Posts
Infinite Cipher - A cipher of arbitrarily high strength
Cryptography 101 with Alfred Menezes
Real World Crypto 2025 Program (links to live streams)
Two Attacks on Naive Tree Hashes
Post-quantum security of HMACs
NIST claims that the security of HMACs is given by `MIN(key_len, 2 * out_len)` which means that HMACs with`out_len == key_len` provide a security strength equal to the length of the key. Considering NIST classifies a key-search attack on AES-256 at the highest security level (and that AES keys must …
FBI raids home of prominent computer scientist who has gone incommunicado
Post-quantum PAKE
I'm currently working on integrating a post-quantum password-authenticated key exchange (PAKE) protocol into my application. To ensure I make an informed choice, I'm looking for a comprehensive survey or overview of existing post-quantum PAKEs. Does anyone know of any resources, papers, or studies that provide a detailed comparison of post-quantum …
Asymmetric Data Encryption - Is reversing the role of keys interesting or valuable?
I'm currently testing a new encryption algorithm that reverses the traditional concepts of asymmetric keys (like RSA/ECC). For context, current asymmetric algorithms (RSA/ECC) are primarily used for symmetric key exchange or digital signatures. Like this: * Public key: Encrypt-only, cannot decrypt or derive private key. * Private key: Decrypts messages, …
What should the server do in a TLS 1.3 handshake if it doesn't recognise the early data PSK?
I have a 0-RTT handshake as follows: Client's perspective: First flight: The client pings off client hello, then uses the early keys to encrypt early data and end of early data application record. The encrypted records are all 'wrapped' and look like application records. Second flight: The client receives server …
Is there any encryption algorithm that uses hashing?
After looking at all major encryption algorithms, I've realized they all are somewhat complex given that the only thing they have to do is take a key and use it to "mix" all the information, beside authentication and efficiency. I've thought of a simple system that would use pure hashing …