Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [hamming]

Hamming distance is the number of symbols that differ between two strings. Hamming weight is the distance between a string and the zero string of the same length; i.e. the number of 1 bits for binary strings.

Hamming distance is the number of symbols that differ between two strings. Hamming weight is the distance between a string and the zero string of the same length; i.e. the number of 1 bits for binary strings.

20 questions
7
votes
1 answer

HMAC ipad and opad choice

It is written in the HMAC paper that the ipad=0x36 and opad=0x5C were chosen such that it maximize the Hamming-Distance of the part of the key used in the inner and outer part of the HMAC process. Since 0x36=0b0110110 and 0x5c=0b1011100, it seems…
Bush
  • 2,160
  • 3
  • 18
  • 27
6
votes
1 answer

Is it possible to construct a PRNG where the output numbers have a certain distribution of hamming weights?

I am in need of a non-uniform random number generator where each n-bit output has a hamming weight with a certain binomial distribution. For example, I would like a non-uniform PRNG which generates 32-bit outputs with a hamming weight whose binomial…
Ollie
  • 163
  • 2
6
votes
3 answers

Is it possible: delayed secure hamming distance

I am a professional developer with a mathematics background, but know next to nothing related to cryptography. I would like to know if the following scenario is even possible. Let's say Alice and Bob each have a bitstring of length n. Alice sends…
Benjamin Lefebvre
  • 63
  • 3
6
votes
1 answer

Hamming Distance vs. Index of Coincidence

When analyzing a repeating-key xor cipher to find the key length, I've read about two key methods (assuming there aren't just repeating chunks of ciphertext for Kasiski's method), for some assumed key length $l$, checking the Hamming distance of…
Brownbat
  • 623
  • 4
  • 10
3
votes
1 answer

References about a boolean function involving hamming weight

Some weeks ago, I read an article about an interesting boolean function with some applications to cryptography. Then, I forgot about the article and now I cannot find it. Hence here I am asking if someone is familiar with this function and can give…
Molan
  • 31
  • 1
3
votes
2 answers

BOOLEAN FUNCTIONS: generate a function $f: \{0, 1\}^n \rightarrow \{0, 1\}$ from a $n \times n$ S-Box

I want to calculate the hamming weight of a S-Box using this formula: $\text{hw}(f) = \sum_{x=0}^{2^n-1} f(x)$. Where $f: \{0, 1\}^n \rightarrow \{0, 1\}$ My problem is that I don't know how to get the $f$-function. I found that helpful paper: THE…
Targunitoth
  • 33
  • 6
3
votes
2 answers

Calculating XOR Key Sizes

I've been playing around with the Matasano crypto challenges (cryptopals.com). I had a couple false-starts on the challenge that has you creating a program to calculate the key size of a XOR encrypted file using Hamming Distance of the bits (Index…
Dave Hull
  • 51
  • 1
  • 7
2
votes
3 answers

Earliest citation for truth density

I am searching for a citation of a formula that calculates the proportion of true (1) outcomes in the corresponding truth table of a boolean function. Searching a little bit in the Cryptography literature, I found that the hamming weight of a…
John
  • 123
  • 4
2
votes
1 answer

Is it possible to perform CPA(Correlation Power Analysis) when attacker has only specific round's waveform?

I read Quite a lot document about breaking AES using CPA. But most of them, assuming that attacker has the first or last round of the waveform(trace) and exploit SubBytes. My question is if the AES-128 (or AES-256) can be attacked even if attacker…
Lee Anon
  • 23
  • 5
2
votes
0 answers

Closest Keccak256 hashes by Hamming distance?

What are the two "closest" known Keccak256 (not SHA-3 256) hashes in terms of the Hamming distance between the pair of hashes? EDIT: This was marked as opinion based, so to clarify, when I asked this question, I was hoping that people responding…
Lev Knoblock
  • 422
  • 5
  • 19
2
votes
1 answer

Why is PRESENT 31 rounds?

I tried a number of different inputs and keys and checked their respective hamming distances after each round. It seems PRESENT has an ideal or near ideal hamming distance (31 to 33) after only a few rounds. Indeed, some of the later rounds have…
Red Book 1
  • 1,025
  • 10
  • 26
2
votes
0 answers

How many Affine function can be made from $4 \times 4$ and $8 \times 8$ S-boxes?

The nonlinearity of an S-Box is defined as the non-linearity of its vectorial Boolean Function. Let $F$ be the hamming distance between the set of all non-constant linear combinations of component functions and the set of all $n$-variable affine…
sam
  • 21
  • 4
1
vote
1 answer

Minimal Hamming distance of SHA512 hashes at bit flip

For $n\in\mathbb{N}$ let $\{0,1\}^n$ denote the set of $\{0,1\}$-vectors of length $n$. Let $\{0,1\}^* = \bigcup_{n\in\mathbb{N}}\{0,1\}^n$ denote the collection of all finite-length $\{0,1\}$-strings. If $x,y\in \{0,1\}^n$ for some…
Dominic van der Zypen
  • 483
  • 3
  • 12
1
vote
1 answer

Metrics for Measuring the Distance of Two Numbers in Cryptography

Hamming Distance (HD) has been used to measure the distance of two numbers when they are converted into binary representations. e.g., $Ham(1, 2)=2$ as 0001'XOR'0010'='0011' while $Ham(128, 1)$ equals $2$ as well. Here we see HD does not work well as…
Paxton
  • 13
  • 2
1
vote
0 answers

Low weight linear $\varepsilon$-universal hash function

According to the definition, an $\varepsilon$-universal linear hash function family, given a field $\mathbb{F}$, is a set of linear transformations $\mathcal{H} \subseteq \mathbb{F}^{m,n}$ such that for any $\mathbf{v} \in \mathbb{F}^n \setminus \{0…
JayTuma
  • 71
  • 7
1
2