Questions tagged [public-key]
An asymmetric cipher is an encryption scheme using a pair of keys, one to encrypt and a second to decrypt a message. This way the encrypting key need not be kept secret to ensure a private communication. Similarly in public key authentication, the verification key can be public and the signing key private.
2,409 questions
3
votes
1
answer
289
views
Is it possible to construct public key encryption from key encapsulation mechanism in a black box manner?
We know that key exchange is a less "advanced" cryptographic primitive than public key encryption. In the first paper of public key cryptography, Diffie and Hellman has mentioned that they ...
- 733
2
votes
1
answer
90
views
Is the standart GPV-IBE non-isometric?
I would like to know whether GPV-IBE is isometric. I would like to use type-2 operators for a proof, and I can only apply these if GPV-IBE is isometric. Here is the definition of non-isometric as ...
- 41
1
vote
1
answer
87
views
Is this a possible framework to hide the website that is being accessed from the ISP (without a VPN)?
I am a layman in this field, so forgive me if this is not correct. The framework I thought of involves every website having two public keys and two private keys.
Call public keys p and q, and the ...
- 113
11
votes
1
answer
1k
views
Why aren't RSA public keys and signatures compressed in practice?
According to Bernstein[1], it is possible to compress RSA/Rabin public keys by a factor of 2 and 3. And compress signatures by a factor of 2. Apparently, by using Coppersmith's lattice methods.
I wasn'...
- 113
0
votes
0
answers
63
views
Is there any structural attack on quadratic prime-gap commitments?
Consider the following construction based on an exact quadratic gap between two primes.
Let 𝑝 be a public prime. A valid private structure consists of:
• a prime 𝑞 such that 𝑞 > 𝑝;
• a ...
5
votes
2
answers
716
views
Can a CRQC crack ECC without a public key?
Using a sealed_box type construct (eg. tool like age[1]) with non-hybrid ECC.
Payload is encrypted to some recipient ECC public key.
In this scenario, the recipient public key remains secret.
Having ...
- 53
0
votes
0
answers
52
views
CPA secure scheme without circular security
Construct a public-key encryption scheme which is CPA secure
but not circularly secure, relying only on the existence of public-key encryption
schemes.
This is a problem from my cryptography course ...
2
votes
1
answer
177
views
Question about some details in SQIsign signing algorithm
The reference is Algorithm 4.2 on page 40 in this document https://sqisign.org/spec/sqisign-20250707.pdf.
I'm confused by lines 28-33. We have $I_{com,rsp}$ correspond to the isogeny $\varphi_{rsp}^{...
- 976
4
votes
1
answer
160
views
Hardcore Predicate for ECDLP
The 1999 paper "The Security of all RSA and Discrete Log Bits" by Hastad and Naslund here states that any block of $O(\log \log N)$ bits where $N=pq,$ of the encrypted RSA output is known to ...
- 25.9k
4
votes
2
answers
333
views
On the unfoundedness of signing as "inverse" of public-key decryption
In their book "Introduction to Modern Cryptography," Katz and Lindell wrote:
Digital signatures are often mistakenly viewed as the “inverse” of public-key
encryption, with the roles of the ...
- 204
2
votes
1
answer
108
views
Public-key steganography
Are there methods for Public-Key steganography with:
Key generation as in public-key encryption
Encryption producing (when successful) a Stego Object (analog to ciphertext) from
Public Key
Payload (...
- 151k
2
votes
2
answers
219
views
Application of True Randomness generators in Cryptography
What is the exact application or True Randomness in Cryptography, either symmetric or public key?
It is well known that the symmetric keys of encryption algorithms are supposed to be chosen randomly ...
- 191
3
votes
2
answers
203
views
Deuring correspondence in SQIsign
I have some questions to clarify my understanding about Deuring correspondence between quaternions and isogenies in SQIsign(2D) version 2.0.1 https://sqisign.org/
Let $E_0$ be an elliptic curve with ...
- 976
3
votes
2
answers
205
views
What happens in RSA when $e=23$ is a factor of $p-1$?
I want to understand how to relate that
$e = 23$
$e$ divides $(p-1)$
I have the value $(p+q)\gg 100$ (where $\gg$ stands for right-shift)
I have the value $g = d^{-1}\bmod \varphi$ where $d$ is a ...
- 63
7
votes
4
answers
2k
views
Can Alice deny her signature by retracting her public key?
Alice sends Bob an arbitrary message M, signed with her private key. Bob verifies M with her public key A. Later, Alice claims that her public key was actually B all along, and M cannot be her message....
- 173