# Questions tagged as ['encryption']

Encryption is the process of transforming plaintext using a cipher into ciphertext to make it unreadable to anyone except those possessing the key. Decryption is the process of transforming that ciphertext back into plaintext, using the key.
Score: 0 Homomorphic Encryption Library Supporting Addition, Multiplication & Logical Shift Does anyone know of a C++ homomorphic encryption library that supports addition, multiplication and logical right shift over integers? Some set of instructions that allows the implementation of logical shifts would work as well. The range should be at least sufficient to support signed 32-bit integers and the scheme should support arbitrary depth. I tried using Palisade, but found no way of implementing ...

Score: 0 Number of Involuntory Keys in Permutation Cipher I've came with the following problem from the Theory and Practice book by Stinson-Paterson. It states the following:

2.17

(a) Prove that a permutation $$\pi$$ in the Permutation Cipher is an involuntory kei iff (if and only if) $$\pi(i) = j$$ implies $$\pi(j) = > i$$, for all $$i,j \in \{1,...,m \}$$.

(b) Determine the number of involutory keys in the Permutation Cipher for $$m = 2,3,4,5,$$ and 6.

I've prove ...

Score: 0 Pretty much confused about pretty good privacy-: 1. Authentication-:

I understand that authentication is basically digital signature. But what I don't understand is how it has been explained here specially the RSA key part. It is leading me to huge confusions.  In RSA encrpytion, we use public key(of whose sender or receiver?) for encrpytion and private key(of whom?) for decryption.

They say hash is encrypted using RSA. But why are we using PRIVAT ...

Score: 1 Can attacker steal data from AES encrypted table without knowing the key? I think of a situation that attacker can steal data from AES encrypted table without knowing the key. I tried to search on internet but found nothing about this(may be I were not using the correct keyword), really appreciate if any one can shed some light on it.

Assuming that the table is encrypted with same key but different IV:

1. Attacker signs up for a new account in an application normally.
2. Application ...
Score: 0 Don't know how to approach this problem, or where to start. Finding an adversary to a hiding and binding game I have this problem: I also have the python version of this problem here:

import json
import sys, os, itertools

sys.path.append(os.path.abspath(os.path.join('..')))
from playcrypt.tools import *
from playcrypt.new_tools import *
from playcrypt.primitives import *

from playcrypt.games.game_bind import GameBIND
from playcrypt.simulator.bind_sim import BINDSim

from playcrypt.games.game_hide impor ...
Score: 2 Difference between fuzzy vault and fuzzy commitment? https://dl.acm.org/doi/10.1145/2905055.2905118

Quoting the above paper's abstract, "Biometric cryptosystem can apply fuzzy vault, fuzzy commitment, helper data and secure sketch, whereas, cancelable biometrics uses distorting transforms, Bio-Hashing, and Bio-Encoding techniques."

It differentiates between a fuzzy vault and a fuzzy commitment scheme. How are the two different? Where does fuzzy ext ...

Score: 2 What is the global resource expense (financial, energy, computing power & time) due to the need for cryptography? Classic disclaimer: there may be a better place to ask this question, if so comment and I will be happy to move it.

An example I'm looking for is related to recent scrutiny over energy consumption of bitcoin, such as here although there is no math in this example.

An example similar in nature is the math behind the question, "how long would it take to crack 128 AES"? -- Example 1 -- Example 2- from this  ...

Score: 1 Where to store salt for PBKDF2 and initialization vector for AES via WebCrypto I would like to build secure notes via javascript and webcrypto.

I have found the possibilities to generate strong key via PBKDF2 and encrypt data via AES.

Here is a sample how to generate key via PBKDF2 in webcrypto, where is required salt:

function getKey(keyMaterial, salt) {
return window.crypto.subtle.deriveKey(
{
"name": "PBKDF2",
salt: salt,
"iterations": 10 ...
Score: 1 How secure is it to use a 128-bit random seed to derive a 256-bit key for seeding key-pair generation? We are developing an open-source peer-to-peer app, Mapeo, designed for users with low technical experience (and no email or phone) to collect data in offline environments. We are generating their identity on the device for each project as a public-private keypair using libsodium crypto_sign_keypair.

