Topic: Cryptography

Recent Tags

2nd-preimage-resistance abe access-control advantage aes aes-gcm algebraic-attack algorithm-design anonymity argon2 arithmetic asn.1 attack authenticated-encryption authentication backdoors bcrypt bilinear-pairing birthday-attack blake2 blind-signature block-cipher blocksize blowfish bls-signature brute-force-attack cbc cbc-mac cca1 certificates cfb chacha checksum chosen-ciphertext-attack chosen-plaintext-attack classical-cipher cmac coding-theory collision-resistance commitments commutative-encryption complexity compression-function computational-complexity-theory constants convergent-encryption cpu crc cryptanalysis cryptocurrency cryptographic-hardware ctr database davis-meyer decryption des deterministic-encryption diffie-hellman diffusion discrete-logarithm distinguisher dsa eax ecb ecies ed25519 ed448 elgamal-encryption elliptic-curve-generation elliptic-curves encoding encryption enigma entropy ephemeral error-propagation feal feistel-network file-encryption finite-field fips-140 forgery format-preserving frequency-analysis function-evaluation functional-encryption garbled-circuits gcm gimli group-theory hard-core-predicate hash hash-based hash-signature history hmac homomorphic-encryption identity-based-encryption implementation indistinguishability information-theory initialization-vector integrity io ipsec keccak key-derivation key-exchange key-generation key-recovery key-reuse key-schedule key-size keys known-plaintext-attack lattice-crypto lfsr libsodium lightweight linear-cryptanalysis literature lwe mac malleability man-in-the-middle matrix-multiplication md5 meet-in-the-middle-attack mental-poker military-encryption modes-of-operation modular-arithmetic monotone-access-structure multiparty-computation multiple-encryption negligible nist nonce notation nsa ntru number-theory oaep oblivious-transfer ocb ofb one-time-pad one-time-password one-way-function onion-routing openssl otr padding padding-oracle paillier pairings password-based-encryption password-hashing passwords pbkdf-2 perfect-secrecy performance permutation pgp pir pkcs11 pkcs8 pki poly1305 post-quantum-cryptography preimage-resistance prime-numbers probability proof-of-work protocol-design provable-security proxy-re-encryption pseudo-random-function pseudo-random-generator pseudo-random-permutation public-key puf random-number-generator random-oracle-model randomness rc4 reduction reference-request replay-attack rijndael ring-lwe rsa s-boxes s-mime s2k salsa20 salt schnorr-identification schnorr-signature scrypt searchable-encryption secp256k1 secret-sharing secure-storage security-definition semantic-security serpent sha-1 sha-2 sha-256 sha-3 sha-512 shacal-2 side-channel-attack signal-protocol signature simulation siphash software-obfuscation sponge srp ssh statistical-test stream-cipher substitution-cipher symmetric terminology test-vectors threshold-cryptography timing-attack tls tokenization transport-security trapdoor tweakable-cipher twofish universal-hash verifiability verifiable-random-function vigenere voting wpa2-psk x25519 xml-encryption xor xts zero-knowledge-proofs

Recent Articles

Solved by user555 (126,218 ) Sep 06, 2022 at 09:22	Should we really rely on "Cryptographically Secure Pseudo-Random Number Generators" (CSPRNG) alone to guarantee secure random output?
	#random-number-generator#randomness#pseudo-random-generator

Solved by user18298 (44,255 ) Sep 03, 2022 at 16:16	Solving system of equation based on RSA
	#rsa#modular-arithmetic

Solved by user25901 (146 ) Sep 02, 2022 at 00:05	Base64 or hex to attach auth tokens to URL?
	#authentication#passwords#tokenization

Solved by user54184 (13,843 ) Aug 29, 2022 at 19:37	How much security is gained from hiding the nonce?
	#encryption#key-derivation#authenticated-encryption#nonce

Solved by user452 (134,311 ) Aug 29, 2022 at 13:42	(In)security of multiplicative blinding / one-time-pad in a commutative ring
	#one-time-pad

Solved by user555 (126,068 ) Aug 29, 2022 at 10:56	Is there some restrictions on values of p,q,d,e etc in RSA algorithm while trying to encrypt English Ciphertext?
	#encryption#rsa#public-key

