Patient Safety Course Overview

This course, recommended by the World Health Organization, covers essential topics such as patient safety strategies, human factors, clinical risk, quality improvement, team collaboration, and more. Students will learn to identify key competencies and value the importance of patient safety in healthcare. The curriculum emphasizes learning from errors, engaging with patients, and enhancing medication safety to prevent harm. Various assessments and participatory activities contribute to a comprehensive understanding of patient safety principles.

• Patient Safety
• WHO
• Healthcare
• Curriculum
• Education

jad_kle Follow

Uploaded on Apr 28, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

Presentation Transcript

1. RSA Encryption Slides by Prof. Jonathan Katz. Lightly edited by me.

2. Recall Let p, q be random, equal-length primes Compute modulus N=pq Choose e, d such that e d = 1 mod (N) The eth root of x modulo N is [xd mod N] I.e., easy to compute given p, q (or d) RSA assumption: given N, e only, it is hard to compute the eth root of a uniform c N* 2

3. This suggests a public-key encryption scheme!

4. Plain RSA encryption N, e c (N, e, d) RSAGen(1n) pk = (N, e) sk = d c = [me mod N] m = [cd mod N]

5. Is this scheme secure? This scheme is deterministic Cannot be CPA-secure! RSA assumption only refers to hardness of computing the eth root of a uniform c c is not uniform unless m is Why would m be uniform? Easy to compute eth root of c = [me mod N] when m is small Plain RSA should never be used! RSA assumption only refers to hardness of computing the eth root of c in its entirety Partial information about the eth root may be leaked (In fact, this is the case) 5

6. Chosen-ciphertext attacks Of course, plain RSA cannot be CCA-secure since it is not even CPA-secure but these ciphertexts are completely malleable. Given ciphertext c for unknown message m, can compute c = [ e c mod N] What does this decrypt to?

7. How to fix plain RSA? One approach: use a randomized encoding I.e., to encrypt m First compute some reversible, randomized mapping M = E(m) Then set c := [Me mod N] To decrypt c Compute M := [cd mod N] Recover m from M

8. PKCS #1 v1.5 Standard issued by RSA labs in 1993 Idea: introduce random padding E(m) = r|m I.e., to encrypt m Choose random r Compute the ciphertext c := [ (r|m)e mod N] Issues: No proof of CPA-security (unless m is very short) Chosen-plaintext attacks are known if r is too short Chosen-ciphertext attacks possible 8

9. PKCS #1 v2.0 Optimal asymmetric encryption padding (OAEP) applied to message first This padding introduces redundancy, so that not every c *N is a valid ciphertext Need to check for proper format upon decryption Return error if not properly formatted 9

10. OAEP m | 0 0 r G H e c = s t mod N 10

11. Security? RSA-OAEP can be proven CCA-secure under the RSA assumption, if G and H are modeled as random oracles Widely used in practice 11