Newest Questions

Ask Question
32,059 questions
Newest Active Bountied Unanswered
Filter by
Sorted by
Tagged with
0 votes
0 answers
13 views

I've encoded unconstrained SHA-256 compression as CNF: 512 free input variables: msg_w{i}_b{j} (message bits, LSB-first) 256 output variables: ...
KAORU AGUILERA KATAYAMA's user avatar
  • 11
0 votes
0 answers
18 views

I was looking a problem around a system of modular binomials that are: When I hit a point I couldn't go further I found out on internet what a person did and could not understand what he did with an ...
Kaneda's user avatar
  • 101
0 votes
1 answer
66 views

New to homomorphic encryption here... but are there fields in homomorphic encryption (like headers) where each field has a unique key? For example, suppose I have $4$ fields $<a> <b> <c&...
steveK's user avatar
  • 91
1 vote
0 answers
23 views

Is it true that MQ is very hard when the number of equations ($m$) equals the number of unknowns ($n$)? According to https://eprint.iacr.org/2010/596.pdf , this is true going by the mentions of: ... ...
DannyNiu's user avatar
  • 11.5k
8 votes
2 answers
929 views

This could be related to any cipher, but this is specific so some AES hardware. In this hardware, a 128-bit random number is exchanged, as one does, between hosts. Due to a hardware quirk, the last ...
b degnan's user avatar
  • 5,415
0 votes
0 answers
26 views

I am designing a non-currency protocol that enforces one anonymous action per legitimate purchase (in my case: one review per purchase). I would like to sanity-check the following construction built ...
Luis Ramirez's user avatar
  • 1
1 vote
1 answer
50 views

Community convention remainder first: no cryptanalysis request on full scheme barring able to formulate questions on specific building blocks, so here it goes: Q: Suppose we replace the matrix ...
DannyNiu's user avatar
  • 11.5k
3 votes
0 answers
37 views

I have been exploring a formulation of integer division where the remainder is taken from the symmetric interval: $$[−⌊d/2⌋,⌊d/2⌋]$$ instead of the classical interval: $$[0,d)$$ Mathematically this is ...
Rudolf Stepan's user avatar
  • 31
2 votes
1 answer
591 views

ML-DSA works using vectors and matrices of polynomials. Each polynomial has coefficients in a finite field $\mathbb{F}_q$ - This group of polynomials is a ring denoted $R_q$. Matrix-vector ...
conduition's user avatar
  • 47
4 votes
1 answer
269 views

The goal behind solving Learning with Errors (LWE) is to solve a system of equations modulo q with a small, random error. My thought is that because these equations would have a solution outside the ...
Sophia González's user avatar
  • 41
1 vote
0 answers
61 views

I've stumbled upon a PhD thesis, "Smoothening Functions and the Homomorphism Learning Problem" [Ruzi-Lopez, Waterloo2020]. Before coming across this thesis, I thought (discrete) Gaussian ...
user1035648's user avatar
  • 695
0 votes
0 answers
45 views

Are you aware of any examples of universal one-way function construction using a cellular automaton (for instance Turing-complete Rule 110) or of any sufficiently strong cryptographic hash function ...
kerzol's user avatar
  • 101
1 vote
1 answer
24 views

In MariaDB it is possible to apply data-at-rest encryption using a plugin called file_key_management. This plugin uses a plain text file containing one ore more keys which are ids assigned like this (...
user214289's user avatar
  • 11
2 votes
0 answers
28 views

I'm a bit stuck on the problem mentioned in the title. It seems from the ctf writeup that I am going through and trying to understand. Here is the link for the in depth explanation: https://ctftime....
immigrantswede's user avatar
  • 75
3 votes
0 answers
69 views

As I understand it, X-Wing is an optimisation over GHP18, in which it is proven in Lemma 3 that there exists standard notion PRF, when used as KEM combiner, the resulting KEM will not be IND-CCA ...
Eri's user avatar
  • 61

15 30 50 per page
1
2 3 4 5
2138