To support identity recovery in the case of device loss or switching to a new device, we want to use  ...

Score: 1 Is it okay to avoid a plaintext IV in AES? ### The scenario

Using AES 256 with CBC mode. (Authentication is done separately. Ignored here.)

### The goal (explained more later)

To avoid sending an unencrypted IV.

But since this is being done using .NET whose function forces us to use an IV, we can't just prepend 16 random bytes and then toss away the first 16 bytes after decryption.

### The plan

Prepend 16 random bytes ("IV1"), and besides that use 16 b ...

Score: 0 Teaching AI a cryptogram and asking it to solve a similar cryptogram on its own Say that 1 cipher and another are known to hold some form of correlation. Would it be possible to teach an AI one language through the training of a model and allow it to make make predictions on another?

If so, how? Has this been done before?

Score: -1 How expensive is it to migrate from AES-128 to AES-256 How feasible would it be to migrate from AES-128 to AES-256?

Score: 3 Construction of S-Box in PRESENT I'm currently working on an hardware implementation (with verilog) of PRESENT-80 for research purposes. Due to our goal to strengthen the security of PRESENT-80 with Masking and Error Detection I need to understand how the S-Box is designed.

In PRESENT: An Ultra-Lightweight Block Cipher the 4x4 S-Box is simply stated as a lookup table:

x 0 1 2 3 4 5 6 7 8 9 A B C D E F
S[x] C 5 6 B 9 0 A
Score: 2 How to convert plaintext to element of cyclic group in Cramer-Shoup cryptosystem I am trying to implement a cramer-shoup cryptosystem but I don't understand how to work with the plaintext I want to encrypt.

From what I understand, the plaintext needs to be converted to an element of the cyclic group G, which was generated with the key. I've checked multiple resources, from the wiki to several papers, and none of them seem to take the time to explain how to convert a plaintext ...

Score: 4 Unable to understand notation regarding Shannon's theorem the following equation is used to prove the Shannon's theorem by showing the existence of two messages $$m_0, m_1$$ if $$|K| < |M|$$ but I'm unable to visualize/understand the probabilities. Especially the $$Pr$$ over $$K$$ thing doesn't get into my head. Anyone able to explain it?

• $$\mathcal{K}$$ is the keyspace
• $$\text{Pr}$$ means probability
• $$m_0$$ and $$m_1$$ are messages from the message space $$M$$
• $$c$$ i ...
Score: 1 Is it safe to store the hash of a plain text? When encrypting data, I want to verify that the correct key was entered without hashing it. Is it safe to decrypt the ciphertext and compare the hash of it with the stored one or can the plaintext (which could be very long) be read from the hash?

Score: 1 Is asymmetric decryption guessable? I AM an amateur (for some reason, I have originaly written "I am not"... embarassing, sorry) in cryptography so this might be a very basic question.

I am interested to know if there exist ciphers such that if I encrypt a message with it and then lose first say 300 bits then I can't recover any information from the message even if I have the decryption key?

My problem is basically that I don't have a ...

Score: 0 Encrypted data sharing in decentralised system Alice encrypts file using her public key and upload it to decentralised file store (some service). Bob buys access to the file. Is it possible to share decrypted file with Bob without having Alice's key? Decentralised file store doesn't store any private keys, but it knows that Bob has access to the file (e. g. from smart contract).

Score: 1 Why can't we have AES512 or more? Look I know AES256 is ridiculously secure but to keep aes secure even after quantum computers, I have a concern.
Using the Grovers theorem aes can be reduced from 256 to 128 bits for brute force attack which is also pretty strong but I don't want to be limited to it
Is it (atleast in theory) possible to implement aes512, aes1024, etc...
I mean what's stopping us like for 128bit aes we use 10 rounds of ...

