Latest Crypto related questions

Score: 1
Majed Badawi avatar
Hashing function: Generate unique 3 letters Identifier
cn flag

I need to create an id generation function that takes 4-digit number and returns a unique 3-letter identifier.

I already have a function that generates a 2-letter id from 3-digit number with some limitations (between 100 and 775), but I'm not sure how to change it to meet the new requirement.

if order_id < 775:
  alpha_index = ''
  _i_1 = 0
  _i_2 = 0 ...
Score: 0
Sam avatar
Homomorphic Encryption Library Supporting Addition, Multiplication & Logical Shift
pk flag

Does anyone know of a C++ homomorphic encryption library that supports addition, multiplication and logical right shift over integers? Some set of instructions that allows the implementation of logical shifts would work as well. The range should be at least sufficient to support signed 32-bit integers and the scheme should support arbitrary depth. I tried using Palisade, but found no way of implementing ...

Score: 0
João Víctor Melo avatar
Number of Involuntory Keys in Permutation Cipher
au flag

I've came with the following problem from the Theory and Practice book by Stinson-Paterson. It states the following:


(a) Prove that a permutation $\pi$ in the Permutation Cipher is an involuntory kei iff (if and only if) $\pi(i) = j$ implies $\pi(j) = > i$, for all $i,j \in \{1,...,m \}$.

(b) Determine the number of involutory keys in the Permutation Cipher for $m = 2,3,4,5, $ and 6.

I've prove ...

Score: 0
Pretty much confused about pretty good privacy-:
cn flag
  1. Authentication-:

I understand that authentication is basically digital signature. But what I don't understand is how it has been explained here specially the RSA key part. It is leading me to huge confusions.

enter image description here

enter image description here

In RSA encrpytion, we use public key(of whose sender or receiver?) for encrpytion and private key(of whom?) for decryption.

They say hash is encrypted using RSA. But why are we using PRIVAT ...

Score: 1
Rabindra Moirangthem avatar
computation time of pairing operations and their securities
in flag

Suppose G1 is an elliptic group and G2 be a multiplicative group and they are of same prime order p and e is a bilinear pairing, e: G1 X G1 -> G2. The operations e(p,q)r and e(pr,q) gives equal result where p, q $\in$ G1 and r $\in$ Z*p.

The computation time of different cryptographic operations are given below source:

Operation Computation time (in ms)
Scalar multiplication in G1 0.24
Score: 0
Thomas Sylvest avatar
Reverse SHA256 Hashed Value from Multiple Instances where Part of Hashed Value is known
in flag

I apologize in advance if this question has been answered already. However, I have not been able to find an existing answer - despite the case being pretty simple and common I imagine. Perhaps there is some terminology that I do not know making me miss the obvious.

So here goes:

Assume we repeatedly SHA256-hash a "secret" value concatenated with different numbers and let an adversary know the hashed ...

Score: 1
Can attacker steal data from AES encrypted table without knowing the key?
in flag

I think of a situation that attacker can steal data from AES encrypted table without knowing the key. I tried to search on internet but found nothing about this(may be I were not using the correct keyword), really appreciate if any one can shed some light on it.

Assuming that the table is encrypted with same key but different IV:

  1. Attacker signs up for a new account in an application normally.
  2. Application ...
Score: 1
JAAAY avatar
Examples of oblivious transfer protocols secure under stronger security assumptions than semi-honest model?
us flag

The question is basically stated on the title. I have done some introductory reading on Oblivious Transfer and most of them are secure in the semi-honest model. Are there any protocols that are secure under stronger security assumptions (e.g. malicious adversaries) ?

Score: 0
Manglemix avatar
How to prove that paillier encryption is positive (zero-knowledge)?
us flag

Is it possible that the plaintext encrypted in a ciphertext using paillier encryption is positive without using a zero knowledge range proof?

Score: 0
How to securely store data with an untrustworthy party?
in flag

Alice wants to store key:value pairs with Bob. The goal of the exercise is for Alice to be able to use Bob as a reliable data storage service, even if Bob were untrustworthy. A (correctly implemented) MAC/AEAD/Signature means Bob cannot tamper with records. But basic authentication is not sufficient to ensure that Bob returns the correct record, because it does not stop Bob from replaying old records ...

Score: 2
Derick Swodnick avatar
Short Nonces in ECDSA signature generation
in flag

Recently I noticed that my device generates short-sized Nonces.

Approximately $2 ^ {243} - 2^{244}$.

Could it turn out that there will be a small leak of information about the first 3 bits of Nonces?

Accordingly, if Nonces is short, then it must contain null at the beginning. That is, the first 3 bits of Nonces contain null at the beginning.

