Cryptography is the practice and study of logical means used to achieve information confidentiality, integrity and authenticity. It covers, among other things, encryption (making some data unreadable except for those who know a given secret element, called a key), data hashing (in particular for ...
2
votes
2answers
91 views
Explain real world symmetric key encryption
I'm new to cryptography. While reading about symmetric key encryption, it was mentioned that it requires secret key exchange so that 2 parties can decrypt the ciphertext.
Now, using some encryption ...
0
votes
3answers
97 views
Protecting data through an XOR operation with sufficiently long keys
Suppose two parties S and D would like to protect a communication channel. Therefore, S and D exchange two sufficiently long key sequences SB und DB of random bits over a secure channel [e.g not over ...
-4
votes
0answers
38 views
Phd student proposal for security in clouds [on hold]
I am planing to do a phd in " clouds computing security" and I need some interesting points
to mention in my proposal
5
votes
1answer
1k views
Consequences of tampered /etc/ssh/moduli
What are the consequences if an attacker is able to modify the /etc/ssh/moduli file?
0
votes
1answer
22 views
Does DUKPT support offline mode?
I have been working on the payment side with RSA and AES encryption which I got a fairly well technical understanding of encrypting credit card details.
Recently, We adopted a new chip and pin device ...
12
votes
4answers
519 views
Why is Bruce Schneier recommending symmetric crypto over public key crypto
I just read the article written by Bruce Schneier, the crypto guru. In the article, he says :
Prefer symmetric cryptography over public-key cryptography.
But, he doesn't shed any light as to ...
3
votes
1answer
93 views
Properly implemented strong crypto systems [on hold]
I have read this article about the revelation that in 2010 major encryption mechanisms including big four (hotmail, facebook, google, yahoo) and other encryption mechanisms were broken by NSA and ...
50
votes
3answers
2k views
Did US and UK spy agencies defeat privacy and security on the internet?
This question is meant as a canonical question in regard to the US and UK spy agencies compromising end nodes and encryption between nodes to spy on people they suspect to be terrorists. However, this ...
-4
votes
0answers
24 views
question about discrete logarithm? [on hold]
hiii,
I have one question about the calculate of x=g^y Mod p where :
y is bigger than P
is this function correct ?
thank you
3
votes
1answer
90 views
Hashing passwords before inserting into database
For the last 2 weeks I have been reading many blogs about website security and hashing passwords.
Many sites have mentioned the pro's and cons about different ways of doing this, which has left me a ...
8
votes
2answers
195 views
How do new security and cryptography techniques/protocols avoid the chicken-and-egg problem?
. . .better solutions have been proposed and will be worth considering once they have withstood the test of time (i.e. “5 to 10 years in the field, and not broken yet”).
-From Thomas Pornin's ...
8
votes
3answers
156 views
What was SSL 1.0?
What was SSL 1.0?
SSL 2.0 and 3.0 are well-known and well-documented. But what did the SSL 1.0 protocol look like? Wikipedia says there was a SSL 1.0 but doesn't say anything about how it worked.
...
0
votes
1answer
22 views
Encrypted data transfer with middle node and asymmetric key
I'm looking forward to pass data from a node A to a node B using asymmetric cryptography, but with one (huge) constraint: When A sends data to B, it is possible that B is offline. I would like to be ...
0
votes
0answers
13 views
Finite fields and ECC [migrated]
I understand modular arithmetic(or at least I think I do!) and I've tried to read and learn about how the Math in RSA works(and I think it went pretty well). I've been reading up on ECC and it looks ...
5
votes
0answers
31 views
Diffie-Hellman: choosing wrong generator “g” parameter and its implications of practical attacks [migrated]
In traditional DH one chooses two shared parameters: a large prime "p" and base "g", which is primitive root mod "p". Suppose generation algorithm is broken and "g" generates only a subgroup (group ...