Solved by user555 (126,058 ) Aug 27, 2022 at 07:00	How to prevent the solution of a discrete logarithm problem from being found in a collision way by accident
	#discrete-logarithm

Solved by user18298 (44,161 ) Aug 27, 2022 at 00:04	NIST example shows extra hexadecimal characters in Block Contents of SHA512-256
	#hash#nist#sha-2

Solved by user18298 (44,161 ) Aug 27, 2022 at 00:04	NIST example shows extra hexadecimal characters in Block Contents of SHA512-256
	#hash#nist#sha-2

Solved by user180 (24,290 ) Aug 26, 2022 at 10:39	Is constant-time compare really required for AEAD ciphers?
	#mac#authenticated-encryption#pseudo-random-function#timing-attack

Solved by user180 (24,290 ) Aug 26, 2022 at 10:39	Is constant-time compare really required for AEAD ciphers?
	#mac#authenticated-encryption#pseudo-random-function#timing-attack

Solved by user43864 (3,752 ) Aug 23, 2022 at 15:40	How to encrypt data which never leave the client but can't be decrypted without the server?
	#encryption#public-key

Solved by user452 (134,131 ) Aug 19, 2022 at 13:05	Commutable and Composable Asymmetric Encryption/Decryption
	#encryption#diffie-hellman#key-exchange

Solved by user36960 (7,068 ) Aug 19, 2022 at 08:54	Is there any way to (irrevocably) *transfer* a private key to another person?
	#public-key#signature#pki

Solved by user36960 (7,068 ) Aug 19, 2022 at 08:54	Is there any way to (irrevocably) *transfer* a private key to another person?
	#public-key#signature#pki

Solved by user15312 (6,489 ) Aug 18, 2022 at 13:38	Understanding the small cofactor attack with Elliptic Curves of non-prime order
	#elliptic-curves#diffie-hellman#brute-force-attack

Solved by user12016 (16,874 ) Aug 18, 2022 at 06:44	Diffie-Hellman over $GF(2^{128})$
	#diffie-hellman#finite-field

Solved by user48273 (1,232 ) Aug 18, 2022 at 00:15	Zk Proof to Prove that I know the secret x of y = HASH(x)
	#hash#zero-knowledge-proofs#hash-signature

Solved by user24869 (413 ) Aug 11, 2022 at 09:03	Is there a cryptographic algorithm that can make a "lottery ticket"?
	#public-key#zero-knowledge-proofs#random-number-generator

Solved by user102678 (786 ) Aug 10, 2022 at 11:01	ECCDH: direct or with temporary ECC keypairs?
	#elliptic-curves#diffie-hellman#key-exchange

Solved by user13843 (3,832 ) Aug 08, 2022 at 22:51	Help with clarification/definitions of Oblivious Transfer (OT) flavors
	#oblivious-transfer

Solved by user13843 (3,812 ) Aug 08, 2022 at 22:51	Help with clarification/definitions of Oblivious Transfer (OT) flavors
	#oblivious-transfer

Solved by user43864 (3,482 ) Aug 07, 2022 at 19:17	Where is the definition of one-way trap-door function used in public key cryptography
	#rsa#diffie-hellman#one-way-function#trapdoor

Solved by user43864 (3,482 ) Aug 06, 2022 at 11:28	Replacing Curve25519 with Ristretto255
	#elliptic-curves

Solved by user87477 (11,774 ) Aug 05, 2022 at 09:44	In Schnorr identification protocol, what happens if the prover uses r+c+x or rx+c.. etc. rather than r+cx?
	#schnorr-identification

Solved by user351 (35,461 ) Aug 02, 2022 at 17:04	Why the definition of bilinearity property is different in cryptography compared to mathematics?
	#pairings#bilinear-pairing

Solved by user452 (133,846 ) Aug 02, 2022 at 11:30	Uniform rejection sampling by shifting or rotating bits from CSPRNG output, safe?
	#random-number-generator#randomness#pseudo-random-generator

Solved by user36960 (6,998 ) Aug 02, 2022 at 07:23	How to know that MAC isn't modified in ECIES
	#public-key#elliptic-curves#mac#ecies

Solved by user12016 (16,779 ) Jul 27, 2022 at 11:31	What is the meaning of the power notation in the access structure?
	#abe#access-control#monotone-access-structure

