Hi Philippe, the PKCS #1 v2.1 standard [1] uses OAEP padding for encryption (I think the 'E' stands for 'encryption'). PSS adds probabilistic padding to the message to be signed. More information is available in papers by Bellare and Rogaway [2,3].
Regards, Steven [1] http://www.rsa.com/rsalabs/node.asp?id=2125 [2] http://citeseer.ist.psu.edu/bellare96exact.html [3] http://citeseer.ist.psu.edu/bellare94optimal.html On 6/8/07, Philippe Stellwag <[EMAIL PROTECTED]> wrote:
Hi @ll, is it a security problem to use RSA-OAEP padding for RSA signatures? Is RSA-PSS new to OpenSSL and how can I use it? What's the security difference(s) between RSA-OAEP and RSA-PSS? Thanks. Philippe -- OAEP: Optimal Asymmetric Encoding Padding PSS: Probabilistic Signature Scheme ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
