Questions tagged [key-recovery]
A means of recovering cryptographic keys when the usual means for obtaining them is unavailable.; the ability to uncover the secret key to a cryptographic message.
51
questions
2
votes
1
answer
88
views
Implementing password recovery in my app
I have an Android App that stores encrypted data using a key derived from user entered password (PBKDF2). If any user forgets their password, they loose access to all their data. Hence, I am trying to ...
1
vote
1
answer
70
views
Is there any notion of key-recovery attacks security (perhaphs using games) that is equivalent to IND-CPA?
I am talking about Symmetric Cryptography only in the following.
We know that Semantic Security (in the presence of eavesdropper) implies security against message recovery (in the presence of ...
1
vote
1
answer
45
views
Proof that semantic security implies key-recovery security
I'm trying to prove that semantic security implies key-recovery security.
There is already a question that addresses this, but it doesn't explain the setup of the security reduction, which is what I'm ...
4
votes
1
answer
2k
views
In Bitcoin, given half the 52-character private key in WIF format, is it possible to reconstruct the whole private key?
Given the following two preconditions:
It is almost impossible to reconstruct a bitcoin private key if an attacker only has one half of the private key as well as the public key.
It is almost ...
2
votes
1
answer
91
views
in NTRU, can g be recovered given f and h?
The NTRU key generation involves polynomials and their arithmetic in polynomial rings, which is a bit different from arithmetic in modular integers.
In the NTRU cryptosystem, the public key $h$ is ...
0
votes
0
answers
243
views
HMAC-SHA256 key length against key recovery attack
I have trouble finding information on the security strength of HMAC-SHA256 against key recovery attacks with respect to the key size.
To fit a certain application I must use a 128-bits key with a HMAC-...
1
vote
0
answers
113
views
Which cryptographic attack here is feasible on RSA? [duplicate]
I'm new to cryptography, so please don't bash me.
I'm trying to learn to recover a RSA private key. As you can see from my profile I'm a cybersecurity professional, which is only now trying to learn ...
1
vote
0
answers
89
views
Question about Security of Multi-Signature Scheme
I am a developer trying to follow best practice guidance as established by the IETF for my applications. I was researching standards for ECDSA key generation for some work that I have to do in the ...
3
votes
0
answers
802
views
Algorithm used to generate a BitLocker recovery key
I know exactly how a generated BitLocker recovery key works and I can write a code to brute-force it.
How is the recovery key generated though?
I could think of some answers:
it is generated using an ...
2
votes
1
answer
303
views
Proving semantic security implies security from key-recovery attack
I am working on problem 2.11 from the book: A Graduate Course in Applied Cryptography by Dan Boneh and Victor Shoup. The problem reads as follows:
Problem 2.11: Let $\mathcal{E} = (E, D)$ be a cipher ...
0
votes
1
answer
723
views
Possible to directly calculate the Recovery ID from a msg, signature and public key in ECDSA/secp256k1?
Problem
Let's say I receive a signature $(r,s)$, the corresponding public key and the message that was signed. I don't have access to the private key. I need to know what the ...
2
votes
1
answer
136
views
How does Authentication-Key Recovery for GCM work?
In his Paper "Authentication weaknesses in GCM" Ferguson describes, how some bits of the error polynomial can be set to zero, thereby increasing significantly the chance of a forgery.
Q: ...
1
vote
1
answer
94
views
Construction of key recovery attack in O(2^(n/2))
I have to construct a key recovery attack on symmetric key encryption using a publicly known permutation $\Pi$ in $O(2^\frac{n}{2})$ time using $2^\frac{n}{2}$ queries to an encryption oracle.
The ...
0
votes
0
answers
112
views
Finding the cleartext password given its MD5
Given powerful GPU and PC hardware, is it realistic to recover a password in a few hours given a cleartext's MD5? Max chars are 95, and the maximum length of the password is 15 characters.
0
votes
0
answers
1k
views
Bitcoin Key Recovery Without Nonce Re-Use
There are a lot of questions in these forums regarding the recovery of private keys.
But I'm here to postulate on something unique to a specific piece of research that I looked into recently.
The ...