In this paper we show that RSA-OAEP is secure against related key attacks (RKA) in the random oracle model under the strong RSA (sRSA) assumption. The key related functions can be affine functions. Compared to the chosen ciphertext security proof of OAEP, we overcome two major obstacles: answering the decryption queries under related keys; and preventing the adversary from promoting queries that are corresponding to the same message with the challenge ciphertext. These two obstacles also exist in the RKA security proof of RSA-OAEP+ and RSA-SAEP+. By combining our technique and the chosen ciphertext security proofs, RSA-OAEP+ and RSA-SAEP+ can also be proved RKA secure. In our proof, the security of the scheme relies substantially on the algebraic property of the sRSA function.
CITATION STYLE
Jia, D., Li, B., Lu, X., & Liu, Y. (2014). RSA-OAEP is RKA secure. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8567, pp. 270–281). Springer Verlag. https://doi.org/10.1007/978-3-319-12087-4_17
Mendeley helps you to discover research relevant for your work.