Questions tagged [xor]
XOR, often written ⊕, is one of the basic operations on bits and bit-sequences. It is a building block of many cryptographic primitives (and some higher-level algorithms, like modes of operations).
316
questions
1
vote
1
answer
69
views
What is the XOR count of AES MixColumn matrix?
I am a beginner and I am learning about XOR counts, (Link to background: https://ia.cr/2014/530).
The 4 by 4 matrix used in the MixColumn operation in AES is [2,3,1,1],[1,2,3,1],[1,1,2,3],[3,1,1,2]. I ...
4
votes
1
answer
187
views
How to prove the conclusion " linear operation $\mathsf{XOR}$ does not affect the division property"?
Division property is proposed as a generalized integral property at Eurocrypt 2015 by Yosuke Todo in his paper Structural evaluation by generalized integral property, And in paper Integral ...
0
votes
1
answer
134
views
Finding good shift operators for XorShift
I'm not certain this is the right place to ask but I'll ask anyway. I've been messing around with XorShift random number generators, I've only implemented a simple one copied almost verbatim from the ...
0
votes
0
answers
37
views
In the context of Hardware Security and Cryptography, how do I calculate the Algebraic Normal Form for sboxes [duplicate]
In our hardware security exercise, I am trying to calculate the ANF function manually (Sboxes) for the given table:
And I came up with the result as:
I thought I was calculating it correctly using ...
1
vote
1
answer
54
views
Differential uniformity of vectorial Boolean function
What could we say about differential uniformity of (a vectorial Boolean function) $F = f+g \pmod 2$ (i.e. XOR) in terms of differential uniformity of $f$ and $g$?
0
votes
0
answers
42
views
Can I recover the seed used to generate the internal state of MT19937 using the state itself?
Is there any way to extract the seed that has been used to generate the state in python or any other language?
I tried to find the implementation of the random.seed ...
0
votes
0
answers
42
views
Decrypting Message Using One-Time Pad with Repeated Key [duplicate]
I'm trying to decrypt a message that has been encrypted using a one-time pad with a repeated key. The encryption technique involves using the same key twice. We know the message was encrypted with $k =...
4
votes
0
answers
157
views
Is the XOR-combiner of independent keyed hash-functions collision resistant?
Assume there are two keyed hash-functions $H_1(k_1, m)$ and $H_2(k_2, m)$, with $k_1$ and $k_2$ being independently randomly sampled public keys.
The XOR-combiner is defined as $C_\oplus^{H_1, H_2}:=...
1
vote
0
answers
60
views
Identified Performance Discrepancy in my AES addRoundKey: Slower than Expected
Problem
I'm working on an AES implementation in C++, and I have been testing the performance of my code, and its functions. I've noticed a significant performance slowdown in my 'addRoundKey' function....
0
votes
1
answer
262
views
Advantages of AES vs XOR on a plain text file
Currently, I am using AES-GCM to encode and decode a plain text file. The key is derived from a plain text password using PBKDF2 and a random salt with SHA-256. However, I have been thinking and came ...
0
votes
0
answers
37
views
Solving XOR modular system of equations
I have the following problem.
Here's a rephrased version of your problem, keeping the LaTeX commands unchanged:
We are given $n \in \mathbb{N}$, $p, q \in \mathbb{N}$, and $y \in \mathbb{N}^{n+2}$. ...
1
vote
1
answer
153
views
Solving equation of xor and mod operation
How do I solve equations like this
$$(aX \oplus X+b) \bmod M = c$$
If a,b and c are known?
and if i have system of of equation with different b values, is it solvable? I am particularly interested in ...
1
vote
1
answer
166
views
What is the inverse of this generalised automaton (based on bitwise XOR and modular addition)?
Section 4.1 of the paper “Nonlinear Diffusion Layers” [Y. Liu, V. Rijmen, G. Leander] defines the nonlinear function $\rho$ over $\mathbb{F}_{2^m}$ as follows: $$\rho : \mathbb{F}_{2^m}^4 \to \mathbb{...
0
votes
0
answers
57
views
2 XORed AES-ECB ciphertexts, zero key and piece of plaintext
I have $C_1 \oplus C_2$ where $C_1$ = $AES128_k(P_1)$ and $C_2$ = $AES128_k(P_2)$.
I know the k, it is 0 (i.e. 16 bytes of zeros).
I know the piece of $P_1$ (7 ...
1
vote
1
answer
92
views
Biasedness of the XOR variable of two independent biased boolean variable
My question is very basic one. Suppose there are two independent boolean variable $X_1$ and $X_2$. It is given that $X_1$ is biased towards $0$ and $X_2$ is biased towards $1$ with same amount of bias....