Latest Crypto related questions

Score: 0
How or in which format should Schnorr signature keys be stored?
ke flag

I would like to know if there is any standard for storing public and private keys for Schnorr signature

Score: 0
Detect if two numbers are equal without disclosing further information
ma flag

Consider the following scenario. Alice picks a number A; Bob picks a number B. Both A and B belong to a relatively small set X (by small I mean that X can be easily looped through: for intuition sake, imagine X to be the size of a deck of cards). I would like Alice and Bob to engage in a protocol that tells both if A = B. If A != B, then Alice should have no further information about B, and Bob should h ...

Score: 3
MeBadMaths avatar
How many Bits/Bytes is a public key, given its encoding
in flag

I am struggling to understand what the "bit/byte" size of a public key is, how you can work it out, and even what it means.

An example of a RSA public key is:

AAAAB3NzaC1yc2EAAAABJQAAAQB/nAmOjTmezNUDKYvEeIRf2YnwM9/uUG1d0BYsc8/tRtx+RGi7N2lUbp728MXGwdnL9od4cItzky/zVdLZE2cycOa18xBK9cOWmcKS0A8FYBxEQWJ/q9YVUgZbFKfYGaGQxsER+A0w/fX8ALuk78ktP31K69LcQgxIsl7rNzxsoOQKJ/CIxOGMMxczYTiEoLvQhapFQMs3FL96didKr/QbrfB ...

Score: 1
Sean avatar
Chaining a smaller group inside the pairing friendly group
yt flag

Let's say there is a bilinear pairing $G \times G \rightarrow G_t$ (e.g., for bn128), and let prime $q$ be the order of $G$. Is it possible to find a prime order group over integers such that its order $p | q-1$ (that is $q$ is used as the modulus for the "smaller" group)? I checked the order of bn128 and bs381 groups, it seems that the $q-1$ has no large prime factors.

Score: 3
Quadratic Sieve: Sieving with prime powers
et flag

I am trying to understand the Quadratic Sieve algorithm.

Currently I am stuck at the sieving part.

Let's say the number to be factored is 9788111. I decide to look for 50-smooth factors. My initial factor base (FB) = $p_i$ = {2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47}.

I go through each number in the FB & their powers.

For each number in the FB, I first check if there if N is a Quad ...

Score: 2
Paillier versus Lifted ElGamal for homomorphic addition for e-voting
ng flag

I'm looking to create an anonymous e-Voting system which will assign a certain number of bits to each candidate during a vote, e.g. 010000 for Alice, 000100 for Bob, and 000001 for Charlie. It works well with ElGamal on a smaller scale but when I try to do it on a larger scale (adding larger numbers), it times out. On the other hand, Paillier seems to be more efficient at adding larger numbers.

I ...

Score: 0
Mohamed Waleed avatar
Use peppers with Bcrypt (HMAC + Bcrypt)
in flag

Is it useful to combine HMAC with Bcrypt ?
If it so, should I do the HMAC on the password before "Bcrypt"ing it ? or should I do the HMAC on the Bcrypt output ?

Score: 0
Mohamed Waleed avatar
Managing master keys used in PBKDF2 and HMAC (store, rotate)
in flag

My use case:

I have few master keys, I use each for a specific operation (e.g. one for encrypting user's data and another for creating JWT signatures etc...).

I use these master keys in two specific things:

  1. in PBKDF2 as an input + a salt to derive symmetric keys and nonces (iv) and, then store the salt only with the ciphertext in the database
  2. in HMAC as a secret key (pepper)

I need to rotate these m ...

Score: 3
Sean avatar
Decisional Diffie-Hellman Assumption on Pairing Friendly Curves
yt flag

It is known that the Decision Diffie-Hellman (DDH) problem can be easily solved over groups on pairing friendly curves (that is: one can use pairing to tell if $g^x$ and $g^y$ and $g^z$ forms a DH tuple such that $z = x*y$). What about the "tripartite" case where one has the tuple ($g^x$, $g^y$, $g^z$ and $g^u$) and need to tell if $u= x*y*z$. Would that be easy?

It looks like not an easy problem to m ...

Score: 1
Mahsa Bastankhah avatar
A finite group with a threshold functionality
de flag

I am trying to find a generator of a finite group that its powers devides the group into two parts. For example look at the last row of this table that shows the powers of 10 in the group Z_19. enter image description here

You can devide the group to two part. the elements before "10^7 mod 19" that all of them are less than "13" and the elements containing and after "10^7 mod 19" that with probablity 1/2 are more than "13". I am  ...

Score: 0
Mohamed Waleed avatar
HMAC vs hashing (data + pepper)
in flag

Is there a difference between HMAC and hashing (data + pepper) or both of them are equally secure ?

Score: 1
Vshi avatar
How do we say that one cryptographic primitive is stronger than another?
vg flag

Can anyone help me understand this: How do we say that one cryptographic primitive is stronger than another?

Score: 0
Mohamed Waleed avatar
PBKDF2 with pepper
in flag

The main purpose of PBKDF2 is to generate a strong key from a weak password by using an input (the weak password) and a salt (which is stored in plaintext).

Is it useful to use a pepper with PBKDF2 ?
and if it so, what is the best way to do it and why:

  1. do a PRF (e.g. HMAC) on the weak password with the pepper and use the result as the PBKDF2 input ?
  2. do the PBKDF2 first then do a PRF (e.g. HMAC) on th ...
Score: 0
Mohamed Waleed avatar
Should I protect the salt before storing it in a database or use a pepper (secret salt) instead?
in flag

If I protected the salt or used a pepper (secret salt) and an attacker got access to the database he can't do a rainbow table attack on a targeted user (a famous or important person).

Should I use a pepper (secret salt) ? If yes, then:

  • how to make it unique accros all users or a group of users (not make it global and fixed) ?
  • how to store it safely without hard coding it ?

Or should I protect the sal ...

Score: 1
neolith avatar
What tools are there to reverse-engineer an LFSR besides the BMA?
cn flag

I have a certain timecode which I can’t seem to figure out. We gave successfully decoded other codes for the same purpose with the Berlekamp-Massey algorithm, but this code seems to have a linear complexity of 110, which is not practical in any way. It can also not be reconstructed with the 110-bit irreducible polynomial the BMA finds. Just the first few bits are as expected and then the bits seem to  ...

The Stunning Power of Questions

Much of an executive’s workday is spent asking others for information—requesting status updates from a team leader, for example, or questioning a counterpart in a tense negotiation. Yet unlike professionals such as litigators, journalists, and doctors, who are taught how to ask questions as an essential part of their training, few executives think of questioning as a skill that can be honed—or consider how their own answers to questions could make conversations more productive.

That’s a missed opportunity. Questioning is a uniquely powerful tool for unlocking value in organizations: It spurs learning and the exchange of ideas, it fuels innovation and performance improvement, it builds rapport and trust among team members. And it can mitigate business risk by uncovering unforeseen pitfalls and hazards.

For some people, questioning comes easily. Their natural inquisitiveness, emotional intelligence, and ability to read people put the ideal question on the tip of their tongue. But most of us don’t ask enough questions, nor do we pose our inquiries in an optimal way.

The good news is that by asking questions, we naturally improve our emotional intelligence, which in turn makes us better questioners—a virtuous cycle. In this article, we draw on insights from behavioral science research to explore how the way we frame questions and choose to answer our counterparts can influence the outcome of conversations. We offer guidance for choosing the best type, tone, sequence, and framing of questions and for deciding what and how much information to share to reap the most benefit from our interactions, not just for ourselves but for our organizations.