Highest Voted Questions - Cryptography Stack Exchange

18

votes

1 answer

Three-way hash collision

According to the birthday paradox we need approximately $O(|T|^{1/2})$ samples from the tag-space to find a collision for a hash function $h:K\times M \to T$. But how many samples are needed to find a three-way collision, i.e. $h(a) = h(b) = h(c)$…

asked Oct 04 '13 at 08:45

hsalin

485
4
7

18

votes

2 answers

Why was the winner of the AES competition not a Feistel cipher?

The winner of the AES competition has a structure that does not qualify as a Feistel cipher, as explained in answers to this recent question. However, most many of the AES candidates, and all 3 out of 4 some other finalists (Twofish, MARS) are…

asked Sep 29 '13 at 17:23

fgrieu

140,762
12
307
587

18

votes

3 answers

Quantum Computing Used to Break RSA by "fixing" Schnorr's Recent Factorization Claim?

There is a claim by Chinese researchers making the rounds (Schneier's blog here) that RSA can be broken by Quantum Computers. The paper is on arXiv. Wading through the discussion in Schneier's blog, and distinguishing between noisy qubits and…

asked Jan 04 '23 at 15:38

kodlu

22,423
2
27
57

18

votes

2 answers

Storing Credentials for a Third Party

(Originally posted to SOF, but I got no answers) I am designing a small application for use inside my company. My application needs to connect to a third party website on behalf of my application user. I would like to safely store the user's…

asked Aug 30 '13 at 18:03

Ralph

375
1
3
8

17

votes

2 answers

Strength of multiple hash iterations?

Is it correct that increasing the iteration possibly decreases the cipher strength but increases the amount of time it would take to find the original hash values if using brute-force on a given hash? (i.e. from a compromised database)? In other…

asked Oct 12 '11 at 17:09

Xeoncross

663
8
16

17

votes

2 answers

Practical consequences of using functional encryption for software obfuscation

I came across this article, which describes a method, developed by UCLA CS professor Amit Sahai et al, for using functional encryption in order to achieve software obfuscation. The paper that the article refers to is available here. Has anyone…

asked Jul 30 '13 at 23:14

Henrick Hellström

10,406
1
30
58

17

votes

1 answer

What to watch for with openssl generating weak keys? (low entropy)

(Disclaimer: I am regular software engineer with only basic crypto knowledge, so helpful if can be explained for a layman.) I am concerned about generating weak keys on a shared linux box with openssl. Some questions: How low does entropy have to…

asked Jul 24 '13 at 18:48

Brian Armstrong

273
1
2
7

17

votes

3 answers

How Unique is a "NeuralHash"?

I was doing some reading today about a major tech company planning to implement a new system for automatically detecting and reporting CSAM in users' photos. Overall, the system as described in their 12-page technical summary seems to be designed…

asked Aug 06 '21 at 05:06

Noah

193
1
1
5

17

votes

2 answers

Does the IV need to be known by AES (CBC mode)?

I was thinking about this today and thought I should ask. I think I understand IV's enough to say that they are basically the same thing as Salts when talking about hashes. They are there to improve randomness between messages. If the IV is simple…

asked Apr 08 '13 at 05:27

jduncanator

413
1
5
10

17

votes

4 answers

Can we use a Cryptographic hash function to generate infinite random numbers?

I have seen that there are PRNG that can generate a specific number of random-numbers. The Mersenne Twister as an example, can generate 2**19937 (if I'm not wrong) but... can we use a cryptographic hash function to generate infinite random numbers…

asked Dec 12 '19 at 08:53

Alexandro Babonoyaba

181
1
5

17

votes

2 answers

How to check whether the permutation is random or not

Imagine that my friend gives me the permutation $\pi$. He pretends that the permutation was generated completely random. I'm suspicious and worried, because the permutation (for instance) looks like: $\pi(x) = ax + b \pmod n$ for some $a$, $b$. My…

asked Nov 01 '19 at 17:01

Kirill Tsar.

599
3
13

17

votes

4 answers

Creating cryptographic algorithms at runtime

Would it be possible to create a program with which to create a cryptographic algorithm (i.e. encryption or hash) using well-known elements of other algorithms in the same way that algorithms "reuse" systems such as Feistel's structure? That is,…

asked Oct 29 '19 at 12:05

Arget

189
1
9

17

votes

4 answers

Can we assume that a hash function with high collision resistance also means a highly uniform distribution?

I want to use a hash function to generate a random sequence from number 0-n. And so I would like to find a good function that results in values that are seemingly random (does not need to be secure), but gives a sequence that is uniformly…

asked May 21 '19 at 05:08

Thaina

293
2
6

17

votes

2 answers

Why use a 1-2 Oblivious Transfer instead of a 1 out of n Oblivious Transfer?

When initiating an oblivious transfer, why would someone use a 1-2 oblivious transfer rather than going for an 1 out of n oblivious transfer? Perhaps a slight time overhead for the extra message encrypts, but with everything as fast as it is these…

asked Jul 12 '11 at 18:48

Jeremy L

273
1
6

17

votes

5 answers

Could one construct a cipher that is secure for friendly parties to use but insecure for hostile parties?

Consider the situation of a nation state (Blue) at war with another nation state (Red). Blue wants to deploy a secure cipher that blue currently can not break, but they are considered that Red could reverse engineer the cipher and use it to secure…

asked Sep 11 '11 at 23:16

Ethan Heilman

2,276
1
20
40

Most Popular