<we><edit> <!-- questions and answers -->
sha-1
reference-request
sha-256
padding
gcm
complexity
key-exchange
keys
finite-field
factoring
key-size
cbc-mac
implementation
openssl
key-derivation
post-quantum-cryptography
stream-cipher
hash
permutation
signature
md5
algorithm-design
one-time-pad
zero-knowledge-proofs
des
cryptanalysis
Decryption of a file encrypted by pseudo-random number generator (The Linear Congruence rand()
encryption
cryptanalysis
stream-cipher
pseudo-random-generator
attack
Successful Cryptanalysis Research/Attacks on Zero-Knowledge Proofs?
cryptanalysis
Elliptic curve representation
encryption
cryptanalysis
elliptic-curves
discrete-logarithm
Will this Cryptosystem Works?
encryption
cryptanalysis
cryptographic-hardware
affine-cipher
How cryptographically secure was the original WW2 Enigma machine, from a modern viewpoint?
encryption
cryptanalysis
history
enigma
help with ciphertext with no obvious key
cryptanalysis
vigenere
Cryptanalys of "bad" RC4 implementation
encryption
cryptanalysis
key-recovery
message-recovery
UOV signature scheme, how does the affine transformation work? What does the composition of the core map and the affine map yield?
public-key
cryptanalysis
post-quantum-cryptography
matrix-multiplication
A name for “word fingerprints” (technique for breaking monoalphabetic substitutional ciphers)
cryptanalysis
substitution-cipher
Cracking stream cipher with IV
encryption
cryptanalysis
stream-cipher
decryption-oracle
How to break a columnar transposition cipher?
encryption
cryptanalysis
classical-cipher
transposition-cipher
Are there two known strings which have the same MD5 hash value?
hash
cryptanalysis
collision-resistance
md5
Using XL Algorithm to solve overdetermined systems, simple example required
cryptanalysis
implementation
post-quantum-cryptography
quantum-cryptography
algebraic-attack
Developing algorithm for detecting plain text via frequency analysis
cryptanalysis
reference-request
frequency-analysis
Explaining why messages are vulnerable
encryption
rsa
cryptanalysis
prime-numbers
How can non-nothing-up-my-sleeve numbers be used to exploit an algorithm?
cryptanalysis
algorithm-design
What informal indicators exist for estimating the computational infeasibility of cryptographic problems?
cryptanalysis
attack
history
Breaking a XOR cipher of known key length
cryptanalysis
xor
vigenere
Need an XL Algorithm example
cryptanalysis
quantum-cryptography
algebraic-attack
Basic attacks on McEliece; finding S and P
public-key
cryptanalysis
post-quantum-cryptography
mceliece
attack
Applicability of IBM's projected 50-qubit quantum computer Q to cryptanalysis?
cryptanalysis
quantum-cryptography
number of active s-boxes in a block cipher?
cryptanalysis
block-cipher
s-boxes
Shanks's Babystep Giantstep Algorithm running time BigO
cryptanalysis
Difference between one-level and two-level E0 encryption
cryptanalysis
stream-cipher
lfsr
What is the best way to put a backdoor in an encryption system?
encryption
cryptanalysis
algorithm-design
backdoors
Current day memory capabilities for cryptanalysis?
encryption
cryptanalysis
Should the identity of a sender be verified using additional means, or does a MAC suffice?
encryption
cryptanalysis
authentication
mac
integrity
Does secure LWE implementation leak bit information?
rsa
cryptanalysis
discrete-logarithm
post-quantum-cryptography
lwe
prove that the constructions are still PRF according to the definition
cryptanalysis
block-cipher
pseudo-random-generator
pseudo-random-function
Matsui's paper on linear cryptanalysis - unexplained formula in Lemma 2
cryptanalysis
linear-cryptanalysis
Playfair Cipher decryption
cryptanalysis
playfair
Cryptanalysis - Brute force
encryption
cryptanalysis
brute-force-attack
RC4: Find the complete plain text of a ciphertext when we know part of the plaintext
cryptanalysis
rc4
crc
message-recovery
Name of a Method
cryptanalysis
How does a padding oracle attack work?
