Top new questions this week:
|
|
This is sort-of a reply to the top answer given to this question, which states that whereas RSA-PSS, defined in terms of $H(r \ || \ M)$, only relies on target collision resistance and is secure even …
|
|
On July 5, 2022, NIST chooses one KEM (Key Encapsulation Mechanism) as a PQC standard and 4 KEMs as four-round candidates. Why aren’t there any key exchanges? Similarly, KEMs are usually studied in …
|
|
In the process of learning zk-SNARKs, I’m faced with this problem: I understand why if the prover sends a polynomial $P$ that can be divided by $T$, the target polynomial, the prover knows a valid …
|
|
I would like to know the security of using key size that is larger than the message digest (output) of a HMAC in one time pad encryption. One time pads for the message and the key of HMAC are …
|
|
Scenario: There are 3 people: PERSON1, PERSON2, and PERSON3 PERSON1 and PERSON2 each have a 2-dimensional polygon on an x,y plane It is PERSON3’s job to assess whether the polygons overlap However, …
|
|
According to a Reddit post I am participating in, SpiderOak “repented” of its incorrect usage of the term “zero knowledge” in 2017, as shown here: medium.com/@SpiderOak/why-we-will-no-longer-…
|
|
Recently, I was reading the paper One Hot Garbling published on CCS 2021. I noticed a sentence in it: In this work, we forgo the standard GC notation of garbled labels in favor of garbled sharings of …
|
Greatest hits from previous weeks:
|
|
I’ve been thinking about this for a few days, a SHA-256 algorithm outputs 64 characters which can either be a lowercase letter or a number from 0-9. Which should mean that there are 64^36 distinct SHA-…
|
|
Yesterday IBM announced that they have a 433 bit quantum computer, called Osprey. There is nothing in the press releases I can find that says whether it can or cannot run Shor’s Algorithm. They also …
|
|
What are the benefits and disadvantages of CBC vs. CTR mode? Which one is more secure?
|
|
I’m a beginner to cryptography and looking to understand in very simple terms what a cryptographic “salt” is, when I might need to use it, and why I should or should not use it. Can I get a …
|
|
First off, I know hashes are 1 way. There are an infinite number of inputs that can result in the same hash output. Why can’t we take a hash and convert it to an equivalent string that can be hashed …
|
|
Claus Peter Schnorr recently posted a 12-page factoring method by SVP algorithms. Is it correct? It says that the algorithm factors integers $N \approx 2^{400}$ and $N \approx 2^{800}$ by $4.2 \cdot …
|
|
If part of the password is a whole regular English word, does the entropy of that part depend on the number of English words in existence, the number of English words known by the choosing algorithm, …
|
Can you answer these questions?
|
|
From Ronald de Wolf’s The potential impact of quantum computers on society: The first is so-called post-quantum cryptography. This is classical cryptography, based on computational problems that are …
|
|
How to give an example for collision in modified Mekle-Damgard construction that does not include input length, with two message that ARE multiple of the block length? (Assume the resulting hash …
|
|
I am trying to understand what the Hybrid Argument is in cryptography and why is it useful. By the definition of the Hybrid Argument we know that to prove that if two distributions $D = D_1, D_2, …,…
|
