Latest Crypto related questions

Score: 4
Gamer2015 avatar
Why are block ciphers mostly used as stream ciphers?
al flag

Using a block cipher with using either CTR or GCM mode gives us a stream cipher, the only difference being that CTR does not include a MAC tag or AAD but GCM does. I think these are the most commonly used modes of operations for block ciphers because ECB is insecure and CBC is not parallelizable.

Does this not reduce the effective algorithm block size to 1 bit as one bit gets mapped to another bi ...

Score: 0
NB_1907 avatar
Why pre-shared key is not involved to key derivation in IKEv2?
us flag

In IKEv1 (RFC 2409), preshared secret is involved to key derivation where IKEv2 (RFC 7296) use it for only authentication. When we consider post-quantum security, this property makes IKEv1 suitable if preshared key has sufficient entropy. Therefore post-quantum extension of IKEv2 proposed in (RFC 8784) which is basicly adding an additional secret that is shared between the initiator and the responde ...

Score: -1
Gravity avatar
Encrypted file sharing with deterministically generated key from user password
tr flag

Background info:

I need to encrypt files in a enterprise workspace with several users. The goal is to encrypt files directly from browser to be saved on a server and each user could decrypt files for viewing.

Technical solution:

Create an random generated key Kw for the workspace for encrypting files with AES. This key won't never be stored either in database or in user session.

For each user, generate an ...

Score: 2
kelalaka avatar
Is there block cipher that is secure for n rounds but not secure when the rounds are increased?
in flag

The common wisdom is that increasing the number of rounds of a block cipher can make it more secure. This is quite true if we consider the linear and differential attacks.

The Tiny encryption algorithm supports this theory. It has a simple round, and it becomes secure after 32 rounds. Even Schneier et. al has the support this theory in their TwoFish Paper.

However, with enough rounds, even bad round fun ...

Score: 1
Security proof for PRNG
jp flag

Could you help to find an example of where the next kind of proof is performed, please? "if we can distinguish the randomly generated bits of a PRNG from a random sequence, then we can distinguish the underlying block cipher/permutation from a random permutation"

Score: 1
Zi-Yuan Liu avatar
Lattice in Sage: Generate matrix A from a basis S such that AS = 0 (mod q)
co flag

In Sage, there is a function: gen_lattice() that can generate a basis $$S \in \mathbb{Z}^{m \times m}_q $$ of a lattice $$\Lambda^\bot_q(A)$$, where $$A \in \mathbb{Z}^{n \times m}_q$$ is a random.

Therefore, $$AS = 0 \pmod q.$$

The question is: is there any method that can further obtain a matrix $$A \in \mathbb{Z}^{n \times m}_q.$$

(i.e., the TrapGen algorithm in AP09.)

Score: 2
resonant _tuxedo avatar
Can one prove that a particular public key is part of an aggregated (MuSig) public key?
cn flag

The MuSig paper (2018) describes a Schnorr signature key aggregation scheme which lets a set of individual public keys to be merged into a single, "aggregated" public key.

In the protocol each individual public key creates an own signature which can be merged into the "aggregated signature". The aggregated signature will verify with the aggregated public key like the signature was created by only one ke ...

Score: 1
user16910689 avatar
Interval for PKCS#1 v1.5 compliant plaintext
cn flag

In Bleichenbacher's paper (http://archiv.infsec.ethz.ch/education/fs08/secsem/bleichenbacher98.pdf, section 3.1) he concludes that if m*s is PKCS#1 v1.5 compliant we get the following interval:

$2B \leq m\cdot s \bmod n < 3B$.

(k is the length of n in bits, $ B = 2^{8*(k-2)}$)

Given those bytes in the range, 3 to 11 may not contain any zero bytes, and at least one zero bytes follows from byte 11, ca ...

