Latest Crypto related questions

I stumbled across this correctness of a scheme:

$e(g^r, H(id)^x) = e(g^x, H(id))^r = e(g^x, H(id))^r$

and have a hard time following the properties of the bilinear pairing. Does anyone know the "rules" for such pairings or where to read about them?

As far as I have learned I know that:

$e(g^{xy}, g) = e(g,g)^{xy} = e(g^x, g^y)$

but do these properties commute, and how is the correctness scheme ab ...

I've been working on a AES256-GCM implementation (in Java). I'm a little bit stuck on the part where i need to decide how often i need to rotate my key.

I've got a lot of information from this posts: Safety of random nonce with AES-GCM?

And the website if refers to: https://www.imperialviolet.org/2015/05/16/aeads.html

It states the following quote:

This is because if you throw 2$^{32}$ balls at 2

Often data is encrypted using Symmetric Ciphers and Symmetric key is shared with recipient by encrypting it with recipient's Asymmetric Public Key. NIST Special Publication 800-56B, Revision 2 section 9 defines RSA KTS-OAEP to establish keying material between sender and receiver. Is it really necessary to use RSA OAEP or RSA KTS-OAEP to establish keying material between sender and receiver?

Since most o ...

How can I write a program in python to predict the random key (urandom) that is used for encryption? I tried to search and I couldn’t find anything related to guessing and predicting urandom in python

In my criptography course I was given the following exercise:

ElGamal proposed the following digital signature scheme using discrete logarithms over a field $\mathbb{F}_p$, where $p$ is a large prime.

• Step 1) Everybody agrees on a prime $p$ and a generator $g$ for $\mathbb{F}_p^*$.

• Step 2) A (and all other uses) chooses a secret exponent $d_A$, and makes public $e_A\equiv g^{d_A}\mod p$ (just like in  ...

Setup

Recently, I became interested in simulation based proofs in the context of secure two party computation. I read some book chapters (from Secure MPC and Secret Sharing and Foundations on cryptography volume 2), papers (most importantly How To Simulate It), and posts from cryptography stack exchange, but I still do not feel confident in the application of simulation based proof techniques. As a fi ...

When I sign a message with a private key, and I get a message signature, how is it that I'm able to - using the corresponding public key - verify that that message/transaction signature must have been produced by the person holding the private key behind the relevant public key?

My understanding is that with private/public key pairs, the point of the technology is that you cannot reverse engineer ...

I'm trying to develop a Key Distribution Protocol to share symmetric keys in RFC 6238 (OTP). I started with RFC 6063, but this protocol is developed over old and known insecure algorithms like PBKDF and do not take advantage of more advanced hardware like smartphones (the device I will use to produce OTPs)

The main idea is to use entropy from both server and client to generate the KEY_TOKEN. My q ...

When performing Shannon Entropy analysis on something like an RNG or a file, you must:

1. Select a symbol bit length and number of samples would will perform analysis on at a time (IE: windows size)
2. Read the input till the window is full
3. Perform a histogram on the collected symbols
4. Take the histogram output and calculate Shannon Entropy
5. Repeat step 2 by either getting entirely new samples or sliding

Some of the most widely-used/advanced cryptography products these days - AES and SHA3 - were invented by Belgians. It seems that fact is hardly a coincidence. Since I'm a complete layman, I can make the connection but can't draw the big picture. Why are they so good? Do the Belgians have a tradition leading back centuries or something? Do they have an MIT-like institution in their country? Do the AES gu ...