OAEP Reconsidered

  title={OAEP Reconsidered},
  author={Victor Shoup},
  booktitle={IACR Cryptology ePrint Archive},
The OAEP encryption scheme was introduced by Bellare and Rogaway at Eurocrypt ’94. It converts any trapdoor permutation scheme into a public-key encryption scheme. OAEP is widely believed to provide resistance against adaptive chosen ciphertext attack. The main justification for this belief is a supposed proof of security in the random oracle model, assuming the underlying trapdoor permutation scheme is one way. This paper shows conclusively that this justification is invalid. First, it… CONTINUE READING
Highly Influential
This paper has highly influenced 41 other papers. REVIEW HIGHLY INFLUENTIAL CITATIONS
Highly Cited
This paper has 474 citations. REVIEW CITATIONS


Publications citing this paper.
Showing 1-10 of 279 extracted citations

Tag-KEM/DEM: A New Framework for Hybrid Encryption

Journal of Cryptology • 2005
View 6 Excerpts
Highly Influenced

Theory of Cryptography

Lecture Notes in Computer Science • 2016
View 11 Excerpts
Highly Influenced

Automatically Verified Mechanized Proof of One-Encryption Key Exchange

2012 IEEE 25th Computer Security Foundations Symposium • 2012
View 6 Excerpts
Highly Influenced

Deniably Information-Hiding Encryptions Secure against Adaptive Chosen Ciphertext Attack

2012 Fourth International Conference on Intelligent Networking and Collaborative Systems • 2012
View 7 Excerpts
Highly Influenced

Soundness in presence of active adversaries

Yassine Lakhnech Martin Gagné, Pascal Lafourcade
View 10 Excerpts
Highly Influenced

Another Look at Automated Theorem-Proving. II

IACR Cryptology ePrint Archive • 2011
View 11 Excerpts
Highly Influenced

How to Strengthen the Security of RSA-OAEP

IEEE Transactions on Information Theory • 2010
View 15 Excerpts
Highly Influenced

474 Citations

Citations per Year
Semantic Scholar estimates that this publication has 474 citations based on the available data.

See our FAQ for additional information.


Publications referenced by this paper.
Showing 1-10 of 14 references

Optimal Asymmetric Encryption

View 10 Excerpts
Highly Influenced

Random Oracles are Practical: A Paradigm for Designing Efficient Protocols

ACM Conference on Computer and Communications Security • 1993
View 5 Excerpts
Highly Influenced

Non - malleable cryptography

P. van Oorschot

The random oracle model

R. Canetti, O. Goldreich, S. Halevi
revisted. In 30th Annual ACM Symposium on Theory of Computing • 1998
View 1 Excerpt

The random oracle model , revisted

D. Coppersmith

Similar Papers

Loading similar papers…