cryptanalysis
chosen-ciphertext-attack
padding-oracle
What weak symmetric cryptographic algorithms shall I use to educate myself about cryptoanalysis methods?
cryptanalysis
education
Key recovery after AES-ECB encryption of two blocks with some known plaintext/ciphertext
aes
cryptanalysis
ecb
password-based-encryption
linear-cryptanalysis
Why is it inadvisable to increase the number of rounds or using a larger block size to a published(standardized) block cipher such as AES?
rsa
aes
cryptanalysis
block-cipher
post-quantum-cryptography
How do I find the key of the Vigenere cipher is if I already know the key length?
cryptanalysis
vigenere
I think PBKDF2 may be better than Scrypt? Looking for someone to point out my logical error
hash
cryptanalysis
pbkdf-2
sha-512
scrypt
Determining linearity of a function using linear approximation table (LAT)
cryptanalysis
linear-cryptanalysis
Now that quantum computers have been out for a while, has RSA been cracked?
rsa
cryptanalysis
post-quantum-cryptography
Can I use a key twice if the message is longer than the key in one-time pad?
encryption
cryptanalysis
one-time-pad
Find the Special DES key
cryptanalysis
des
Modifying an Enigma machine to allow unchanged letters
encryption
cryptanalysis
cryptographic-hardware
enigma
Cryptography Basics
encryption
cryptanalysis
Are there any tools for expressing the cipher operations as a system of equations?
cryptanalysis
algebraic-attack
Why is the slide attack called a generic attack if it depends on each round being the same?
cryptanalysis
Has any crypto hash function been proven to be surjective?
hash
cryptanalysis
algorithm-design
Is rekeying attack the same as related-key attack?
cryptanalysis
attack
Using Keccak permutation as a block cipher
cryptanalysis
block-cipher
keccak
Possible ways to crack simple hand ciphers?
cryptanalysis
classical-cipher
substitution-cipher
How to decode a caesar that goes to transposed plaintext?
cryptanalysis
classical-cipher
substitution-cipher
vigenere
If you SHA something that already has work put into it, is it still safe?
hash
cryptanalysis
Is it right that the Bomba can halt, but give you a different settings other than the one Germans really used for encryption using an Enigma?
cryptanalysis
enigma
Can it be proven that my home-brewed hash function is not LESS secure than a known good hash function it leverages?
hash
cryptanalysis
How to forge Schnorr signatures if you can guess the challenge
cryptanalysis
zero-knowledge-proofs
schnorr-signature
schnorr-identification
Diffie-Hellman problem: is DH still secure if $g^{a^2}$ is known?
encryption
public-key
cryptanalysis
diffie-hellman
discrete-logarithm
AES-256 9 round related key attack - getting possible state differences
aes
cryptanalysis
What quality would an interactive proof executed many times sequentially have that makes it zero knowledge that one executed in parallel would not?
cryptanalysis
signature
zero-knowledge-proofs
Is 80 bits of key size considered safe against brute force attacks?
cryptanalysis
brute-force-attack
key-size
Is Discrete Logarithmic assumption enough to design a secure searchable encryption scheme?
public-key
cryptanalysis
provable-security
discrete-logarithm
searchable-encryption
Are 80-bit keys considered secure as of late-2017?
cryptanalysis
keys
brute-force-attack
key-size
Security implications of using hash as a MAC
hash
cryptanalysis
authentication
How can we add real values using GF field?
encryption
cryptanalysis
random-number-generator
homomorphic-encryption
Attacking a cipher, not knowing what the plaintext should look like – how do you know you’ve successfully decrypted the ciphertext?
encryption
cryptanalysis
Is it possible to attack an SHA-256 hash seeded with PHP’s mt_rand function?
