Latest Crypto related questions

No matter AES with CBC or EBC etc, the inputs for AES i.e, plaintext, key, IV, are always provided by one party. In other words, there is no need for AES in a 2PC scenario since one party can already calculate and get the result.

When I check e.g. the AES-no-expanded.txt files, party one has 128 bits input and party two has also 128 bits input. The output is 128 bits. I assume the first 128 bits a ...

I'm now trying to design a more secure key-change algorithm to replace widely used DH.

However, I am only able to prove that my algorithm is more secure logically, which means I can only prove it from a reasoning rather than mathematical perspective.

Thus I wonder if there is a standardized procedure that I can use to evaluate my work.

If unfortunately there isn't, is it ok I just collect every exi ...

I tried to search and take a look at a way to securely generate or import secret keys on client-side. First I tried to see if it is possible to take advantage of TPM in Windows but as far as I understood it is not possible to use it. So as far as I got the correct way to deal with encryption keys was using Web Crypto API. I figured out that it uses IndexedDB to store the keys. I truly want to know how t ...

I've got a situation where I need to send message ciphered with AES-256. However the content, and therefore length, of the message may be intercepted before (don't ask;)) and the question I was asked was "isn't a vulnerability allowing to discover the key?". My first approach was to estimate the brute force needed to crack the key and I ended up with number around 2^40 to 2^60 years.

It's a lot a ...

This post asks if a user of a system can restrict their own access in a time-related way.

I am interested in this for freezing and unfreezing cryptocurrency accounts to enforce spending controls, but I am really interested in learning about it as a general class of problems. I wonder if it hasn’t been studied since the concept hasn’t been identified as useful, as of yet.

Has anyone provided a ...

ESN feature is described in RFC 4303. Here is some questions which bothered me:

1. When use ESN combined with AES_GCM or AES_GMAC alogrithom, do I need to add the high-order ESN bits to the packets?
   According to RFC 4303: If a combined mode algorithm is employed, the algorithm choice determines whether the high-order ESN bits are transmitted or are included implicitly in the computation. According to RFC ...

I'm new to cryptanalysis and I saw in another answer to a question that $f: \lbrace0, 1\rbrace^{\kappa}\to \lbrace0, 1\rbrace^{\kappa}, f(x) = 1^{\kappa} $ is a one way function. Why is this the case? Any help would be appreciated

The cipher is a modification to AES and is described on this website:

The only difference between Jipsam1 and AES-256 is the S-box. Whereas in AES the S-box is public and constant, namely $$ \begin{pmatrix} 1&0&0&0&1&1&1&1\\ 1&1&0&0&0&1&1&1\\ 1&1&1&0&0&0&1&1\\ 1&1&1&1&0&0&0&1\\ 1&1&1&a ...

If you encrypt with:

gpg -o gpg.symmetric.test.gpg --symmetric gpg.symmetric.test

and then decrypt with:

gpg -o gpg.symmetric.test1 --decrypt gpg.symmetric.test.gpg  # --decrypt option mistakenly included

the output gives:

gpg: AES256.CFB encrypted data
gpg: encrypted with 1 passphrase

and decrypts the file WITHOUT ASKING FOR THE KEY!  This would allow anybody
to decrypt any symmetrically encrypted  ...

I am currently in the process of understanding ring signatures.

Now I have arrived at Linkable/Tracable Ring Signatures, however I don't really understand them.

Can someone explain me how the principle behind it works? An example would also be very helpful.

Thank you very much!

I am on the abbreviation mutlin. DDH, which probably stands for mutliniear Decision Diffie Hellmann. I am currently looking for a definition for this term, but unfortunately cannot find a source. Can anyone here help me further?

I am looking for the definition of the strong Diffie Hellmann problem. However, I can only find definitions for the $\ell$ or $q$-strong Diffie Hellmann.

Is it possible that the strong Diffie Hellman problem is also called the $\ell$ or $q$-strong Diffie Hellmann problem?

While having a discussion with someone on a forum about GPS spoofing, he mentioned that GPS signal can be spoofed for a cruising missile and make it land somewhere else using side-channel attack along with cryptographic accelerator. Now, from all that I could gather about side-channel attack and cryptographic accelerators it doesn't seem possible to me. Doesn't military usable satellites have spoofing p ...