//img.uscri.be/pth/097ee320ff5bd13a1b5f01dd5d566a319cdee697
Cet ouvrage fait partie de la bibliothèque YouScribe
Obtenez un accès à la bibliothèque pour le lire en ligne
En savoir plus

Context Single User Setting Multi User Setting Conclusion

De
77 pages
Context Single-User Setting Multi-User Setting Conclusion On the broadcast and validity-checking security of PKCS_1 v1.5 encryption Aurelie Bauer1 Jean-Sebastien Coron2 David Naccache1 Mehdi Tibouchi1,2 Damien Vergnaud1 1Ecole normale superieure 2Universite du Luxembourg ACNS 2010

  • context single-user

  • setting conclusion

  • setting multi-user

  • attacking

  • broadcast rsa

  • main idea

  • rsa pkcs


Voir plus Voir moins
Context
Single-User Setting
Multi-User Setting
On the broadcast and validity-checking security of PKCS#1 v1.5 encryption
Aure´lieBauer1´SbesaitJae-nenCoron2David Naccache1 Mehdi Tibouchi1,2Damien Vergnaud1
1onmrocelE´rerieuup´eales
2exuLude´tisrevinUrgoumb
ACNS 2010
Conclusion
Context
Single-User Setting
Outline
Context Encrypting with RSA PKCS#1 v1.5 and its weaknesses
Single-User Setting Main idea Attacking indistinguishability Attacking non-malleability Investigating one-wayness
Multi-User Setting Broadcast RSA Our broadcast attack
Multi-User Setting
Conclusion
Context
Single-User Setting
Outline
Context Encrypting with RSA PKCS#1 v1.5 and its weaknesses
Single-User Setting Main idea Attacking indistinguishability Attacking non-malleability Investigating one-wayness
Multi-User Setting Broadcast RSA Our broadcast attack
Multi-User Setting
Conclusion
Context
Single-User Setting
Multi-User Setting
RSA Signatures
Encrypting with textbook RSA:
c=m
emodN
is a bad idea (e.g. homomorphic properties, deterministic encryption). Therefore, encapsulatemusing apadding schemeµ:
c=µ(m)emodN
Conclusion
Context
Single-User Setting
Multi-User Setting
RSA Signatures
Encrypting with textbook RSA:
c=m
emodN
is a bad idea (e.g. homomorphic properties, deterministic encryption). Therefore, encapsulatemusing apadding schemeµ:
c=µ(m)emodN
Conclusion
Context
Single-User Setting
Multi-User Setting
Padding schemes
Conclusion
Two kinds of padding schemes: 1. Ad-hoc paddings Designed to prevent PKCS#1 v1.5., e.g. specific attacks. Often exhibit other weaknesses. 2. Provably secure paddings Proven to be secure OAEP., e.g. under well-defined assumptions. Although potentially less secure, ad-hoc paddings remain in widespread use in real-world applications. Re-evaluating them periodically is thus necessary.
Context
Single-User Setting
Multi-User Setting
Padding schemes
Conclusion
Two kinds of padding schemes: 1. Ad-hoc paddings PKCS#1, e.g. Designed v1.5. to prevent specific attacks. Often exhibit other weaknesses. 2. Provably secure paddings Proven to be secure, e.g. OAEP. under well-defined assumptions. Although potentially less secure, ad-hoc paddings remain in widespread use in real-world applications. Re-evaluating them periodically is thus necessary.