cryptanalysis
algorithm-design
random-number-generator
implementation
sha-256
Proof that this is not a secure pseudorandom function?
cryptanalysis
algorithm-design
pseudo-random-function
How can I calculate non-linearity of an s-box element wise?
encryption
aes
cryptanalysis
authenticated-encryption
statistical-test
Is it possible to assume that the adversary is not allowed to make an all zero plaintext query in IND-CPA?
encryption
cryptanalysis
chosen-plaintext-attack
semantic-security
Is there a quick way to know the length of a message hashed using SHA3?
hash
cryptanalysis
implementation
sha-1
sha-3
Is it possible to actually verify a “sponge function” security claim?
hash
cryptanalysis
collision-resistance
sha-3
sponge
Analysis of Repeatedly Enciphered Plaintext using Same Algorithm / Key?
cryptanalysis
Risks of full length KCV (components and full keys)?
cryptanalysis
keys
attack
key-check-value
how to calculate the non linearity of each element of s box?
cryptanalysis
What if we increase the key length of DES and use ECB Mode, then will we get the different output as ECB mode encrypt with the same key?
encryption
cryptanalysis
block-cipher
des
ecb
Cryptanalysis on block cipher (What is exactly a zero correlation attack?)
cryptanalysis
block-cipher
algorithm-design
linear-cryptanalysis
how to implement non linearity criterea on s box to find non linearity of tha s plz explain .p
cryptanalysis
Why can an arbitrary compression function mapping $\{0,1\}^{m+2^m} \rightarrow \{0,1\}^m$ not seriously be considered collision resistant?
cryptanalysis
algorithm-design
collision-resistance
compression
merkle-damgaard
Jumblar: Using map locations as passwords
cryptanalysis
passwords
Stuck on an affine cipher exercise
cryptanalysis
affine-cipher
Semantic security IND-CPA of Affine Hill Cipher
encryption
cryptanalysis
homomorphic-encryption
chosen-plaintext-attack
Known Plaintext Attack A5/2
cryptanalysis
stream-cipher
known-plaintext-attack
linear-cryptanalysis
Why should the factors $p,q$ of $n$ be half the bit length of $n$ in RSA?
encryption
rsa
public-key
cryptanalysis
key-size
How is a "SHA256 reduced by X of Y rounds" built?
hash
sha-256
cryptanalysis
Can you help me understand Pollard's rho example?
cryptanalysis
attack
algorithm-design
pollard-rho
What rule(s) for a good S-box is this one violating and how does it relate to non-linearity etc.?
cryptanalysis
s-boxes
Quantative criteria to measure confusion and diffusion property of encryption algorithm
encryption
cryptanalysis
How can I identify the linear equations for a block cipher with 4 different s-boxes?
cryptanalysis
block-cipher
linear-cryptanalysis
What are the relations between cryptanalysis of block ciphers such as AES and Kendall's tau coefficient?
aes
cryptanalysis
block-cipher
nsa
Why the permutation of the right hand rotor given in Rejewski's paper is $PNP^{-1}$?
cryptanalysis
enigma
Break simplified DES
encryption
cryptanalysis
des
XORing to detect decrypted value?
cryptanalysis
xor
Can/Which encryption algorithms be daisy chained to create a cryptographic computational puzzle?
encryption
cryptanalysis
proof-of-work
Why was the Navajo code not broken by the Japanese in WWII?
encryption
cryptanalysis
classical-cipher
history
Homogenous vs heterogeneous unbalanced Feistel networks?
encryption
cryptanalysis
algorithm-design
symmetric
feistel-network
AES: a question about dual ciphers and security
aes
cryptanalysis
algorithm-design
side-channel-attack
Kerckhoffs’ principles – Why should I make my cipher public?
cryptanalysis
protocol-design
algorithm-design
terminology
List of security protocols that have been proved to have bugs using formal methods
cryptanalysis
protocol-analysis
how long does the cycle length have to be in stream ciphers?
cryptanalysis
stream-cipher