Solved by user555 (124,671 ) Jul 26, 2022 at 06:43	What does "key version" refer to when talking about AES 128 in NXP's datasheet?
	#aes#cryptographic-hardware

Solved by user87477 (11,294 ) Jul 25, 2022 at 06:26	New paper claims quantum polylog time attack on AES
	#post-quantum-cryptography#quantum-cryptanalysis#quantum-computing

Solved by user12016 (16,489 ) Jul 24, 2022 at 20:06	Derive independent values using block cipher
	#block-cipher#key-derivation#randomness#pseudo-random-function#pseudo-random-permutation

Solved by user87477 (11,774 ) Jul 23, 2022 at 10:26	Follow-up II: Number of points on an elliptic curve
	#elliptic-curves#pairings#elliptic-curve-generation

Solved by user555 (125,858 ) Jul 22, 2022 at 06:28	How is RSA-OAEP secure from CCA2?
	#rsa#oaep

Solved by user87477 (11,324 ) Jul 21, 2022 at 10:28	Follow-up: Number of points on an elliptic curve
	#elliptic-curves#pairings#elliptic-curve-generation

Solved by user555 (126,038 ) Jul 21, 2022 at 07:56	How does AES GCM encryption work
	#encryption#aes#authentication#initialization-vector#aes-gcm

Solved by user452 (133,652 ) Jul 19, 2022 at 20:19	Security level of the hash of the sum of two uniformly random keys
	#encryption#randomness

Solved by user12016 (16,804 ) Jul 19, 2022 at 01:50	Limit definition of negligible function
	#security-definition#negligible

Solved by user43864 (3,387 ) Jul 18, 2022 at 15:58	How can I distribute a set of anonymous tokens digitally among a known limited population to do anonymous voting?
	#keys#perfect-secrecy#anonymity#voting

Solved by user87477 (11,764 ) Jul 18, 2022 at 06:23	Are all quadratic twists of an elliptic curve equivalent?
	#elliptic-curves#finite-field

Solved by user43864 (3,677 ) Jul 18, 2022 at 02:18	Is there a scheme to enforce a random seed without leaking the seed?
	#zero-knowledge-proofs#key-derivation#commitments#verifiability#verifiable-random-function

Solved by user87477 (11,764 ) Jul 17, 2022 at 07:21	Discovery of Ed25519 128-bit private key where a KDF has not been used
	#elliptic-curves

Solved by user87477 (11,814 ) Jul 16, 2022 at 16:24	How does a CertificateVerify message prevent MITM attacks in TLS 1.3
	#tls

Solved by user102678 (726 ) Jul 16, 2022 at 16:18	Argon2id creating key for cryptography, how acceptable is it to use the same salt for the same encryption operation?
	#encryption#password-hashing#salt#aes-gcm#argon2

Solved by user1172 (85,750 ) Jul 15, 2022 at 11:24	Does the AES-GCM specification require the tag-size to be bound to the GCM context?
	#aes-gcm

Solved by user87477 (11,754 ) Jul 14, 2022 at 11:28	How is BLS secure against adaptive selection message attacks when the message is known?
	#bls-signature

Solved by user87477 (11,774 ) Jul 12, 2022 at 12:36	Number of points on an elliptic curve
	#elliptic-curves#pairings#elliptic-curve-generation

Solved by user555 (124,953 ) Jul 12, 2022 at 11:45	If I have enough examples of a private key's signature, can I discern it?
	#public-key#signature

Solved by user555 (125,713 ) Jul 12, 2022 at 11:45	If I have enough examples of a private key's signature, can I discern it?
	#public-key#signature

Solved by user67635 (151 ) Jul 11, 2022 at 09:42	LWE with a binary matrix A
	#encryption#cryptanalysis#lattice-crypto#lwe#ring-lwe

Solved by user1172 (86,082 ) Jul 08, 2022 at 08:22	AES-GCM with different IVs but close enough for counter to cause duplicates
	#encryption#aes#initialization-vector#nonce#aes-gcm

Solved by user30246 (250 ) Jul 07, 2022 at 16:04	Can the indistinguishability obfuscator leak the password when obfuscating the password checking function?
	#hash#password-hashing#indistinguishability#software-obfuscation

