Cryptography Stack Exchange
Cryptography Stack Exchange

Most Popular

more tags
1500 questions
11
votes
4 answers

RSA & DH at risk due to math advances, will this eventually affect elliptic curves too?

I was looking into the predictions by some researchers that RSA and Diffie-Hellman may not be secure in the next few years due to advances in math and being able to calculate the discrete logarithm problem in new ways no longer making them…
Jesse
  • 415
  • 1
  • 5
  • 16
11
votes
5 answers

How does generating random numbers "remove entropy from your system"?

In a previous question, I quoted the --gen-random entry in the GPG Man Pages. At the end it says: PLEASE, don’t use this command unless you know what you are doing; it may remove precious entropy from the system! How does that work? I understand…
camercu
  • 343
  • 3
  • 10
11
votes
1 answer

Is there any reason not to use Single-Key EM with AES and a constant key?

I've read recently the paper "Minimalism in Cryptography: The Even-Mansour Scheme Revisited" by Dunkelman, Keller and Shamir where it is claimed that the following construction (Single-Key EM) is secure: $$C=K\oplus E(P\oplus K)$$ with $E$ being a…
SEJPM
  • 46,697
  • 9
  • 103
  • 214
11
votes
0 answers

What level of security is provided when a Feistel Cipher is used as a round function of another Feistel Cipher?

Recently, I was reading: Are there any specific requirements for the function F in a Feistel cipher?, and the answer posted mentions a Feistel Cipher named Turtle, which uses a four-round Feistel scheme as a round function for a four-round Feistel…
user17887
11
votes
1 answer

Encryption algorithm used in WPA/WPA2

I want to know how EXACTLY the WPA password gets encrypted I have been searching through and I was able to catch: The actual password is converted to some hash Salting is applied to the hash The operation is not reversible The hash comes with the…
OverCoder
  • 273
  • 1
  • 3
  • 7
11
votes
2 answers

How to derive a symmetric key from ECDH shared secret?

I am trying to implement the internal primitives of ECDH. Currently I'm able to multiply the receiver's public EC point with the sender's private key to arrive at the shared EC point. Next step is to input the x-coordinate of the shared point which…
sce
  • 267
  • 2
  • 7
11
votes
1 answer

Why can ssh-keygen export a public key in PEM PKCS8 format?

In the documentation of ssh-keygen (man ssh-keygen) it says for the option -m that an export to the format “PKCS8” (PEM PKCS8 public key) is possible. That works, and I can read the files using openssl. But the thing that really confuses me: isn't…
Edward
  • 211
  • 1
  • 2
  • 5
11
votes
3 answers

What is the state of cryptographic obfuscation in 2015?

Cryptographic Obfuscation is a technique that allows one to obfuscate source code in a secure way (as opposed to insecurely mangling it into spaghetti code.) For example, here is a way to protect a piece of data with a password: cipher_text =…
Christopher King
  • 839
  • 5
  • 20
11
votes
3 answers

Is full Homomorphic encryption quantum resistant?

Since most of our asymmetric encryption algorithms are going to be out-of-date in a couple of year due to Shor's algorithm, I was wondering about the future of FHE schemes. I have found this paper, which states: "It is impossible to construct…
asdf
  • 324
  • 3
  • 11
11
votes
6 answers

Is there any open-source white-box implementation of AES or DES?

I googled it, but got no result. There is a binary executable of a white-box implementation of DES (scroll down), but no source code is provided. The same page also links various papers about white-box cryptography, but these don't contain the…
ir01
  • 4,092
  • 3
  • 22
  • 31
11
votes
2 answers

Which MACs can be converted into a secure unkeyed hash function?

It is known that setting the secret key to a fixed, public value does not make MACs like CBC-MAC or GMAC into secure unkeyed cryptographic hash functions that could be used - for instance - for digital signatures. In other words, the resulting hash…
SquareRootOfTwentyThree
  • 1,755
  • 12
  • 17
11
votes
1 answer

Is quantum key distribution safe against MITM attacks too?

i read this recently: http://www.newscientist.com/article/dn12786-quantum-cryptography-to-protect-swiss-election.html and some parts of this: http://en.wikipedia.org/wiki/Quantum_key_distribution they talk about direct fibre optic cable and…
H M
  • 293
  • 3
  • 8
11
votes
1 answer

Are there any practical attacks that create a printable chosen prefix MD5 collision?

I would like to create two ASCII text messages with the same MD5. Is this possible? If not, is there a similar but less strict attack that could work? Or to rephrase my last question: what are the minimum prerequisites for the message…
user25418
  • 111
  • 3
11
votes
1 answer

Key exchange using ECDH vs ECIES?

I'm a beginner to ECC crypto programming. Can anyone explain to me the difference between using ECDH for shared key exchange and the use of ECIES by encrypting a shared key with the public key of the receiver? I feel that ECIES could also provide…
hab
  • 275
  • 1
  • 6
11
votes
1 answer

Secure content-defined chunking

Intro For deduplication purposes, I need to split a stream of plaintext bytes into variable-sized chunks. The way this is traditionally done is using a rolling hash function defined over some window $w$ (e.g. 48 bytes). This window "slides" along…
Paya
  • 189
  • 10
1 2 3
99
100