Highest Voted Questions - Cryptography Stack Exchange

42

votes

12 answers

Differences between industrial and military cryptography

Industrial and military cryptography should follow the same basic rules, but what does make them different is: Higher key length, protocols unknown to the civilian world, and perhaps unique methods of transferring media Are there other…

encryption military-encryption

asked Sep 20 '18 at 09:32

R1w

1,960
4
23
45

42

votes

4 answers

Calculating RSA private exponent when given public exponent and the modulus factors using extended Euclid

When given $p = 5, q = 11, N = 55$ and $e = 17$, I'm trying to compute the RSA private key $d$. I can calculate $\varphi(N) = 40$, but my lecturer then says to use the extended Euclidean algorithm to compute $d$. That's where I get stuck. Here's my…

rsa number-theory modular-arithmetic

asked Jan 03 '13 at 13:22

DougalMaguire

531
1
5
6

42

votes

6 answers

What does it mean for a random number generator to be cryptographically secure?

I've never heard a good answer. I'd like to hear details about: What are the criteria that make an RNG cryptographically secure? Why must your RNG be cryptographically secure? I.e., what are the consequences if it is not? Examples of secure and…

randomness pseudo-random-generator random-number-generator

asked Aug 05 '16 at 16:32

agotsis

547
1
5
8

42

votes

8 answers

Simply put, what does “perfect secrecy” mean?

I would like to ask for a clear (but maybe not so deep) explanation of what the term "perfect secrecy" means. As far as I have researched and understood, it has to do with probabilities of assuming that a certain variable will be the key for a…

one-time-pad terminology security-definition

asked Sep 28 '12 at 02:05

Emyr

571
1
5
6

42

votes

6 answers

How to check that you got the right key when brute forcing an encryption?

How do you know when you have the right key when brute-forcing? Let's say that they test the right key. They then have to check that the decrypted text makes sense. To do so, they can test whether there is a word in the dictionary. But then let's…

rsa brute-force-attack key-recovery

asked Feb 28 '16 at 17:57

ChiseledAbs

42

votes

4 answers

Purpose of outer key in HMAC

From what I know, the HMAC constructions has two strength: It's resistant to length extensions Since the key is consumed before the message, the attacker does not know the initial state, preventing simple collision attacks. But the simple…

mac hmac length-extension

asked Jul 26 '12 at 18:31

CodesInChaos

25,121
2
90
129

42

votes

2 answers

Are there any known collisions for the SHA (1 & 2) family of hash functions?

Are there any known collisions for the hash functions SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512? By that, I mean are there known values of $a$ and $b$ where $F(a) = F(b)$ and $a ≠ b$?

hash collision-resistance sha-1 sha-2

asked Jun 25 '12 at 17:35

Pacerier

1,265
2
10
16

42

votes

3 answers

What are preimage resistance and collision resistance, and how can the lack thereof be exploited?

What is "preimage resistance", and how can the lack thereof be exploited? How is this different from collision resistance, and are there any known preimage attacks that would be considered feasible?

hash collision-resistance security-definition preimage-resistance

asked Nov 12 '11 at 01:07

John Gietzen

1,515
2
15
16

41

votes

4 answers

After 20 years of AES, what are the retrospective changes that should have been made?

I realize that this could be very opinion based, but I feel that there should be some solid information on AES at this point that could be referenced. After 20 years, I expect that there should be a "woulda, coulda, shoulda" list somewhere. For…

aes

asked Jan 18 '21 at 13:47

b degnan

5,110
1
27
49

41

votes

2 answers

Elliptic curve ed25519 vs ed448 - Differences

Other than key size, What are some differences between the Elliptic curve ed25519 and ed448?

ed25519 ed448

asked Feb 20 '19 at 10:00

Nathan Aw

2,357
3
18
22

41

votes

4 answers

How can hashes be unique if they are limited in number?

I'm curious, how can for example SHA-256 be unique if there are only a limited number of them?! For clarification: how many MD5 hashes are there? $16^{32}$ MD5 hashes can be produced. $16^{64}$ SHA-256 hashes can be produced. while there are…

hash collision-resistance sha-256 md5 sha-512

asked Apr 08 '18 at 22:27

M D P

529
1
4
6

41

votes

2 answers

What's the difference between RSA and Diffie-Hellman?

I've been reading the same thing on a lot of websites: RSA is for communication using the public and private key for both the server and client, whereas Diffie-Hellman is just for exchanging the same secret key that will then be used for both…

rsa diffie-hellman tls

asked Dec 09 '16 at 17:16

user3407319

515
1
6
8

41

votes

4 answers

What is difference between PRG, PRF, and PRP

Until what I have gotten is: A PRG is generator is a part of PRF that produces pseudo-random values for the function. PRF is semantically secure and has no worries of being invertible. Fine, then where is PRP used? What is PRP, where it comes to,…

pseudo-random-function pseudo-random-generator

asked Sep 23 '12 at 19:14

Khunshan Ahmad

427
1
4
3

41

votes

5 answers

In RSA, how does the CPU deal with this huge modulus (8192 bits)?

Whilst I understand how the RSA algorithm works, I don't understand how the CPU operates when it needs to use the mod function with a huge number $n$, for example. $n = 8192$ bits; $c = m^e \mod n$; In essence my question is how does the CPU deal…

rsa implementation cpu

asked May 26 '16 at 08:55

artless-person

625
2
6
9

41

votes

5 answers

Galois fields in cryptography

I don't really understand Galois fields, but I've noticed they're used a lot in crypto. I tried to read into them, but quickly got lost in the mess of heiroglyphs and alien terms. I understand they're sets of the form $GF(p^n)$ for $n\geq1$ where…

number-theory finite-field

asked May 24 '12 at 22:36

Polynomial

3,577
4
30
45

Most Popular