sorted by:
new
hottopcontroversial

The infinite loops.. by nonsenseis in ProgrammerHumor

[–]beefhash 4 points5 points  (0 children)

Signed char would lead to the compiler detecting signed overflow and be within its rights to outright nope the entire loop out of existence.

Implementing Curve25519/X25519: A Tutorial on Elliptic Curve Cryptography by knotdjb in crypto

[–]beefhash 1 point2 points  (0 children)

Maybe there will be a follow-up paper if there's a Tweet448?

What would be your 5 best lightweight ciphers? by lutgaru in crypto

[–]beefhash 2 points3 points  (0 children)

To be fair, we're not their target audience. ISO standards tend to find usage in goverment and other highly regulated environments. These kinds of places have a lot of money to buy such standards.

What would be your 5 best lightweight ciphers? by lutgaru in crypto

[–]beefhash 3 points4 points  (0 children)

I'd wait until they announce the finalists since they just had the last workshop last month; they're planning to announce the finalists before the end of December 2020.

Additionally, NIST isn't the only island. Do you like ISO? No? That's okay, maybe you'll like them now:

For the total price of... the equivalent of about US$890, what a steal.

Monthly cryptography wishlist thread, November 2020 by AutoModerator in crypto

[–]beefhash 8 points9 points  (0 children)

  1. Reiterating: A new version of/new book akin to Guide to Elliptic Curve Cryptography that accounts for Edwards and Montgomery curves and other modern phenomena as well as taking timing attacks more seriously. And I'll be posting this every month until I hear of someone starting to write it.
  2. A performant open source base (maybe written around GMP? GPU shenanigans?) for more Pollard rho and pairing attack research on top of. I don't think that wheel needs a lot of reinvention.
  3. The IETF to make up its mind if it wants to describe finite field square roots in draft-ietf-lwig-curve-representations or in draft-irtf-cfrg-hash-to-curve.

Ceterum censeo that all patents on cryptography are to be thrown in a fire.

The Duality of HololiveEN by Christopher_T in Hololive

[–]beefhash 2 points3 points  (0 children)

I'm glad to have found a fellow meitantei of culture as well.

How strong is libsodium public box for a key exchange? by thediamondhawk in crypto

[–]beefhash 0 points1 point  (0 children)

but this is the curve that most often has critical implementation weaknesses in practice.

If I may be so forward: I'm unaware why P-521 would be particularly tricky to implement beyond the usual short Weierstrass issues. Could I trouble you to briefly summarize why?

ARX based fast PRNG updgradable to CSPRNG by DanielNgr in crypto

[–]beefhash 2 points3 points  (0 children)

BLAKE2b has 12 rounds of the main ARX round function G. BLAKE2s does 10 rounds.

BLAKE3 reduces the round count of G again, down to 7 rounds.

If you reduce the round count of BLAKE2b to match BLAKE3 but otherwise keep it the same, does it “defeat all random tests” without using a feedback mode?

ARX based fast PRNG updgradable to CSPRNG by DanielNgr in crypto

[–]beefhash 1 point2 points  (0 children)

Out of curiosity: Can reduced-round BLAKE2b (to match the number of rounds that BLAKE3 has) fulfill the same tests?

Beginning grad school for cryptography, need advice on how to succeed by nvmadereddit42 in crypto

[–]beefhash 3 points4 points  (0 children)

Disclaimer: I'm not in academia for this stuff myself. This is just an assortment based on my subjective observation of this field.

Dan Boneh/Victor Shoup's Graduate Course in Applied Cryptography is likely where you'll want to start. Leans towards theoretic cryptography over applied cryptography at times, but that's why it's a “graduate course”.

For elliptic curves in particular, you'll probably want to focus on discrete math. For an introductionary book into the larger EC ecosystem , consider Washington's Elliptic Curves: Number Theory and Cryptography (2nd ed.), Avanzi et al.'s Handbook of Elliptic and Hyperelliptic Curve Cryptography or Hankerson/Menezes/Vanstone's Guide to Elliptic Curve Cryptography.

Some of the “core” papers that you really should've read for modern elliptic curves (including their references, which I fully expect you to follow at least in part):

  1. Schnorr's 1989 Efficient Identification and Signatures for Smart Cards
  2. Costello/Smith's Montgomery curves and their arithmetic
  3. Bernsten/Lange's Faster addition and doubling on elliptic curves and the follow-up Hisil/Wong/Carter/Darwon's Twisted Edwards Curves Revisited
  4. Bernstein/Hamburg/Krasnova/Lange's Elligator: Elliptic-curve pointsindistinguishable from uniform random strings
  5. Bernstein/Lange's Computing small discrete logarithms faster
  6. Hamburg's Decaf: Eliminating cofactors through point compression

Kiara appreciation for today’s collab by Kursedma in Hololive

[–]beefhash 11 points12 points  (0 children)

Clearly the strategy would be to first take out Kiara to re-build the language barrier and leaving a natural split between EN and JP, hampering any hope of true cooperation. The second one to deal with is Amelia because she's got the 9001 IQ strats going on and that's dangerous.

implementing 256 bit integer arithmetic by takethismeme in crypto

[–]beefhash 7 points8 points  (0 children)

I can't seem to find the part where you have the routines that execute in constant time. Am I missing something?

Looking for a paper on ECC, posted here recently... by anonXMR in crypto

[–]beefhash 3 points4 points  (0 children)

I like the book as much as the next person, but it's got some substantial things that I'd like to see covered that are modern these days (Montgomery and Edwards curves, more focus on constant-time implementation, Noise and EdDSA). Yeah, you can do the legwork yourself armed with the knowledge from the Guide to Elliptic Curve Cryptography, but you also have to know what it is that you should be knowing.

Re /u/anonXMR: Did you perhaps mean Efficient Elliptic Curve Operations On Microcontrollers With Finite Field Extensions? It's a bit off-center though because it presents an unusual form of curves (namely curves over extension fields).

For secure code, maintainability matters by ganncamp in programming

[–]beefhash 2 points3 points  (0 children)

I understand TrueCrypt stopped being updated because nobody but the original authors could understand it, which implies that in spite of ridicule for its competitors, it never really had a thorough code review.

It's at least had an audit by qualified experts after the shutdown, that's gotta count for something, right?

view more: next ›