Highest Voted Questions - Cryptography Stack Exchange

41

votes

5 answers

In RSA, how does the CPU deal with this huge modulus (8192 bits)?

Whilst I understand how the RSA algorithm works, I don't understand how the CPU operates when it needs to use the mod function with a huge number $n$, for example. $n = 8192$ bits; $c = m^e \mod n$; In essence my question is how does the CPU deal…

asked May 26 '16 at 08:55

artless-person

615
1
6
9

41

votes

2 answers

Are there any known collisions for the SHA (1 & 2) family of hash functions?

Are there any known collisions for the hash functions SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512? By that, I mean are there known values of $a$ and $b$ where $F(a) = F(b)$ and $a ≠ b$?

asked Jun 25 '12 at 17:35

Pacerier

1,255
2
10
16

41

votes

2 answers

Why do we use encrypt-decrypt-encrypt (EDE) in 3DES, rather than encrypting three times?

I'm wondering why we use encrypt-decrypt-encrypt (EDE) sequence in 3DES (also known as DES-EDE, TDES or TDEA) with three keys instead of three times encryption (EEE) with three different keys?

asked Mar 09 '12 at 13:45

alaamub

583
1
5
6

41

votes

3 answers

What are preimage resistance and collision resistance, and how can the lack thereof be exploited?

What is "preimage resistance", and how can the lack thereof be exploited? How is this different from collision resistance, and are there any known preimage attacks that would be considered feasible?

asked Nov 12 '11 at 01:07

John Gietzen

1,505
2
15
16

40

votes

1 answer

RIPEMD versus SHA-x, what are the main pros and cons?

RIPEMD is a family of cryptographic hash functions, meaning it competes for roughly the same uses as MD5, SHA-1 & SHA-256 do. The Wikipedia page for RIPEMD seems to have some nice things to say about it: "designed in the open academic…

asked Oct 12 '11 at 14:28

user950

40

votes

4 answers

After 20 years of AES, what are the retrospective changes that should have been made?

I realize that this could be very opinion based, but I feel that there should be some solid information on AES at this point that could be referenced. After 20 years, I expect that there should be a "woulda, coulda, shoulda" list somewhere. For…

aes

asked Jan 18 '21 at 13:47

b degnan

4,810
1
24
48

40

votes

2 answers

Is AES-256 a post-quantum secure cipher or not?

We know Grover's algorithm speedup brute-force attacks two times faster in block ciphers (e.g brute-forcing 128-bit keys take $2^{64}$ operations, not $2^{128}$). That explains why we are using 256-bit keys to encrypt top secrets. But latest…

asked Mar 16 '13 at 15:28

AES256

417
1
4
4

40

votes

4 answers

Calculating RSA private exponent when given public exponent and the modulus factors using extended Euclid

When given $p = 5, q = 11, N = 55$ and $e = 17$, I'm trying to compute the RSA private key $d$. I can calculate $\varphi(N) = 40$, but my lecturer then says to use the extended Euclidean algorithm to compute $d$. That's where I get stuck. Here's my…

asked Jan 03 '13 at 13:22

DougalMaguire

511
1
5
6

40

votes

1 answer

What is “Fast Prime”?

In this note, the manufacturer of a RSA key generation gizmo vulnerable to the new ROCA attack (see second section) explains that it is common practice to employ acceleration algorithms in order to generate key pairs, especially if time resources…

asked Oct 16 '17 at 17:24

fgrieu

140,762
12
307
587

40

votes

2 answers

How does hashing twice protect against birthday attacks?

The bitcoin wiki says: Bitcoin is using two hash iterations (denoted SHA256^2 ie "SHA256 function squared") and the reason for this relates to a partial attack on the smaller but related SHA1 hash. SHA1's resistance to birthday attacks has been…

asked Jan 05 '17 at 16:25

4nt

503
1
4
5

40

votes

8 answers

Simply put, what does “perfect secrecy” mean?

I would like to ask for a clear (but maybe not so deep) explanation of what the term "perfect secrecy" means. As far as I have researched and understood, it has to do with probabilities of assuming that a certain variable will be the key for a…

asked Sep 28 '12 at 02:05

Emyr

551
1
5
6

40

votes

4 answers

What is difference between PRG, PRF, and PRP

Until what I have gotten is: A PRG is generator is a part of PRF that produces pseudo-random values for the function. PRF is semantically secure and has no worries of being invertible. Fine, then where is PRP used? What is PRP, where it comes to,…

asked Sep 23 '12 at 19:14

Khunshan Ahmad

417
1
4
3

40

votes

2 answers

How does order-preserving encryption work?

Order-preserving encryption (OPE) is, apparently, a method of encrypting data so that it's possible to make efficient inequality comparisons on the encrypted items without decrypting them. I've been coming across this term in various places…

asked Sep 17 '12 at 22:22

Ilmari Karonen

46,120
5
105
181

40

votes

1 answer

What is Attribute Based Encryption?

Can someone explain what attribute based encryption is? I was searching for a book or something that can help me in this regard but so far I have found none. Google also returns practically nothing aside from the papers.

asked Jun 25 '14 at 21:09

Mark

403
1
4
4

40

votes

5 answers

What is the difference between CSPRNG and PRNG?

What is the difference between CSPRNG and PRNG? Is there performance differential between them? For example: We use PRNG for key generation which is very expensive and CSPRNG for IV/nonce in block ciphers which is fast? What is the difference…

asked Dec 18 '13 at 16:59

randomness

413
1
4
4

Most Popular