Highest Voted Questions - Cryptography Stack Exchange

27

votes

3 answers

Why does BitLocker not use RSA?

If understand correctly from this post and the Wikipedia page for BitLocker and TPM, by default, BitLocker uses symmetric cryptography like AES. However, TPM is capable of performing RSA encryption. Given that the RSA key is stored in the TPM, why…

asked Apr 21 '19 at 02:09

user3862410

395
2
6

27

votes

1 answer

What data is saved in RSA private key?

What data is saved in RSA private key in openssl? How to view it? Wikpedia says these variables are saved.

rsa

asked Mar 06 '13 at 02:13

Smit Johnth

1,681
4
17
27

27

votes

2 answers

Why did TLS 1.3 prohibit PGP authentication?

There is a specification, in Informational(!) RFC 6091, for using PGP keys in TLS authentication, although I don’t think it has ever been implemented outside of GnuTLS (it’s certainly not in OpenSSL). Yet the TLS 1.3 RFC 8446 §4.4.2 goes as far as…

asked Nov 13 '18 at 23:31

Alex Shpilkin

370
2
11

27

votes

1 answer

Why hashing twice?

I'm trying to understand the Bitcoin protocol, and sometimes see instructions like this: The TransactionId is defined by SHA256(SHA256(txbytes)) or The hash of the public key is generated by performing a SHA256 hash on the public key, and then…

asked Jul 10 '17 at 09:12

Timur Lemeshko

373
3
6

27

votes

5 answers

What is the post-quantum cryptography alternative to Diffie-Hellman?

Post-quantum cryptography concentrates on cryptographic algorithms that remain secure in the face of large scale quantum computers. In general, the main focus seems to be on public-key encryption algorithms and public-key signature algorithms - but…

asked Aug 23 '11 at 12:01

Nakedible

1,440
11
15

27

votes

5 answers

Timing-Safety in JVM-Languages

How is it possible to write timing-safe code in JVM-languages (Java, Scala, Clojure...)? Is it possible to make libraries like BouncyCastle safe against timing-attacks? I know that even in C it is very hard to get those things right – and in C you…

asked Jul 05 '17 at 14:11

K. Biermann

578
5
14

27

votes

3 answers

What is the length of an RSA signature?

Is it the same as the bits of the key (So a 2048 bit system will yield a 2048 bit signature)? At most as the key? Or something else entirely?

asked Aug 10 '12 at 14:45

ispiro

2,005
2
18
29

27

votes

2 answers

Using same keypair for Diffie-Hellman and signing

Are there any security risks using a single key-pair for both key-exchange and signing? I'm mainly interested in using Curve25519 for key-exchange and Ed25519 for signing. But similar combinations, such as EC-DH and EC-Schnorr or even EC-DSA with…

asked Jul 17 '12 at 20:51

CodesInChaos

24,841
2
89
128

27

votes

3 answers

Plain text size limits for AES-GCM mode just 64GB?

Based on NIST SP 800-38D section 5.2.1.1, it seems that the maximum length of plaintext is 2^39-256 bits ~ 64 GB. We've got 100+GB files in genomics that need to be GCM encrypted so are concerned about hitting this. So two questions: What's the…

asked Jan 08 '16 at 19:44

DeepSpace101

1,697
2
17
24

27

votes

2 answers

Why is PuTTYgen-created RSA public exponent(e) not in {3,17,65537}?

As far as I know, RSA public exponent(e) should be one of {3,17,65537}. However, I found PuTTYgen-created RSA public exponent(e) is 0x25(37) by default,as follows, (PuTTYgen version: 0.66) I am curious why PuTTY uses 0x25(37) instead of…

asked Nov 25 '15 at 15:17

Matt Elson

719
7
14

27

votes

3 answers

How is bitslicing faster?

I have read a paper on Bit Slicing and Lightweight crypto but cannot understand how bitslicing makes encryption scheme faster. Please can someone explain with an example exactly how bit slicing makes the code faster (even a single xor example will…

asked Oct 28 '15 at 14:01

ishaan arora

373
3
6

27

votes

3 answers

How does a rolling code work?

I have general questions regarding rolling codes. Basically there is a sender and a receiver. Both have a sequence generator. The receiver checks if the received sequence matches the newly generated. An example used is KeeLoq. Assuming a car opener…

asked Jul 24 '14 at 07:51

matcauthon

373
1
3
6

27

votes

3 answers

Information leakage from the ecryptfs filesystem

I'm wondering what information might be leaked from the ecryptfs filesystem. This is what Ubuntu uses if you check the box for "encrypted home directory" when using the desktop installer, so is probably quite widely used. Key characteristics of…

asked Jan 15 '12 at 16:15

Hamish Downer

371
3
5

27

votes

2 answers

When to use RSA and when ElGamal asymmetric encryption

If i am not wrong in cryptography there are 2 basic cryptographic schemes for public key cryptography. RSA encryption whose security is based on the infeasibility of solving the factoring of big primes problem and the ElGamal encryption which is as…

asked Jan 17 '12 at 10:52

curious

6,160
6
32
45

27

votes

1 answer

Use cases for CMAC vs. HMAC?

Both can be used to verify the integrity of a message. Assuming you have the needed primitives available to you (i.e. the code space of needing both a cipher and a hash function isn't prohibitive), is there any reason to prefer one over an other? In…

asked Apr 22 '14 at 14:16

Alex Gaynor

356
1
4
10

Most Popular