Goetz Babin-Ebell wrote:

> RSA has some weaknesses against chosen plain text attacks.


RSA is just an algorithm, so if you talk of chosen plaintext
or chosen ciphertext attacks, it needs to be in the context
of an encryption method. OAEP is a response primarily to
a chosen ciphertext vulnerability using RSA with the original
PKCS padding.

Which is why I assigned the poster a reading assignment.

If one were to Wiki and/or Google terms like OAEP or
"Optimal Asymmetric Encryption Padding" ...

It's more subtle, too -- read Victor Shoup's paper
_OAEP Reconsidered_.

I suppose I could have given an even more terse answer
and said "padding" -- but the need to pad isn't obvious
to the casual observer.

Anyway, why would someone use RSA for encryption? ;-)

- Michael
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org