Latest Crypto related questions

Score: 0
Domain Keys Identified Mail (DKIM)
in flag

If a company uses Domain Keys Identified Mail ("sender adds a special signature which includes author name / date signed by RSA Private Key. Receiver verifies the signature by looking up the public key of the sender and ensures that the email's sender name and the date in the regular email header matches the signed name and date in the signature tag") and has an online database with employees public key ...

Score: 0
Hakim Cheheb avatar
How to generate keys from a 56 bit using DES
ru flag

First I just want to apologize for my lack of knowledge in this system.

The professor kind of gave us an exercise to solve before even going through the lessons. I tired to look at videos online but what I only know how to use a 64 bit initial key.

initial 56-bit hexadecimal key: 'B092EBA02E3798' Give the key K16 (on the last turn) to 64 bits in hexadecimal.

So my question is, do I have to turn my 56 b ...

Score: 11
iammadab avatar
Why are finite fields so important in cryptography?
id flag

I am just getting into cryptography and currently learning by trying to implement some crypto algorithms.

Currently implementing the Shamir secret sharing algorithm, what I have noticed is that finite fields keep coming up.

I just don't understand why they are relevant yet.

One thing I see is that they can make sure that none of your results are decimal, so no rounding errors, but I strongly doubt that ...

Score: 1
Crack AES encryption via passphrase dictionary attack?
fr flag

How easy would it be to crack a AES-256 encrypted file, that is protected by a passphrase?

I understand that the trying to brute force a AES-256 encryption key would be on the unfeasible side, even with quantum computing. But what if that encryption key was instead generated from a passphrase? How easy would it then be to break the encryption?

I'm not experienced at all in cryptography, but tried ma ...

Score: 1
Hormoz avatar
How feasible is it to guess the private key of libsodium by taking into account generation time?
us flag

So suppose you are doing this locally (so no network noise), and know the exact specifics of your processor too. Is it feasible to figure out the private key (while having access to the public-key) generated by libsodium based on the time it takes to generate a key-pair?

What about other algorithms, how feasible is this in general?

Score: 1
enimert avatar
Is there any relation between Decisional Composite Residuosity Assumption and Square roots in elliptic curve groups assumption?
ng flag

We have DCRA and ECSQRT assumptions.

  1. ECSQRT: Square roots in elliptic curve groups over Z/nZ Definition: Let E(Z/nZ) be the elliptic curve group over Z/nZ. Given a point Q ∈ E(Z/nZ). Compute all points P ∈ E(Z/nZ) such that 2P = Q.
  2. DCRA : DCR: Decisional Composite Residuosity problem Definition: Given a composite n and an integer z, decide if z is a n-residue modulo n² or not, namely if there ex ...
Score: 1
CCS avatar
Number property preserving encryption
de flag
CCS

Is there an encryption function that preserves the properties of the numbers that are inputted into it?

For example, is there an encryption function that, when two numbers are inputted into this function, e.g., 2 and 4, and those numbers are encrypted using the same encryption key, the raw encrypted output of 2 is always half of the raw encrypted output of 4?

Score: 1
Ahmed avatar
Why is it not possible to attack an AES by creating a function to model the substitution that occurs in a s-box?
ru flag

I realise that s boxes are able to make the transformations done in AES non-linear. However I am unsure how this makes AES secure. For instance if we had no s box then it is possible to calculate the key from a set of linear equations:

$C^1=Ax+k$

$C^2=AC^1+k$

...

$y=AC^n+k$

Where A is the linear transformation, k is the key, C as the intermediate ciphertexts, n as the number of rounds of encryption,  ...

Score: 0
tejasvi88 avatar
Is it possible to allow a user to log in if logged out without identifying them?
au flag

I have to verify that the user has registered and is currently logged out without identifying the user. Essentially, I am looking for privacy-oriented authorization mechanisms which prevent simultaneous user sessions.

Score: 0
Eirtaza avatar
How to securly save ED25519 private key on hard drive
cn flag

I am developing an application which stores user's private Identity key (ed 25519) on user's hard drive without any security.

What are the best practices / standards to save private key on hard drive, so even if the filesystem is hacked, keys are secure.

Score: 0
Deterministic data masking
jp flag

We are building out data masking framework mainly to mask PIIs. Our scale is pretty large, and masking will be done at ingest time, so we want the masking to be done in a very performant manner. Some of the constraints we have are that we would like the masking to be deterministic and reversible. I have looked at AES encryption to encrypt PII, especially AES SIV, on my macbook, it takes around ~2 millis ...

Score: 1
Hormoz avatar
Disparity between PyNaCl docs and libsodium docs
us flag

So if we look here, it shows that libsodium uses three 3 different algorithms for this, which sounds weird to me, cause nothing indicates that anything besides Curve25519 is used in those specific functions (the boxes specifically take private and public keys and nothing indicates there is any key generation for XSalsa20):

https://doc.libsodium.org/public-key_cryptography/authenticated_encryption#algo ...

Score: 1
mdmb avatar
E2EE with passwords at login?
cn flag

Imagine a scenario:

  1. Alice and Bob want to use a platform where they log in using email and password. The platform can be accessed on desktop and mobile devices.
  2. Alice would like to store encrypted information in a database or send encrypted files to an S3 server
  3. Bob will be able to fetch this encrypted information (data + files) if the server allows to (Alice granted Bob access to this data)
  4. Both Bob an ...
Score: 1
Verifiable Delay Function: Trusted Setup
tv flag

Efficient Verifiable Delay Function paper suggested that there is two way to construct the group. One of them requires trusted setup in the sense whoever constructs the RSA unknown group order needs to destroy the factors otherwise fake proof can be constructed.

Another way is using a class group of imaginary quadratic fields. However, the paper didn't give an example of how it can be used. Is ev ...

Score: 2
Irad Nuriel avatar
Identifying the cheater in (3,5)-Shamir's secret sharing
lk flag

The problem I'm trying to solve: Identifying the cheater in (3,5)-Shamir's secret sharing when we can see only the 3 shares that were given to the system in the secret reconstruction process, and we can inquire the 3 people who inserted the shares into the system(they don't know what the other people inserted). Also, we have no knowledge about the correct secret, but we do know the wrong secret.

 ...

The Stunning Power of Questions

Much of an executive’s workday is spent asking others for information—requesting status updates from a team leader, for example, or questioning a counterpart in a tense negotiation. Yet unlike professionals such as litigators, journalists, and doctors, who are taught how to ask questions as an essential part of their training, few executives think of questioning as a skill that can be honed—or consider how their own answers to questions could make conversations more productive.

That’s a missed opportunity. Questioning is a uniquely powerful tool for unlocking value in organizations: It spurs learning and the exchange of ideas, it fuels innovation and performance improvement, it builds rapport and trust among team members. And it can mitigate business risk by uncovering unforeseen pitfalls and hazards.

For some people, questioning comes easily. Their natural inquisitiveness, emotional intelligence, and ability to read people put the ideal question on the tip of their tongue. But most of us don’t ask enough questions, nor do we pose our inquiries in an optimal way.

The good news is that by asking questions, we naturally improve our emotional intelligence, which in turn makes us better questioners—a virtuous cycle. In this article, we draw on insights from behavioral science research to explore how the way we frame questions and choose to answer our counterparts can influence the outcome of conversations. We offer guidance for choosing the best type, tone, sequence, and framing of questions and for deciding what and how much information to share to reap the most benefit from our interactions, not just for ourselves but for our organizations.