Latest Crypto related questions

I would like to make a parallelism between Shamir's secret sharing scheme and how to define a cryptosystem where the encryption scheme is based on secret sharing. To begin with I do not know if there can be such an analogue.

Suppose that we have a standard cryptosystem. Mathematically, a cryptosystem or encryption scheme can be defined as a tuple $(\mathcal {P},\mathcal {C},\mathcal {K},\mathcal  ...

Could we use permutation polynomials for secret sharing scheme like Shamir's? The say that they induce a bijection over $\mathbb{Z}_p$ what does this mean and how does it helps?

I'm interested in methods of wrapping an AES DEK (Data Encryption Key) using AES KEK (Key Encryption Key). Is there an advantage to using AES key wrap (rfc3394) as opposed to simply adding a random nonce to the DEK before encrypting it?

Context: My KEK is based on a TPM 2.0 (Trusted Platform Module), the device specification does not include AES key wrap and supports a limited block cipher modes ...

As we all know, secure multi-party computation allows us to run a certain computation/function on private inputs contributed by different parties (that do not necessarily trust each other). The security guarantee of an MPC is that parties learn nothing beyond the computation result.

However, MPC does not deal with the question of whether the function (output) itself reveals much information about the i ...

Recently, I have found research papers about the functional encryptions for inner products and quadratic polynomials. For inner products, there are a few papers which focus to construct efficient function hiding functional encryption for inner products. However, I could not find any results about the function hiding functional encryption for quadratic polynomials.

Is there a paper for the functio ...

I'm testing my own PRNG generator which should has period $2^{38}$ bytes. So after exactly $2^{38}$ bytes it should start repeat. But PractRand find no anomalies after $2^{39}$ bytes.

Could it be that PractRand wouldn't detect this, or I had miscount something and the generator does not loop after that number of bytes?

SafeCurves defines criterias for choosing safe curves in elliptic-curve cryptography.

STARK Curve defines a Stark-friendly elliptic curve that can be used with ECDSA.

I was wondering: Is the STARK Curve a SafeCurve?

Countless examples all over on implementation of AES. None of these actually make sense to someone with zero cryptographic or advanced mathematical experience.

This => too abstract & technical...

This => is very good and a lot closer, however still too technical & abstract...

Etc.

What I want to see is an actual example with the baby steps of what happens to an ACTUAL plain text wit ...

I was looking through the S/MIME Message specification (RFC 8551) to find out what security services it offers. Section 2.4.4 of this document describing AuthEnvelopedData content type (which uses the CMS type of the same name) says:

This content type is used to apply data confidentiality and message integrity to a message. This content type does not provide authentication or non-repudiation.

Auth ...

I communicate with another person online,

I know he is a person because sometimes he also writes real messages

but at random timeframes whenever I send him a message he only responds with a dot

maybe the other person is playing a game with me but maybe he leaves his desk and turns on a bot

is there a zero knowledge proof such that the other person shows that he is not a bot without doing something a bot w ...

Consider the LWE problem.

Let $A$ be an $m \times n$ matrix, $x$ is an $n \times 1$ vector, $u$ is a $m \times 1$ vector, and $e$ is sampled from a Gaussian distribution.

We are given either $Ax + e ~~(mod~q)$ or $u ~(mod~q)$ the conjecture being that it is difficult to distinguish between these samples in polynomial time, with high probability over the choice of $A$, $x$, $u$ and $e$ (for appropriate ...

I will try to define easily the cryptographic system of this paper. The author designs a communication game for $N$ players. The private information of every player is denoted as $t_i\in T_i$ and represents the type of player $i$. The encryption system that the players use to communicate is based in the following reporting correspondences.

$\textbf{Reporting correspondences:}$ Let $\mathcal{R}_i$ ...

How can I compare different cipher text? When deciphered, say the same thing. I would like to find out the ciphering method. Any help would be appreciated. Thanks.

The primary code needs to be a 8 characters. The cipher formula then spits out different 20 character Hex codes. Would giving the Hex codes and original code help?

All current best practices about creating and using cryptographic keys I've found, refer to creating an encrypted data out of raw data. However, there is (or at least was a few decades ago) a practice where a key is not used to decrypt or authenticate anything, it is used solely locally as a (very week) proof of ownership.

In the pre-internet days, when you bought a software, you got it on a phys ...

I would like to verify my system by running ECDSA NIST test vectors, but I am not getting expected output. I am able to calculate signature, but it is not right or at least "r" and "s" components contains different values than in nist vectors. What I am doing wrong?

Test vectors: NIST: FIPS 186-4 ECDSA - 186-3ecdsasiggencomponenttestvectors.zip

#include <mbedtls/ecdsa.h>
#include <mbedtls/ ...