Latest Crypto related questions

Please help me to understand the proof of the following claim:

Assume there exist strong OWFs, then there exist functions that are weak $\frac{2}{3}$-one-way functions, but not strong one-way ones

Proof

Let $f$ be a strong OWF. Define $g(x) = \begin{cases} (1, f(x)) & x_1 = 1 \\ 0 & else \end{cases}$

I just don't understand if $x_1$ is the first bit in x here? And if so, where is the possi ...

Let's say that I uniformly sample a 1000 bits randomly. Then, I hide a secret of 10 bits on those 1000 bits, randomly. That is, I pick each of the 10 bits and randomly replace them inside the 1000 bits, in an order that just I know. And then I call this order my key. Knowing where each bit is, gives me the hability to recover it.

How easy it is to guess those bits from the random ones surrounding ...

I already have the Katz-Lindell textbook, but I also want some additional practice problems for security reductions for stuff like PRFs, MACs, digital signatures, private and public key schemes, and key exchange schemes. Where could I find more problems for practice?

Thank you!

Let's say I'm modifying the Scrypt hash function (https://github.com/Tarsnap/scrypt/blob/master/lib/crypto/crypto_scrypt-ref.c) and that all I want to do is replace SHA256 with SHA1 in the code to make it easier to compute. (Remember that the intention of this algorithm would be to be used as PoW, not for security. Would it be a mistake to make this change?

I believe with Shamir’s Secret Sharing Scheme, I can create an n-part secret and distribute each of those parts to n parties. But the weakness is that I still know all the parts.

Is there a mechanism in which n parties can each have a secret that none of the other parties know, but yet have the public key be known in advance?

In asymmetric cryptography, if I have a private key, I can share the publ ...

I am mostly self taught and have limited knowledge of the symbology in the image below. It is a diagram of a sub block the RIPEMD-160 algorithm:

Are such symbols standardized? Is there a good dictionary or atlas someone is aware of that could link such symbols to their definitions?

Here is the source: https://en.wikipedia.org/wiki/RIPEMD

The following is a real-world problem. In a standardized protocol clients can connect to a server using mutual 4-pass authentication on an otherwise unsecured TCP channel:

• pass-1: Client send random Challenge C to server
• pass-2: Server answers by sending random challenge S to client
• pass-3: Client prepares res(S, K) and send it to S
• pass-4: Server answers to client with res(C, K)

res(.) is GCM-GMAC  ...

I am implementing certificateless cryptography from this research paper in python language. Essentially, I want to have the following hash function mapping. This hash function is mentioned in the setup algorithm in section 2.4 of the paper. Here n is the bit-length of plaintexts. $$\begin{align} H_4: \{0, 1\}^n\to\{0, 1\}^n\\ \end{align}$$ Is there any inbuilt hash function in hashlib python libra ...

I have a public key but struggling to get the modulus from it

alan@WW031779:/mnt/c/Users/alan/Downloads/rsatool$ openssl rsa -noout -text -inform PEM -in lol.pem -pubin
RSA Public-Key: (2048 bit)
Modulus:
    00:e6:23:97:28:84:b1:f4:d7:22:bd:d5:ee:5b:eb:
    84:cb:84:76:0c:2e:d0:ff:af:d9:3c:d6:03:0f:b2:
    0d:79:30:90:3b:d1:73:1d:c7:4c:95:4a:23:07:53:
    03:df:d7:1b:88:5c:d6:6e:98:5b:f7:59:ed:17: ...

I have a web API with a custom API authentication system that users each have a SecretKey and a public ApiKey. Using these two keys client(or user) can generate a token for the authentication on the server.

Consider this function generating an authentication token

public string GetToken(string apiKey, string secretKey, string expireTimestamp)
{
    using var hashAlgorithm = SHA256.Create();
    va ...

There is a statement that I can't give a reference;

"Since the timing characteristics of symmetric algorithms are not as key dependent as asymmetric algorithms, they are more resistant against timing attacks."

Is it true?

given a hash H() , like sha256 and a secret text S and a public salt P

will knowing H(S) reveal HMAC(P, S) ?

to clarify: the question is if it possible to learn the digest, not the secret. In my specific case HMAC(S) is actually HKDF(S), but i'm assuming for this question the safety-related part is just the extract phase.

the protocol is as follows:

Alice->Bob: fetch message2 after message1 whi ...

Let $F_M(n)=\operatorname{CRC32}(M|n)$, where $M$ is an arbitrary length prefix message, $n$ is a 32 bit integer (whether little or big-endian encoded is unimportant) and "|" is simply concatenation of data.

Is $F_M(n)$ injective in $[0,2^{32}−1]$?

I am looking for research problems in lattice based Crypto. Can anybody help?

I am reading up on Pairings using Elliptic curves & all the texts talk about functions on a Curve.

I am finding it difficult to even figure out what they mean by "function on a curve" or "function on a line"

The equation of a line or a curve itself is in the form of a function, but I am unable to figure what is "function on a curve" or "function on a line".

Some examples.

In Mathematical Cryptography  ...