Content deleted Content added
→Diagram of OAEP: clarified (I hope) by putting in chronological order |
No edit summary |
||
Line 5:
The OAEP algorithm is a form of [[Feistel network]] which uses a pair of [[random oracle]]s G and H to process the plaintext prior to [[asymmetric encryption]]. When combined with any secure [[trapdoor one-way function|trapdoor one-way permutation]] <math>f</math>, this processing is proved in the [[random oracle model]] to result in a combined scheme which is [[semantic security|semantically secure]] under [[chosen plaintext attack]] (IND-CPA). When implemented with certain trapdoor permutations (e.g., RSA), OAEP is also proved secure against [[chosen ciphertext attack]].
OAEP satisfies the following two goals:
| |||