Latest Crypto related questions

The NIST is currently trying to select new standards for post-quantum cryptography. The two main categories for the candidates are "Public-key Encryption and Key-establishment Algorithms" and "Digital Signature Algorithms".

The signature algorithms are based on public-key encryption algorithms. Thus, why to separate these two categories ? Is it a matter of implementation, or of performance maybe  ...

Block ciphers that are NOT LIGHTWEIGHT use relatively complex key scheduling algorithms to enhance their security and thwart some of the known cryptographic attacks. In such ciphers round constants are also added for removing symmetries in the structure (if these exist) but the selection criteria for the round constants is never mentioned.

How should these constants be selected for any block cipher? ...

RSA seems to be the only scheme I see whenever I look into asymmetric encryption. I am now curious to know if other algorithm/scheme exists for asymmetric encryption other than RSA?

If so , what are these other schemes?

Also any explanation for the popularity of RSA?

Is there any known/standard encoding or cipher method that uses a 64-character alphabet from byte 30 (ASCII 0) to byte 6F (ASCII o)?

I'm trying to reverse-engineer a file format, and I have good idea of what some of the contents of the files should contain, but I'm not seeing any obvious patterns in the data that correspond to my expectations. The biggest peculiarity that I've been able to identify i ...

I am trying to launch an Apache server on Ubuntu 20.04 running a custom built OpenSSL, but I don't want to install it on my machine, instead, I want to show the server where it can find all libraries and configuration files relevant to OpenSSL. As you guess, this is an experimental study, so I don't want to mess with my default OpenSSL.

I used the following command to configure my server:

./configure -- ...

Recently I have few experiences with Questions in RSA which e is 2^n instead of 2^n+1, and that leads to gcd(e, phi) is not equal to 1... Won't this make the private key impossible to get? Is the Rabin cryptosystem the only way out?

I want to calculate the entropy of a specific cryptosystem such as the Caesar cipher or Vernam cryptosystem etc but I don't quite understand how to do so. Any help?

I know that it wouldn't be possible to use the extended Euclidean algorithm, since it would require the ability to divide a public key and calculate the remainder. I was wondering if there were any other ways of calculating the modular multiplicative inverse of a point on an elliptic curve (like secp256k1)? Or perhaps a reason why it is provably impossible? Is there a way (other than brute force) to fin ...

I can't seem to wrap my head around these encryption methods. I can't find a brief description for any of them.

• Hash then encrypt
• MAC then encrypt
• Encrypt and MAC
• Encrypt then MAC

If person A generated a hash (e.g sha256) of a file and then signed the hash using a private key.

Given person B only has the public key, file, signature and the hash, would verifying the signature using the public key be sufficient to prove person A signed the actual file?

What hashes and algorithms are best suited to this?

I'm trying to answer without success questions (ii - iv)

Any hint will be appreciated :)

It's my understanding that MD5 is still resistant to preimage attacks in the general case, but that an attacker may still launch a second preimage attack if an innocent file is "unlucky" enough to be a viable collision candidate.

• What are the odds of a uniformly random file of length $512n$ bits being a candidate for an MD5 collision attack?
• Is it possible to detect current state-of-the-art attack ...