Questions tagged [symmetric]
Symmetric cryptosystems assume two communicating entities share a pre-established secret key.
858
questions
-1
votes
0
answers
36
views
Password Manager: Sending stored passwords in API response [closed]
I am building a password manager with client-server architecture. The server will host REST APIs to manage passwords and the client (Web or Mobile) will use these APIs.
The server will store passwords ...
4
votes
0
answers
85
views
+50
Most simple transport encryption for link-constrained environments
What is the most simple, but yet well-known "protocol" to protect a unidirectional channel over air?
Requirements
The protocol should provide common properties like privacy, integrity and ...
2
votes
1
answer
69
views
Is AES-GCM safe if same key is used for both uplink and downlink, assuming last IV bit tells the direction
I have designed a cryptographical protocol which uses AES-GCM with a single key.
I have gone to great lengths to ensure the same initialization vector is never reused. The first bits of the ...
0
votes
1
answer
52
views
Is a salt necessary when using a key and an intialization vector during encryption?
I use OpenSSL to encrypt passwords. For that the parameters - $S
$ salt, $K$ key, $IV$ initialization vector are used.
Although the command produces the results, I am not sure if the salt is really ...
1
vote
0
answers
24
views
Exploring Quantum Attacks in Q1 Model on Symmetric Primitives with Better than Quadratic Speedup
I'm exploring quantum attacks (in the Q1 model) on symmetric structures, including hash functions, block ciphers, modes of operation and stream ciphers with time complexity beyond quadratic speedup.
I'...
1
vote
1
answer
124
views
AES-CTR Mode, Predictability of Nonce
I'm trying to rebuild AES-CTR mode and have some questions concerning the generation of the nounce.
I've comonly seen the nonce be distributed like this $Nonce_{128\,bits} = IV_{64\,bits} \mathbin\...
0
votes
0
answers
34
views
Is the CFB mode of Encryption related-key secure
I am going through the paper https://www.iacr.org/archive/fse2013/84240283/84240283.pdf where the related key security of CBC mode of encryption is well analyzed. I am concerned about whether the CFB ...
1
vote
0
answers
41
views
In Kerberos, is the "Authentication Server" the only "Trusted Third Party"? Or is "Ticket Granting Server" also a "Trusted Third Party"? [closed]
I know that AS (Authentication Server) is a TTP (Trusted Third Party) because it generates keys for two entities (for the client and the TGS).
But what about TGS (Ticket Granting Server)? It also ...
1
vote
1
answer
70
views
Is there any notion of key-recovery attacks security (perhaphs using games) that is equivalent to IND-CPA?
I am talking about Symmetric Cryptography only in the following.
We know that Semantic Security (in the presence of eavesdropper) implies security against message recovery (in the presence of ...
2
votes
1
answer
63
views
Is AES-CTR mode with predictable IV vulnerable to CPA attacks?
I'm just confused about this topic problem.
I know that the CBC mode will be vulnerable to CPA attacks if the IV is predictable, but what about the CTR mode?
0
votes
1
answer
90
views
Asymmetric encryption of the AES key made available along with the ciphertext
I know there are much more sophisticated encryption schemes than this one that achieve the same goal but I would like to understand any weaknesses in this basic, and probably typical, process:
...
1
vote
1
answer
81
views
Shannon's Perfect Security for Asymmetric Encryption
I have the following definition of Shannon's Perfect Security.
Assuming messages and keys are drawn randomly from some distribution then:
The probability of guessing plaintext m is not enhanced by ...
2
votes
0
answers
46
views
Design criteria of block ciphers in quantum setting
Some design criteria of block ciphers are already known for the resistance against known attacks like differential, linear , boomerang, etc. Does there already exist any study of design criteria of ...
1
vote
1
answer
54
views
Differential uniformity of vectorial Boolean function
What could we say about differential uniformity of (a vectorial Boolean function) $F = f+g \pmod 2$ (i.e. XOR) in terms of differential uniformity of $f$ and $g$?
1
vote
0
answers
46
views
How Helpful is NXP's LRP Encryption Protocol vs AES for short keys?
