Questions tagged [public-key]
An asymmetric cipher is an encryption scheme using a pair of keys, one to encrypt and a second to decrypt a message. This way the encrypting key need not be kept secret to ensure a private communication. Similarly in public key authentication, the verification key can be public and the signing key private.
2,405 questions
2 votes
1 answer
142 views
Question about some details in SQIsign signing algorithm
The reference is Algorithm 4.2 on page 40 in this document https://sqisign.org/spec/sqisign-20250707.pdf. I'm confused by lines 28-33. We have $I_{com,rsp}$ correspond to the isogeny $\varphi_{rsp}^{...
- 966
4 votes
1 answer
84 views
Hardcore Predicate for ECDLP
The 1999 paper "The Security of all RSA and Discrete Log Bits" by Hastad and Naslund here states that any block of $O(\log \log N)$ bits where $N=pq,$ of the encrypted RSA output is known to ...
- 25.7k
0 votes
0 answers
60 views
How do I display a file on a website and keep it encrypted when it's saved by the user?
My problem is specific: basically I want to have a website that is a gallery of my photos and I want the user to be able to view them, but that is the only access the user has. If they attempt to save ...
- 1
4 votes
2 answers
302 views
On the unfoundedness of signing as "inverse" of public-key decryption
In their book "Introduction to Modern Cryptography," Katz and Lindell wrote: Digital signatures are often mistakenly viewed as the “inverse” of public-key encryption, with the roles of the ...
- 204
2 votes
0 answers
51 views
Public-key steganography
Are there methods for Public-Key steganography with: Key generation as in public-key encryption Encryption producing (when successful) a Stego Object (analog to ciphertext) from Public Key Payload (...
- 151k
2 votes
2 answers
180 views
Application of True Randomness generators in Cryptography
What is the exact application or True Randomness in Cryptography, either symmetric or public key? It is well known that the symmetric keys of encryption algorithms are supposed to be chosen randomly ...
- 191
3 votes
2 answers
170 views
Deuring correspondence in SQIsign
I have some questions to clarify my understanding about Deuring correspondence between quaternions and isogenies in SQIsign(2D) version 2.0.1 https://sqisign.org/ Let $E_0$ be an elliptic curve with ...
- 966
3 votes
2 answers
183 views
What happens in RSA when $e=23$ is a factor of $p-1$?
I want to understand how to relate that $e = 23$ $e$ divides $(p-1)$ I have the value $(p+q)\gg 100$ (where $\gg$ stands for right-shift) I have the value $g = d^{-1}\bmod \varphi$ where $d$ is a ...
- 63
7 votes
4 answers
2k views
Can Alice deny her signature by retracting her public key?
Alice sends Bob an arbitrary message M, signed with her private key. Bob verifies M with her public key A. Later, Alice claims that her public key was actually B all along, and M cannot be her message....
- 173
0 votes
0 answers
50 views
ADKG-based threshold ECDSA signature recovers different address per transaction—how to compute aggregate `r` and signature parameters?
Background I’m implementing Asynchronous Distributed Key Generation (ADKG) over secp256k1 so that N nodes collectively hold a threshold private key. After DKG each node has a secret share. To sign an ...
- 101
8 votes
2 answers
3k views
What does this "lightbulb-ish" symbol mean in figure 1 of the Diffie Hellmann paper?
In Diffie and Hellmanns famous paper New Directions in Cryptography from 1976, figure 1 on p. 645 (resp. second page in the linked pdf) visualizes the flow of information in symmetric cryptosystems. ...
- 191
2 votes
1 answer
129 views
Question about an example implementation of Meet-In-The-Middle attack
After reading some questions about crypting and decrypting on SE, I searched Google for "Meet in the Middle" attacks. I found two links: An implementation on GitHub of an algorithm ...
- 139
0 votes
0 answers
30 views
Exploring Key Ambiguity in a Symmetric Encryption Scheme Using Modular Arithmetic
This is one step in my new symmetric encryption algorithm. Here: p, c, ek, and ...
- 169
5 votes
1 answer
231 views
Hash-based public-key encryption
Over the years, new discoveries have weakened some of the mathematical primitives used in cryptography, like the broken Knapsack cryptosystem, Shor's algorithm, etc. What we believe to be hard ...
- 225
1 vote
1 answer
114 views
Homomorphic encryption for computation of $bx+y\bmod p$
I'd want a public-key encryption scheme with plaintext space the integers modulo some public prime $p$, allowing the computation of a ciphertext that deciphers to $bx+y\bmod p$, given a public integer ...
- 151k