Highest Voted Questions - Cryptography Stack Exchange

19

votes

3 answers

UMAC: to what extent is it in use today?

Inspired slightly by the Encrypt-then-MAC question. The most obvious message authentication code is probably HMAC or RFC 2104 which is basically a hash of the input, an xor with a key... you get the idea. However, I've also discovered UMAC which…

mac

asked Jul 25 '11 at 20:43

user46

19

votes

3 answers

What is the difference between uniformly and at random in crypto definitions?

Very often in the description and analysis of a cryptographic protocol there is a need for a an element $k$ that is sampled uniformly AND at random. Is there a redundancy in the definition with uniformity and randomness? If no what is the…

security-definition

asked Dec 15 '14 at 14:01

curious

6,160
6
32
45

19

votes

2 answers

Shannon confusion and diffusion concept

I read the document(not the whole document) from Shannon where he speaks about the concepts of confusion and diffusion. I read in many places(not in the document but around the internet) that confusion is enforced using substitution. Diffusion is…

asked Sep 05 '14 at 23:59

BrunoMCBraga

311
2
6

19

votes

3 answers

Is braid-based cryptography proven insecure when looking towards post-quantum cryptography?

Braid groups has drawn the attention of cryptographers for a few years, as a promising platform for post-quantum cryptographic protocols. The security of the proposed schemes mostly relied on conjugacy problems, and attacks against this problem were…

post-quantum-cryptography

asked Aug 17 '14 at 20:48

Calodeon

382
1
7

19

votes

2 answers

Is it safe to seed a random number generator from system time?

It seemed to me that the Bouncy Castle SecureRandom class for C#/.NET only uses DateTime.Now.Ticks as its seed by default. I was wrong, but wouldn't that be unsafe to do?

random-number-generator

asked Jul 18 '14 at 19:11

Edward Ned Harvey

833
7
14

19

votes

3 answers

Modes of operation that allow padding oracle attacks

It seems to me that padding oracle attacks are mainly a concern for users of CBC mode encryption. Question: are any other modes of operation vulnerable to padding oracle attacks? And if so, why? There was some discussion in the comments section of…

asked Jul 17 '14 at 21:27

Maarten Bodewes

92,551
13
161
313

19

votes

4 answers

Encryption/ciphers/codes in Chinese

I am quite curious as to how you can perform simple encryption for the Chinese language. Saw a similar question related to encryption/Chinese here: About cryptography in a character language, however the method of encryption appears to be quite…

asked Jan 30 '12 at 12:19

pyko

293
1
2
6

19

votes

4 answers

Is SHA-256 secure as a CTR block cipher?

Generate a 256-bit random nonce. XOR it with a 256-bit reusable symmetric key. This is x. We represent numbers in simple binary instead of a counting function. 0 in dec = [256 zeros] in binary, 1 = [255 zeros]1, 23092348 = [241…

asked Jan 13 '12 at 17:17

Jordan

575
1
4
9

19

votes

1 answer

Compressing EC private keys

For reasonable security, EC private keys are typically 256-bits. Shorter EC private keys are not sufficiently secure. However, shorter symmetric keys (128-bits, for example) are comparably secure. I have a case where I need to regenerate an EC…

asked Jan 12 '12 at 02:14

David Schwartz

4,729
19
31

19

votes

3 answers

What is the difference between PRF and a Random Oracle?

What is the difference between Pseudo Random Functions and Random Oracles? Is the difference only about the domain of PRFs and Random Oracles, former having a fixed domain and latter can act on any input as long as it is well formatted? Having a…

pseudo-random-function

asked Apr 03 '14 at 01:52

Human

301
1
5

19

votes

3 answers

SHA-224 Purpose

One of the new features of Java 8 is the SHA-224 message digest. What is the use case for having a 224-bit-length hash?

sha-2

asked Mar 21 '14 at 10:09

user9070

19

votes

1 answer

HMAC SHA256 vs RSA SHA256 - which one to use

Salesforce recently announced they are moving away from HMAC SHA256 to RSA SHA256. Why did they make that move? Any technical factors? Is HMAC really easy to break? PS: I am not a security expert.

asked Oct 26 '13 at 00:07

so_mv

293
1
2
5

19

votes

2 answers

What makes RSA secure by using prime numbers?

I am just learning about the RSA algorithm. Looking at the first two steps: Choose two distinct prime numbers $p$ and $q$. Compute $n = pq$. I have some probably stupid questions: Why do $p$ and $q$ have to be prime numbers? Why couldn't they be…

asked Sep 27 '13 at 05:19

Joark

303
1
2
4

19

votes

1 answer

Will IBM's Condor quantum processor run Shor's Algorithm to crack a 256-bit Elliptic Curve key?

Yesterday IBM announced that they have a 433 bit quantum computer, called Osprey. There is nothing in the press releases I can find that says whether it can or cannot run Shor's Algorithm. They also say they are on track to release "Condor", an 1121…

asked Nov 10 '22 at 10:07

Simon G.

343
2
5

18

votes

4 answers

Should I delete cryptographic data from memory?

When dealing with cryptographic data, is there a chance that attacker recovers portion of data I used in my program? Should I try to delete every bit of keys and encrypted data that I used, overwrite it with zeroes? And one extra, how is situation…

asked Aug 26 '13 at 22:42

user1687327

183
1
5

Most Popular