[Cryptography] We need a new encryption algorithm competition.

Alexandre Anzala-Yamajako anzalaya at gmail.com
Thu Mar 20 05:32:44 EDT 2014

> So for this one, let me repeat myself:  The Goldwasser/Micali/Tong paper
> shows why you should not encrypt semantically meaningful messages using an
> asymmetric key system.  The fact that anyone can send a message using the
> same public key means it's possible to turn the recipient into an oracle
> for information about the message, which may leak enough information to
> allow the message to be decrypted.

Modern definitions of security for asymmetric ciphers *do* provide an
encryption/decryption oracle to the attacker which mean that PK crypto is
not brittle in general, some algorithm are extremely fragile and must be
used with caution (RSA PKCSv1.5 as an example) while others are better
since we can prove they achieve a more demanding form of security
Alexandre Anzala-Yamajako
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140320/1667409a/attachment.html>

More information about the cryptography mailing list