RSA with two rounds of an underlying Feistel network whose hash ( i.e., round) functions are modeled as random oracles, meets indistinguishability under chosen-plaintext attack (IND-CPA) in the standard model based on simple, non-interactive, and non-interdependent assumptions on RSA and the hash functions. To prove this, we first give a result on a more general notion called “padding-based” encryption, saying that such a scheme is IND-CPA if (1) its underlying padding transform satisfies a “fooling" condition against small-range distinguishers on a class of high-entropy input distributions, and (2) its trapdoor permutation is sufficiently lossy as defined by Peikert and Waters (STOC 2008). We then show that the first round of OAEP satisfies condition (1) if its hash function is t-wise independent for t roughly proportional to the allowed message length. We clarify that this result requires the hash function to be keyed, and for its key to be included in the public key of RSA-OAEP. We also show that RSA satisfies condition (2) under the Φ\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\Phi $$\end{document}-Hiding Assumption of Cachin et al. (Eurocrypt 1999). This is the first positive result about the instantiability of RSA-OAEP. In particular, it increases confidence that chosen-plaintext attacks are unlikely to be found against the scheme. In contrast, RSA-OAEP’s predecessor in PKCS #1 v1.5 was shown to be vulnerable to such attacks by Coron et al. (Eurocrypt 2000).
44	″	schema:genre	article
45	″	schema:inLanguage	en
46	″	schema:isAccessibleForFree	true
47	″	schema:isPartOf	N1e23dc0042e44e7da82a2d8308b9fcd0
48	″	″	N263638b69f7f4117935f246c6bbb4e3e
49	″	″	sg:journal.1136278
50	″	schema:keywords	Bellare
51	″	″	Cachin et al
52	″	″	Coron et al
53	″	″	Feistel network
54	″	″	Hiding Assumption
55	″	″	IND-CPA
56	″	″	PKCs
57	″	″	Peikert
58	″	″	RSA
59	″	″	RSA-OAEP
60	″	″	RSA-OAEP encryption scheme
61	″	″	Rogaway
62	″	″	al
63	″	″	assumption
64	″	″	attacks
65	″	″	chosen-plaintext attack
66	″	″	class
67	″	″	conditions
68	″	″	confidence
69	″	″	contrast
70	″	″	distinguisher
71	″	″	distribution
72	″	″	encryption
73	″	″	encryption scheme
74	″	″	et al
75	″	″	first positive results
76	″	″	first round
77	″	″	function
78	″	″	general notion
79	″	″	hash function
80	″	″	indistinguishability
81	″	″	input distribution
82	″	″	instantiability
83	″	″	key
84	″	″	length
85	″	″	message length
86	″	″	model
87	″	″	network
88	″	″	notion
89	″	″	oracle
90	″	″	permutations
91	″	″	plaintext attack
92	″	″	positive results
93	″	″	predecessors
94	″	″	public key
95	″	″	random oracles
96	″	″	results
97	″	″	rounds
98	″	″	satisfies
99	″	″	satisfies condition
100	″	″	scheme
101	″	″	standard model
102	″	″	such attacks
103	″	″	trapdoor permutations
104	″	″	v1.5
105	″	″	water
106	″	schema:name	Instantiability of RSA-OAEP Under Chosen-Plaintext Attack
107	″	schema:pagination	889-919
108	″	schema:productId	N18a9f5a748674672b9a422f49b49cd29
109	″	″	Nd2e092a97d824a4c9423f4c57c93c8b0
110	″	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1035989082
111	″	″	https://doi.org/10.1007/s00145-016-9238-4
112	″	schema:sdDatePublished	2022-06-01T22:15
113	″	schema:sdLicense	https://scigraph.springernature.com/explorer/license/
114	″	schema:sdPublisher	N46d2c1202408416a8b81aca924d90585
115	″	schema:url	https://doi.org/10.1007/s00145-016-9238-4
116	″	sgo:license	sg:explorer/license/
117	″	sgo:sdDataset	articles
118	″	rdf:type	schema:ScholarlyArticle
