Highest Voted Questions - Cryptography Stack Exchange

13

votes

3 answers

Anatomy of an RSA private key

I'm learning about OpenSSL and public key infrastructure and am curious about the structure of an RSA key and how it's related to its corresponding public key. I can generate a private RSA key with the OpenSSL genrsa command: $ openssl genrsa…

asked Mar 29 '17 at 15:57

mbigras

241
1
2
6

13

votes

1 answer

Intuitive explanation of the $\varepsilon$ parameter in differential privacy

I think I have a decent intuitive understanding of what the $\delta$ parameter means in $(\varepsilon,\delta)$-differential privacy: I can explain it to a non-specialist in terms of "what are the chances that something goes horribly wrong". Even if…

asked Mar 15 '17 at 16:19

Ted

1,008
5
21

13

votes

3 answers

Asymmetry between public key and private key: digital signatures use the private key for “encryption”?

I have a misunderstanding concerning public key cryptography...would be very helpful if you answer the questions... Digital signatures: You use your private key for "encryption" and they use your public for "decryption". I thought that you can only…

asked Feb 15 '17 at 10:05

user7431243

151
1
4

13

votes

3 answers

Estimated entropy per bit given P-value of a statistical test, and number of bits tested?

Assume that a certain statistical RNG test (say from the NIST Statistical Test Suite, Dieharder, etc..) gives us a certain P-value (per the definition [*] used in NIST Special Publication 800-22), after testing $n$ bits of a RNG; say, $P=0.001$…

asked Feb 14 '17 at 22:39

fgrieu

140,762
12
307
587

13

votes

2 answers

Is there any compelling or logical reason to use AES-192 over AES-128 but not use AES-256?

I have been trying to find a case where AES-192 is used over AES-128 but AES-256 is not used. There are many questions about AES here (I liked this one AES-128/192/256), but from the actual application side, I was unable to determine any cases where…

asked Feb 01 '17 at 15:27

b degnan

4,810
1
24
48

13

votes

3 answers

Salting when encrypting?

I was attending a database encryption session at a developers conference. The presenter (who was a published author on the subject) said that MS SQL Server did not support salted hashes in the database, but it does support salting with encryption.…

asked Jul 12 '11 at 21:50

Jim McKeeth

931
8
16

13

votes

4 answers

Why bcrypt is one-way while Blowfish is reversible?

While bcrypt is often regarded as an irreversible hashing function, it's based on the reversible Blowfish cipher. I'm just curious about how does this work. Here's the pseudocode from the wiki: bcrypt(cost, salt, input) state ←…

asked Nov 30 '16 at 05:00

sunquan

233
1
2
5

13

votes

3 answers

What does "export grade" cryptography mean? And how is this related to the Logjam attack?

I am doing some research on the Logjam attack, and I need help in learning some terms that are new for me. What does "export grade" cryptography mean? And how is this related to the Logjam attack?

asked Nov 23 '16 at 19:26

han

419
3
9

13

votes

1 answer

Is there any benefit from using SHA-512 over SHA-256 when AES just truncates it anyway?

I am still not very clear on how AES-256-CBC can use SHA-512 bit keys, but I assume that it just truncates the 512bit hash down to 256bit. In software like GnuPG and OpenPGP, is there any real benefit using a SHA-512 key over a SHA-256 key with the…

asked Nov 13 '16 at 22:54

user4191887

241
1
2
5

13

votes

3 answers

Computing only one byte of a cryptographically secure hash function

Let $H$ be a cryptographically secure hash function, like SHA256. The output of $H$ is $N$ bytes long, with $N$ usually in the order of $32$ for commonly used hash functions. Now, be $X$ a string, I can compute $Y = H(X)$, which is a sequence $Y_0,…

hash

asked Oct 26 '16 at 14:07

Matteo Monti

1,407
2
14
19

13

votes

3 answers

Why are asymmetric cryptography keys more vulnerable to brute force attack than symmetric ones?

I came across this paper which says that Asymmetric keys must be many times longer than keys in secret-cryptography in order to boast equivalent security. Keys in asymmetric cryptography are also more vulnerable to brute force attacks than…

asked Oct 10 '16 at 12:08

Jay

369
4
18

13

votes

2 answers

Why do public keys need to be validated?

For some curves it's necessary to validate the public-key of the other side before running an elliptic-curve Diffie-Hellman key-exchange. Apparently if you don't validate the public key, small subgroup attacks can leak your private key. I have a few…

asked Sep 18 '12 at 17:31

CodesInChaos

24,841
2
89
128

13

votes

2 answers

Why RSA can't handle numbers above 76?

I'm going to encrypt the characters Zhu, and decrypt them using RSA. I'm using the public key $\{e, n\}$ and private key $\{d, n\}$. The values of $e$, $d$ and $p$ I get from my textbook: $e = 17$, $d = 53$, $n = 77$. It works fine when the number…

asked Sep 14 '12 at 13:06

mko

261
2
5

13

votes

1 answer

Cracking a PRNG by observing ranks within groups of its output

Suppose that I am generating random numbers with Python's random module, so that there is a known random number generator (Mersenne Twister in this case). I've read: "[...] observing a sufficient number of iterations (624 in the case of MT19937,…

asked Jul 08 '16 at 05:22

dcc310

273
2
5

13

votes

1 answer

Where is the key in white-box AES cryptography?

After an initial study of white-box cryptography, specially around the first article (Chow et. al.), I understood each step of transforming the lookup tables of AES into new ones. If I understood it correctly, the purpose is to redefine the AES…

asked Jun 30 '16 at 14:08

Andriel

237
2
6

Most Popular