Score: 0 Example of exchanging information I am searching for a simle model that can simulate the following procedure.

Suppose that $$i$$ and $$j$$ are two agents that each one obtains her state dependets signal $$s_i(\omega)$$ and $$s_j(\omega)$$. After observing their own signals with probability $$1$$, they do not know anything about the signal that the other agent has, but they do know the common prior $$\pi$$ about the signals, s.t. $$\pi:\Omega\to \D ...$$

Score: 0 How to ensure the data comes from verified source without using asymetric encryption I'm building a project that is remotely controlled using LoRa and I want to ensure, that nobody can imitate my transmitter and send packets to my receiver. Just encrypting sent data is not enough since someone can receive for example packet that opens the door and sent the same one from his transmitter. How do I make it so only I can send authorized packets? Another problem is that it's really likely th ...

Score: 1 What are the lower computation and memory cheap fractal symmetric encryption algorimths? I would like to know about encryption schemes that are based in Fractal theory, while they have decent security and are pretty fast.

Score: 0 Encryption mode of operation with lowest malleability/not vulnerable to bit flip attack? I am trying to choose a mode of operation for encryption which does has the lowest malleability and is specifically not vulnerable to a bit flip attack. My understanding is that PCBC is the only mode which makes the rest unreadable, therefore is the best option?

I do not want to apply any message authentication at this stage.

Thanks!

Score: 1 Multiuser encryption, singleuser decryption I have an hybrid encryption (RSA, AES) for a file sharing project I am working on, where I use a single public key for encryption on the sender side and corresponding private key for decryption on the recipient side. I would like for a sender to be able to send files to multiple users each having only their own unique key pair (public keys would be distributed).

I know this is possible using GPG

Score: 0 Why LFSR stream code is not suitable for encryption? Why LFSR stream code is not suitable for encryption? Is there a special attack for LFSR?

Score: 6 Can we use LEGO bricks to construct a cipher algorithm? I read a paper titled "On the entropy of LEGO", which explains how to calculate the number of ways to combine $$n$$ $$b\times w$$ LEGO blocks of the same color. For example, six $$2\times4$$ bricks have $$915103765$$ ways to combine. I wonder if could we construct a funny cipher algorithm using LEGO bricks.

Some definitions and symbols:

A $$2\times4$$ brick $$i$$ can be defined as: $$b_i:=\left( \begin{array}{cc} s_0 ...$$

Score: 0 Simple Key Exchange, One Server I am trying to better understand how TLS works. I understand in the normal use case you need various random values generated and used in the key exchange, to prevent some MITM reusing a previous transmission to spoof the server or the client.

However, let us assume some degenerate case where there is a single server whose single public key is already known by its clients as well as various adver ...

Score: 0 Are all public key a result of computing g^k mod p I just read through the text book definition of Diffie–Hellman key exchange. And from what i understand, the public key that is shared based on the protocol is calculated from:

g^k mod p

where g is a generator in the multiplicative group, and p is a large prime and k is the private key.

My question is, are all public/private key generated to have this relationship? Or this way of generating the pu ...

Score: 1 Is a truly p2p ledger (cryptocurrency) possible? Is a truly p2p ledger possible, where there is no need for a third party (or a number of third parties) to verify ledgers.

Probably a system where the two parties who don't trust each other can verify each others ledger and then perform a transaction. If one of the parties is foul playing then the other party would not proceed with the transaction, cause that will make all his future transactions ...

Score: 1 Revoke key without communication between the party who revoked it and the party who is validating I received a very weird question from someone. I feel there is no solution, It would be great if you guys share your views.

There are three people Alice, Bob and Sam and they all work for a high-security facility. Alice is the gatekeeper, Bob is a scientist and Sam is their manager.

Sam has issued an entry pass to Bob which is signed. Alice can verify the entry pass by using public-key cryptography  ...