119	N0938f31faa65451a8afe9f16a3afa1d2	rdf:first	sg:person.014355003777.71
120	″	rdf:rest	N1d95462b16444cfb9874761884339c32
121	N18a9f5a748674672b9a422f49b49cd29	schema:name	dimensions_id
122	″	schema:value	pub.1035989082
123	″	rdf:type	schema:PropertyValue
124	N1d95462b16444cfb9874761884339c32	rdf:first	sg:person.013307226666.21
125	″	rdf:rest	rdf:nil
126	N1e23dc0042e44e7da82a2d8308b9fcd0	schema:volumeNumber	30
127	″	rdf:type	schema:PublicationVolume
128	N263638b69f7f4117935f246c6bbb4e3e	schema:issueNumber	3
129	″	rdf:type	schema:PublicationIssue
130	N46d2c1202408416a8b81aca924d90585	schema:name	Springer Nature - SN SciGraph project
131	″	rdf:type	schema:Organization
132	Nd2e092a97d824a4c9423f4c57c93c8b0	schema:name	doi
133	″	schema:value	10.1007/s00145-016-9238-4
134	″	rdf:type	schema:PropertyValue
135	Nde3a9ffebdde44d291b2f6efb11bc5cd	rdf:first	sg:person.011110230247.96
136	″	rdf:rest	N0938f31faa65451a8afe9f16a3afa1d2
137	anzsrc-for:08	schema:inDefinedTermSet	anzsrc-for:
138	″	schema:name	Information and Computing Sciences
139	″	rdf:type	schema:DefinedTerm
140	anzsrc-for:0804	schema:inDefinedTermSet	anzsrc-for:
141	″	schema:name	Data Format
142	″	rdf:type	schema:DefinedTerm
143	sg:grant.3063698	http://pending.schema.org/fundedItem	sg:pub.10.1007/s00145-016-9238-4
144	″	rdf:type	schema:MonetaryGrant
145	sg:grant.3082012	http://pending.schema.org/fundedItem	sg:pub.10.1007/s00145-016-9238-4
146	″	rdf:type	schema:MonetaryGrant
147	sg:grant.3084991	http://pending.schema.org/fundedItem	sg:pub.10.1007/s00145-016-9238-4
148	″	rdf:type	schema:MonetaryGrant
149	sg:grant.3092817	http://pending.schema.org/fundedItem	sg:pub.10.1007/s00145-016-9238-4
150	″	rdf:type	schema:MonetaryGrant
151	sg:grant.3798711	http://pending.schema.org/fundedItem	sg:pub.10.1007/s00145-016-9238-4
152	″	rdf:type	schema:MonetaryGrant
153	sg:grant.7553629	http://pending.schema.org/fundedItem	sg:pub.10.1007/s00145-016-9238-4
154	″	rdf:type	schema:MonetaryGrant
155	sg:journal.1136278	schema:issn	0933-2790
156	″	″	1432-1378
157	″	schema:name	Journal of Cryptology
158	″	schema:publisher	Springer Nature
159	″	rdf:type	schema:Periodical
160	sg:person.011110230247.96	schema:affiliation	grid-institutes:grid.5570.7
161	″	schema:familyName	Kiltz
162	″	schema:givenName	Eike
163	″	schema:sameAs	https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011110230247.96
164	″	rdf:type	schema:Person
165	sg:person.013307226666.21	schema:affiliation	grid-institutes:grid.29857.31
166	″	schema:familyName	Smith
167	″	schema:givenName	Adam
168	″	schema:sameAs	https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013307226666.21
169	″	rdf:type	schema:Person
170	sg:person.014355003777.71	schema:affiliation	grid-institutes:grid.213910.8
171	″	schema:familyName	O’Neill
172	″	schema:givenName	Adam
173	″	schema:sameAs	https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014355003777.71
174	″	rdf:type	schema:Person
175	sg:pub.10.1007/0-387-34799-2_20	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1007936646
176	″	″	https://doi.org/10.1007/0-387-34799-2_20
177	″	rdf:type	schema:CreativeWork
178	sg:pub.10.1007/11535218_25	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1049732998
179	″	″	https://doi.org/10.1007/11535218_25
180	″	rdf:type	schema:CreativeWork
181	sg:pub.10.1007/11535218_27	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1034562243
182	″	″	https://doi.org/10.1007/11535218_27
183	″	rdf:type	schema:CreativeWork
184	sg:pub.10.1007/11935230_14	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1053291772
