Difference between JWE encryption algorithm RSAES-PKCS1-v1_5 and RSAES OAEP

Asked May 02 '19 at 10:47

Active May 02 '19 at 10:47

Viewed 68 times

In the specifications of JWE (RFC7516) they specify the values for (asymmetrically) encrypting the symmetric key. In RFC7518 in section 4.1 they list the options, of which two are relevant for my case

alg = RSA1_5 (RSAES-PKCS1-v1_5)

alg = RSA-OAEP (RSAES OAEP using default parameters)

Both use RSA-keys of size 2048 at least. They come with a different recommendation (Recommended- and Recommended+, respectively). What are the main differences between these two algorithms for JWE, and is there a specific use of JWE that would prefer the one above the other?

edited Oct 07 '21 at 07:59

Community

asked May 02 '19 at 10:47

Krijn

2

Possible duplicate of How much safer is RSA-OAEP compared to RSA with PKCS#1 v1.5 padding? – kelalaka May 02 '19 at 11:17
I had not seen the question, however to me the question (or the answer) do not make clear what the exact difference is, and what would be preferred in this use case (or other use cases) – Krijn May 02 '19 at 19:22

Difference between JWE encryption algorithm RSAES-PKCS1-v1_5 and RSAES OAEP

0 Answers0