[cryptography] Questions about crypto in Oracle TDE

Morlock Elloi morlockelloi at yahoo.com
Fri Nov 9 12:36:41 EST 2012


As long as each encryption of the same plaintext yields the same ciphertext, indexing works. However, the space is tight - plaintext size is close to the cipher capacity. 

BTW, the same plaintext is never encrypted with different keys, so CRT doesn't work.


> Do you do any padding?  If not you might be vulnerable
> to multiplication because:
> 
> RSA(a)*RSA(b) == RSA(a*b)
> 
> and if you are doing padding (eg with random inputs if any
> seeded by the
> plaintext and a fixed secrete seed), then you need
> rigorously verify the
> padding on decrypt or the padding may not defend against
> multiplication.




More information about the cryptography mailing list