Hence, for the sake of safety:

When creating an ECDSA signatur ...

Score: 2
Baldovín Cadena Mejía avatar
What does counter mean in Counter (CTR) Mode? Is it the same as nonce?
cn flag

As asked above, what does "counter" mean exactly? Is it the same as nonce?

Also, the book Network Security Essentials (6ed.) from William Stallings states, "Typically the counter is initialized to some value and then incremented by 1 for each subsequent block (modulo $2^b$, where $b$ is the block size)". What does this statement mean exactly?

Score: 0
Ilyass avatar
Breaking vigenere cypher using the one-time pad flaw when used for a second time
cn flag

I got an idea which may be wrong because I may have missed some important factor but for the moment I don't know if I really did. Let BM be the method used to break a reused one-time pad cipher (which is explained here : Taking advantage of one-time pad key reuse? ). I was wondering if we can use the same BM on a vigenere cipher text after determining the key lenght (N for example), and that would be by  ...

Score: 0
Krik99 avatar
What's the best Noise Protocol authentification pattern with minimal overhead for IOT?
kg flag

I want to use NoiseSocket protocol to connect embedded IoT devices to the server. On the device's side code runs on a small 32bit MCU. For cipher function and hash will use ChaChaPoly and BLAKE2s for best performance on embedded MCU. But I don't choose an authentification pattern that meets my task. The protocol should solve the following tasks:

  1. Devices must authenticate the server.
  2. Server check devic ...
Score: 0
Don't know how to approach this problem, or where to start. Finding an adversary to a hiding and binding game
sa flag

I have this problem: enter image description here

I also have the python version of this problem here:

import json
import sys, os, itertools

from import *
from playcrypt.new_tools import *
from playcrypt.primitives import *

from import GameBIND
from playcrypt.simulator.bind_sim import BINDSim

from impor ...
Score: 5
J. Doe avatar
Can a series of triangle reflections be used for cryptography?
at flag

(I guess no but why is this the case? Any way to make it possible?)

Out of a given equilateral triangle T1 (with his 3 vertices A,B,C lying in a finite Field $\mathbb F_N^D $) another equilateral triangle T2 can get constructed by mirroring one of the 3 vertices at the edge in between the two other vertices. This will be repeated multiple times.

Given just two random triangle T1 and T2 (and $\mathbb F_N^ ...

Score: 0
Dominic Teplicky avatar
I am confused on how to solve this question about one way hashing
ar flag

enter image description here

I know that I have to use decryption, but I am confused about how it breaks one-way (preimage resistance)

Score: 2
What is the link between anonymous credentials and transactional pseudonyms?
ie flag

Anonymous credentials are used to prove certain properties of a specific user without revealing any other information, and transactional pseudonyms are used to authenticate a user as the rightful owner of a specific transaction without revealing any other information. Are transactional pseudonyms a form of anonymous credential, does anonymous credentials use transactional pseudonyms or are they distinct ...

Score: 0
Hedeesa avatar
mutual authentication in STS protocol
de flag

STS Protocol is like this:

  1. $A \rightarrow B:~ g^x$
  2. $A \leftarrow B:~ g^y, E_K(S_B(g^y, g^x))$
  3. $A \rightarrow B:~ E_K(S_A(g^x, g^y))$

My question is why do we say in STS we have mutual authentication? For example:

  1. $A \rightarrow C: g^x$
  2. $C \rightarrow B: g^x$
  3. $C \leftarrow B: g^y, E_K(S_B(g^y, g^x))$
  4. $A \leftarrow C: g^y, E_K(S_B(g^y, g^x))$

so A will authenticate C instead of B!

Score: 2
Meir Maor avatar
Solve DLOG using a probabilistic algorithm for DLOG lsb
in flag

Following the question Can I know from a Bitcoin public key if the private key is odd or even?

The answer there gives a simple algorithm for solving the Discrete Logarithm Problem when given an oracle which gives the LSB of the DLOG. The answer hints this may be possible but not so easy with a probabilistic solution. So naturally I want to follow up with the harder question.

I can think of two such  ...

Score: 0
arsenne lupulupin avatar
Get bit i when modulo n
jo flag

Is there a way to recover the bit sequence of a number ( for example 29 = 0b11101 ) by always dividing it by 2 when in mod 143 for example ?

What I mean by that is recover the number bit by bit by multiplying it by the inverse of 2 mod 143 to simulate the /2 division. for example:
$\begin{array}{} &29\bmod143=&29&\equiv 1 \pmod 2\\ 29\cdot(2^{-1}\bmod143)^1\bmod143=&29\cdot72^1\bmod143= ...

