Latest Crypto related questions

why is breaking a (asymmetric) 1024 bit RSA key less difficult than breaking a 128 bit (symmetric) AES key? Breaking RSA key involves finding the prime factors of a large number. What is involved in breaking an AES key?

Look I know AES256 is ridiculously secure but to keep aes secure even after quantum computers, I have a concern.
Using the Grovers theorem aes can be reduced from 256 to 128 bits for brute force attack which is also pretty strong but I don't want to be limited to it
Is it (atleast in theory) possible to implement aes512, aes1024, etc...
I mean what's stopping us like for 128bit aes we use 10 rounds of ...

I am searching for a simle model that can simulate the following procedure.

Suppose that $i$ and $j$ are two agents that each one obtains her state dependets signal $s_i(\omega)$ and $s_j(\omega)$. After observing their own signals with probability $1$, they do not know anything about the signal that the other agent has, but they do know the common prior $\pi$ about the signals, s.t. $\pi:\Omega\to \D ...

I'm building a project that is remotely controlled using LoRa and I want to ensure, that nobody can imitate my transmitter and send packets to my receiver. Just encrypting sent data is not enough since someone can receive for example packet that opens the door and sent the same one from his transmitter. How do I make it so only I can send authorized packets? Another problem is that it's really likely th ...

Suppose we have a (t,n) Shamir-secret sharing scheme. A value of some computation is shared with n parties where at most $t-1$ parties are malicious. What is the best strategy to reconstruct the shares? I believe we can use Reed-Solomon error corrections to retrieve value for upto t<n/3. For t<n/2, we can randomly reconstruct $k$ times using $t$ shares and check for the value that appears the most n ...

I read in literature that Rabin Cryptosystem can be broken using chosen-ciphertext attack. It is described that after chosen ciphertext is decrypted attacker can factorize public key $n$ by using square root with probability of $1/2$. But in article it is not described how this factorization is done.

If somebody can give some example I would be grateful.

The Cryptography made simple (page 207, under Fig 11.12)(Nigel Smart) say that adversary's advantage of IND-PASS Game is $Adv1 = 2\times|Pr[b=b']-\frac{1}{2}|$.
The reason for multiplying by 2 is to normalize advantage from $[0,\frac{1}{2}]$ to $[0,1]$.

But in this paper (page 5, line 9), the advantage of IND-CKA Game is $Adv2 = |Pr[b=b']-\frac{1}{2}|$ which is not normalized and scale is $[0,\frac{1}{2 ...

Can anyone tell me how to find the inverse of a given polynomial using python programming? Ex: input given is to find the inverse of (x^2 + 1) modulo (x^4 + x + 1). the output should be : (x^3 + x + 1).

I found a scheme for white-box RSA. It seems to protect the input and output of modular operations.
I'm curious about how to analyze the security of this solution.
Does anybody know anything about it?

I am trying to calculate Alice and Bob's shared key by hand without the use of a calculator as I feel this is an important trait when progressing into cryptography.

I understand you can use the square and multiply method however we are being taught a shortcut method which I don't quite understand fully.

Question Example:

Alice and Bob use the DH protocol with p = 19,g = 2 and secrets a = 6 and b =  ...

Today, I found a website for Pedersen commitment scheme; however, the generators g and h are not independent and therefore a prover can open a commitment c into many ways. I computed the commitment c for a message m and a randomness r (assuming that I know s):

c  = g^m * h^r 

   = g^m * (g^s)^r 

   = g^m * (g^(s * r))

   = g^(m + s * r) 

Say, I have committed to the message m, randomness r, and the c ...

I am reading about bitcoin and I am a little confused about "elliptic curve function" and "SHA256". Do they have the same properties? Can both be used to generate private and public key pairs?

Let us say we have to generate Shamir's secret share for n data points. Is there a way to speed up the implementation apart from using Horner's rule for the polynomial evaluation?

I am trying to solve a problem that reads as follows:

Let $E_1 = (\text{Gen}_1, \text{Enc}_1, \text{Dec}_1)$ be a crypto system that has perfect secrecy. Denote the message space $\mathbb M_1$, the key space $\mathbb K_1$ and the cyphertext space $\mathbb C_1$ ($\mathbb M_1=\mathbb C_1 = \mathbb T, \mathbb K_1 = \mathbb K$). Let $E_2 = (\text{Gen}_2, \text{Enc}_2, \text{Dec}_2)$ be a crypto system ...

I understand that it is feasibly impossible for A and B to select the same random number, given the large input space, but what if it does happen? Does it effect the security of the key exchange? Can an attacker determine that the same keys were chosen?