Skip to main content
Cryptography

Questions tagged [implementation]

Ask Question

Implementing a cipher or protocol is the process of taking it from its mathematical or algorithmic description and producing a working version, often in computer software or hardware. This tag should be used for any question discussing the various potential considerations and pitfalls of this process, for example padding.

585 questions
Newest Active Bountied Unanswered
0 votes
1 answer
126 views

I am researching the implementation challenges of migrating existing blockchain infrastructure to a post-quantum secure state. While NIST has standardized algorithms like ML-DSA and ML-KEM, a single ...
Allianza's user avatar
  • 1
1 vote
0 answers
103 views

I’ve been exploring post-quantum key exchange mechanisms (like Kyber, FrodoKEM, or other NIST PQC candidates) implemented in web applications. I understand that these schemes are designed to resist ...
Pustam Raut's user avatar
  • 117
3 votes
0 answers
57 views

I have been exploring a formulation of integer division where the remainder is taken from the symmetric interval: $$[��⌊d/2⌋,⌊d/2⌋]$$ instead of the classical interval: $$[0,d)$$ Mathematically this is ...
Rudolf Stepan's user avatar
  • 31
1 vote
0 answers
82 views

I implemented the ML-KEM (Kyber) code from https://github.com/pq-crystals. I’m using the deterministic input values "z" and "d" taken directly from the ACVP Gen/Vals JSON file, but ...
smith's user avatar
  • 175
2 votes
2 answers
345 views

To make the question as specific as possible, take the SHA3-256 example from https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/SHA3-256_Msg30.pdf. How ...
yoyo's user avatar
  • 607
2 votes
1 answer
130 views

To prevent some side-channel attacks in RSA, I've seen people use multiplicative blinding $$ a^d\bmod N=(r^{-1})^d(ra)^d\bmod N $$ or additive exponent blinding $$ a^d=a^{d+r\phi(N)}\bmod N. $$ ...
yoyo's user avatar
  • 607
2 votes
1 answer
134 views

I have been unable to locate code for the attacks in Howgrave-Graham and Joux: New generic algorithms for hard knapsacks and in Becker, Coron and Joux: Improved generic algorithms for hard knapsacks ...
kodlu's user avatar
  • 25.9k
2 votes
1 answer
174 views

I am a high school student participating in a secure satellite communication idea competition. I am building a prototype to generate unpredictable encryption keys using ATECC608A (TRNG) and hardware ...
Tugra's user avatar
  • 21
3 votes
1 answer
336 views

Currently I am working on implementing a radix-4 NTT algorithm, but most of the research papers use a $2n$th root of unity as an input. However, in the Kyber specification, for $n = 256$ we don't ...
Randomizer13_4's user avatar
  • 31
2 votes
0 answers
89 views

XChaCha20 takes a 192-bit nonce and a 64-bit counter, but I need a 256-bit nonce. Can I simply XOR the 64-bit counter to the bottom of a 256-bit random nonce? This would be analogue to the XCTR mode ...
luiz's user avatar
  • 95
1 vote
2 answers
360 views

Introduction In 2005, Daniel J. Bernstein proposed a simple polynomial over $2^{130} - 5$ for fast universal hashing with applications to authenticated encryption [1]. Over the years, Poly1305 gained ...
luiz's user avatar
  • 95
1 vote
1 answer
83 views

I tried to implement the mixnet pseudocode in this article (Pseudo-Code Algorithms for Verifiable Re-Encryption Mix-Nets), but one of the equalities to check the proof correctness is not matching. I ...
Leonardo Kimura's user avatar
  • 43
2 votes
3 answers
435 views

Everybody seems to rely happily on the set of Intel instructions on > 2010 CPUs to accelerate AES256 encryption. This might be a too naive question but, being the exact algorithms an industrial ...
Mephisto's user avatar
  • 192
0 votes
1 answer
74 views

The following algorithm is supposed to implement Pk according to the following description: ...
Árpád Magosányi's user avatar
  • 155
1 vote
0 answers
88 views

Sorry for the very basic question. I could not find wikipedia-level resources to learn about zero knowledge proofs, El Gamal reencryption and stuff, and could not figure out which research papers to ...
Árpád Magosányi's user avatar
  • 155

15 30 50 per page
1
2 3 4 5
39