Score: 2
Manglemix avatar
Is this a safe zero knowledge proof that two paillier encryptions are equal?
us flag

We have encryptions $c_1$ and $c_2$, the person who knows the plaintext and randomness in both wants to prove that they know it. Let $r_1$ and $r_2$ be the randomness values in $c_1$ and $c_2$ respectively. The prover then randomly generates another random number, $z$. They then calculate $a_1 = r_1^n z^n$, $a_2 = r_2^n z^n$. These are the proofs. A verifier would just have to multiply $a_2$ with

Score: 0
Zero-knowledge proofs for preventing data abuse
es flag

I am looking for a theoretical solution to the following problem: Alice receives a signed statement from her bank with information about her account and credit balance. Alice wants to prove this knowledge of the contents and the bank's valid signature to Bob, but at the same time prevent Carol from determining who signed the proof.

To better illustrate my problem, I took the liberty of making a s ...

Score: 0
Baldovín Cadena Mejía avatar
What's the difference between permutation and transposition?
cn flag

I am trying to understand the difference between permutation and transposition. I have seen a similar question in the forum but I would like to ask you for proper definitions and examples of each. I'm trying to understand the DES algorithm and I'd like to understand if the halving of the initial block and eventual swapping of the halves would be permutation or transposition. Thank you in advance.

Score: 0
Cryptography (DSA) Get Value of k and private Key
ng flag

i am on a task in cryptography and need a hint (PLEASE NO SOLUTION).

The Task is:

I can send Messages (Digital Numbers) to a Docker Container. The response are the values p,q,g,z1,s,r and hashvalue(m+z1). So... when i enter the number 1 i get the DSA values used for signing.

Unknown is the value of k, z2 and x (the private key)

Known is that p,q,g,z1,z2 are fixed for every message. So they are the same ev ...

Score: 0
Manglemix avatar
In paillier homomorphism, how is the randomness r changed during addition?
us flag

Two add the plaintexts encrypted in a ciphertext, you would just multiply the ciphertext and modulo it. However, how does the randomness value of the new ciphertext change? Assuming you the encryptor knew the randomness values in both ciphertexts, could you calculate the new randomness value?

Score: 0
Shweta Aggrawal avatar
Are there applications of sanitizable signatures without transparency property?
us flag

Are there applications of sanitizable signatures without transparency property ?

Score: 0
Dominic Teplicky avatar
Why is this image not pre-image resistant?
ar flag

enter image description here

The answers to my HW say that a preimage of a single block is easily found. I do not understand how it is easily found. Please help.

Score: 0
Hedeesa avatar
Understanding MITM in an example authentication protocol
de flag

Imagine that we have a protocol like this:
B -> A: RB
A -> B: {RB,B}K

Goal: authenticate A to B
K: a shared key between A and B
{}K: encrypting by K

After receiving {RB, B}K by B, B is able to authenticate A. But what if we have something like:
A -> C: {RB,B}K
C -> B: {RB,B}K
so in this case B will authenticate C instead of A, isn't it?

Score: -1
How to decrypt a file using RSA and just a public.pem file?
in flag

I have an encoded file and a public.pem file. Is it possible to decode the file using the public.pem file or do I have to start looking at private keys?

I tried with no luck. The public key (pem) is as below

LpyBXGoIk4Pczeqjwz7/kwYLnQI7VlAzgjC9jD1dX80Z+kLOr5wHIDdfNK55 ...

The Stunning Power of Questions

Much of an executive’s workday is spent asking others for information—requesting status updates from a team leader, for example, or questioning a counterpart in a tense negotiation. Yet unlike professionals such as litigators, journalists, and doctors, who are taught how to ask questions as an essential part of their training, few executives think of questioning as a skill that can be honed—or consider how their own answers to questions could make conversations more productive.

That’s a missed opportunity. Questioning is a uniquely powerful tool for unlocking value in organizations: It spurs learning and the exchange of ideas, it fuels innovation and performance improvement, it builds rapport and trust among team members. And it can mitigate business risk by uncovering unforeseen pitfalls and hazards.

For some people, questioning comes easily. Their natural inquisitiveness, emotional intelligence, and ability to read people put the ideal question on the tip of their tongue. But most of us don’t ask enough questions, nor do we pose our inquiries in an optimal way.

The good news is that by asking questions, we naturally improve our emotional intelligence, which in turn makes us better questioners—a virtuous cycle. In this article, we draw on insights from behavioral science research to explore how the way we frame questions and choose to answer our counterparts can influence the outcome of conversations. We offer guidance for choosing the best type, tone, sequence, and framing of questions and for deciding what and how much information to share to reap the most benefit from our interactions, not just for ourselves but for our organizations.