Highest Voted Questions - Cryptography Stack Exchange

121

votes

7 answers

Taking advantage of one-time pad key reuse?

Suppose Alice wants to send encryptions (under a one-time pad) of $m_1$ and $m_2$ to Bob over a public channel. Alice and Bob have a shared key $k$; however, both messages are the same length as the key $k$. Since Alice is extraordinary lazy (and…

asked Jul 13 '11 at 03:24

Elliott

1,681
3
15
9

117

votes

4 answers

How should I calculate the entropy of a password?

If part of the password is a whole regular English word, does the entropy of that part depend on the number of English words in existence, the number of English words known by the choosing algorithm, the number of English words assumed by the…

asked Aug 11 '11 at 06:03

this.josh

1,977
4
15
13

106

votes

3 answers

Why haven't any SHA-256 collisions been found yet?

I've been thinking about this for a few days, a SHA-256 algorithm outputs 64 characters which can either be a lowercase letter or a number from 0-9. Which should mean that there are 64^36 distinct SHA-256 results. How has a collision never been…

asked May 29 '17 at 16:43

ninesalt

1,195
2
9
7

104

votes

3 answers

If WhatsApp cannot read our message, how can the media forwarding happen in an instant?

WhatsApp says even the photos shared on its platform are end-to-end encrypted. When WhatsApp says encrypted I assume the data is encrypted in my device and then sent across to the recipient. When we are sending a photo for the first time we can see…

encryption

asked Apr 18 '18 at 06:13

0xAB1E

973
2
6
7

104

votes

2 answers

What is the new attack on SHA-1 "SHAttered" and how does it work?

There's a new recent Attack on SHA-1 named "SHAttered" by Google and some researchers. I understand that it uses some fancy new techniques, but not the details. My question is: How? How does the attack work (on a high level)? How does it compare to…

asked Feb 23 '17 at 13:40

SEJPM

45,967
7
99
205

99

votes

1 answer

What is the difference between PKCS#5 padding and PKCS#7 padding

One runtime platform provides an API that supplies PKCS#5 padding for block cipher modes such as ECB and CBC. These modes have been defined for the triple DES, AES and Blowfish block ciphers. The other platform API only provides PKCS#7 padding. Are…

asked Jul 04 '13 at 21:18

Maarten Bodewes

92,551
13
161
313

98

votes

6 answers

How can I generate large prime numbers for RSA?

What is the currently industry-standard algorithm used to generate large prime numbers to be used in RSA encryption? I'm aware that I can find any number of articles on the Internet that explain how the RSA algorithm works to encrypt and decrypt…

asked Jul 13 '11 at 10:10

Lukman

1,387
1
12
10

97

votes

4 answers

Does Schnorr's 2021 factoring method show that the RSA cryptosystem is not secure?

Claus Peter Schnorr recently posted a 12-page factoring method by SVP algorithms. Is it correct? It says that the algorithm factors integers $N \approx 2^{400}$ and $N \approx 2^{800}$ by $4.2 \cdot 10^{9}$ and $8.4 \cdot 10^{10}$ arithmetic…

asked Mar 03 '21 at 01:40

Blanco

1,622
1
10
20

97

votes

2 answers

What is the "Random Oracle Model" and why is it controversial?

What is the "Random Oracle Model"? Is it an "assumption" akin to the hardness of factoring and discrete log? Or something else? And why do some researchers have a strong distrust of this model?

asked Sep 30 '11 at 15:38

Fixee

4,158
2
25
39

96

votes

3 answers

How does RSA signature verification work?

I understand how the RSA algorithm works for encryption and decryption purposes but I don't get how signing is done. Here's what I (think) I know and is common practice: If I have a message that I want to sign, I don't sign the message itself but I…

asked Aug 21 '13 at 11:47

Krumelur

1,175
2
10
7

96

votes

2 answers

Why doesn't SSH use TLS?

Most cryptographically protected protocols use TLS these days. This applies to mail protocols, HTTP and many others. The newly designed QUIC has also adopted TLS as its cryptography layer. However, SSH is different: it has its own cryptography…

asked Jun 24 '18 at 12:28

juhist

1,247
1
10
12

94

votes

4 answers

Has SHA256 been broken by Treadwell Stanton DuPont?

In a recent press release issued by Treadwell Stanton DuPont, the claim is made that their research laboratories have successfully broken all 64 rounds of the SHA256 hashing algorithm. They further claim that they achieved this milestone a year ago…

asked Sep 11 '19 at 14:55

Gary

853
1
6
12

94

votes

8 answers

How is CipherCloud doing homomorphic encryption?

Much of the literature and latest papers suggest that homomorphic encryption is still not practical yet. How is CipherCloud able to achieve this? Does anyone have an idea? Their website does not provide much information about how their system works.

asked Aug 25 '12 at 15:09

sashank

6,174
4
32
67

92

votes

3 answers

What is the difference between a digest and a hash function?

I was wondering about the difference between these two terms... What is the difference between a digest and a hash function?

asked Sep 01 '17 at 11:48

sekmo

1,031
1
7
7

92

votes

2 answers

What is the difference between CBC and GCM mode?

I am trying to learn more about GCM mode and how it differs from CBC. I already know that GCM provides a MAC, which is used for message authentication. From what I have read and from the code snippets I've seen, GCM does an exclusive-or much like…

asked Apr 08 '12 at 23:20

Bob Bryan

1,283
2
10
11

Most Popular