Solved by user555 (124,056 ) Jul 07, 2022 at 07:21	Using AES-256-GCM, is your security only 128 bits when solely relying on the MAC?
	#aes#mac#aes-gcm

Solved by user1172 (86,444 ) Jul 04, 2022 at 23:04	How does a GMAC in GCM not nullify the utility of a seekable decrypt-able stream
	#mac#cbc#gcm#aes-gcm

Solved by user25899 (135 ) Jul 03, 2022 at 19:44	How to securely XOR two passphrases in JavaScript?
	#passwords#xor#password-hashing

Solved by user25899 (135 ) Jul 03, 2022 at 19:44	How to securely XOR two passphrases in JavaScript?
	#passwords#xor#password-hashing

Solved by user1172 (85,492 ) Jul 02, 2022 at 12:37	Security of using AND instead of XOR operation for an OTP
	#encryption#one-time-pad

Solved by user87477 (11,774 ) Jun 30, 2022 at 07:06	LWE problem with a sparse matrix
	#lattice-crypto#lwe

Solved by user18376 (11,176 ) Jun 28, 2022 at 15:44	How to break RSA when $q = e^{-1} \bmod p$?
	#encryption#rsa#public-key#attack

Solved by user87477 (11,344 ) Jun 27, 2022 at 08:46	Keyless cipher proof
	#encryption#classical-cipher

Solved by user101697 (48 ) Jun 26, 2022 at 18:10	Differences between algorithms, ciphers, primitives and functionalities
	#terminology

Solved by user87477 (10,476 ) Jun 25, 2022 at 10:30	Sponge Duplex authenticated encryption with nonce reuse or no nonce
	#symmetric#stream-cipher#authenticated-encryption#sponge

Solved by user452 (132,368 ) Jun 24, 2022 at 14:18	How do you use a PQC Hybrid Shared Secret in Practice?
	#encryption#public-key#post-quantum-cryptography

Solved by user87477 (11,109 ) Jun 22, 2022 at 11:42	Simon's quantum algorithm for symmetric encryption
	#symmetric#quantum-cryptography

Solved by user452 (132,303 ) Jun 21, 2022 at 16:32	Key Committing AES-GCM
	#aes#tls#attack#aes-gcm#ghash

Solved by user87963 (606 ) Jun 21, 2022 at 09:07	Probability conventions in cryptography
	#pseudo-random-function#terminology#notation#probability

Solved by user17303 (136 ) Jun 20, 2022 at 08:14	RSASSA-PSS in TLS 1.2
	#signature#tls#certificates#rsa-pss

Solved by user1172 (85,067 ) Jun 19, 2022 at 18:40	Does hashing a secret/seed make it effectively 2X less secure?
	#hash#entropy

Solved by user43864 (2,755 ) Jun 18, 2022 at 20:02	Zero-knowledge proof that the exponents of a Pedersen commitment are not zero
	#zero-knowledge-proofs#commitments

Solved by user555 (126,128 ) Jun 18, 2022 at 13:39	Is there a test that put into numbers how secure a password hashing is?
	#password-hashing#pbkdf-2

Solved by user54184 (13,278 ) Jun 16, 2022 at 23:30	Why expand keys? Why not rather generate a longer key?
	#block-cipher#key-schedule

Solved by user87477 (11,294 ) Jun 16, 2022 at 06:51	Security Level of DSA given parameters
	#dsa

Solved by user45690 (8,687 ) Jun 16, 2022 at 04:57	On using interaction to achieve FHE from old PHE schemes
	#homomorphic-encryption

Solved by user36960 (6,661 ) Jun 15, 2022 at 22:05	Are Block Ciphers Pseudorandom functions?
	#block-cipher#key-derivation#pseudo-random-function#pseudo-random-permutation

Solved by user18298 (44,136 ) Jun 15, 2022 at 20:12	How to expand elliptic curve public key from compressed form?
	#elliptic-curves#secp256k1

Solved by user592 (11,755 ) Jun 15, 2022 at 12:44	What is the security of multiple encryption using Even–Mansour scheme (XEX)?
	#block-cipher#xor#multiple-encryption#meet-in-the-middle-attack

Solved by user87963 (623 ) Jun 15, 2022 at 04:29	Private key encryption based on NP-complete problem
	#block-cipher#symmetric#computational-complexity-theory#reduction

