Top new questions this week:
|
|
Previous: web.archive.org/web/20160102181336/developers.yubico.com/U2F/Protocol_details/Key_generation.html www.yubico.com/blog/yubicos-u2f-key-wrapping/ $$ PrivateKey = \operatorname{…
|
|
Im trying to learn more about cryptography and ran into a post, Is AES-128 quantum safe?, which asks if AES-128 is safe. From the articles and replies it seems that AES-128 (symmetric key) is safe …
|
|
On 6 March, Yi Lee sent over the NIST mailing list an announcement of their submitted paper that found a flaw in the original security proof for Dilithium. In their manuscript, they fix the proof on …
|
|
If we have a cryptosystem (we don’t know whether it’s perfect or not) we have: $H(C, P, K) = H(C | P, K) + H(P, K)$ my question is why following is true: $H(C | P, K) = 0$ It seems because each …
|
|
I’m experimenting with the parameters for argon2, using argon2_cffi. Whereas the iteration count or time_cost, and the memory_cost have obvious bearings on the speed and security of the result. I’ve …
|
|
It’s difficult to implement AES securely and efficiently if the adversary can observe the timing and (approximate) location of memory accesses, unless you have dedicated hardware. The naive …
|
|
I’m implementing a digital signature algorithm for academic purposes using elliptic curves. I am familiar with equations of the form $$y^2 = x^3 + ax + b$$, but the paper I am reading for implementing …
|
Greatest hits from previous weeks:
|
|
In reference to this question, what are the “stronger security properties” that HMAC provides over MAC. I got that MAC requires an IV whereas HMAC doesn’t. I also understood that MAC may reveal …
|
|
Is there any reference to check the list of encryption & signing algorithms which are compliant to FIPS 140-2. After an exhaustive search I could find only “AES”. Any suggestions would be much …
|
|
If I am using SHA-512 on a message and need to determine the padding field and length field, how do I determine the length field? I think I understand the padding, but not the length field. For …
|
|
I have an audience of senior (non-technical) executives and senior technical people who are taking the backdoor in Dual_EC_DRBG and considering it as a weakness of Elliptic curves in general. I can …
|
|
WhatsApp says even the photos shared on its platform are end-to-end encrypted. When WhatsApp says encrypted I assume the data is encrypted in my device and then sent across to the recipient. When we …
|
|
I’m very uneducated when it comes to cryptography. I have tried to find an answer to my question, but what I’ve read doesn’t quite cover what I’m asking. I have thought up my own encryption algorithm …
|
|
I read about ChaCha20 being used in TLS by Google, SSH, and towards standardization in general. What’s the appeal of using something other than AES, what with AES receiving dedicated CPU instructions …
|
Can you answer these questions?
|
|
I was reading about some way to imagine the signature of a message using the RSA problem : Let $N$ be the product of two prime numbers $p$ and $q$. Let $s$ be the signature of a message $s$ (provided …
|
|
I am generating large prime numbers to create a cyclic group for ElGamal encryption, I can specify the bit-length n but want to limit the size because this will ultimately allow me to limit the amount …
|
|
I’m trying to implement impossible differential cryptanalysis on 3.5 round IDEA using Miss in the Middle Attack on IDEA and Khufu paper as a reference and I’m stuck on the first two steps of the …
|
