Modes of operation OAEP RSA

Hi everyone,

I would really appreciate if someone could help me out with few
issues/questions :slight_smile:
I’m writing a thesis and I can not find anything specific related to
OEAP (modes of operation)

  1. Can OAEP be used with symmetrical algorithms and i.e. CBC with RSA.
    If not why?

  2. What would be a speed (throughput) of OAEP algorithm itself (without
    RSA)
    Maybe someone has done some tests.

  3. How are OAEP and hush function work together.

Thank you in advance whoever would like to help :wink:

Jerzy Urbanik wrote:

Hi everyone,

I would really appreciate if someone could help me out with few
issues/questions :slight_smile:
I’m writing a thesis and I can not find anything specific related to
OEAP (modes of operation)

Not really the right forum. sci.crypt is probably better. You will also
want to know about the Handbook of Applied Cryptography, which is
online at uwaterloo.ca.

  1. Can OAEP be used with symmetrical algorithms and i.e. CBC with RSA.
    If not why?

It can, but it’d be insanely slow. RSA is very very slow compared to
AES and other block ciphers. That’s why we use block ciphers for bulk
encryption.

  1. What would be a speed (throughput) of OAEP algorithm itself (without
    RSA)
    Maybe someone has done some tests.

It’s very quick - it’s a 2 stage Feistel network. The use of OAEP is to
prevent RSA from having a mathematical relationship with the output -
it breaks up that relationship.

One of the problems with RSA by itself is that is must encrypt in
blocks the same size as n (= p * q), and the value encrypted must be
smaller than n. Also, the output has a purely mathematical relationship
with the input, n and e. If the attacker can choose plaintexts, theren
there are certain attacks that become possible. OAEP mitigates these
attacks by mixing up the input space for RSA, making it non-linear, and
the matematical attacks harder, basiclly by bashing bits about first.
Importantly, this is reversible at the other end. OAEP also provides
evidence of someone having tampered with the ciphertext - if the
ciphertext was tampered with, then the leading bits in OAEP will not be
the correct pattern. This can be detected early in the OAEP decryption
phase, but it is worth noting that this is not done in practice,
because the early return can give the attacker timing information about
where the ciphertext was rejected.

  1. How are OAEP and hush function work together.

OAEP not not a hash function - it’s reversible. There’s no point in
combining the two of them, either, as they have a similar job, except
for the reversability of the OAEP.