Highest Voted Questions - Cryptography Stack Exchange

61

votes

2 answers

What are the advantages of TOTP over HOTP?

HMAC-based One Time Password (HOTP) was published as an informational IETF RFC 4226 in December 2005. In May, 2011, Time-based One-time Password Algorithm (TOTP) officially became RFC 6238. What advantages does it introduce?

asked Mar 29 '12 at 23:34

Jader Dias

723
1
5
7

61

votes

3 answers

Definition of textbook RSA

What is the definition of textbook or "raw" RSA? What are some of the properties of textbook RSA? How does it differ from other schemes based on RSA?

asked Dec 12 '11 at 19:36

Bobby S

1,943
4
23
30

61

votes

4 answers

Why hash the message before signing it with RSA?

The diagram below illustrates the process of digitally signing a message with RSA: As diagram shows, the message is first hashed, and the signature is then computed on the hash, rather than on the full message. Why hash the data before signing it?…

asked Jan 07 '14 at 23:44

evening

1,373
2
15
21

60

votes

4 answers

Difference between stream cipher and block cipher

I read that A typical stream cipher encrypts plaintext one byte at a time, although a stream cipher may be designed to operate on one bit at a time or on units larger than a byte at a time. (Source: Cryptography and Network Security, William…

asked Nov 11 '12 at 14:18

Ravindra Bagale

781
1
8
10

60

votes

2 answers

Understanding the length extension attack

I have been trying to understand exactly how a length extension attack works on SHA-1. I'll detail below what I've understood so far so that I can convey my understanding of the same and hopefully get advice on where I'm going wrong. Let's assume…

asked Oct 07 '12 at 16:00

user114

60

votes

3 answers

"SHA-256" vs "any 256 bits of SHA-512", which is more secure?

In terms of security strength, Is there any difference in using the SHA-256 algorithm vs using any random 256 bits of the output of the SHA-512 algorithm? Similarly, what is the security difference between using SHA-224 and using any random 224 bits…

asked Jul 06 '12 at 05:03

Pacerier

1,255
2
10
16

60

votes

8 answers

How does asymmetric encryption work?

I've always been interested in encryption but I have never found a good explanation (beginners explanation) of how encryption with public key and decryption with private key works. How does it encrypt something with one key and decipher it with…

public-key

asked Aug 03 '11 at 10:18

Senad Meškin

611
1
6
7

60

votes

2 answers

What makes a hash function good for password hashing?

Using a cryptographic hash to store e.g. passwords in a database is considered good practice (as opposed to storing them plaintext), but is subject to attacks on said cryptographic hash, assuming the database is compromised. Which properties of a…

asked Jul 12 '11 at 19:59

You

703
1
5
9

60

votes

6 answers

Why is AES resistant to known-plaintext attacks?

At least it's my understanding that AES isn't affected by known-plaintext. Is it immune to such an attack, or just resistant? Does this vary for chosen-plaintext?

asked Dec 20 '11 at 20:03

Jeff Ferland

805
2
7
10

59

votes

4 answers

Why isn’t SHA-3 in wider use?

SHA-3 was released by NIST just over 4 years ago this week. In my experience it does not seem to be as widely used as I might have expected. I see SHA-2 and even SHA-1 more often. What are your opinions on why this is the case?:

asked Aug 10 '19 at 11:15

RixN

782
1
5
8

59

votes

2 answers

Is the software that uses PGP broken, or is it PGP itself?

PGP is all over the news (even on TV) and there seems to be a lot of confusion about it. For the time being, people face articles like Attention PGP users: new vulnerabilities require you to take action now which tell readers to deactivate their PGP…

asked May 14 '18 at 17:39

e-sushi

17,891
12
83
229

58

votes

2 answers

What is the difference between MAC and HMAC?

In reference to this question, what are the "stronger security properties" that HMAC provides over MAC. I got that MAC requires an IV whereas HMAC doesn't. I also understood that MAC may reveal information about plaintext in contrast to HMAC. Is my…

asked Feb 28 '13 at 20:55

TheRookierLearner

991
1
10
15

58

votes

5 answers

What are the chances that AES-256 encryption is cracked?

I'm currently building a web application and would like to encrypt all data on the back-end. I was thinking of using the AES-256 encryption but wasn't sure how safe it was. I did that math and felt safe. I took this model to a professor at my…

asked Apr 12 '17 at 23:22

Jacob Henning

699
1
7
12

58

votes

2 answers

What advantages does Keccak/SHA-3 have over BLAKE2?

Keccak/SHA-3 is new NIST standard for cryptographic hash functions. However, it is much slower than BLAKE2 in software implementations. Does Keccak have compensating advantages?

asked Jan 04 '16 at 02:48

Demi

4,793
1
19
39

58

votes

3 answers

RSA encryption with private key and decryption with a public key

When using the RSA cryptosystem, does it still work if you instead encrypt with the private key and decrypt with the public key? What about in the case of using RSA for sender authentication?

asked Mar 18 '12 at 16:53

Humam Shbib

735
1
6
4

Most Popular