Questions tagged as ['xor']

XOR, often written ⊕, is one of the basic operations on bits and bit-sequences. It is a building block of many cryptographic primitives (and some higher-level algorithms, like modes of operations).
Score: 4
Link L avatar
Is there any result which states that if the output of these two functions is XOR'd, the XOR'd output is pseudorandom
jp flag

Let $\mathbb{G}$ be a group of prime order $p$ with generator $g$. Suppose that I randomly pick $r_1,z_1 \leftarrow \mathbb{Z}_p$ and $r_2, z_2 \leftarrow \mathbb{Z}_p$ and $c \leftarrow \mathbb{G}$. Let $\alpha = g^{r_1z_1}g^{c}$ and $\beta = g^{r_2z_2}g^c$. By the semantic security of El-Gamal encryption, both $\alpha$ and $\beta$ are indistinguishable from random numbers ... Suppose that $\alpha$

Score: 0
Ramesh Sharma Yadav avatar
What happens when we hash already hashed values, concatenated together?
cn flag

I read on the page 16 of On the Security of Hash Function Combiners that

the classical combiner for collision-resistance simply concatenates the outputs of both hash functions $Comb_{\mathbin\|}(M) = H_0(M) \mathbin\| H_1(M)$ in order to ensure collision resistance as long as either of H0, H1 obeys the property.

Consider H, a secure internal hash function with 256-bit inputs and 128-bit outputs

Score: 1
How to show the PRF in 4.8(b) is not secure?
es flag

Let F be a PRF defined over $F:\{0, 1\}^n \times \{0, 1\}^n \to Y$.

  1. We say that $F$ is XOR-malleable if $F(k, x \oplus c) = F(k, x) \oplus c$ for all $k, x, c \in \{0, 1\}^n$.

  2. We say that $F$ is key XOR-malleable if $F(k \oplus c, x) = F(k, x) \oplus c$ for all $k, x, c \in \{0, 1\}^n$.

Clearly an XOR-malleable PRF cannot be secure: malleability lets an attacker distinguish the PRF from a random fun ...

Score: 0
occvtech avatar
Is it possible to crack cryptographic method with known input/output?
ma flag

I've played around with John The Ripper before and it was able to successfully crack some personal passwords via brute force. However, in those scenarios the "unknown variable" was a password - and the known variable was the encryption method.

In the current scenario, things are a bit different. Now I have a scenario where the 2 input keys are known - and an external tool exists that can convert  ...

Score: 3
caveman avatar
Fastest order-sensitive operations
in flag

For any $v$ many $b$-bits vectors $(\mathbf{x}_0, \mathbf{x}_1, \ldots, \mathbf{x}_{v-1}) \in \{\{0, 1\}^b\}^v$, what's the fastest way to combine $\mathbf{x}_0, \mathbf{x}_1, \ldots, \mathbf{x}_{v-1}$ into a single number, such that the operation is order-sensitive?

E.g. say that $\hat+$ is some method of combining numbers (not necessarily addition, but we can define it however we want). The goal is to ...

Score: 1
hhhhhhhh avatar
Is XORing a Base64-encoded string secure?
cz flag

Theoretically, is it secure to first encode a string using Base64 and then XOR it with a random key or are there potential weaknesses that could be exploited?

Obviously this doesn't make any sense in practice, but I was curious whether this would be just as secure as XORing and then Base64ing.

Score: 4
Vladimir Gamalyan avatar
Weakness of XORing random bytes with secret key
de flag

Side A generates 16 (high quality) random bytes and performs XOR with a 16-byte secret key, then data transfers to side B, where the same secret key is used to recover the original 16 random bytes.

Is there, by chance, a way to guess the secret key by intercepting the XORed data between sides?