Latest Crypto related questions

Suppose that $y$ is a uniform random variable that is defined over the field (or group or abelian group) $Y$. Let us suppose that there are $N=\{1,2,\cdots,i\cdots,N\}$ agents and only one of them, say $i$, knows the random variable $y$. She wants to share the secret with the other $|N|-1$ players. So we could assume that player $i$ could find $x_1,x_2,\cdots,x_{K}$, where $K=|N|-1$, i.i.d uniform  ...

I have a 32 byte octet string ec private key.

And I want to convert this to pem type private key.

I use the secp256r1 curve.

How can I do that?

Is any command or method for that?

Suppose we are encrypting multiple files with AES in CBC mode and using 256 bit keys. Assume the IVs for the files are randomly generated with a secure method. Assume some key $K$ is generated with Argon2 from a secure passphrase with secure parameters.

Assume for each file we store the IV and 32 bytes of random data $R$. Let $K'=K\oplus{}R$.

Are there any benefits or drawbacks associated with using

I have made a private messaging program and would like to check that nothing is stupid in my use of cryptography. I am an amateur and nothing is for production. I thank you in advance.

The message exchanges are encrypted end-to-end with AES-OCB. The session key is exchanged as follows:

At the beginning, the private key is loaded and the public key is generated. The server sends its public key to the ...

can anyone please tell me the difference between unconditionally secure, perfect confidentiality and semantically secure? I know that for perfect confidentiality, we have an adversary A that has an advantage that equals to 0,Pr(w0) = Pr(w1), while the adversary has unlimited resources, and for semantically secure the advantage is equal to 0 but with a negligible epsilon , and i think unconditionall ...

do you know about CBC-MAC? I have iv ,MAC and Transaction but no key. and I should change Transaction without change cipher text. do you know how this is possible at all? In addition, I do not have cipher text to find key. information:

Transaction:to=9714163002&from=9711412111&amount=10000000
IV: qes/2BpH9BvVN7f6jFy43g== (base64)
MAC: NEhKNEtaR3lDdzRtWHJJTg== (base64)

9714163002 should exchang ...

In a problem about pollard p-1 factorization method, where $n=pq$. We choose some random base $a$ , and an exponent $B$, where hopefully $p-1$ has small prime factors, and if so we hope to estimate $p = \gcd(a^B-1,n)$.

We wish to estimate the probability that for a given exponent $B$, a randomly chosen base $a$ satisfies that $p$ divides $a^B-1$ and $q$ doesn‘t divide $a^B-1$. We assume that the pr ...

Suppose I have some unknown plaintext P which I encrypt N times, each time with a completely new and random key and IV. Would knowing that all the encrypted output came from the same identical plaintext make it any easier to guess or derive the original message without any of the keys or IVs? If so, why and how much easier would it get as N became larger?

I suppose an executable could contain a key which signs its output, but that key could be extracted and used to sign other data. Is it possible to verify that the output of an executable is the direct result of its own unaltered (assembly) control flow?

I'm trying to generate a signature for DSA with the following parameters:

p=67 , q=11 , g=38 , H(m)=7 , x=6 (Is it correct to choose g=38?)

I cannot choose a random k (0>k>q) that will give me r , s that 'add up' when calculating w, u1, u2, and verifying.

I don't know where I made a mistake I've tried every possible k between 0 and 11 and I just can't get v=r at the end of verification.

Can you help ...

I want to know relationship between bit security and Root Hermite factor.

How can I calculate bit security from Root Hermite factor.

(I want to know 1.00395, 1.00499, 1.00215, 1.00265 each)

According to the HKDF paper, the use of a salt serves two purposes: domain separation and randomness extraction.

This question is solely about the necessity of a salt for the purposes of randomness extraction.

The HKDF paper states:

a salt value (i.e., a random but non-secret key) ... is essential to obtain generic extractors and KDFs that can extract randomness from arbitrary sources with sufficie ...

I'm currently reading the proof of basic composition from the paper https://link.springer.com/content/pdf/10.1007/11761679_29.pdf. In particular, Theorem 1 in Section 2.2.

The proof starts as follows:

My question is why we can assume the set $S$ is in the form $S_1\times S_2\times\ldots\times S_T$. In general, I remember that for differential privacy, we need to prove the inequality for all sets

I have two prime numbers $p$ (1024 bits) and $q$ (160 bits) such that $q$ divides $p-1$. Now I want to find an element $b$ in $\mathbb{Z}_p$ with the order of $q$. That means that $b^q \equiv 1 \mod p$.

I tried to choose $b$ at random and than check if the congruence holds, but it seems that this is not a good approach since it doesn't give an answer in a reasonable time. So is there any way to find

Security of symmetric algorithms rely on "obscuring" keys, correct? They use "secret" keys.