Latest Crypto related questions

If such throughput could be achieved what would the benefits for a data center or IoT devices in terms of power saving. Also I was wondering if such speed was possible to be realized by a cipher, would that dramatically change cryptography in terms of encryption/decryption speed? If that is possible in the future, would that allow to significantly upgrade transmission and many other things on the intern ...

Given a number $N$ with $d$ unique prime factors. Can the number of unique values $v$ with $$v \equiv x^d \mod N$$ $$x\in[0,N-1]$$ $$N = \prod_{i=1}^{d} p_i$$ be calculated for $d>2$? (Q1)
Does the total amount decrease at some point? (Q2)

For simplification we assume each prime factor $p_i > 5$.
Or for target use case each $p_i$ is big enough to avoid easy factorization.

Solving trial:

The RSA-Assumption says that $(GenSP,F,SampleX)$ is one-way. So if we initialize an instance of RSA $(n,e), (n,d)$ and fairly forget the secret-key and SampleX uniformly distributed over $X, F = x^e \bmod N$ should be one-way.

Now it is also known that Injective functions imply collision resistance, but not one-way of course.

So far, we have pre-image resistance and collision resistance. And the secon ...

(this might be a silly question)

Pedersen hash works in the following way: $(x, y) = kG$ where $k$ is the pre-image and $(x, y)$ is the resulting hash.

Say we hide part of the hash to preserve privacy. Can an attacker derive $y$ if they only know $x$ given that they don't know the pre-image?

In other words, by knowing $x$ can an attacker find $y$ even if they don't know $y$ nor $k$.

I'm learning the randomness test of the NIST SP 800-22 rev 1a documentation.

https://csrc.nist.gov/publications/detail/sp/800-22/rev-1a/final

As I was reading, a few questions came up and I put them up like this. My questions are:

1. In the Frequency Test within a Block of 2.2, looking at (3) of 2.2.4, there is a part that is calculated as follows. $$\chi^2(obs)=4M\sum_{i=1}^{N}(\pi_i - 1/2)^2$$ I do ...

I encrypted some data (an incredibly long time ago). I have both p,q,n,c, and a plaintext ciphertext pair (from when I encrypted the wrong data). I took to solving the discrete logarithms required here, and ended up with solutions to both of them using Baby Step Giant Step. I recovered e (e1) and tested using assert pow(message,e1,n) and got the ciphertext as a result, however it would seem that decr ...

There are secure multi-party computation algorithms and implementations [1] for signing 2-party messages where the parties don't need to reveal their secrets.

Can this algorithms be used for signing tuples in the following sense? If we have 2-tuple (message1, message2) the computation results in the 2-tuple (sign(message1), sign(message2)) where the signing process is realized at the same time fo ...

In Cryptography Engineering:

2.7.1 Birthday Attacks

Birthday attacks are named after the birthday paradox. If you have 23 people in a room, the chance that two of them will have the same birthday exceeds 50%. That is a surprisingly large probability, given that there are 365 possible birthdays.

So what is a birthday attack? It is an attack that depends on the fact that duplicate values, also called c ...