On the security of RSA encryption in TLS

On the security of RSA encryption in TLS (2002)

Cached

Download Links

[www.iacr.org]

Other Repositories/Bibliography

DBLP

by Jakob Jonsson , Burton S. Kaliski

Venue:	In Moti Yung, editor, Advances in Cryptology—CRYPTO 2002
Citations:	5 - 0 self

BibTeX

@INPROCEEDINGS{Jonsson02onthe,
    author = {Jakob Jonsson and Burton S. Kaliski},
    title = {On the security of RSA encryption in TLS},
    booktitle = {In Moti Yung, editor, Advances in Cryptology—CRYPTO 2002},
    year = {2002},
    pages = {127--142},
    publisher = {Springer-Verlag}
}

Bookmark

OpenURL

Abstract

Abstract. We show that the security of the TLS handshake protocol based on RSA can be related to the hardness of inverting RSA given a certain “partial-RSA ” decision oracle. The reduction takes place in a security model with reasonable assumptions on the underlying TLS pseudo-random function, thereby addressing concerns about its construction in terms of two hash functions. The result is extended to a wide class of constructions that we denote tagged key-encapsulation mechanisms. Keywords: key encapsulation, RSA encryption, TLS. 1

Citations

2507	A method for obtaining digital signatures and public-key cryptosystems - Rivest, Shamir, et al.
2292	New directions in cryptography - Diffie, Hellmen - 1976
2057	Handbook of Applied Cryptography - Menezes, Oorschot, et al. - 1997
1130	Random oracles are practical: A paradigm for designing efficient protocols - Bellare, Rogaway - 1993
1001	Probabilistic encryption - Goldwasser, Micali - 1984
961	A public key cryptosystem and a signature scheme based on discrete logarithms - ElGamal - 1985
295	Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack - Rackoff, Simon - 1992
198	Chosen ciphertext attacks against protocols based on the RSA encryption standard - Bleichenbacher - 1998
176	Optimal asymmetric encryption – how to encrypt with RSA - Bellare, Rogaway - 1994
170	RFC1321: The MD5 Message-Digest Algorithm,” IETF - Rivest - 1992
142	Small Solutions to Polynomial Equations, and Low Exponent Vulnerabilities - Coppersmith - 1997
107	The gap-problems: a new class of problems for the security of cryptographic schemes - Okamoto, Pointcheval - 2001
100	Inductive Analysis of the Internet Protocol TLS - Paulson - 1997
93	A proposal for an ISO standard for public key encryption (version 2.1 - Shoup - 2001
66	Low-exponent RSA with Related Messages - Coppersmith, Franklin, et al. - 1996
65	REACT: Rapid Enhanced-security Asymmetric Cryptosystem Transform - Okamoto, Pointcheval - 2001
50	RFC 2104: HMAC: Keyedhashing for message authentication - Krawczyk, Bellare, et al. - 1997
47	Collisions for the compression function of MD5 - Boer, Bosselaers - 1994
42	A chosen ciphertext attack on RSA Optimal Asymmetric Encryption Padding (OAEP) as standardized - Manger - 2001
20	Spractical approaches to attaining security against adaptively chosen ciphertext attacks - Zheng, Seberry - 1993
19	Cryptanalysis of MD5 compress, presented at the rump session of Eurocrypt’96 - Dobbertin
19	Locally random reductions in interactive complexity theory - Feigenbaum - 1993
16	GEM: A generic chosen-ciphertext secure encryption method - Coron, Handschuh, et al. - 2002
13	Universal padding schemes for RSA - Coron, Joye, et al. - 2002
3	Theoretical Security Concerns with TLS use of MD5 - Johnson - 2001