Questions tagged [symmetric]
Symmetric cryptosystems assume two communicating entities share a pre-established secret key.
855
questions
0
votes
1
answer
48
views
Is a salt necessary when using a key and an intialization vector during encryption?
I use OpenSSL to encrypt passwords. For that the parameters - $S
$ salt, $K$ key, $IV$ initialization vector are used.
Although the command produces the results, I am not sure if the salt is really ...
1
vote
0
answers
22
views
Exploring Quantum Attacks in Q1 Model on Symmetric Primitives with Better than Quadratic Speedup
I'm exploring quantum attacks (in the Q1 model) on symmetric structures, including hash functions, block ciphers, modes of operation and stream ciphers with time complexity beyond quadratic speedup.
I'...
1
vote
1
answer
117
views
AES-CTR Mode, Predictability of Nonce
I'm trying to rebuild AES-CTR mode and have some questions concerning the generation of the nounce.
I've comonly seen the nonce be distributed like this $Nonce_{128\,bits} = IV_{64\,bits} \mathbin\...
0
votes
0
answers
32
views
Is the CFB mode of Encryption related-key secure
I am going through the paper https://www.iacr.org/archive/fse2013/84240283/84240283.pdf where the related key security of CBC mode of encryption is well analyzed. I am concerned about whether the CFB ...
1
vote
0
answers
41
views
In Kerberos, is the "Authentication Server" the only "Trusted Third Party"? Or is "Ticket Granting Server" also a "Trusted Third Party"? [closed]
I know that AS (Authentication Server) is a TTP (Trusted Third Party) because it generates keys for two entities (for the client and the TGS).
But what about TGS (Ticket Granting Server)? It also ...
1
vote
1
answer
69
views
Is there any notion of key-recovery attacks security (perhaphs using games) that is equivalent to IND-CPA?
I am talking about Symmetric Cryptography only in the following.
We know that Semantic Security (in the presence of eavesdropper) implies security against message recovery (in the presence of ...
2
votes
1
answer
61
views
Is AES-CTR mode with predictable IV vulnerable to CPA attacks?
I'm just confused about this topic problem.
I know that the CBC mode will be vulnerable to CPA attacks if the IV is predictable, but what about the CTR mode?
0
votes
1
answer
90
views
Asymmetric encryption of the AES key made available along with the ciphertext
I know there are much more sophisticated encryption schemes than this one that achieve the same goal but I would like to understand any weaknesses in this basic, and probably typical, process:
...
1
vote
1
answer
79
views
Shannon's Perfect Security for Asymmetric Encryption
I have the following definition of Shannon's Perfect Security.
Assuming messages and keys are drawn randomly from some distribution then:
The probability of guessing plaintext m is not enhanced by ...
2
votes
0
answers
45
views
Design criteria of block ciphers in quantum setting
Some design criteria of block ciphers are already known for the resistance against known attacks like differential, linear , boomerang, etc. Does there already exist any study of design criteria of ...
1
vote
1
answer
53
views
Differential uniformity of vectorial Boolean function
What could we say about differential uniformity of (a vectorial Boolean function) $F = f+g \pmod 2$ (i.e. XOR) in terms of differential uniformity of $f$ and $g$?
1
vote
0
answers
43
views
How Helpful is NXP's LRP Encryption Protocol vs AES for short keys?
NXP has a custom (I think) encryption protocol known as "Leakage-Resistant Primitive", or LRP, built on top of AES. I think the goal of this is to basically "expand" the length of ...
1
vote
1
answer
71
views
Is it possible to use Diffie-Hellman protocol for symmetric group?
I was asked this question during one of my first cryptography classes, and I'm not sure if I understand it correctly. To begin, I know that after using the Diffie-Hellman protocol (which itself is ...
1
vote
0
answers
189
views
Mathematical approach to symmetric cryptography
I'm no mathematician but when thinking about block ciphers such as AES I find it much easier to think of them as a mathematical function $f$ (rather than an 'algorithm') such that $c=f(m,k)$ with $c$ ...
2
votes
2
answers
108
views
Can you use ChaCha20 as one-time pad?
My knowledge of cryptography nothing beyond basic so I am by no means an expert, but I do know a bit of undergraduate mathematics including number theory.
I know that stream ciphers like ChaCha20 is ...