“PKCS#1 v2.0 encryption is usually called OAEP encryption” Where can I confirm it?

Question

I heard that "PKCS#1 v2.0 encryption is usually called OAEP encryption".

I'll need some kind of "official" doc saying this before using it on my project. I'm trying to find it with no sucess. Any idea where can I find it?

Thanks!

(by the way, could anyone with more than 1500 reputation create the tag PKCS#1? Thanks!)

Answer 1

PKCS#1, prior to version 2.0, described a single encryption scheme. From version 2.0, the OAEP padding was added to PKCS#1, and the previous encryption scheme has been retroactively called "v1.5" (because that's the only scheme which was described in the 1.5 version of PKCS#1). In PKCS#1 itself, the two encryption schemes are called "RSAES-OAEP" and "RSAES-PKCS1-V1_5".

The OAEP padding can theoretically be used with many other asymmetric encryption schemes, but RSA is (by far) the most widely used asymmetric encryption system.

Coloquially, RSA encryption with OAEP padding is often known as "PKCS#1 v2.0 encryption" since the older scheme is called "PKCS#1 v1.5 encryption", but this is not an "official" name. Both OAEP and v1.5 are standard and supported by the recent versions of PKCS#1, so v1.5 is no less a "v2.0" scheme than OAEP. As I said above, the official name (as defined in PKCS#1) is "RSAES-OAEP".

Answer 2

It might be the case that the other poster said that it's "usually called OAEP encryption" because PKCS#1 v2.0 is when OAEP was introduced to the standard, according to the history located in this pdf. (see page 56). I don't know if anyone actually addresses v2.0 as OAEP. It should be noted that I'm not intimately involved in using these standards, so that could be the case and I wouldn't know it.

(edited for spelling/grammar errors)