Cryptography Is reusing an AES key for encryption subject to attack?

---

• Is reusing an AES key for encryption subject to attack?
• Question about AES-256.
• Downsides of replacing libsodium's crypto_sign with crypto_box?
• Easy to use offline Shared Secret encode/decode tool

Is reusing an AES key for encryption subject to attack? Posted: 05 Feb 2018 03:01 PM PST Suppose I reuse a key repeatedly in a AES-256-CBC system with a random IV. Can an attacker recover the key or plaintext? What attacks can they use? submitted by /u/hawkshot2001 [link] [comments]

Question about AES-256. Posted: 05 Feb 2018 09:09 PM PST I'm no expert with encryption, that is to say, if you asked me to create my own cipher or analyze one that already exists, I wouldn't know where to start. However, I am aware of how encryption (and various ciphers) work on a basic level. One thing I'm not certain of, however, is how secure one can reasonably believe AES (specifically with a 256-bit key length) is. I know it was approved by the US government for securing sensitive data up to the Top Secret level. Whether it's still used by the government for that purpose, however, I'm not sure if that's still the case. I know there are several attacks against AES, but none that render the cipher "broken" in a practical sense. I'm aware also that most attacks against crypto are side-channel or are against the implementation, but barring that, how secure is the cipher itself? Did the NSA discover a weakness that caused it to remove it from its Suite B recommendations page? (At least I believe they removed it from said page, feel free to correct me if I'm wrong about anything here.) I'm thinking of using AES-256 to encrypt my whole hard disk. That's the main reason I'm asking. I want to know that my data would be secure using AES-256, as I've always been the paranoid type. submitted by /u/DerangedOmelette [link] [comments]

Downsides of replacing libsodium's crypto_sign with crypto_box? Posted: 05 Feb 2018 12:28 PM PST Hi everyone, for my raddi.net project, where I use libsodium, I'm looking for a way to optimize size of signatures. The appropriate facility, crypto_sign, adds signature of 64 (crypto_sign_ed25519_BYTES) bytes, which I think is only because it is SHA-512 that is being computed and encrypted. I'm already reusing that SHA-512 to compute PoW (cuckoo cycle). I'm thinking of achieving the same thing by using crypto_box to encrypt part of the PoW. I'd use user's secret key and a well known (preshared) pk/sk pair that'd be used by everyone to decrypt and verify the signatures/messages. Using other part of the PoW for crypto_box's nonce I'm down just to 16 MAC tag bytes. So basically I have following questions: Is there any obvious flaw in my reasoning? Is there better solution to do this? Should I add a few additional random bytes to the deterministic PoW? Note that message size on the network is only up to 64 kB and user's secret key would be used to encrypt the signature at most once per second. submitted by /u/RaddiNet [link] [comments]

Easy to use offline Shared Secret encode/decode tool Posted: 05 Feb 2018 07:05 AM PST Im sorry if posting on the wrong place. Ive been looking for an easy to use tool for shared secret text encode/decode. I really tried to find something, but no lucky. I`d like something practical, where I could generate multiple keys and distribute to my family (for example), with an executable file (or htlm) that they can easy use to recover the secret text. Any help will be very much appreciated! submitted by /u/carloscgabriel [link] [comments]

You are subscribed to email updates from Cryptography news and discussions. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States