Highest Voted Questions - Cryptography Stack Exchange

11

votes

1 answer

HD (Hierarchical Deterministic) Keys using Safe Curves?

Bitcoin's HD (Hierarchical Deterministic) Keys as described in BIP32 allow for a master key to be created (a private key and a chain code) such that a tree of both public and private keys can be derived from a master key, each which can have…

asked Dec 17 '15 at 19:42

Christopher Allen

221
1
3

11

votes

0 answers

Why SIVP Is Worst Case Problem?

I just started to study lattice Cryptography. I'm now studying worst-case to average-case reduction for SIS. In previous question, "worst means any and average means random". And I wonder why the Shortest Independent Vectors Problem(SIVP) is the…

lattice-crypto

asked Dec 17 '15 at 06:46

Jonghyun Kim

477
2
8

11

votes

1 answer

How to tell if a hardware RNG is rigged?

On a related note of building my own RNG, as someone suggested to use several commericial solutions how can I check if it is rigged against me? (although I am still strongly biased to a homebrew solution that is designed to be hard to subvert,…

asked Dec 14 '15 at 11:33

Maxthon Chan

558
3
12

11

votes

1 answer

Structure for an introductory course on cryptography?

Many introductory courses on cryptography have their treatment of secret-key crypto start with OTP, then block ciphers, and for public-key cryptography revolve around RSA with no notion of padding (some even have matching exercises showcasing…

pedagogy

asked Dec 12 '15 at 17:40

fgrieu

140,762
12
307
587

11

votes

1 answer

Are there comprehensive alternatives to RSA?

If we wished to, is there a comprehensive alternative to RSA? I say comprehensive as I wonder if there is one which does both encryption and digital signature like RSA? If not, simply what alternatives are there?

asked Nov 30 '15 at 14:09

Ali

481
2
6
11

11

votes

4 answers

RSA & DH at risk due to math advances, will this eventually affect elliptic curves too?

I was looking into the predictions by some researchers that RSA and Diffie-Hellman may not be secure in the next few years due to advances in math and being able to calculate the discrete logarithm problem in new ways no longer making them…

asked Nov 30 '15 at 03:38

Jesse

415
1
5
16

11

votes

1 answer

Why do stream ciphers use a nonce?

My question maybe will be stupid, but my problem is that I do not understand why stream ciphers need a key and also a nonce. As far as I understand, the keystream is generated with the nonce. The same key can be reused with a different…

asked Nov 25 '15 at 09:50

robert

253
2
10

11

votes

5 answers

How does generating random numbers "remove entropy from your system"?

In a previous question, I quoted the --gen-random entry in the GPG Man Pages. At the end it says: PLEASE, don’t use this command unless you know what you are doing; it may remove precious entropy from the system! How does that work? I understand…

asked Nov 06 '15 at 14:56

camercu

333
3
10

11

votes

0 answers

What level of security is provided when a Feistel Cipher is used as a round function of another Feistel Cipher?

Recently, I was reading: Are there any specific requirements for the function F in a Feistel cipher?, and the answer posted mentions a Feistel Cipher named Turtle, which uses a four-round Feistel scheme as a round function for a four-round Feistel…

asked Oct 18 '15 at 12:35

user17887

11

votes

2 answers

Whats the point of an IV if public?

What is the point of the initialization vector in cryptographic modes like AES-CBC when it is sent in the public? Cant any attacker just listen and reverse the IV? and as such defeating its purpose? EDIT I already know what has been said here. My…

asked Sep 05 '15 at 18:43

user27551

111
1
3

11

votes

1 answer

Encryption algorithm used in WPA/WPA2

I want to know how EXACTLY the WPA password gets encrypted I have been searching through and I was able to catch: The actual password is converted to some hash Salting is applied to the hash The operation is not reversible The hash comes with the…

asked Sep 05 '15 at 15:55

OverCoder

273
1
2
7

11

votes

3 answers

What is the state of cryptographic obfuscation in 2015?

Cryptographic Obfuscation is a technique that allows one to obfuscate source code in a secure way (as opposed to insecurely mangling it into spaghetti code.) For example, here is a way to protect a piece of data with a password: cipher_text =…

software-obfuscation

asked Sep 01 '15 at 23:29

Christopher King

819
5
19

11

votes

2 answers

K out of N encryption

A friend just showed me how to combine padlocks to achieve a lock that opens when k out of n people turn their keys. I was wondering if there was something similar for encryption; using n or fewer public keys encrypt a piece of data so it can only…

asked Jun 01 '12 at 19:32

Thomas Ahle

211
1
5

11

votes

3 answers

Is full Homomorphic encryption quantum resistant?

Since most of our asymmetric encryption algorithms are going to be out-of-date in a couple of year due to Shor's algorithm, I was wondering about the future of FHE schemes. I have found this paper, which states: "It is impossible to construct…

asked Aug 19 '15 at 20:33

asdf

324
3
10

11

votes

6 answers

Is there any open-source white-box implementation of AES or DES?

I googled it, but got no result. There is a binary executable of a white-box implementation of DES (scroll down), but no source code is provided. The same page also links various papers about white-box cryptography, but these don't contain the…

asked Jul 30 '11 at 14:53

ir01

3,992
3
21
31

Most Popular