Cryptography How Quantum Computers Break Encryption | Shor's Algorithm Explained |
- How Quantum Computers Break Encryption | Shor's Algorithm Explained
- The solution to quantum computers cracking cryptography is already here
- secp256k1 listed as insecure?
- New GPG keys and best practice
- what are the better alternatives to Random.get_random_bytes in python for generation of random bytes?
- [Question] Why do we authenticate parties using challenge/response?
- Good certificates die young: what's passive revocation and how's it implemented?
| How Quantum Computers Break Encryption | Shor's Algorithm Explained Posted: 02 May 2019 08:50 AM PDT |
| The solution to quantum computers cracking cryptography is already here Posted: 03 May 2019 03:03 AM PDT |
| Posted: 02 May 2019 10:56 AM PDT Here is a relatively respected site that discussed ECC curve safeness: I was surprised to see that secp256k1 is deemed unsafe, it's not NSA backdoored, so why is it listed as unsafe? Can anyone elaborate on the disc, ladder flaws etc? In some relatively simple language? [link] [comments]  |
| New GPG keys and best practice Posted: 02 May 2019 11:29 AM PDT I was hoping to have some help... I have been actively using GPG for a number of years. My current key fingerprint has been associated with everything I use like Github to Twitter. Soon my current key will expire and although I know I can extend the date and republish the current key, I thought I might make the move from prime based to ec based keys. So, what is best practice to ensure I don't lose my current key's web of trust, can I simply sign my new key with my current key or am I missing something? What do people do when they want to move from RSA to ECC, or when they don't wish to simply extend the date of expiry on a key? - Is there an elegant way to migrate the web of trust of a current key to a new key via signature? Thanks. [link] [comments]  |
| Posted: 02 May 2019 06:36 PM PDT |
| [Question] Why do we authenticate parties using challenge/response? Posted: 02 May 2019 02:32 PM PDT Here's a question about authentication during key exchanges. If this isn't the right sub to post this, I apologize, please let me know! (Some background: I'm relatively new to cryptography, I'm super interested in it but not very familiar with the mathematics behind it; currently I'm trying to implement an encryption layer in a networking project.) So it's currently my understanding that in some protocols (like SSH), to prove to a remote party that you know a private key, the remote party could send you a challenge like a random number encrypted with your public key. By decrypting it with the private key, and sending back the original number, you prove your ownership of the full keypair. Why is this challenge-response algorithm necessary? I'll try to explain what I mean with this question. Consider a scenario where Alice, a client, and Bob, a well-known dedicated server, wish to communicate. Alice wants to confirm she is talking to the real Bob before they perform a key exchange such as ECDH, and Alice knows Bob's public key already. If an adversary Mallory were to host an evil server that attempts to impersonate Bob, he can never actually do so unless he knows Bob's full keypair (in which case you have bigger problems). Because, AFAIK the public and private key are mathematically related, such that you can't just mash two random byte arrays together and call it a keypair. If Mallory generates some arbitrary private key, it'll never successfully decrypt ciphertexts that were actually meant for Bob, because her private key does not work with Bob's public key. Therefore, Mallory cannot decrypt messages that were encrypted with Bob's public key, nor can he encrypt messages that will then be considered acceptable by Alice. Mallory has no choice but to either send Alice unreadable data (which is okay, Alice then knows something's up) or forward the data to Bob (which is also fine). So even without a proper challenge-response, hijacking communications wouldn't work, right? Am I missing something here? I'm probably overlooking something, please feel free to correct me :) [link] [comments]  |
| Good certificates die young: what's passive revocation and how's it implemented? Posted: 02 May 2019 10:59 AM PDT |
| You are subscribed to email updates from Cryptography news and discussions. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment