Latest Crypto related questions

Score: 6
Patriot avatar
Make a Strong, Easy-to-Remember Password Using Classical Cryptography?
cn flag

Passwords can be tough to remember. For example:

H7535637353959595*9608J614625C1313^398583I0397897j^

So Bob wants to make and use a good password for GPG that he never has to remember. He will rarely use this password (asymmetric encryption for off-line storage). When he needs it, he is going to generate his password with pencil and paper out of some key information that is stored in one place: his hea ...

Score: 2
Perseids avatar
Can the AES-GCM authentication tag be used as a key derivation function?
na flag

I want to build a deterministic key derivation tree, where the root is stored securely in a centralized service and the leaves are embedded in a multitude of devices. When a device wants to communicate with the back-end, the device supplies its ID and salt, and the centralized services derives the device-specific key from the root key and the device ID and salt.

Usually I would favor HKDF or anot ...

Score: 3
Natwar avatar
What is the reason for Shamir scheme to use modulo prime?
in flag

In Shamir's secret sharing scheme, Dealer performs the following steps

  1. Choose a prime number $q$ such that $q > n$

  2. Choose a secret $s$ from finite field $\mathbb{Z}_q$

  3. Choose $t-1$ degree polynomial

$$g(x)=s+c_1x+c_2x^2+\cdots +c_{t-1}x^{t-1}$$

  1. Compute shares $s_i = g(id_i) \mod q \text{ for } i=1,2, \cdots,n$ and sends secretly to participants

  2. At least threshold number of participants ca ...

Score: 1
Loaf avatar
How to determine curve's field size in a ECDSA Signature
in flag

There is a bug in some firmware I'm working that states the following:

If individual coordinates are shorter or longer than the curve’s field size they are processed incorrectly.

So I can get the coordinates from the signature, R and S, but I have no idea how to determine the curve's field size.

I am specifically looking at this certificate for AWS IoT

-----BEGIN CERTIFICATE-----
MIIDhzCCAy2gAwIBAg ...
Score: -1
How to hack pass-protected private RSA key
cn flag

I know nothing about cryptography.

I must present a completed ASP project to my university that proves I have learned clingo. I have heard that the task of recovering the plaintext private RSA key given the one encrypted with a password is rather simple, taking about a day on an average PC. So the task seems suitable.

I am looking for papers, tutorials and implementations in other languages-- anything tha ...

Score: 2
Naz avatar
Can CPA secure scheme be converted to CCA secure?
us flag
Naz

I would like to know if there are some methods or techniques that can convert a public key encryption scheme from CPA secure to CCA secure?

Score: 1
Chenghong avatar
Efficient proof for Cartesian product
jp flag

I am trying to find some efficient zero-knowledge arguments that could prove the vector ${\bf v}$ is the Cartesian product of two vectors ${\bf x}$ and ${\bf y}$. I know there are efficient inner product arguments, but are there any efficient arguments for Cartesian products?

For example, given three (vector) commitments $com({\bf x})$, $com({\bf y})$, and $com({\bf v})$ to ${\bf x,y}$ and ${\bf v}$

Score: 2
fgrieu avatar
Finding $k$ strings $M_i$ such the XOR of the $k$ hashes $H(i,M_i)$ is zero
ng flag

Let $k\ge2$ be a moderate given constant, and $H:[0,k)\times\{0,1\}^*\to\{0,1\}^b$ be a $b$-bit given hash function assimilated to a random oracle. For example $H(i,M)=\operatorname{SHAKE256}((\underline i\mathbin\|M),b)$ where $\underline i$ is $i$ coded per ASN.1 DER.

How computationally hard is it to find $k$ strings $M_i$ such the XOR of the $k$ hashes $H(i,M_i)$ with $0\le i<k$ is zero?

Motivati ...

Score: 1
BD107 avatar
MPC Definitions: UC-Security vs. Real-Ideal Simulation?
de flag

I consider the "standard" definition of maliciously-secure 2PC to be the simulation-based, ideal–real-world indistinguishability definition of e.g. Lindell's How to Simulate It [Lin17, Definition 6.1].

How does this definition differ—or does it—from what is sometimes called "UC Security"? For example, in this 2013 paper, § 2, Lindell references an "environment machine" $\mathcal{Z}$. No such machi ...

Score: 2
a196884 avatar
Coding gain and minimum determinant in cryptography
cn flag

In coding theory, the notions of coding gain and minimum determinant of a code have been defined as follows: let $\mathcal{X}$ be a (full diversity) code and $X,X^\prime\in\mathcal{X}$.

Then the $\textit{coding gain}$ is $\operatorname{det}\left(\left(X-X^{\prime}\right)\left(X-X^{\prime}\right)^{\dagger}\right)$, and the $\textit{minimum determinant}$ is $min_{X\ne X^\prime\in\mathcal{X}}\operato ...

Score: 0
Sean avatar
Computational indistinguishability
yt flag

Given a multiplicative group of order $q$ and modulus $p$. Given two constants $a$ and $b$ randomly sampled from $Z_q$. Let random variable $x_a$ be a pair $(x, x^a \mod p)$ and random variable $x_b$ be a pair $(x, x^b \mod p)$. Would the distribution of $x_a$ and $x_b$ be computationally distinguishable?

Score: 1
hardyrama avatar
ε-close to t-wise inependence of SPN (AES)
sd flag

According to theorem 3.13, the 6 rounds of AES is 0.472-close to pairwise independence. It is also mentioned t-wise independence used to analyze higher order derivates attacks. it is also mentioned 3-wise indepdent permutations have a potential application in strengthening short encryption keys. My questions are related to the fundamentals of t-wise independence permutations.

Q.1 What does it mean ...

Score: 4
jester avatar
How is a "quantum safe" algorithm fundamentally different from the current "secure" crypto algorithms (pre-quantum)?
ke flag

I recently read that work is being done to develop "quantum safe" algorithms for encryption / hashing.

Presumably, these will have fundamental differences from the current "non-quantum safe" algorithms in use today (RSA, DH, AES, ChaCha20, Poly1305, SHA2/SHA3, etc.).

What fundamental differences enable algorithms to be "quantum safe"? Are quantum-safe algorithms any more vulnerable in non-quantum c ...

Score: 3
Mohamed Layouni avatar
Product of secrets in multi-secret sharing schemes (aka packed secret sharing schemes)
ch flag

The question is related to the multi-secret sharing scheme described in the following paper:

[FY92] Matthew K. Franklin, Moti Yung: Communication Complexity of Secure Computation (Extended Abstract). STOC 1992: 699-710 (Link)

Following is some background. However, if you're familiar with that paper, you can skip directly to the main question below (highlighted with bold header font).

A $(t-k+1,t+1;k,n) ...

Score: 2
Nicholas Iun avatar
How to create (n, t) secret splitting from (n, n) secret splitting?
cn flag

Given a secret splitting scheme $(n ,n)$ that creates $n$ shares from secret $s$. In this scheme all shares must be combined to create $s$.

How do you create a secret splitting scheme $(n, t)$? Of $n$ parts at least $t$ parts must be combined to determine secret $s$?

$n =$ # of Parts

$s =$ Secret

$t =$ Threshold of parts needed to create the secrets

$s_1, s_2, s_3, ... =$ Shares in a $(n, n)$ secret  ...

The Stunning Power of Questions

Much of an executive’s workday is spent asking others for information—requesting status updates from a team leader, for example, or questioning a counterpart in a tense negotiation. Yet unlike professionals such as litigators, journalists, and doctors, who are taught how to ask questions as an essential part of their training, few executives think of questioning as a skill that can be honed—or consider how their own answers to questions could make conversations more productive.

That’s a missed opportunity. Questioning is a uniquely powerful tool for unlocking value in organizations: It spurs learning and the exchange of ideas, it fuels innovation and performance improvement, it builds rapport and trust among team members. And it can mitigate business risk by uncovering unforeseen pitfalls and hazards.

For some people, questioning comes easily. Their natural inquisitiveness, emotional intelligence, and ability to read people put the ideal question on the tip of their tongue. But most of us don’t ask enough questions, nor do we pose our inquiries in an optimal way.

The good news is that by asking questions, we naturally improve our emotional intelligence, which in turn makes us better questioners—a virtuous cycle. In this article, we draw on insights from behavioral science research to explore how the way we frame questions and choose to answer our counterparts can influence the outcome of conversations. We offer guidance for choosing the best type, tone, sequence, and framing of questions and for deciding what and how much information to share to reap the most benefit from our interactions, not just for ourselves but for our organizations.