Latest Crypto related questions

Score: 1
Security proof for TLS 1.x
eg flag

In JKSS12, a proof for the handshake in TLS-DHE 1.2 is given, assuming (among other things) the PRF-ODH hypothesis on the PRF used to derive keys.

It is also stated that, if TLS 1.2 was to be modified to follow more closely the $\Sigma_0$ protocol from Canetti-Krawczyk; this protocol could be provably secure under a (weaker) DDH assumption instead of the PRF-ODH assumption (as it is the case for I ...

Score: 0
RobotVerter avatar
Finding initial key of Fibonacci LFSR knowing only polynomial and output stream-cipher
rs flag

I need to know whether it is possible to find the initial key of a Fibonacci LFSR knowing only length and taps and output stream-cipher bit sequence?

Plaintext is not ASCII, nor some other sort of printable characters. It's also a bit sequence.

LFSR: 15bit $X^{15}+X^{14}+1$

Score: 1
fWd82 avatar
Samsung .Cert File - Digging deeper
cn flag

I don't know if I should ask this question in Android Stackexchange or here, but I am sure I am in a right place to ask.

My question is about following Samsung Certificate file:

File name: I9301I-357537065876500.cert

[cert] 
Model=GT-I9301I
IMEI=357537065876500
SerNo=S200013955 
ImeiSign=75779BA6B9FF5269A6828F2EAB02049B874169ACE705F5B6187EFE5F91B619E4D23EC50D7AED63D3F570766B6E03C9A416FC4B760329F43F3C06 ...
Score: 1
Mittal G avatar
When not to reject a random number generator?
co flag

I have constructed a true random number generator, and I applied the NIST randomness Test Suite to its results. I have generated around 200 files with my TRNG, each being $10^6$ bits in length.

The test reports are as follows: The TRNG failed some of the tests (e.g., Binary Matrix Rank Test) less than $5$ times, i.e., only 5 files out of $200$ failed some of the tests. However, $20$ files failed the Ra ...

Score: 4
Vladimir Gamalyan avatar
Weakness of XORing random bytes with secret key
de flag

Side A generates 16 (high quality) random bytes and performs XOR with a 16-byte secret key, then data transfers to side B, where the same secret key is used to recover the original 16 random bytes.

Is there, by chance, a way to guess the secret key by intercepting the XORed data between sides?

Score: 0
RSA DECRYPTION when N gives only one prime number
nf flag

I am getting only 1 prime factor to some power if i factorize N for RSA decryption. So, in this case what will be the value of P and Q. P will be that one Prime Factor and then there is nothing left for Q.

Kindly help me out

Score: 0
How to generate large integer private key for creating CTF challenges?
ch flag

I am trying to create a RSA CTF challenge, exposing $n$, $e$, $c$, and $d$.

I have set $e=65537$ and $n = p * q$ where $p$ and $q$ are large primes each with 300 digits.

I have determined $c=m^e \mod n$

But I have yet to determine a good way to produce $d=e^{(-1)} \mod [(p-1)*(q-1)]$. I tried computing the right as is via code, but

from decimal import Decimal

print(Decimal(e**(-1)) % phi)

returns so ...

Score: 1
Decryption of an unknown cipher
nf flag

How can I identify the cipher that encrypted the data shown below?

I'm very new to this field, so I am not sure.

For example:

How does one know which cipher is used in the following line? How can one decrypt it?

$&Es6a@I+v5;|`h_$)q?2Kq75w=p|%tK+)8K)K}d!b_l

Score: 2
ytj_banana avatar
Discrepancy $δ$ in the Berlekamp-Massey Algorithm
ar flag

I have a question regarding to the Berlekamp–Massey algorithm. Can someone guide me to understand the idea/intuition of this algorithm?

According to the explanation in Wikepedia, in each iteration, the algorithm is trying to calculate the discrepancy $δ$.

If $δ≠0$, the algorithm will update the error locator polynomial using an update polynomial $B(x)$. However, at this point, I know that the r ...

Score: 0
homamo2050 avatar
ZKP but the verifier knows all possible secrets
in flag

Is there a (preferably simple) implementation of ZKP where the verifier already knows the set of possible secrets? Especially if the set is very small (even as few as 2 or 3 options). The prover must convince the verifier that she possesses one of the secrets, but not which one.

Score: 4
Shweta Aggrawal avatar
Elliptic curve bilinear pairing parameters for 80-bit security level
us flag

I am reading a paper based on elliptic curve bilinear pairing groups. The author has defined the size of private key, public key etc in terms of $|\mathbb{G}_1|, |\mathbb{G}_2|$ and $|\mathbb{G}_T|$.

For 80-bit security level, what are the sizes of $|\mathbb{G}_1|, |\mathbb{G}_2|$ and $|\mathbb{G}_T|$ in bits? I want to calculate the real size of the keys.

Thank you.

Score: 1
Steven Wu avatar
Security proof about RFC 6979
se flag

In the paper: "The Random Oracle Model: a Twenty-Year Retrospective", section 7.3 by Koblitz & Menezes,the authors tried to prove the security of ECDSA+.

But after looking at the entire proof, I didn’t find that they considered the probability that both forgers would choose the same $M$ and $R'$ for the $j$-th time.

In my cognition, after considering the probability of simultaneously selectin ...

Score: 1
Manc avatar
Decrypt RSA with known public key and modulus and the range of dp
in flag

How to decrypt RSA while given $e$,$n$ and the range of $dp$ ?

e=2953544268002866703872076551930953722572317122777861299293407053391808199220655289235983088986372630141821049118015752017412642148934113723174855236142887
n=6006128121276172470274143101473619963750725942458450119252491144009018469845917986523007748831362674341219814935241703026024431390531323127620970750816983

while $dp$ is in the ra ...

Score: 1
DannyNiu avatar
Does EESS#1 NTRUEncrypt use the PKCS#1 MGF (mask generation function)?
vu flag

I downloaded the 1st-round NTRUEncrypt submission from NIST website, the spec mentions the mask generation function MGF1 in ASN.1 definition but not in algorithm description.

Does the EESS#1 NTRUEncrypt use the MGF1 specified in PKCS#1 at all?

The Stunning Power of Questions

Much of an executive’s workday is spent asking others for information—requesting status updates from a team leader, for example, or questioning a counterpart in a tense negotiation. Yet unlike professionals such as litigators, journalists, and doctors, who are taught how to ask questions as an essential part of their training, few executives think of questioning as a skill that can be honed—or consider how their own answers to questions could make conversations more productive.

That’s a missed opportunity. Questioning is a uniquely powerful tool for unlocking value in organizations: It spurs learning and the exchange of ideas, it fuels innovation and performance improvement, it builds rapport and trust among team members. And it can mitigate business risk by uncovering unforeseen pitfalls and hazards.

For some people, questioning comes easily. Their natural inquisitiveness, emotional intelligence, and ability to read people put the ideal question on the tip of their tongue. But most of us don’t ask enough questions, nor do we pose our inquiries in an optimal way.

The good news is that by asking questions, we naturally improve our emotional intelligence, which in turn makes us better questioners—a virtuous cycle. In this article, we draw on insights from behavioral science research to explore how the way we frame questions and choose to answer our counterparts can influence the outcome of conversations. We offer guidance for choosing the best type, tone, sequence, and framing of questions and for deciding what and how much information to share to reap the most benefit from our interactions, not just for ourselves but for our organizations.