1. |
- Jonsson, Jakob, et al.
(författare)
-
Securing RSA-KEM via the AES
- 2005
-
Ingår i: PUBLIC KEY CRYPTOGRAPHY - PKC 2005. - Berlin, Heidelberg : Springer Berlin Heidelberg. - 3540244549 ; , s. 29-46
-
Konferensbidrag (refereegranskat)abstract
- RSA-KEM is a popular key encapsulation mechanism that combines the RSA trapdoor permutation with a key derivation function (KDF). Often the details of the KDF are viewed as orthogonal to the RSA-KEM construction and the RSA-KEM proof of security models the KDF as a random oracle. In this paper we present an AES-based KDF that has been explicitly designed so that we can appeal to currently held views on the ideal behaviour of the AES when proving the security of RSA-KEM. Thus, assuming that encryption with the AES provides a permutation of 128-bit input blocks that is chosen uniformily at random for each key k, the security of RSA-KEM against chosen-ciphertext attacks can be related to, the hardness of inverting RSA.
|
|