185	″	″	https://doi.org/10.1007/11935230_14
186	″	rdf:type	schema:CreativeWork
187	sg:pub.10.1007/11935230_17	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1045271661
188	″	″	https://doi.org/10.1007/11935230_17
189	″	rdf:type	schema:CreativeWork
190	sg:pub.10.1007/3-540-44647-8_17	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1048442413
191	″	″	https://doi.org/10.1007/3-540-44647-8_17
192	″	rdf:type	schema:CreativeWork
193	sg:pub.10.1007/3-540-44987-6_19	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1015139947
194	″	″	https://doi.org/10.1007/3-540-44987-6_19
195	″	rdf:type	schema:CreativeWork
196	sg:pub.10.1007/3-540-45353-9_12	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1023039026
197	″	″	https://doi.org/10.1007/3-540-45353-9_12
198	″	rdf:type	schema:CreativeWork
199	sg:pub.10.1007/3-540-45539-6_25	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1000220017
200	″	″	https://doi.org/10.1007/3-540-45539-6_25
201	″	rdf:type	schema:CreativeWork
202	sg:pub.10.1007/3-540-45682-1_5	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1013919939
203	″	″	https://doi.org/10.1007/3-540-45682-1_5
204	″	rdf:type	schema:CreativeWork
205	sg:pub.10.1007/3-540-45708-9_15	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1032928311
206	″	″	https://doi.org/10.1007/3-540-45708-9_15
207	″	rdf:type	schema:CreativeWork
208	sg:pub.10.1007/3-540-46766-1_35	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1038119898
209	″	″	https://doi.org/10.1007/3-540-46766-1_35
210	″	rdf:type	schema:CreativeWork
211	sg:pub.10.1007/3-540-47721-7_27	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1021006744
212	″	″	https://doi.org/10.1007/3-540-47721-7_27
213	″	rdf:type	schema:CreativeWork
214	sg:pub.10.1007/3-540-48910-x_28	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1017908723
215	″	″	https://doi.org/10.1007/3-540-48910-x_28
216	″	rdf:type	schema:CreativeWork
217	sg:pub.10.1007/978-3-540-30539-2_4	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1044260446
218	″	″	https://doi.org/10.1007/978-3-540-30539-2_4
219	″	rdf:type	schema:CreativeWork
220	sg:pub.10.1007/978-3-540-45238-6_14	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1045341369
221	″	″	https://doi.org/10.1007/978-3-540-45238-6_14
222	″	rdf:type	schema:CreativeWork
223	sg:pub.10.1007/978-3-540-70583-3_37	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1006236942
224	″	″	https://doi.org/10.1007/978-3-540-70583-3_37
225	″	rdf:type	schema:CreativeWork
226	sg:pub.10.1007/978-3-540-74143-5_30	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1002281087
227	″	″	https://doi.org/10.1007/978-3-540-74143-5_30
228	″	rdf:type	schema:CreativeWork
229	sg:pub.10.1007/978-3-540-85174-5_19	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1048809352
230	″	″	https://doi.org/10.1007/978-3-540-85174-5_19
231	″	rdf:type	schema:CreativeWork
232	sg:pub.10.1007/978-3-540-85174-5_8	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1004916209
233	″	″	https://doi.org/10.1007/978-3-540-85174-5_8
234	″	rdf:type	schema:CreativeWork
235	sg:pub.10.1007/978-3-540-89255-7_21	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1015069617
236	″	″	https://doi.org/10.1007/978-3-540-89255-7_21
237	″	rdf:type	schema:CreativeWork
238	sg:pub.10.1007/978-3-642-01001-9_23	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1041093246
239	″	″	https://doi.org/10.1007/978-3-642-01001-9_23
240	″	rdf:type	schema:CreativeWork