Solved by user214 (16,705 ) Jun 14, 2022 at 21:09	Is disabling padding integrity check in CBC implementations a good way of overcoming / mitigating padding oracle attack?
	#cbc#padding-oracle

Solved by user45690 (8,647 ) Jun 14, 2022 at 20:50	Parameters for high density SIS
	#cryptanalysis#collision-resistance#lattice-crypto#sis

Solved by user18298 (43,406 ) Jun 14, 2022 at 17:01	Addition on elliptic curves on finite fields: what if X_1 = X_2 and Y_1 != Y_2?
	#elliptic-curves

Solved by user54184 (13,268 ) Jun 14, 2022 at 00:10	What is the name of this kind of logic diagram?
	#terminology#xor

Solved by user61581 (73 ) Jun 13, 2022 at 06:55	Question on Simulation based security proof for Oblivious Transfer (OT) against semi-honest adversaries
	#provable-security#oblivious-transfer#semantic-security#hard-core-predicate#simulation

Solved by user555 (125,068 ) Jun 12, 2022 at 10:20	What is more efficient to Encrypt then MAC or to MAC then encrypt
	#mac#authenticated-encryption

Solved by user54184 (13,424 ) Jun 10, 2022 at 23:27	For AES-GCM, does knowing plaintext and ciphertext allow attacker to learn the key?
	#aes#aes-gcm

Solved by user45690 (8,697 ) Jun 10, 2022 at 22:33	An unconditional proof of a PRP by restricting adversary run time
	#pseudo-random-permutation#distinguisher

Solved by user452 (132,743 ) Jun 10, 2022 at 00:49	How come we only need to generate the first tree in each layer in XMSS MT
	#hash#post-quantum-cryptography#hash-signature#hash-tree#hash-based

Solved by user29574 (7,246 ) Jun 09, 2022 at 16:55	Hotbits vs. Random.org vs. Anything else?
	#random-number-generator#randomness#trng

Solved by user555 (124,621 ) Jun 09, 2022 at 03:53	ASN.1 integer question for DSA
	#signature#dsa#asn.1

Solved by user452 (133,138 ) Jun 08, 2022 at 16:57	How can I reverse a so-called CRC16 from the data?
	#decryption#crc

Solved by user452 (133,757 ) Jun 08, 2022 at 16:57	How can I reverse a so-called CRC16 from the data?
	#decryption#crc

Solved by user452 (132,733 ) Jun 06, 2022 at 15:02	Did digital signatures come from Zero Knowledge Proofs?
	#signature#zero-knowledge-proofs

Solved by user1172 (85,532 ) Jun 05, 2022 at 18:43	When does the need of random data become an assumption?
	#provable-security#hardness-assumptions

Solved by user452 (133,791 ) Jun 05, 2022 at 16:10	Why use pairing to construct identity based encryption?
	#pairings#identity-based-encryption

Solved by user1172 (84,942 ) Jun 05, 2022 at 13:51	Is it necessary to (length) pad a fixed length one time pad in the presence of a HMAC?
	#protocol-design#hmac#one-time-pad#padding

Solved by user1077 (266 ) Jun 04, 2022 at 16:46	Can there be identical elliptic curve groups of points from different irreducible polynomials in binary extension fields?
	#elliptic-curves#finite-field#group-theory

Solved by user555 (124,551 ) Jun 03, 2022 at 08:14	Difference signature / asymmetric encryption (PQC)
	#public-key#signature#post-quantum-cryptography

Solved by user555 (124,161 ) Jun 03, 2022 at 08:14	Difference signature / asymmetric encryption (PQC)
	#public-key#signature#post-quantum-cryptography

Solved by user452 (132,398 ) Jun 02, 2022 at 18:34	If RSA uses $e$ with $\gcd(e,\phi(N))\ne1$ but $e$ is hard to factorize has an adversary still an advantage in finding $d$ for $m^{ed}\equiv m\mod N$?
	#rsa#modular-arithmetic#security-definition#complexity#number-theory

Solved by user26028 (475 ) Jun 02, 2022 at 10:09	Why does the RFC version of HKDF-Expand start the counter at 1?
	#hmac#key-derivation#hkdf

Solved by user555 (125,233 ) Jun 01, 2022 at 13:34	How to do addition in Montgomery form?
	#elliptic-curves#secp256k1