Latest Crypto related questions

I would like to understand the algebra behind GCM's security. Before I ask my questions, let me state my understanding of the math behind GCM. If correct, my questions are at the end; if incorrect, can you please explain my mistake.

For simplicity, assume only one block of ciphertext $c$. We want our tag to have two properties:

1. $tag_k(c)$ should be a universal uniform hash of $c$: that is, for all

What could $a_0=s$ in Shamir's secret sharing scheme represent?

As we already know in a $k$ out of $n$ secret sharing scheme, a secret is split in $n$ parts however only $k=t$ parts (of a polynomial of degree $t-1$) are needed if we want to compute the secret. Suppose that $f$ is the polynomial function such that

$$f(x)=a_{t-1}x^{t-1}+a_{t-2}x^{t-2}+\cdots+a_1x+a_0=s+\sum_{i=1}^{t-1}a_ix^i,\text{su ...

The following extracts were taken from the Zero-Knowledge Proof page on Wikipedia:

In cryptography, a zero-knowledge proof or zero-knowledge protocol is a method by which one party (the prover) can prove to another party (the verifier) that a given statement is true while the prover avoids conveying any additional information apart from the fact that the statement is indeed true. The essence of zer ...

First of all, I don't want to reinvent the wheel, just want to build my own car. Non-product environment; only for fun and entertainment.

The goal is to use a single private (and never published) master password to create unique passwords (token) for each website account (twitter.com, reddit.com, etc.)

Is the following approach consistent with these goals?

Code:

HOST_HASH = SHA512( LOGIN + SERVER ...

There is an encryption scheme where the votes are encrypted with ElGamal and the decryption key is the secret that is shared among the authorities. After everybody voted they publish their part of the secret according to the Shamir tresholding scheme and everybody can calculate the tally.

Is it possible that every voter is also an authority and that a threshold scheme is implemented such that the ...

Let be Alice, Bob, and David three people. They all have public-key cryptographic system: private key and public key.

Is there any way, in some known cryptographic system (RSA, Elliptic Curve, etc.), that satisfies the following three conditions:

1. Alice, Bob, David don't know private keys from anyone
2. David could see all encrypted message from and to Alice
3. David is the only one person which is capab ...

I have three questions regarding Davies-Meyer construction :

1. What is the name of the underlying block cipher?
2. How is generated the first input hash value (IV) passed to the block cipher?
3. What is padded to last original message block?

Taking into account this paper I will write here a definition that the authors provide.

$\textbf{Definition:}$ (linear secret sharing scheme). A $(t,n)$ secret sharing scheme is a linear secret sharing scheme when the $n$ shares, $v_1,v_2,...,v_n$ can be presented as in Equation $\ref{5}$

$$(v_1,v_2,...,v_n)=(k_1,k_2,...,k_t)H,\label{5}\tag{5}$$

where $H$ is a public $t × n$ matrix whose any $t ×  ...

I am trying to solve 3pass Diffihellman problem. However, I could not solve it. Is there any specific rule exist to select a1 and b1 or problem in the calculation. Please help me to solve this problem.

I am working with an older piece of software that generates encrypted backups that I'd like to decrypt. I have a plaintext key, a few examples of encrypted data and I'm pretty sure the data is ASCII, but I don't know how they derive the RC4 key from the plaintext key.

How would I go about testing key derivations comprehensively? The space must be relatively small, even if I'm considering all the  ...

Each block's contents are hashed into 32 bytes using $\operatorname{SHA-256}$ (call this string $a$). In order for the block to be accepted, there must be a 256bit nonce (call this string $b$) provided such that $\operatorname{SHA-256}(a\mathbin\|b)$ ($a$ concatenated with $b$) has $N$ or more leading zero bits, where $N$ is a difficulty parameter.

Is this simple Proof of Work algorithm based on  ...

I have interest in e-voting and am currently trying to understand El Gamal re-encryption mixnet.

I understand how El Gamal encryption works and how mixnet works but what's not cristal clear for me is how the decryption is done after the re-encryption.

As I understand it, I just need the secret key to decrypt the encrypted vote that went through the mixnet but I can't find any sources that gives me a ...

In a $t+1$ out of $n$ secret sharing scheme where there is a network of $n$ players, in order to reconstruct the secret $t+1<n$ players are needed to share their parts $(x_i,f(x_i))$ so as the polynomial function of degree $t$ can be computed. However, all the $n$ want to have acces to this secret, but at least $t+1$ out of $n$ are needed for the computation. How many combinations are needed amon ...

Suppose, If a SHA-2 hash does get broken completely with hardly any power, where would it get reported and is there currently a bounty on it?

I would like to make a few questions about Shamir's secret sharing scheme and. To begin with, I am starting with the next theorem that determines the intuition of the whole theorem.

$\textbf{Theorem:}$ Let $p$ be a prime, and let $\{(x_1,y_1), . . . ,(x_{t+1},y_{t+1})\}\subseteq\mathbb{Z}_p$ to be a set of points whose $x_i$ values are all distinct. Then there is a unique degree-$t$ polynomial $f$ ...