Sökning: id:"swepub:oai:DiVA.org:kth-42743" >
Securing RSA-KEM vi...
Abstract
Ämnesord
Stäng
- RSA-KEM is a popular key encapsulation mechanism that combines the RSA trapdoor permutation with a key derivation function (KDF). Often the details of the KDF are viewed as orthogonal to the RSA-KEM construction and the RSA-KEM proof of security models the KDF as a random oracle. In this paper we present an AES-based KDF that has been explicitly designed so that we can appeal to currently held views on the ideal behaviour of the AES when proving the security of RSA-KEM. Thus, assuming that encryption with the AES provides a permutation of 128-bit input blocks that is chosen uniformily at random for each key k, the security of RSA-KEM against chosen-ciphertext attacks can be related to, the hardness of inverting RSA.
Ämnesord
- NATURVETENSKAP -- Matematik (hsv//swe)
- NATURAL SCIENCES -- Mathematics (hsv//eng)
Nyckelord
- RSA-KEM
- AES
- key derivation function
Publikations- och innehållstyp
- ref (ämneskategori)
- kon (ämneskategori)
Hitta via bibliotek
Till lärosätets databas