Highest Voted Questions - Cryptography Stack Exchange

11

votes

3 answers

How well does scrypt perform on different architectures / OSes?

The scrypt algorithm seems to be a prominent feature in the "CPU friendly" Bitcoin clones for the proof-of-labor part. I've heard claims that it's relatively slow on Windows and/or Intel compared to Linux/AMD. Is this true? By how much? Does anyone…

asked Oct 10 '11 at 08:47

ripper234

1,027
1
9
13

11

votes

1 answer

How random is the shared secret in the Diffie Hellman key agreement

How random is the value $ZZ$ in the DH protocol? This question was triggered by this somewhat naïve implementation in I2P shown by Sergei at Stackoverflow. Obviously $ZZ$ is distinguishable from a random oracle, as the first byte will be lower or…

asked Jul 24 '13 at 23:45

Maarten Bodewes

92,551
13
161
313

11

votes

3 answers

Common Classical Ciphers

When studying cryptography, the first thing every student learns is some historical ciphers. There are way too many of those ciphers to name them all. So my question is: What are the most important classical ciphers (every cryptographer should have…

asked Aug 06 '21 at 09:51

Titanlord

2,244
11
31

11

votes

5 answers

Why are finite fields so important in cryptography?

I am just getting into cryptography and currently learning by trying to implement some crypto algorithms. Currently implementing the Shamir secret sharing algorithm, what I have noticed is that finite fields keep coming up. I just don't understand…

finite-field

asked Jun 19 '21 at 18:48

iammadab

121
1
6

11

votes

2 answers

How does SafeNet MobilePASS generate passwords?

We use MobilePASS at work but the latest version of the android client seems to be buggy so I wanted to have a go at implementing the algorithm myself. You can download the client to play with here:…

asked Jul 11 '13 at 17:05

Dean Reilly

181
1
2
7

11

votes

9 answers

Physical analogue for MACs

What would be a good analogue with which to describe Message Authentication Codes to a person who has little to no understanding of cryptography? For instance, a vault is a reasonable analogue for symmetric authenticated encryption: anyone with the…

mac

asked Jul 09 '13 at 01:27

Stephen Touset

11,002
1
38
53

11

votes

1 answer

Relation between attack and attack model for signatures

What is the relationship between an attack and an attack model? For example, let $\Pi$ be the Lamport signature scheme. This signature has its security based on any one-way function. The Grover algorithm, an attack, inverts this function with…

asked Jul 05 '13 at 23:40

juaninf

2,701
2
18
28

11

votes

2 answers

Random data CBC padding scheme?

When using AES in CBC mode, padding is required when the last plaintext block has not the length required by the cipher. Let's say $k$ mode bytes would be required to fill the block. My idea was to pad the last block with $k-1$ random bytes followed…

asked May 23 '21 at 13:00

HerpDerpington

233
2
6

11

votes

5 answers

Radioactive Decay, Gaussian or Uniform?

I'm trying to understand the nature of true randomness. I'm building an RNG using a radioactive source. Basically, I'm measuring the time between consecutive decays which in theory should be unpredictable. The distribution of these time measurements…

asked Jan 05 '21 at 19:55

rdkylp

111
1
5

11

votes

2 answers

How do zero knowledge protocol with vertex-3-coloring work?

I'm currently not sure if I understood how the zero knowledge protocol with vertex-3-coloring works. I'll describe what I think I've understood and I'll write my questions in bold. Zero-knowledge-protocols in general What are they good for? What is…

zero-knowledge-proofs

asked Jun 14 '13 at 13:40

Martin Thoma

239
2
8

11

votes

1 answer

ECIES vs. RSA + AES

I am confused about the distinction between RSA and ECC (Elliptic curve) regarding encryption and would appreciate it if someone could confirm whether my understanding is correct. To encrypt a large file using RSA: Generate a random symmetric…

asked Dec 03 '20 at 04:16

Vlad

569
1
4
12

11

votes

2 answers

Why are bitwise rotations used in cryptography?

Any understanding I have of cryptography stops right around the cipher level. As such, I'm just curious as to why bit shifts and moreover circular bit shift are so prevalent in cryptography.

cryptanalysis

asked Jun 02 '13 at 01:53

Jeff

263
2
8

11

votes

2 answers

Combining LFSRs for Stream Ciphers: Why do we need high non-linearity?

Linear Feedback Shift Registers (LFSRs) can be excellent (efficient, fast, and with good statistial properties) pseudo-random generators. Many stream ciphers are based on LFSRs and one of the possible designs of such stream ciphers is combining…

asked May 10 '13 at 20:04

geo909

387
3
11

11

votes

1 answer

Should I use self generated or predefined RFC 7919 DH groups?

On a wiki page, archived by now, Mozilla switched from recommending self generated DH groups to the ones predefinded in RFC 7919. The recommendation was accompanied by the statement These groups are audited and may be more resistant to attacks…

diffie-hellman

asked Jul 20 '20 at 14:13

wedi

211
1
5

11

votes

1 answer

What is this problem called and is it hard? given $g^x$ output ($g^y, xy$)

Assume that $G$ is any cyclic group where the discrete log problem is hard, such as the elliptic curve group. Let $g$ be some generator of $G$. The problem is as follows: Given $(g, g^x)$ for unknown $x$, output any pair of the form $(g^y, xy)$ for…

asked Jul 07 '20 at 19:58

Jus12

1,659
1
12
21

Most Popular