<we><edit> <!-- questions and answers -->
classical-cipher
pbkdf-2
complexity
certificates
provable-security
block-cipher
pgp
hash
ecb
side-channel-attack
group-theory
security-definition
brute-force-attack
protocol-analysis
gcm
attack
lattice-crypto
elgamal-encryption
key-reuse
padding
ctr
cryptographic-hardware
performance
known-plaintext-attack
sha-256
Cryptography
software developers, mathematicians and others interested in cryptography
User
39.214
Votes
141.678
Comments
88.218
Questions
14.610
Answers
18.980
Solved Questions
7.434
Unsolved Questions
1.839
classical-cipher
pbkdf-2
complexity
certificates
provable-security
block-cipher
pgp
hash
ecb
side-channel-attack
group-theory
security-definition
brute-force-attack
protocol-analysis
gcm
attack
lattice-crypto
elgamal-encryption
key-reuse
padding
ctr
cryptographic-hardware
performance
known-plaintext-attack
sha-256
entropy
preimage-resistance
encryption
modes-of-operation
nonce
number-theory
pseudo-random-permutation
authenticated-encryption
chosen-ciphertext-attack
factoring
authentication
signature
password-hashing
xor
tls
elliptic-curves
hmac
secret-sharing
initialization-vector
sha-1
md5
collision-resistance
one-time-pad
randomness
cryptanalysis
modular-arithmetic
zero-knowledge-proofs
vigenere
pseudo-random-generator
permutation
integrity
protocol-design
password-based-encryption
one-way-function
substitution-cipher
sha-3
post-quantum-cryptography
sha-2
stream-cipher
pairings
key-size
pseudo-random-function
multiparty-computation
keys
key-derivation
des
passwords
abe
rc4
discrete-logarithm
cbc-mac
diffie-hellman
mac
rsa
aes
hash-signature
algorithm-design
terminology
random-number-generator
dsa
implementation
s-boxes
reference-request
symmetric
prime-numbers
openssl
public-key
file-encryption
chosen-plaintext-attack
salt
homomorphic-encryption
finite-field
cbc
key-exchange
perfect-secrecy
Most Compact Secure Post-Quantum Signatures and Public Keys?
public-key
signature
post-quantum-cryptography
encrypt rsa + sign it
rsa
Cross correlation of two Boolean functions
encryption
One way function built from AES?
aes
one-way-function
Transparent, publicly updatable accumulator with constant-sized witnesses
accumulators
shuffle data, eliminate duplicate bytes in group bytes
encryption
Key size and finite fields in ECC (References)
elliptic-curves
key-size
finite-field
How to determine the security in bits of a scheme?
security-definition
Who's talking to who encryption - does this concept work?
public-key
onion-routing
How can we formally define a Pseudo-Random Shuffle function?
protocol-design
pseudo-random-generator
pseudo-random-permutation
What’s the difference between a Fast wide pipe and a Narrow pipe construction?
algorithm-design
merkle-damgaard
Why is a nonce used to initialize Hash_DRBG, HMAC_DRBG, and CTR_DRBG?
random-number-generator
nonce
nist
replay-attack
Why is does the protocol of Ding et al. produce biased bits and does it relate to passive security?
protocol-design
lattice-crypto
Exact communication of the IPS compiler?
multiparty-computation
oblivious-transfer
How does the ROCA attack work?
rsa
attack
Is there a cryptographic scheme that allows joint encryption using a shared secret?
encryption
secret-sharing
Differential privacy on multiple queries – what is the behavior?
data-privacy
differential-privacy
Role of lHash field in RSAES-OAEP
rsa
padding
oaep
Question on Tokenization and the need to maintain a value to token lookup
tokenization
HMAC-SHA256 for hashing of credit card PANs?
hash
sha-256
Signature for Identity Verificaton on "offline" P2P network
public-key
signature
Public Randomness-Based Random Number Generator using Mobile Phone?
random-number-generator
randomness
trng
Can we calculate AES ciphertext length based on the length of the plaintext?
aes
cbc
padding
Attacking a cipher, not knowing what the plaintext should look like – how do you know you’ve successfully decrypted the ciphertext?
encryption
cryptanalysis
Can we prove that an element in a fractal tree traces back to a certain point?
hash
Can we map SHA-256 output bits to fixed-length input bits?
sha-256
Can you help me understand pairing $e:G \times G \to G_T$ and ( Decision) BDH assumption?
elliptic-curves
algorithm-design
pairings
Practical BCrypt plus XOR encryption for small messages
xor
bcrypt
Does a conditional statement depending on a round number introduce timing attack problems?
algorithm-design
implementation
timing-attack
How do quantum key distribution systems tolerate noise?
algorithm-design
protocol-design
quantum-cryptography
error-propagation
RSA - What's to stop someone from using the same ciphertext to mimic private key holder?
rsa
protocol-design
Use signed email as method for deriving encryption key
encryption
authentication
key-derivation
Simple example for CP-ABE (Ciphertext policy attribute-based encryption)
pairings
arithmetic
abe
Why does the prover in an interactive proof run in exponential time with the space of the computation?
zero-knowledge-proofs
proof-of-work
verifiability
Should data encrypted in a database have a MAC?
encryption
mac
Can I construct a feasible stream cipher out of HMAC and a secure hash algorithm?
hash
stream-cipher
encryption
What is a formal definition of strong one-time-secure signatures?
hash-signature
What are the major differences between SET and SSL?
tls
Security of a sha-256 based stream xor cipher?
