Cryptology ePrint Archive: Report 2001/110
RSA hybrid encryption schemes
Abstract: This document compares the two published RSA-based hybrid encryption
schemes having linear reduction in their security proof:
RSA-KEM with DEM1 and RSA-REACT.
While the performance of RSA-REACT is worse than the performance of
RSA-KEM+DEM1, a complete proof of its security has already been
This is indeed an advantage, because we show that the security result
for RSA-KEM+DEM1 has a small hole.
We provide here a complete proof of the security of
We also propose some changes to RSA-REACT to improve its efficiency
without changing its security, and conclude that this new RSA-REACT is
a generalisation of RSA-KEM+DEM1, with at most the same security,
and with possibly worse performance.
Therefore we show that RSA-KEM+DEM1 should be preferred to RSA-REACT.
Category / Keywords: public-key cryptography / RSA hybrid encryption scheme
Date: received 19 Dec 2001, last revised 21 Dec 2001
Contact author: Louis Granboulan at ens fr
Available formats: Postscript (PS) | Compressed Postscript (PS.GZ) | BibTeX Citation
Version: 20011221:174424 (All versions of this report)
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]