Highest Voted Questions - Cryptography Stack Exchange

18

votes

2 answers

Simulation-based proofs and universal composability proofs

I recently read Ran Canetti's famous UC paper but I'm still trying to wrap my head around the concepts. I think this answer has me confused a bit, particularly where it says The stand-alone simulation-based definitions give you security under…

asked Nov 20 '15 at 13:55

Luke

307
1
3
8

18

votes

2 answers

Is HTTPS secure if someone snoops the initial handshake?

Let's say I'm on an open wireless network that's being actively sniffed and I connect to an HTTPS site. Even though my subsequent traffic is encrypted, couldn't the sniffer use the data from the initial (non-secure) handshake to decrypt my…

asked Aug 03 '11 at 16:33

user319

183
1
4

18

votes

1 answer

How to calculate elliptic curve parameters?

I'm having a rough time understanding the math behind elliptic curves. I want to implement ECDH where user can define a, b, and p parameters of elliptic curve. How can I calculate generator base point G? Is it any point that satisfies elliptic curve…

asked Sep 04 '15 at 14:35

marlenn

181
1
3

18

votes

1 answer

Edwards / Montgomery ECC with Weierstrass Implementation?

So let's assume I want to perform Ed448 or Ed25519 digital signatures or want to perform a DH key-exchange. Assume further that those curves (Curve448 or Curve25519) are required. But the problem is, that I have only a constrained device given,…

asked Aug 31 '15 at 16:22

SEJPM

45,967
7
99
205

18

votes

3 answers

Chinese Remainder Theorem and RSA

Wikipedia has a nice section regarding the speedup of the RSA decryption using the Chinese Remainder Theorem here. I need to understand the implementation of a similar speedup for the encryption algorithm of a more complex homomorphic encryption…

asked May 09 '12 at 09:36

Mihai Todor

493
1
5
17

18

votes

2 answers

Can two different pairs of RSA key have the same modulus?

Can $n=pq$ be part of two different pairs of RSA keys? If such keys exist, say $(e_1,n)$ and $(e_2,n)$, how are they related? What will be the security concerns for the two users?

asked May 02 '12 at 11:33

AIB

283
3
7

18

votes

3 answers

What exactly is the impact of the hidden subgroup problem on cryptography?

I understand my group theory (allegedly), so I can make partial sense of The Hidden Subgroup problem: Given a group $G$, a subgroup $H \leq G$, and a set $X$, we say a function $f : G \Rightarrow X$ separates cosets of $H$ if for all $g_1, g_2 \in…

asked Jul 25 '11 at 21:15

user46

18

votes

2 answers

Deterministically generate a RSA public/private key pair from a passphrase (with sufficient entropy)?

Is it possible to deterministically generate public/private RSA key pairs from passphrases? Would giving the (key generating) algorithm data made from key-stretching the passphrase (instead of a source of random data) be sufficient and…

asked Mar 19 '15 at 10:57

fadedbee

916
1
10
29

18

votes

1 answer

Does unbalancing a feistel cipher always improve security? Does it improve security at all?

So according to Wikipedia unbalanced feistel ciphers provide greater provable security. Specifically, they state: The Thorp shuffle is an extreme case of an unbalanced Feistel cipher in which one side is a single bit. This has better provable…

asked Jul 25 '11 at 20:02

user46

18

votes

2 answers

Which blind signature schemes exist, and how do they compare?

I'm looking into blind signature schemes for use as digital cash. I have come across blinded RSA, and Lucre(DH based). Are there other schemes available, and how do they compare? I suspect there should be a elliptic curve scheme, which might have…

asked Apr 22 '12 at 10:28

CodesInChaos

24,841
2
89
128

18

votes

3 answers

Multiple private keys for single public key

I am currently working in security in mobile ad-hoc networks. I have several clusters, and I want to send some data encrypted with its public key, from the cluster head to the cluster members. I assume that each member has its own private key so it…

public-key

asked Feb 25 '15 at 11:15

yomna

179
1
1
5

18

votes

2 answers

Merkle hash tree updates

It seems that merkle hash tree (MHT) traversals have been discussed somewhat in the literature, but there does not appear to be much written on inserting, deleting, and updating leaves. Is this lack of material regarding updating MHT's possibly due…

hash-tree

asked Jan 29 '15 at 11:34

user3150164

303
2
6

18

votes

4 answers

Can you make a hash out of a stream cipher?

A comment on another question made me wonder about something: Assume you're on a rather constrained platform — say, a low-end embedded device — with no built-in crypto capabilities, but you do have access to a simple stream cipher; say, RC4 or one…

asked Mar 29 '12 at 13:56

Ilmari Karonen

46,120
5
105
181

18

votes

1 answer

Verbatim of early work on public-key cryptography?

In late 1997, the history of public-key cryptography was turned around with the announcement (then extended) that public-key cryptography was theorized in a 1970 note [1] by James Henry Ellis: The Possibility of Secure Non-Secret Digital…

asked Nov 20 '14 at 14:42

fgrieu

140,762
12
307
587

18

votes

3 answers

AES256-CBC vs AES256-CTR in SSH

I used AES256-CBC to SSH to a remote server. Recently, it stopped working with the following message: no matching cipher found: client aes256-cbc server aes128-ctr,aes256-ctr,arcfour256,arcfour,3des-cbc When I used AES256-CTR as a cipher to SSH…

asked Aug 08 '14 at 21:02

Rlearner

283
1
2
4

Most Popular