NXP has a custom (I think) encryption protocol known as "Leakage-Resistant Primitive", or LRP, built on top of AES. I think the goal of this is to basically "expand" the length of ...
1
vote
1
answer
71
views
Is it possible to use Diffie-Hellman protocol for symmetric group?
I was asked this question during one of my first cryptography classes, and I'm not sure if I understand it correctly. To begin, I know that after using the Diffie-Hellman protocol (which itself is ...
1
vote
0
answers
189
views
Mathematical approach to symmetric cryptography
I'm no mathematician but when thinking about block ciphers such as AES I find it much easier to think of them as a mathematical function $f$ (rather than an 'algorithm') such that $c=f(m,k)$ with $c$ ...
2
votes
2
answers
109
views
Can you use ChaCha20 as one-time pad?
My knowledge of cryptography nothing beyond basic so I am by no means an expert, but I do know a bit of undergraduate mathematics including number theory.
I know that stream ciphers like ChaCha20 is ...
0
votes
0
answers
35
views
Does Qrypt's BLAST protocol based on "Doubly-Affine Extractors" use public-key or symmetric-key cryptography?
The company Qrypt states that "Key distribution based on asymmetric algorithms is a weak link for cryptography" and claims to "enable encryption without distributing encryption keys&...
3
votes
1
answer
205
views
Is DES/2DES/3DES still used?
I checked a related question, but I still did not find the answer I was looking for.
Specifically, do we have any statistics on the usage of DES/2DES/3DES?
It seems from here that credit card systems ...
0
votes
1
answer
101
views
Do I need to use unique IVs if all encrypted data is unique?
I am designing a service where each user has both a unique 256-bit private and public ID. These IDs should be derivable from one another, but only within the backend of my service (as to not expose ...
1
vote
1
answer
77
views
Is a Shift Cipher with Random Insertions Unbreakable?
Imagine an Encryption Algorithm which applies a classic Shift Cipher (also called Caesar or ROT-X) to a text (with only lowercase [a-z] and the space ...
1
vote
0
answers
48
views
Are semantic security and indistinguishability equivalent for symmetric key cryptosystems?
I've seen a lot written about how, in the context of public key cryptosystems, these definitions are equivalent. Is the same true of symmetric key cryptosystems? If so, what are the precise statements ...
0
votes
0
answers
58
views
Does this protocol description and design look sound?
I am working on a tool that uses password derived keys for AES and a selectable modes of operation to encrypt (and later decrypt) text for storage on an insecure media. The tool is constrained to ...
0
votes
0
answers
17
views
Web app server side encryption scheme
I'm asking if this encryption scheme would increase the security of the user's data. Here's how it would work:
The user would create an account (username + password). An encryption key (symmetric) is ...
0
votes
1
answer
71
views
Shared Key message-encryption multiple receiver communication
Say there are 5 parties. 1 is the sender, and 4 are the receivers.
The sender has a unique shared key with each receiver.
k1 - between sender and receiver1
k2 - between sender and receiver2
k3 - ...
1
vote
0
answers
226
views
In Symmetric encryption where Alice and Bob message each other, how can both decrypt the same data?
I first posted this question on StackOverflow but they told me it belongs here instead:
https://stackoverflow.com/questions/77856486/in-symmetric-encryption-where-alice-and-bob-message-each-other-how-...
2
votes
1
answer
612
views
How does SMB authentication work?
When I learned about the inner workings of the TLS protocol and what exactly it protects a connection against, I was surprised to learn that even asymmetric encryption can be defeated by a MITM attack ...
0
votes
0
answers
69
views
Key-dependent cipher generation
Is there any cryptanalysis possible if the cipher itself is deterministically derived from key material?
For example, suppose you have n building blocks (ARX primitives, AES ops, other primitives) and ...
1
vote
1
answer
81
views
Security of this MAC scheme
I'm studying for a cryptography exam, I have this question from a past exam:
Consider the MAC with key $k$, based on a block cipher $E_{(k)}$ with block size $n$, and a collision-resistant hash ...