Member-only story
Explaining RSA PKCS#1.5, RSA OAEP or RSA PSS
Let me start. RSA can be used to encrypt or sign.
There are two RSA signature schemes: RSA-PKCS1-v1_5 and RSA-PSS.
There are two RSA encryption schemes: RSA-PKCS1-v1_5 and RSA-OAEP.
So, let’s get the acronyms out of the way. With PKCS, we have Public-Key Cryptography Standards, and which are standards that were defined by RSA Labs. With PSS, we have a Probabilistic Signature Scheme, and OAEP is Optimal Asymmetric Encryption Padding. If you don’t know what RSA stands for, you should probably not be reading this article.
The PKCS standards are one of the foundation elements of the Internet and were drafted by RSA Labs. In one of the original specifications for RSA, we saw it defined in PKCS#1:
It contained the methods of PKCS#1.5 and OAEP:
We have since found that PKCS#1.5 is open to a range of attacks [2] and that the OAEP method was more secure. No one should ever code with PKCS#1.5 in a production environment these days. Then, in 2003, the PKCS#1 standard was upgraded with Version 2.1: