Cryptography Maybe not super relevant, but did you guys read the hilarious example in Wikipedia's MiTM article? |
- Maybe not super relevant, but did you guys read the hilarious example in Wikipedia's MiTM article?
- CAESAR competition final portfolio selections
- What are some hash types that are used to compare similar images?
- How secure is it to use a passphrase as described in XKCD 936?
- Help factoring a 100 digit number, is this possible for an amateur?
- Is there any size recommendation for salts used by SCrypt?
| Maybe not super relevant, but did you guys read the hilarious example in Wikipedia's MiTM article? Posted: 21 Feb 2019 02:43 PM PST |
| CAESAR competition final portfolio selections Posted: 21 Feb 2019 08:34 AM PST |
| What are some hash types that are used to compare similar images? Posted: 21 Feb 2019 09:13 PM PST I'm working on a side project and would like to see if two images are similar to each other. I had heard that there are hash algorithms that have thresholds so that the hash only changes when the files are deemed too different. I'd like to use something like this because the images tend to change slightly but I'd like to know if they are still essentially the same image. [link] [comments]  |
| How secure is it to use a passphrase as described in XKCD 936? Posted: 21 Feb 2019 09:46 AM PST Probably a basic question, but I don't really know anything about crypto. How secure is it to use a passphrase consisting of four (or so), randomly generated words? If I have a 20,000 word vocabulary, and somehow randomly pick four of those words to generate a passphrase, an attacker would have to guess 20,0004 (1.6x1017) assuming he knew I was using words from a dictionary. Going up to five words gives us 3.2x1021 different choices. And this is with letters only, same-case for all letters.. If I assume most people might use at most 70ish different characters (26 letters, 10 digits, 10 or so punctuation marks), you have 5.7x1014 possibilities for an 8 character password. Going to 12 characters gives you 1.3x1022 different possible passwords. It seems to me that if the attacker knew about the method used to generate the passwords (totally random short password vs randomly selected n-word passphrase), the passphrases would almost always be more secure. Does this mean it's better to use a passphrase? [link] [comments]  |
| Help factoring a 100 digit number, is this possible for an amateur? Posted: 21 Feb 2019 10:00 AM PST I need to factor a 100 digit number for a competition (let's call it N). I'm currently running it on alerpton.com's integer factorization calculator. It's been 19 hours and it's still not complete. It uses the Elliptic Curve Method (ECM) and the Self-Initializing Quadratic Sieve (SIQS). Is this even possible? I'm pretty sure N is a product of two primes, and log base 2 of N is approximately 331 ==> 2331 ≈ N. This means N is a 332 bit number correct? EDIT: I was able to factor N in 42 minutes with the help of YAFU. Thank's everybody. [link] [comments]  |
| Is there any size recommendation for salts used by SCrypt? Posted: 21 Feb 2019 02:07 AM PST SCrypt under the hood uses the PBKDF2 with the given password and salt with only 1 iteration then "works" on the derived bytes to get an extended "salt" and uses it again in the same PBKDF2 to return the final result. For PBKDF2 we have RFC8018 which recommends salt size to be at least 64 bits (=8 bytes) when a hash function with a bigger block size like SHA256 is used. My question is about the initial salt that is given to PBKDF2 in the first step inside SCrypt, I have seen small size salts even in RFC7914 test vectors, so technically your PBKDF2 and your SCrypt function should reject them but it doesn't seem to be the case. I am wondering whether there is any security concerns in using SCrypt with smaller salt sizes (even though SCrypt is in a way extending the initial salt) mainly because cryptography is only as strong as its weakest link! [link] [comments]  |
| You are subscribed to email updates from Cryptography news and discussions. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment