r/crypto
Posts
Tjald Hash and RNG Suite - A bid for new speed records
Feasability of cracking a non-CS PRNG when the output is reduced to a small set of characters.
I'm looking for resources. Predicting the future (or past) output of a regular PRNG from observations is very common, no issue with that. But a case I see a lot in practice is people using PRNGs to create temporary codes or passwords by choosing a character at random from a …
Free ideas I don't have the time/energy to build (most are cryptography-related)
Is there anything that would prevent peforming Weil Descent on binary curves of large characteristics ?
The ghs attack involve creating an hyperlliptic curve cover for a given binary curve. The reason the attack fails most of the time is the resulting genus grows exponentially relative to the curve’s degree. We don’t hear about the attack on finite fields of large characteristics since such curves are …
I was explained how to know if a given qth root can be used for elliptic curve pairing inversion. But what he did mean ?
There are many research papers that propose to lower the problem of fixed pairing inversion to exponentiation inversion. I asked a busy researcher how to determine if a value before exponentiation is suitable for Miller/pairing inversion and here’s his answer > Suppose the elliptic curve is defined over F_p, the …
Hashing conundrums
I have two questions about hashing that I thought might as well be merged into one post. **1. Choosing an algorithm and parameters** I have components in rust, android/kotlin and ios/<probably swift?> and I need a hashing algorithm that's consistent and secure across all 3 systems. This means I need …
Why are SSL certificates only signed by one CA?
If a CA gets compromised, the attacker can impersonate anyone. If instead you loaded up your certificate with loads of signatures, you’re no longer relying on any one organisation or government’s honesty. Certificates could also contain statements of intent like ‘I plan to use certificates signed by at least 3 …
Is Falcon a viable replacement for ECDSA?
Falcon (also called FNDSA), a lattice-based signature scheme, stands out for its low communication overhead, boasting significantly smaller public key and signature sizes compared to many alternatives. This efficiency is crucial for applications where bandwidth is limited, such as cryptocurrencies, IoT devices and mobile communications. Or is further research and …
What’s the name of this Diffie‑Hellman problem variant ?
There’s several Diffie‑Hellman problems names like weak decisional Diffie Hellman problem or strong Diffie‑Hellman problem. My case is the following : given finite field’s elements g ; d whose discrete logarithm is unknown, the attacker needs to compute integers a ; b and a' ; b' such as *g^(a)×d^b = …
How can I learn about Zero-Knowledge Proof from scratch in 2024? Roadmap?
Looking for resources that explain zkp, zk-snark, zk-stark in depth. I am new into cryptography and want to understand it from scratch, theoretically and implementation wise. This is specifically for an identification project. I understand this space moves quite fast so I'm also looking for newer resources to understand the …