Posts
Verifying BLS12-381 signatures on Ethereum | drand blog
Intuitive explanation of Schoof's algorithm finding elliptic curve's order
For a given P, n and G where P=n\*G and finding n from P is DLP problem. We know it is hard to solve. How come they find n easily in case of G = (n-1)\*G, which is also curve's order. I'm wondering the intuition behind the algorithm for this …
Barking Up The Ratchet Tree – MLS Is Neither Royal Nor Nude
As a programmer non-cryptographer, what will I be missing in RFCs?
I am a decent C programmer, but I have next to zero knowledge in cryptography. Now, if I was to implement "naïvely" some well-established crypto-related standard protocol like https://www.ietf.org/rfc/rfc2898.txt or https://www.rfc-editor.org/rfc/rfc7296.txt , what do you think would be the risks for the resulting system? What vulnerabilities would I be likely …
Pollard Rho - Pseudorandom Sequences
Hi, I’m currently writing my bachelor thesis about factoring Algorithms. One of them is Pollard Rho, so here is my question: In his paper Pollard states that the pseudorandom sequence: $x_{i+1}=x_{i}^{2}$ shouldn’t be used for his algorithm. Why so? I did some research and found out that although the sequence …
Tips on Auditing Cryptographic Source Code
I am interested in auditing cryptographic source code on my spare time. Some of the projects I am considering auditing include GNUPG, Sequoia-PGP, Mullvad, and Rustls. For those of you who have experience auditing cryptographic source code what advice would you give? I thank all in advance for any responses.
Why was Classic McEliece Rejected for ML-KEM?
I have learnt that Classic McEliece made it to round 3 of NIST but was rejected in favor of Kyber for ML-KEM. McEliece was introduced in 1978--around the same time as RSA and remains resistant to classical and post-quantum cryptanalysis to this day. I am just asking for a quick …
Any Practical Use of Menezes Qu Vanstone over Authenticated Diffie-Hellman
I was studying Menezes Qu Vanstone from Serious Cryptography 2nd Edition. Aumasson mentions MQV is elegant and more secure than Authenticated Diffie-Hellman. You cannot break MQV just by leaking ephemeral secrets. Even if a long-term key is compromised the previously established keys are safe since they were derived using ephemeral …
Decrypting Memory Chip Data
I just got two Nitrokey 3C NFC keys. My first time using 2FA, first time having keys
Hi I am new to understanding how to be more secure online. I bought two Nitrokey 3C NFC keys, one for a primary, and one for a backup. I have successfully gone into terminal on my Macbook M1 Air and also my M1 Macbook Pro. I am not sure how …