hash
stream-cipher
sha-256
initialization-vector
xor
Upper bound of this derivative of counter mode?
block-cipher
modes-of-operation
ctr
birthday-attack
Logics for Cryptographic Information Games
protocol-analysis
What is an approximate length for a digital signature (SHA) in this case?
signature
sha-2
Prove integer is within the interval [a,b]
hash
How Shannon’s concept of perfect secrecy is linked with mutual information?
perfect-secrecy
RSA: Detecting period of unconcealed messages
encryption
rsa
Proof of non-membership on a Merkle tree?
zero-knowledge-proofs
hash-tree
How to find the inverse of f(x) in the NTRU key generation?
encryption
public-key
post-quantum-cryptography
quantum-cryptography
When adding two points on an elliptic curve, why flip over the x-axis?
elliptic-curves
Timing vulnerability of byte array equality test?
implementation
timing-attack
RSA Timing Attack on "Extra" Montgomery Reduction
rsa
side-channel-attack
timing-attack
Relying on a 4-bit S-box instead of an 8-bit one
s-boxes
Use of symmetric keys rather than asymmetric keys for transport security
keys
symmetric
What are these small, DRM-like steganographic markings on the pages of this PDF document?
steganography
digital-rights-management
What is the best technique I can use to encrypt inner nodes in B+tree?
encryption
Proving membership of a group without revealing identity?
accumulators
homomorphic-signatures
Is there a cryptographic solution to provide a “proof of exclusion”?
signature
zero-knowledge-proofs
DUKPT MAC Variant key
mac
key-derivation
How to cipher bocks with RSA in ECB mode?
rsa
ecb
Is it possible to verify and relay an encryption key with a trusted but transparent third party?
zero-knowledge-proofs
verifiability
How are calculated input S-box?
s-boxes
What are the Evaluation Meassures of Public key cryptography algorithm
encryption
rsa
public-key
cryptanalysis
algorithm-design
Alternatives to Diffie Hellman and other Public Key Exchange schemes
public-key
key-exchange
Is it possible to attack an SHA-256 hash seeded with PHP’s mt_rand function?
cryptanalysis
algorithm-design
random-number-generator
implementation
sha-256
AES S-Box Question
aes
How to decode a caesar that goes to transposed plaintext?
cryptanalysis
classical-cipher
substitution-cipher
vigenere
Decrypt TLS traffic
tls
How to break combined Vignere and Columnar Transposition Ciphers with different key lengths
encryption
Find the encryption method with 4 encrypted and decrypted message
encryption
algorithm
Proof that this is not a secure pseudorandom function?
cryptanalysis
algorithm-design
pseudo-random-function
Multiple private keys in .key file
public-key
tls
What are the correct order of operations for One Time Pad Cipher?
one-time-pad
OTP PRNG re-use
random-number-generator
one-time-pad
key-reuse
Cache Timing Attack SHA-3
implementation
sha-3
timing-attack
keccak
How can I calculate non-linearity of an s-box element wise?
encryption
aes
cryptanalysis
authenticated-encryption
statistical-test
Linear Approximation Table of S-Box for SPN
spn
S-box and Side Channel Attacks
s-boxes
side-channel-attack
Are cryptographic hash functions quantum secure?
hash
post-quantum-cryptography
Are there any key exchange schemes that only require entropy on one side?
key-exchange
randomness
entropy
Time to brute-force a SHA256 + Curve25519 secret passphrase
elliptic-curves
sha-256
Best (minimum field multiplications) algorithm for elliptic curve addition over a binary field
elliptic-curves
implementation
MTI/A0: modular arithmetic or elliptic curves?
keys
key-exchange
Why is it not possible to use a hashed password to log in?
hash
In what way is KeeLoq a block cipher?
block-cipher
stream-cipher
lfsr
Quantum attack on multiple Diffie-Hellman key exchanges using same group
diffie-hellman
Is it right that the Bomba can halt, but give you a different settings other than the one Germans really used for encryption using an Enigma?
cryptanalysis
enigma
Finding length of a key for a given vigenere cipher using Index of Coincidence
key-size
vigenere
How can I calculate the entropy of an image?
entropy
Is it possible to assume that the adversary is not allowed to make an all zero plaintext query in IND-CPA?
encryption
cryptanalysis
chosen-plaintext-attack
semantic-security
Pseudorandom Generator Behavior
pseudo-random-generator
Does this PBKDF2-SHA1 payload hint at a cryptographic security issue?
aes
passwords
pbkdf-2
password-hashing
key-recovery
What is the difference between Argon2d and Argon2i?
encryption
hash
complexity
Argon2i versus Argon2d?
key-derivation
pbkdf-2
argon2
Challenge / Response to Prevent Replay Attack - Using nonce as challenge
protocol-design
authenticated-encryption
chacha
Where can I track the time/money it would take to break common encryption
rsa
aes
brute-force-attack
key-recovery
What are the odds of collisions for a hash function with 256-bit output?
hash
collision-resistance
Is there a quick way to know the length of a message hashed using SHA3?
hash
cryptanalysis
implementation
sha-1
sha-3
Polyalphabetic cipher
encryption
classical-cipher
vigenere
What is the special property that an Abelian group must satisfy that a non-Abelian group does not need to satisfy?
encryption
abe
Secure multiparty sum computation corruption bound
secret-sharing
multiparty-computation
perfect-secrecy
Ture or false: using session keys via key establishment using a distribution center protects against passive attacks
encryption