Score: -3
Cryptography Challenge
cn flag

I have been messing around with cryptography (for recreational use) and I have created my own function that encrypts things for me. Now, with that being said, I freely admit that I am by no means an expert on cryptography and I know that rule 101 of cryptography is to not do it yourself. However, I am genuinely interested if my encryption function is secure. So, although I am not entirely sure if this i ...

Score: 0
Sad.coder avatar
Splitting an AES-256 key into two?
cn flag

I understand there are already few question here which are similar but mine is a bit different in that I want to split AES 256 bit into two 128 bit key and then use a different AES key of 128bit to encrypt the two 128 bit key for transport of the key between two processor. is this secure to do? I am currently limited due to the design of my system. Following is what I require:

  • I need to transport the ...
Score: 1
Why is implementation relevant to timing attacks?
in flag

Discussions from highly respected sources (details below) emphasize the importance of the implementation of cryptographic software to the effective security provided, with one particular case being sensitivity to timing attacks.


Clarification - Context is cryptographic signing of non-secret messages

@poncho's initial answer notes that attackers don't always have the luxury of determining the "user's" im ...

Score: 0
mehdi mahdavi oliaiy avatar
Finding of trace of Edward curve and proper $d$
ro flag

The obvious way for computing the trace of curve is counting the number of curve point and then compute the trace of the curve by $t=p+1-\#E$. Are there any faster way for computing the trace of the curve? The above way is very slow. This question is also following up the Finding of proper $d$ for Edward curve. I hadn't been receive the proper response for it.

Score: 1
Red Sun avatar
Cyclicity of AES
us flag

It is known that AES is extremely secure, with its highest standard(AES-256) being able to protect the national secrets of most governments. Due to the nature of its steps, there's the question about its cyclicality, or how many full encryptions with the same key would it need to yield the plaintext back, supposing that the variation is AES-ECB-128 NoPadding, with only one full block of plaintext.

 ...
Score: 1
Gamer2015 avatar
Cons for stream ciphers that are based on hash functions
al flag

In an answer of here someone mentions:

if you have a hash-function-with-oracle-powers, then it is rather easy to generate a pseudo random stream from a secret key, by hashing K||n where K is the secret key and n is a counter. By XORing this key-dependent pseudo-random stream with the data to encrypt, you have a stream cipher.

In the same post there is also this part regarding using cryptographic has ...

Score: 0
One way text→text function
jp flag

I need a way to map some printable text to other printable text. E.g.:

Ian BoydKcp Zbas

Notice some of the important requirements:

  • uppercase is uppercase in output
  • lowercase in input is lowercase in input
  • spaces (and anything else outside of A-Z0-9) are left alone

The additional requirement is that it be deterministic, that is the same input always gives the same output:

  • Ian BoydKcp Xbas ...

The Stunning Power of Questions

Much of an executive’s workday is spent asking others for information—requesting status updates from a team leader, for example, or questioning a counterpart in a tense negotiation. Yet unlike professionals such as litigators, journalists, and doctors, who are taught how to ask questions as an essential part of their training, few executives think of questioning as a skill that can be honed—or consider how their own answers to questions could make conversations more productive.

That’s a missed opportunity. Questioning is a uniquely powerful tool for unlocking value in organizations: It spurs learning and the exchange of ideas, it fuels innovation and performance improvement, it builds rapport and trust among team members. And it can mitigate business risk by uncovering unforeseen pitfalls and hazards.

For some people, questioning comes easily. Their natural inquisitiveness, emotional intelligence, and ability to read people put the ideal question on the tip of their tongue. But most of us don’t ask enough questions, nor do we pose our inquiries in an optimal way.

The good news is that by asking questions, we naturally improve our emotional intelligence, which in turn makes us better questioners—a virtuous cycle. In this article, we draw on insights from behavioral science research to explore how the way we frame questions and choose to answer our counterparts can influence the outcome of conversations. We offer guidance for choosing the best type, tone, sequence, and framing of questions and for deciding what and how much information to share to reap the most benefit from our interactions, not just for ourselves but for our organizations.