software developers, mathematicians and others interested in cryptography
Solved Questions
Unsolved Questions
  1. Most Compact Secure Post-Quantum Signatures and Public Keys?

  2. encrypt rsa + sign it
  3. Cross correlation of two Boolean functions

  4. One way function built from AES?

  5. Transparent, publicly updatable accumulator with constant-sized witnesses
  6. shuffle data, eliminate duplicate bytes in group bytes
  7. Key size and finite fields in ECC (References)
  8. How to determine the security in bits of a scheme?
  9. Who's talking to who encryption - does this concept work?

  10. How can we formally define a Pseudo-Random Shuffle function?
  11. What’s the difference between a Fast wide pipe and a Narrow pipe construction?

  12. Why is a nonce used to initialize Hash_DRBG, HMAC_DRBG, and CTR_DRBG?

  13. Why is does the protocol of Ding et al. produce biased bits and does it relate to passive security?

  14. Exact communication of the IPS compiler?

  15. How does the ROCA attack work?

  16. Is there a cryptographic scheme that allows joint encryption using a shared secret?

  17. Differential privacy on multiple queries – what is the behavior?

  18. Role of lHash field in RSAES-OAEP

  19. Question on Tokenization and the need to maintain a value to token lookup
  20. HMAC-SHA256 for hashing of credit card PANs?

  21. Signature for Identity Verificaton on "offline" P2P network
  22. Public Randomness-Based Random Number Generator using Mobile Phone?

  23. Can we calculate AES ciphertext length based on the length of the plaintext?

  24. Attacking a cipher, not knowing what the plaintext should look like – how do you know you’ve successfully decrypted the ciphertext?

  25. Can we prove that an element in a fractal tree traces back to a certain point?
  26. Can we map SHA-256 output bits to fixed-length input bits?

  27. Can you help me understand pairing $e:G \times G \to G_T$ and ( Decision) BDH assumption?
  28. Practical BCrypt plus XOR encryption for small messages
  29. Does a conditional statement depending on a round number introduce timing attack problems?
  30. How do quantum key distribution systems tolerate noise?

  31. RSA - What's to stop someone from using the same ciphertext to mimic private key holder?
  32. Use signed email as method for deriving encryption key

  33. Simple example for CP-ABE (Ciphertext policy attribute-based encryption)
  34. Why does the prover in an interactive proof run in exponential time with the space of the computation?
  35. Should data encrypted in a database have a MAC?
  36. Can I construct a feasible stream cipher out of HMAC and a secure hash algorithm?
  37. What is a formal definition of strong one-time-secure signatures?
  38. What are the major differences between SET and SSL?

  39. Security of a sha-256 based stream xor cipher?

  40. Upper bound of this derivative of counter mode?

  41. Logics for Cryptographic Information Games

  42. What is an approximate length for a digital signature (SHA) in this case?

  43. Prove integer is within the interval [a,b]

  44. How Shannon’s concept of perfect secrecy is linked with mutual information?
  45. RSA: Detecting period of unconcealed messages
  46. Proof of non-membership on a Merkle tree?
  47. How to find the inverse of f(x) in the NTRU key generation?
  48. When adding two points on an elliptic curve, why flip over the x-axis?

  49. Timing vulnerability of byte array equality test?

  50. RSA Timing Attack on "Extra" Montgomery Reduction
  51. Relying on a 4-bit S-box instead of an 8-bit one

  52. Use of symmetric keys rather than asymmetric keys for transport security

  53. What are these small, DRM-like steganographic markings on the pages of this PDF document?

  54. What is the best technique I can use to encrypt inner nodes in B+tree?
  55. Proving membership of a group without revealing identity?

  56. Is there a cryptographic solution to provide a “proof of exclusion”?
  57. DUKPT MAC Variant key
  58. How to cipher bocks with RSA in ECB mode?

  59. Is it possible to verify and relay an encryption key with a trusted but transparent third party?
  60. How are calculated input S-box?
  61. What are the Evaluation Meassures of Public key cryptography algorithm

  62. Alternatives to Diffie Hellman and other Public Key Exchange schemes

  63. Is it possible to attack an SHA-256 hash seeded with PHP’s mt_rand function?

  64. AES S-Box Question

  65. How to decode a caesar that goes to transposed plaintext?

  66. Decrypt TLS traffic
  67. How to break combined Vignere and Columnar Transposition Ciphers with different key lengths
  68. Find the encryption method with 4 encrypted and decrypted message

  69. Proof that this is not a secure pseudorandom function?

  70. Multiple private keys in .key file

  71. What are the correct order of operations for One Time Pad Cipher?

  72. OTP PRNG re-use
  73. Cache Timing Attack SHA-3
  74. How can I calculate non-linearity of an s-box element wise?

  75. Linear Approximation Table of S-Box for SPN
  76. S-box and Side Channel Attacks
  77. Are cryptographic hash functions quantum secure?

  78. Are there any key exchange schemes that only require entropy on one side?

  79. Time to brute-force a SHA256 + Curve25519 secret passphrase
  80. Best (minimum field multiplications) algorithm for elliptic curve addition over a binary field

  81. MTI/A0: modular arithmetic or elliptic curves?

  82. Why is it not possible to use a hashed password to log in?
  83. In what way is KeeLoq a block cipher?

  84. Quantum attack on multiple Diffie-Hellman key exchanges using same group

  85. Is it right that the Bomba can halt, but give you a different settings other than the one Germans really used for encryption using an Enigma?

  86. Finding length of a key for a given vigenere cipher using Index of Coincidence
  87. How can I calculate the entropy of an image?

  88. Is it possible to assume that the adversary is not allowed to make an all zero plaintext query in IND-CPA?

  89. Pseudorandom Generator Behavior
  90. Does this PBKDF2-SHA1 payload hint at a cryptographic security issue?

  91. What is the difference between Argon2d and Argon2i?

  92. Argon2i versus Argon2d?

  93. Challenge / Response to Prevent Replay Attack - Using nonce as challenge
  94. Where can I track the time/money it would take to break common encryption

  95. What are the odds of collisions for a hash function with 256-bit output?

  96. Is there a quick way to know the length of a message hashed using SHA3?

  97. Polyalphabetic cipher

  98. What is the special property that an Abelian group must satisfy that a non-Abelian group does not need to satisfy?

  99. Secure multiparty sum computation corruption bound
  100. Ture or false: using session keys via key establishment using a distribution center protects against passive attacks