Score:-2

# Can someone please explain RSA-OAEP in plain english mathematically?

RSA mathematics: https://youtu.be/4zahvcJ9glg

I understand how RSA works mathematically.

Can someone explain RSA-OAEP in plain english?

Score:6

The plain RSA encryption is not IND-CPA secure.

Suppose that you are trying to encrypting some message `m`. I do not know exactly what you are encrypting, but I have a rough idea of it, i.e. I know that `m` is one among `m1, m2, m3, ...`. If you use plain RSA encryption, then I can simply take your public key, and encrypt each one of `m1, m2, m3 ...` by myself, and compare the result to your ciphertext. Then I can trivially recover `m`. In many applications this is undesirable.

OAEP is a way to obfuscate `m` non-deterministically, so that even if I know the potential range of `m`, I still do not recover any information about `m` more than if it were randomly drawn from that range.

Internally, it is a Feistel network cipher. Read Wikipedia on its construction details.

RSA-OAEP additionally guards from [Chosen Ciphertext Attacks](https://en.wikipedia.org/wiki/Chosen-ciphertext_attack) which use information leaking from a decrypting device in order to decipher a ciphertext.
I sit in a Tesla and translated this thread with Ai: