Latest Crypto related questions

Could anybody provide the seminal paper and/or every specific manual in mathematics that describes a secure multiparty computation procedure, where the players will exchange encrypted messages (possibly privately) of their secret that they share with each others. The share that they will give to every other player will differ (as it is done in a similar scheme with Shamir's sharing scheme) and in order  ...

Taking into account my previous question here and the answer about the proposed encryption-decryption scheme. I am trying to understand how to make possible operations in modular arithmetic for a secret sharing scheme as proposed there

Suppose that $\mathbb{F}$ is a finite field such that $x\in\mathbb{F}$. We consider a network of five agents denoting with $i$ the generic agent and every player knows her  ...

I'm looking at this PDF to understand the hybrid argument: http://www.cs.columbia.edu/~tal/4261/F14/hybrid.pdf

The first few lines go as follows:

Suppose you have two oracles, or input distributions, $O_0,O_1$, and you want to prove that they're in-distinguishable, i.e. for every probabilistic, polynomial-time (PPT) distinguisher, D, the following must hold: $$ |Pr[D^{O_1} = 1] - Pr[D^{O_0} = 1]| = negl ...

On a website, I would like to implement a system where users can message each other. The content of the messages should be protected against attackers that are trying to read them.

My first thought was to use a public/private key pair for each user and encrypt the private key with the password of the user. In this way, a hacker gaining access to the database would not be able to decrypt the messa ...

I am wondering if there are any results in literature which construct a PRNG that is proved to pass the next bit test? If so, can you state what the PRNG is and where I can find more details on it? And if not, then why not; are there any important theoretical implications what would follow from existence of such a PRNG? Thanks in advance!

I'm working on an application that allows people to share different types of data with other people that are in the same group. Group limit is 16 people. Logic behind it is very similar to group chats.

This application would greatly benefit from an end-to-end encryption to encrypt some of the information. I'm currently looking into E2EE to understand if it's a good fit for this project and would  ...

I have to create a Client-Server Application using Java and I want to make the communication secure. I thought to use AES to encrypt the messages and for key exchange I make the next steps:

• Client generates RSA keys and send public key to server
• Server will encrypt the AES key with RSA Public key (AES key is generated random for every client)
• Client decrypt the message with its RSA Private key and then ...

I was doing research into RSA and i read that the prime numbers need to be far apart in order to strengthen the key. Why is that?

I'm using the homomorphic encryption library, HElib, to do experiments. I tried to use bootstrapping with parameters that are not in the table provided with HElib. But I have no idea how to choose the parameters (i.e, gen, ords and mvec) for bootstrapping.

Below is an example in HElib (examples/BGV_binary_arithmetic.cpp)

  // Plaintext prime modulus.
  long p = 2;
  // Cyclotomic polynomial - defin ...

Can AES be implemented in a electromechanical machine in early 20th century?

Specifically does any machine from that era

• have the capability to implement byte-oriented S-Box, or to implement the optimized word-based S-Box that computes SubBytes and MixColumn in less steps?

• Have the capability to carry out ShiftRows in the memory (or storage) that's available to the machine?

• Have enough memory to ...

WalnutDSA was a 1st-round entrant in the NIST Post-Quantum Cryptography project. It had a significant cryptanalytic break close to almost breaking the security of the cryptosystem, only survived due to the break cannot fit a bogous signature into the length field of the encoded signature.

Why was such (almost) broken crypto system specified for use with COSE? Who was pushing for it?

Let's suppose I want a 2048-bit block encryption.

I take a 512-bit hash funcion (as Blake2b), provide a counter and a key and hash the counter and so XOR the hashed value in a ciphertext block, and repeat this process more times with different counters and keys up to the fourth key (2048/4=512=bits taken by hash function).

Will this method be vulnerable to MITM attacks?

Will this method be vulnerable ...

I'm looking at the following idea for using a symmetric key to encrypt multiple messages (back & forth communication between Alice & Bob). It can be summarized as follows:

• Both sides agree upon a key
• Both sides generate $2^n$ bits using a PRG (which I believe is seeded with the key). Since PRGs are deterministic, both sides have the same $2^n$ bits.
• When one side wants to encrypt the message, ...

Is there any generic construction to prove the correctness of the output of a function? In other words, is there a general way to produce a witness for the statement $y = f(x)$?

More formally, let $f: X \rightarrow Y$ be a generic function. Given $f$, is there any general way to build a witness-generating function $p: X \rightarrow W$ and a proposition $V(x, y, w)$ such that, for all $x$, only $V(x, f ...

I came up with one problem that says that a $m \times m$ matrix is invertible is the same as to say that its rows are LI (linearly independent) over $\mathbb{Z_{2}}$.

First of all, I'd like to know how to prove it, in order to prove the following:

Supposing $$z_{m+i} = \sum_{j = 0}^{m-1} c_jz_{i+j} \text{ mod 2}$$

where $(z_1, z_2, ..., z_m)$ comprises the initialization vector. For $i \geq 1$, w ...