Latest Crypto related questions

I've just started studying Bitcoin and cryptocurrencies, so I might be wrong, but so far my understanding is that public keys are derived from private keys using ECDSA, in Bitcoin's case using secp256k1. This is a one-way function and is, technically, computationally safe... Until you take into account quantum computing. With quantum computing, you might be able to brute force and figure out private k ...

I am new to this field and have some concerns regarding PQC;

How does NIST do a comparison that a particular algorithm is efficient and its security can not be broken by future quantum attacks? I am enthusiastic to understand the criteria.

Had NIST tried to break the Encryption algorithm by applying Shor's algorithm using the available IBM's quantum computer?

What is the NIST's criteria to check the PQ ...

I'd like to ask if in case of modular exponentiation, reverse engineering the base would be equally difficult, when knowing the exponent as determining the exponent is hard when the base is provided? The modulus should be considered to be safe and the same in both cases.

In equations:

secret  ^ public1 mod public_prime = public2a
public1 ^ secret  mod public_prime = public2b

Is the secret equally well pr ...

(Probably not the right board to ask. But here goes)

I'm designing an IoT Solution with RPi as client and AWS as the server. On the client hardware, I have an Security Chip that can securely generate and store ECC, RSA, AES Keys/Pairs and can perform variety of cryptographic operations including ECDH, ECDSA, KeyGen, etc.,

My broader objectives on the cloud side are the following:

1. On AWS Server sid ...

Is there any fundamental reason to designate one direction of a block cipher as "encryption" and the other "decryption"? Or are these arbitrary choices? Or perhaps practical decisions for specific cipher designs?

Put another way, if the designers of DES or AES had chosen to label what are known as "encryption" as "decryption" and vice versa, would the world be any different?

Is it that there is an i ...

I was reading Wikipedia page of post-quantum cryptography. It says that it is desirable for cryptographic algorithms to be reducible to some particular mathematical problem, that is intractability of the system should be essentially stemming from hardness of some mathematical problem.

For example, lattice-based cryptography, Diffie-Hellman, RSA, McEliece system, multivariate cryptography reduce t ...

For example, if I use Rijndael for encryption, I have to specify a key of a certain length. For user convenience, I want the user to be able to use a key of any length. Then, to get the key to the required length of the algorithm, I build the hash value, which I then use for encryption and decryption. Is the security of the ciphertext still guaranteed if I use SHA-256 for instance? Should I rather pad t ...

The classic definition of a PRP includes efficient invertibility.

Given that many modern cipher modes (CTR-based e.g. GCM) use only the forward direction of the block cipher, it seems that the efficient invertibility part of the definition is not actually necessary for practical purposes.

Would such a relaxation gain us anything? i.e. are there practical PRP constructions which are efficiently compu ...

By using SSSS we distribute the key to "N" people where any "k" (N>=k) are required to participate to unlock the code. But what if I wish to have the people "x" and "y" always be part of "k".

Any provisions for that??

I don't understand why $\text{CBC-MAC}(M) = \text{CFB-MAC}(M)$. Has it something to do with $\text{CBC-MAC}(M) = C_L$ and $\text{CFB-MAC}(M) = E_K(C'_{L-1})$?

I need to create an id generation function that takes 4-digit number and returns a unique 3-letter identifier.

I already have a function that generates a 2-letter id from 3-digit number with some limitations (between 100 and 775), but I'm not sure how to change it to meet the new requirement.

if order_id < 775:
  alphabet = list('ABCDEFGHIJKLMNOPQRSTUVWXYZ')
  alpha_index = ''
  _i_1 = 0
  _i_2 = 0 ...

Does anyone know of a C++ homomorphic encryption library that supports addition, multiplication and logical right shift over integers? Some set of instructions that allows the implementation of logical shifts would work as well. The range should be at least sufficient to support signed 32-bit integers and the scheme should support arbitrary depth. I tried using Palisade, but found no way of implementing ...

I've came with the following problem from the Theory and Practice book by Stinson-Paterson. It states the following:

2.17

(a) Prove that a permutation $\pi$ in the Permutation Cipher is an involuntory kei iff (if and only if) $\pi(i) = j$ implies $\pi(j) = > i$, for all $i,j \in \{1,...,m \}$.

(b) Determine the number of involutory keys in the Permutation Cipher for $m = 2,3,4,5, $ and 6.

I've prove ...

1. Authentication-:

I understand that authentication is basically digital signature. But what I don't understand is how it has been explained here specially the RSA key part. It is leading me to huge confusions.

In RSA encrpytion, we use public key(of whose sender or receiver?) for encrpytion and private key(of whom?) for decryption.

They say hash is encrypted using RSA. But why are we using PRIVAT ...

Suppose G₁ is an elliptic group and G₂ be a multiplicative group and they are of same prime order p and e is a bilinear pairing, e: G₁ X G₁ -> G₂. The operations e(p,q)^r and e(p^r,q) gives equal result where p, q $\in$ G₁ and r $\in$ Z^*_p.

The computation time of different cryptographic operations are given below source: