Latest Crypto related questions

Are there any pseudo random number generator based on Galois fields? The source of the AES randomness lies in the GF, so GF should be capable of generating random bits.

Why are there no such generators?

I am curious (not technically informed) if the number-to-number cipher is common/useful in cryptography.

Imagine, we want to cipher integer y to integer x. Using a formula like

x = 2 * y - 1

one can easily decipher by having a few examples of matching x-y. The first problem is that the sequence of y integers is identical to that of x.

Is there a way to cipher integers while the output is a similar inte ...

I've been trying to understand an article (https://ieeexplore.ieee.org/document/8538446) about using blockchain to overcome identity based encryption (ibe) drawbacks. My purpose is to be able to code the method explained in the article at the end BUT i have big issues understanding the math behind the identity based encryption, here are my questions.

1- How are groups generated ( chosen ) in ibe ?

 ...

In https://eprint.iacr.org/2014/130.pdf , has been suggested to select the positive trace. What is the reason for this? What happened if we select the negative trace? Is there any security problem for negative traces? How for Edward curves?

In ECC, there is a parameter known as CM discriminants. Suppose that the trace of the curve is $t$ in $Z_p$. The amount of $s^2$ is the largest square dividing $t^2-4p$ then $\frac{t^2-4p}{s^2}$ is a square-free negative integer. The CM discriminant is $\frac{t^2-4p}{s^2}$ if $\frac{t^2-4p}{s^2} \mod 4 = 1$, otherwise as $4(\frac{t^2-4p}{s^2})$. How do we compute this parameter without factoring? Are ther ...

I've run into an small issue regarding authentication between 2 services (One way communication) using public and private key authentication (Elliptic Curve, secp256k1).

The services will communicate via an API REST via HTTPS, and the proposed implementation would be to have the client sign something with it's private key, send the signature along with the rest of the data, in the authentication  ...

I am trying to study the CSIDH algorithm. I have some beginner background in elliptic curves and I have been following Andrew Sutherland's lectures (https://math.mit.edu/classes/18.783/2019/lectures.html) to understand the endomorphism rings and the class group action and how we can apply the theory over complex curves to curves over a finite field. My background in number theory is not that good so t ...

Do you think the format preserving encryption(FPE) schemes have any limitation with respect to other conventional block ciphers? Do FPE have a wide range of applications to be a future research area?

If we have a message space M {0,1,2,3,4,5,6} and likewise keyspace is K = {0,1,2,3,4,5,6} (generator choosen uniform keys k)

We define our encryption to be the XOR of their bitwise rep on K and M using 4 bits {0000, 0001, 0010, 0011, 0100, 0101, 0110}

This is one time pad right? Because we are XORing and using the a key of same length.

However here the message and keyspace is represented using 4 bits;  ...

I understand how the Index Calculus algorithm works - I know & understand the steps. I understand how the steps are derived. However, I am not able to figure out why it works.

I can understand why Pohlig-Hellman works - PH reduces the computation of the discrete log in $G$ to the computation of the discrete log in prime order subgroups of $⟨G⟩$. The PH algorithm allows your solve the DLP in the s ...

What is the difference between Functional Encryption from Indistinguishable Obfuscation? Is one of them having more stronger security than the other?

I do not mean generating a hash on the client side and then storing it in the database directly. I found a few questions with similar theme, but most of those answers assumed a scenario where passwords were send through unencrypted connections or the client hash was stored directly in database.

(1) The scenario I am describing is an extra step on top of the existing workflows where user sends the ...

Elliptic curve cryptography (ECC) has been gaining a lot of popularity recently because of its security. I tend to find the process of encoding plaintext using ECC particularly interesting so I was wondering, has it been proven/disproven that you can find other curves based on which you can create cryptosystems? If it has been proven that such is the case, what kinds of curves?

Because not all cu ...

I'd like to allow the user to supply a password as input to some PBKDF, which I will use to construct a key for file encryption (currently using aes-256-ctr. It may change as I learn more).

I am considering using scrypt. Do I need to do any escaping, sanitization, or other checks on the user input I will pass to scrypt?

More generally, do PBKDF's in general require any safety checks on user suppl ...

I'm using Python to build a system in which users (accounts on a blockchain: defined by a public key and a secret key) need to communicate with each other securely and I think asymmetric encryption is the way to do it.

For example, if User A wants to send a message to User B, they encrypt the message with User B's public key and sends it to them. User B then uses their private key to decrypt the  ...