Top new questions this week:
|
|
Last year I learned about another NIST competition. csrc.nist.gov/projects/lightweight-cryptography/finalists And I thought to myself: “why would I continue to use heavyweight …
|
|
As far as I know, when someone says ‘a reduction is tight’, it means that given that there is an adversary $A$ with advantage $\epsilon$ and running time $t$ and another adversary $B$ utilizing $A$ …
|
|
In NTRU algorithm one is supposed generate a vector which is invertible as a polynomial in both $(Z/pZ)[x]/(x^n-1)$ and $(Z/qZ)[x]/(x^n-1)$. But is there a mathematical lower bound to the probability …
|
|
This may be a polemic question, but since I did read the rules of the site and “terms and definitions” appear to be legitimate subjects, I want to raise this because I find this interesting, …
|
|
I have been working on the post-quantum safe ID/signature-schemes of Vadim Lyubashevsky (www.iacr.org/archive/asiacrypt2009/59120596/59120596.pdf). I am in particular studying the security …
|
|
Suppose an adversary wins IND-CPA against ElGamal, They’re given public key $h=g^x$, Give a pair of messages $m = [m0,m1]$, Get back ciphertext $(a,b) = (g^r, g^{xr} \cdot g^{m[b]})$, from which …
|
|
I have been working through the introduction to cryptography with coding theory book and have just come across Shamir secret sharing questions. However I just don’t quite think I’m understanding it …
|
Greatest hits from previous weeks:
|
|
Most of the time, when some data must be encrypted, it must also be protected with a MAC, because encryption protects only against passive attackers. There are some nifty encryption modes which …
|
|
Given $n=pq$ for $p,q$ known, I can calculate $\phi(n)$. $e$ is selected such that $\gcd (e,\phi(n)) = 1$. Using this, how do I calculate the RSA private key? Example: I have $n = 35$, with $(p,…
|
|
Frequently, we want to send messages that are (a) encrypted, so passive attackers can’t discover the plaintext of the message, and (b) signed with a private-key digital signature, so active attackers …
|
|
I can’t really understand MixColumns in the Advanced Encryption Standard, can anyone help me how to do this? I found some topics on the internet about MixColumns, but I still have a lot of questions …
|
|
I’ve seen some posts and info online, but they are from 2009, 2010, 2011 or 2012, which is 3-6 years ago, which is a very long time. So I’m looking for an up-to-date answer about which of these is the …
|
|
Given that much of our ECC crypto primitives provide “only” 128-bit security when defined over a 256-bit curve due to pollard-rho, is it then still safe in 2020 to consider 128-bit security safe for …
|
|
Most of the answers I can find date to years back where the first collision(s) were found, but hardware mainly GPUs have progressed a lot in the past few years (with for example the new line of 3090s …
|
Can you answer these questions?
|
|
I have a very important string it’s of around 20-40 words. I want to encrypt this string and store it online . Which encryption algorithm will be useful for me.
|
|
I’m looking for some basic algorithm to: generate a code => send it to a website, where after payment a token is generated from the code and sent back, where the token is validated. I’m not sure …
|
|
This is zero-knowledge proof that show x is not a quadratic residue. I am trying to verify Honest verifier zero knowledge property. My steps were these: Let S be a simulator that does not know how to …
|
