Latest Crypto related questions

We all know that TEE can utilize almost all of the CPU's performance, so its time spent encrypting files using RSA256 is less than that of REE.

But why isn't decryption?

Why does it take more time to decrypt the same file with 256 bit RSA in TEE than in REE?

I apologize in advance for my question. I am trying to make my own simple Secp256k1 calculator, just addition and subtraction, and one thing keeps confusing me. When I add 2 points, and I know what result of addition should be a bigger number than $n$, and as far as I understand, the result should be 0, because it is the point at infinity.

However, my calculator shows a different result. For examp ...

I was wondering about the difference between an authenticated dictionary and a key value commitment scheme like KVac. Are they the same thing or they have different model or definitions? Thanks

I found only the abstract and tables of this paper https://dl.acm.org/doi/abs/10.1145/3409501.3409513

From the abstract

In this paper, the researchers proved that the modified SHA256 is viable to length extension, brute-force and dictionary attacks. Randomness tests also showed uniform random distribution of the hashes generated by the modified SHA256

The meaning of each randomness test:

Monobit

If a company uses Domain Keys Identified Mail ("sender adds a special signature which includes author name / date signed by RSA Private Key. Receiver verifies the signature by looking up the public key of the sender and ensures that the email's sender name and the date in the regular email header matches the signed name and date in the signature tag") and has an online database with employees public key ...

First I just want to apologize for my lack of knowledge in this system.

The professor kind of gave us an exercise to solve before even going through the lessons. I tired to look at videos online but what I only know how to use a 64 bit initial key.

initial 56-bit hexadecimal key: 'B092EBA02E3798' Give the key K16 (on the last turn) to 64 bits in hexadecimal.

So my question is, do I have to turn my 56 b ...

I am just getting into cryptography and currently learning by trying to implement some crypto algorithms.

Currently implementing the Shamir secret sharing algorithm, what I have noticed is that finite fields keep coming up.

I just don't understand why they are relevant yet.

One thing I see is that they can make sure that none of your results are decimal, so no rounding errors, but I strongly doubt that ...

How easy would it be to crack a AES-256 encrypted file, that is protected by a passphrase?

I understand that the trying to brute force a AES-256 encryption key would be on the unfeasible side, even with quantum computing. But what if that encryption key was instead generated from a passphrase? How easy would it then be to break the encryption?

I'm not experienced at all in cryptography, but tried ma ...

So suppose you are doing this locally (so no network noise), and know the exact specifics of your processor too. Is it feasible to figure out the private key (while having access to the public-key) generated by libsodium based on the time it takes to generate a key-pair?

What about other algorithms, how feasible is this in general?

We have DCRA and ECSQRT assumptions.

1. ECSQRT: Square roots in elliptic curve groups over Z/nZ Definition: Let E(Z/nZ) be the elliptic curve group over Z/nZ. Given a point Q ∈ E(Z/nZ). Compute all points P ∈ E(Z/nZ) such that 2P = Q.
2. DCRA : DCR: Decisional Composite Residuosity problem Definition: Given a composite n and an integer z, decide if z is a n-residue modulo n² or not, namely if there ex ...

Is there an encryption function that preserves the properties of the numbers that are inputted into it?

For example, is there an encryption function that, when two numbers are inputted into this function, e.g., 2 and 4, and those numbers are encrypted using the same encryption key, the raw encrypted output of 2 is always half of the raw encrypted output of 4?

I realise that s boxes are able to make the transformations done in AES non-linear. However I am unsure how this makes AES secure. For instance if we had no s box then it is possible to calculate the key from a set of linear equations:

$C^1=Ax+k$

$C^2=AC^1+k$

...

$y=AC^n+k$

Where A is the linear transformation, k is the key, C as the intermediate ciphertexts, n as the number of rounds of encryption,  ...

I have to verify that the user has registered and is currently logged out without identifying the user. Essentially, I am looking for privacy-oriented authorization mechanisms which prevent simultaneous user sessions.

I am developing an application which stores user's private Identity key (ed 25519) on user's hard drive without any security.

What are the best practices / standards to save private key on hard drive, so even if the filesystem is hacked, keys are secure.

We are building out data masking framework mainly to mask PIIs. Our scale is pretty large, and masking will be done at ingest time, so we want the masking to be done in a very performant manner. Some of the constraints we have are that we would like the masking to be deterministic and reversible. I have looked at AES encryption to encrypt PII, especially AES SIV, on my macbook, it takes around ~2 millis ...