241	sg:pub.10.1007/978-3-642-03356-8_37	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1011646169
242	″	″	https://doi.org/10.1007/978-3-642-03356-8_37
243	″	rdf:type	schema:CreativeWork
244	sg:pub.10.1007/978-3-642-10366-7_31	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1030652162
245	″	″	https://doi.org/10.1007/978-3-642-10366-7_31
246	″	rdf:type	schema:CreativeWork
247	sg:pub.10.1007/978-3-642-14623-7_16	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1003428365
248	″	″	https://doi.org/10.1007/978-3-642-14623-7_16
249	″	rdf:type	schema:CreativeWork
250	sg:pub.10.1007/978-3-642-21969-6_6	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1002272846
251	″	″	https://doi.org/10.1007/978-3-642-21969-6_6
252	″	rdf:type	schema:CreativeWork
253	sg:pub.10.1007/978-3-642-38348-9_4	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1041449845
254	″	″	https://doi.org/10.1007/978-3-642-38348-9_4
255	″	rdf:type	schema:CreativeWork
256	sg:pub.10.1007/978-3-642-40084-1_23	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1021415438
257	″	″	https://doi.org/10.1007/978-3-642-40084-1_23
258	″	rdf:type	schema:CreativeWork
259	sg:pub.10.1007/978-3-642-54631-0_22	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1003820973
260	″	″	https://doi.org/10.1007/978-3-642-54631-0_22
261	″	rdf:type	schema:CreativeWork
262	sg:pub.10.1007/978-3-662-46494-6_24	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1039851442
263	″	″	https://doi.org/10.1007/978-3-662-46494-6_24
264	″	rdf:type	schema:CreativeWork
265	sg:pub.10.1007/978-3-662-46494-6_25	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1042535398
266	″	″	https://doi.org/10.1007/978-3-662-46494-6_25
267	″	rdf:type	schema:CreativeWork
268	sg:pub.10.1007/bfb0052255	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1033233326
269	″	″	https://doi.org/10.1007/bfb0052255
270	″	rdf:type	schema:CreativeWork
271	sg:pub.10.1007/bfb0053428	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1035370576
272	″	″	https://doi.org/10.1007/bfb0053428
273	″	rdf:type	schema:CreativeWork
274	sg:pub.10.1007/s00145-002-0133-9	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1030924084
275	″	″	https://doi.org/10.1007/s00145-002-0133-9
276	″	rdf:type	schema:CreativeWork
277	sg:pub.10.1007/s00145-002-0204-y	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1037088098
278	″	″	https://doi.org/10.1007/s00145-002-0204-y
279	″	rdf:type	schema:CreativeWork
280	sg:pub.10.1007/s00145-011-9112-3	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1019545133
281	″	″	https://doi.org/10.1007/s00145-011-9112-3
282	″	rdf:type	schema:CreativeWork
283	sg:pub.10.1007/s001459900030	schema:sameAs	https://app.dimensions.ai/details/publication/pub.1004544479
284	″	″	https://doi.org/10.1007/s001459900030
285	″	rdf:type	schema:CreativeWork
286	grid-institutes:grid.213910.8	schema:alternateName	Georgetown University, Washington, DC, USA
287	″	schema:name	Georgetown University, Washington, DC, USA
288	″	rdf:type	schema:Organization
289	grid-institutes:grid.29857.31	schema:alternateName	Pennsylvania State University, University Park, PA, USA
290	″	schema:name	Pennsylvania State University, University Park, PA, USA
291	″	rdf:type	schema:Organization
292	grid-institutes:grid.5570.7	schema:alternateName	Ruhr-Universität Bochum, Bochum, Germany
293	″	schema:name	Ruhr-Universität Bochum, Bochum, Germany
294	″	rdf:type	schema:Organization

Instantiability of RSA-OAEP Under Chosen-Plaintext Attack View Full Text