Highest Voted Questions - Cryptography Stack Exchange

24

votes

4 answers

Is it feasible to build a stream cipher from a cryptographic hash function?

A few years ago I devised a symmetric-key system that worked like so: H() = some hashing function h = the number of bits in the result of H() key = bits to be used as a key ^ = the XOR operation + = concatenation len() = the length…

asked Jul 12 '11 at 22:17

John Gietzen

1,505
2
15
16

24

votes

1 answer

How are the names of cryptographic algorithms (like RSA, AES, SHA-256, Curve25519, etc.) pronounced?

I'll have to give a spoken presentation on cryptography and I don't want to make any pronunciation mistakes. Therefore I'm asking how I should pronounce acronyms like RSA, AES, SHA-1, SHA-256, IGE and CBC, Curve25519, ECDH, MAC, HMAC, etc., both in…

terminology

asked Sep 22 '16 at 09:48

M-elman

1,248
3
15
24

24

votes

2 answers

Does the Balloon hashing paper deprecate Argon2?

Does the recent Balloon hashing paper and the included attack on Argon2 effectively negate the result of the Password Hashing Competition? On one hand it seems that only a constant-factor improvement has been achieved, which is rarely critical in…

asked Sep 15 '16 at 05:35

rmalayter

2,297
16
24

24

votes

4 answers

What tests can I do to ensure my random number generator is working correctly?

In the past I have used the Chi-squared test to check the statistical randomness of my generator. Is this a good test to use? Are there other tests?

random-number-generator

asked Aug 12 '11 at 21:53

this.josh

1,977
4
15
13

24

votes

1 answer

In layman's terms, how does Shor's algorithm work?

I've just been reading up on Shor's algorithm, and I find it both fascinating and baffling. I don't understand much about it, other than that it can factor semiprimes in polynomial time. Could someone explain how it works in layman's terms and why…

asked Oct 02 '12 at 10:44

Polynomial

3,527
4
29
45

24

votes

3 answers

FIPS 140-2 Compliant Algorithms

Is there any reference to check the list of encryption & signing algorithms which are compliant to FIPS 140-2. After an exhaustive search I could find only "AES". Any suggestions would be much appreciated.

asked Sep 21 '12 at 15:09

Siva Arunachalam

343
1
2
6

24

votes

2 answers

Can Shannon's entropy be used to determine if a file is encrypted?

If we have to determine a file is encrypted or not, can we use Shannon's entropy algorithm on the file? As discussed here, the entropy (in bits per byte) being closer to 0 is considered as more orderly and being closer to 8 is considered more…

asked Jun 29 '16 at 03:39

sashank

6,174
4
32
67

24

votes

4 answers

How will Cryptography be changed by Quantum Computing?

I realise this isn't a 'yes or no' question, and I apologise for asking something that could be seen as a discussion thread, but I had to ask. I'm currently doing an EPQ in CS (specifically how QC will change Cryptography). I'm trying to gather up…

asked Sep 02 '12 at 13:22

Cameron Allan

261
2
3

24

votes

6 answers

PBKDF2 and salt

I want to ask some questions about the PBKDF2 function and generally about the password-based derivation functions. Actually we use the derivation function together with the salt to provide resistance against the dictionary attacks, right? One…

asked Aug 08 '12 at 17:51

thrylos_7

341
1
2
3

24

votes

2 answers

Purpose of DES parity bits

DES has a 64-bit key size, but only 56 of those are used during encryption. The other 8 are "parity bits". What was the intended purpose of the party bits, and why are they no longer used in modern ciphers?

asked Apr 03 '16 at 00:30

user9070

24

votes

4 answers

Necessity of Randomness of Salts?

Given the desire to have unique salts for each user of your system, is it actually necessary to create a cryptographically-random salt for each user? If your system already has some other unique user identifier (be it an ID, user-name, or an Email…

asked Jul 12 '11 at 20:55

GWLlosa

659
1
6
8

24

votes

1 answer

RSA with probable primes

I am a bit of a newbie to RSA encryption, so please be patient. I understand that for a 4096 bit RSA, the numbers p and q should be prime. And to have the best security, the p and q should both be about 2048 bits long. However, we don't have a way…

asked May 24 '15 at 06:02

Jug

343
2
5

24

votes

2 answers

What is the purpose of using different hash functions for the leaves and internals of a hash tree?

I just learned that the THEX hash tree specification which is widely used in P2P requires that two different hash functions be used: one for the leaf nodes (hashes of input data) and one for the internal hashes (hashes of hashes). In order to…

asked Mar 17 '12 at 14:25

Jeremy

1
2
7
22

24

votes

1 answer

(Why) should I avoid using a randomized IV for CTR mode?

I'm currently reading the chapter of Cryptographic Engineering (Ferguson, Schneier, Kohno 2010) about block cipher modes of operation. They have recommended CBC with random IV instead of CTR due to the difficulty of generating nonces for CTR: In…

asked Feb 13 '12 at 17:02

Jeremy

1
2
7
22

24

votes

3 answers

Why does the padding in Merkle–Damgård hash functions like MD5 contain the message length?

I understand the need for padding in MD5 and other hash algorithms such as SHA-1, SHA-256, SHA-384 and SHA-512. But why do we append the message length to the padding? I heard it strengthens the hash but how? Please provide an example if possible…

asked Dec 08 '11 at 21:09

Ibrahim Najjar

341
2
6

Most Popular