Highest Voted Questions - Cryptography Stack Exchange

91

votes

5 answers

Is AES-256 weaker than 192 and 128 bit versions?

From a paper via Schneier on Security's Another AES Attack (emphasis mine): In the case of AES-128, there is no known attack which is faster than the 2128 complexity of exhaustive search. However, AES-192 and AES-256 were recently shown to be…

asked Oct 19 '12 at 22:02

quantumSoup

1,021
1
7
6

90

votes

4 answers

What are the practical differences between 256-bit, 192-bit, and 128-bit AES encryption?

AES has several different variants: AES-128 AES-192 AES-256 But why would someone prefer use one over another?

asked Jul 12 '11 at 19:44

samoz

3,236
3
23
25

89

votes

10 answers

In end-to-end encryption, doesn't the server need to be trusted?

Applications like WhatsApp use end to end encryption. WhatsApp says that only the users share a specific key and no third party can view the messages. But I do not understand how the two users agree on the shared key. It must have been transferred…

asked Dec 19 '17 at 14:30

AV94

1,009
1
8
6

89

votes

8 answers

Guarding against cryptanalytic breakthroughs: combining multiple hash functions

Assume I want to design a protocol (or data format or similar) including some cryptographic hash, and want it to be as future-proof as possible, i.e. I want to avoid that breakthroughs in cryptography make my old data insecure. If I use only one…

asked Jul 29 '11 at 15:52

Paŭlo Ebermann

22,656
7
79
117

87

votes

5 answers

How secure is AES-256?

The cipher AES-256 is used among other places in SSL/TLS across the Internet. It's considered among the top ciphers. In theory it's not crackable since the combinations of keys are massive. Although NSA has categorized this in Suite B, they have…

asked Apr 01 '12 at 16:15

Gustav

1,065
1
9
7

86

votes

11 answers

Is modern encryption needlessly complicated?

RSA, DES, AES, etc., all use (relatively) complicated mathematics to encrypt some message with some key. For each of these methods, there have been several documented vulnerabilities found over the years. Some even believe that there is a…

asked Sep 02 '11 at 03:16

Ozzah

977
1
7
6

83

votes

9 answers

Should I use ECB or CBC encryption mode for my block cipher?

Can someone tell me which mode out of ECB and CBC is better, and how to decide which mode to use? Are there any other modes which are better?

asked Jul 21 '11 at 13:19

midhunhk

1,151
2
13
19

79

votes

3 answers

Impacts of not using RSA exponent of 65537

This RFC says the RSA Exponent should be 65537. Why is that number recommended and what are the theoretical and practical impacts & risks of making that number higher or lower? What are the impacts of making that value a non-Fermat number, or…

asked Jul 01 '12 at 04:25

makerofthings7

2,621
1
20
36

78

votes

1 answer

How easy is it in 2022 to find a SHA1 collision?

Most of the answers I can find date to years back where the first collision(s) were found, but hardware mainly GPUs have progressed a lot in the past few years (with for example the new line of 3090s coming). How easy is it to do so right now?

sha-1

asked Apr 21 '22 at 16:00

Hormoz

789
1
6
11

78

votes

12 answers

Who is responsible for ensuring the trustworthiness of certificate authorities?

Background I am a novice in the field of cryptography and cyber-security, and while studying asymmetric-key encryption, I learned about the potential of a man-in-the-middle attack. To mitigate this threat, people came up with certificate authorities…

asked Dec 05 '19 at 07:38

AlanSTACK

1,305
2
13
13

78

votes

2 answers

What is safer: ZipCrypto or AES-256?

Like in title: which one of these encryption methods (ZipCrypto, AES-256) is more secure and why? I am asking about it because I'd like to know which should be preferred when compressing files with Zip.

asked Sep 13 '12 at 13:55

alex

891
1
8
11

78

votes

5 answers

How are primes generated for RSA?

As I understand it, the RSA algorithm is based on finding two large primes (p and q) and multiplying them. The security aspect is based on the fact that it's difficult to factor it back into p and q. Now, since RSA keys are so large (often 1024 bits…

asked Mar 01 '12 at 12:54

Vilx-

1,095
1
8
11

77

votes

8 answers

How do I explain zero knowledge proof to my 7 year old cousin?

zero-knowledge-proofs

asked Mar 21 '18 at 07:23

Nathan Aw

2,277
3
17
21

77

votes

8 answers

Layman's explanation of encryption backdoors

In the media, I sometimes read about "backdoors" in encryption algorithms. I'd like to understand what such a backdoor actually consists of. Is it: a) a hidden weakness in the math formulas that can cause security to be broken by brute force in a…

asked Feb 17 '16 at 12:11

forthrin

77

votes

3 answers

How does one attack a two-time pad (i.e. one time pad with key reuse)?

My question might appear the same as the question Taking advantage of one-time pad key reuse?, but actually I did read all the answers and none of them helped me with the details I need. I am new to cryptography and my problem is with two time pad…

asked Mar 31 '12 at 22:29

Samer Makary

973
1
8
8

Most Popular