[Cryptography] We need a new encryption algorithm competition.
Alexandre Anzala-Yamajako
anzalaya at gmail.com
Thu Mar 20 09:41:00 EDT 2014
What would be your pick for a non-brittle modern asymmetric cipher?
>
> (Context: When I had to hack this in -- against my better wishes --
> about a year ago, I used the blinded-RSA construct. I'm not thrilled at
> this because the details are way beyond my understanding, but it will do
> for now, low levels of value at protection. I'd love a better way. My
> alternate planned path is to switch to later generation
> safecurves.cr.yp.to at some point but that depends on having the
> design/intern/paper/reference code to do it, segway to other posts about
> TLS/TCP/curveCP/QUIC/....)
>
>
>
> iang
>
As far as I know, a careful, constant-time implementation of RSA-OAEP can
withstand chosen ciphertext attacks in the random oracle model.
In the EC world ECIES is quite common but it's basically asynchronous DH +
symmetric encryption so it might not fit your requirements.
--
Alexandre Anzala-Yamajako
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140320/91fb807c/attachment.html>
More information about the cryptography
mailing list