/r/crypto

Photograph via snooOG

Cryptography is the art of creating mathematical assurances for who can do what with data, including but not limited to encryption of messages such that only the key-holder can read it. Cryptography lives at an intersection of math and computer science.

This is a technical subreddit covering the theory and practice of modern and strong cryptography.

Cryptography

... is the art of creating mathematical / information theoretic assurances for who can do what with data, including but not limited to the classical example of encrypting messages so that only the key-holder can read it. Cryptography lives at an intersection of math and computer science.

This subreddit is intended for links and discussions surrounding the theory and practice of modern and strong cryptography.

Please note that this subreddit is technical, not political! The focus is on the algorithms and the security of the implementations.


Want to join?

Because this subreddit currently is in restricted mode, you will NOT be able to post or comment before your account has been approved. Send us a reason for why you want to join via mod mail, click here and tell us why you want to discuss cryptography;

https://www.reddit.com/message/compose/?to=/r/crypto


NOTE: This is NOT a cryptocurrency subreddit, see /r/cryptocurrency

RULES

(along with normal reddiquette)

Don't forget to read our RULES PAGE! The rules listed there are also used as this sub's report reasons. The quick version;

  • Assume good faith and be kind. This is a friendly subreddit.
  • Codes, simple ciphers, ARGs, and other such "weak crypto" don't belong here. (Rule of thumb: If a desktop computer can break a code in less than an hour, it's not strong crypto.) You're probably looking for /r/codes.
  • Do not ask people to break your cryptosystem without first sharing the algorithm. Sharing just the output is like...
  • "Crack this cipher" challenges also belong in /r/codes unless they're based on interesting crypto implementation bugs, e.g. weak RSA keys.
  • Familiarize yourself with the following before posting a question about a novel cryptosystem, or else the risk is nobody will take their time to answer:
  • Don't use this sub to cheat on competitions or challenges! You're expected to solve such problems yourself. You may ask for help to understand it, but you should disclose the source.
  • Systems that use crypto are not necessarily relevant here, e.g. Bitcoin. Maybe try /r/cryptocurrency? Political news also very rarely belong here. See the list of related subs below for alternatives. Remember that this sub is focused on the algorithms, and isn't political.

  • RESOURCES

    Internal:

    External:

    Other subreddits that may be of interest:

    Theory:

    Practical:

    Educational, hobbyist:

    Political and in the news:

    Software:

    Related:

    Memes and low effort submissions:


    Feel free to message the moderators with suggestions for how to improve this subreddit, as well as for requesting adding links in the sidebar.

    /r/crypto

    303,421 Subscribers

    5

    Programming Modular Arithmetic: Modular Multiplication, Exponentiation, and Inversion

    Hello everyone! I decided to write a blog article continuing my discussion how you can write modular arithmetic programs safely. In this new blog article I discuss the following:

    Outline

    1. Modular Arithmetic
      1. Modular Multiplication
      2. Modular Multiplicative Inverse (Its Modular Division)
        1. Greatest Common Divisor Algorithm
        2. Extended Euclidean Algorithm
        3. Optimized Binary Extended Euclidean Algorithm
        4. Constant Time Binary Extended Euclidean Algorithm
      3. Modular Exponentiation
        1. Optimized Binary Modular Exponentiation
        2. Square-and-Multiply Algorithm
      4. Primality Test Using Miller-Rabin and Trial Division
      5. Modular Inversion for Prime Moduli

    Please let me know if you find anything missing or wrong in the article. Thanks!

    12 Comments
    2024/06/25
    00:18 UTC

    4

    Weekly cryptography community and meta thread

    Welcome to /r/crypto's weekly community thread!

    This thread is a place where people can freely discuss broader topics (but NO cryptocurrency spam, see the sidebar), perhaps even share some memes (but please keep the worst offenses contained to /r/shittycrypto), engage with the community, discuss meta topics regarding the subreddit itself (such as discussing the customs and subreddit rules, etc), etc.

    Keep in mind that the standard reddiquette rules still apply, i.e. be friendly and constructive!

    So, what's on your mind? Comment below!

    3 Comments
    2024/06/24
    10:00 UTC

    7

    Detected a common flaw in seeded non-crytographic hash functions

    This finding is not new, it was reported on Reini Urban's SMHasher fork, in a commit nobody probably have read. I've found a test construction (I'm the author) where a lot of hash functions fail when seeded. The failure seems minor, but it's unclear if it can be expanded into larger attacks on hashes. In any case, a fail in such a massive number of hash functions makes me think some things are not well understood on a known theoretic level. Of course, more recent hash functions are tested against this flaw, but it does not mean general understanding improved.

    https://github.com/rurban/smhasher/commit/9ca488454eda4dae9ac795147696135e5cdf7dbe

    The failing functions are:

    sdbm, City32, sha1ni_32. mx3, mirhashstrict, wyhash, wyhash32low,
    MUM, xxh3, xxh128, xxh128low, Crap8, JenkinsOOAT, asconhashv12*, farsh* (all),
    jodyhash32, k-hash32, lookup3, mirhash* (all), nmhash32, sha1ni*, t1ha1_64*
    11 Comments
    2024/06/23
    12:15 UTC

    10

    Decentralized Communities Using Public-Key Cryptography

    Hello,

    I have lately been looking into a way to have decentralized communities or domain spaces using public key cryptography (digital signatures to be exact) like Schnorr.

    In this method, anyone can make a decentralized community, like in nostr, and assign that to a domain space or use the fingerprint (although collisions are a concern).

    Here is the basis of it, not much work has been done: Slinky-RFC

    Apologies for poor quality but I think a lot of interesting stuff can be done especially when combined with a block lattice (which requires send and receive).

    6 Comments
    2024/06/19
    17:29 UTC

    5

    What Are The Defacto Post-Quantum Digital Signatures Being Used/Studied?

    So what are people looking into. Dilithium and Falcon are both interesting but key size is still quite large. Are there any better alternatives besides one-time keys like lamport, WOTS+?

    7 Comments
    2024/06/19
    17:23 UTC

    7

    Monthly cryptography wishlist thread

    This is another installment in a series of monthly recurring cryptography wishlist threads.

    The purpose is to let people freely discuss what future developments they like to see in fields related to cryptography, including things like algorithms, cryptanalysis, software and hardware implementations, usable UX, protocols and more.

    So start posting what you'd like to see below!

    0 Comments
    2024/06/18
    10:00 UTC

    5

    Weekly cryptography community and meta thread

    Welcome to /r/crypto's weekly community thread!

    This thread is a place where people can freely discuss broader topics (but NO cryptocurrency spam, see the sidebar), perhaps even share some memes (but please keep the worst offenses contained to /r/shittycrypto), engage with the community, discuss meta topics regarding the subreddit itself (such as discussing the customs and subreddit rules, etc), etc.

    Keep in mind that the standard reddiquette rules still apply, i.e. be friendly and constructive!

    So, what's on your mind? Comment below!

    0 Comments
    2024/06/17
    10:00 UTC

    3

    Proposal to reverse/crack a PRNG - prvhash/Gradilac

    It's not a new project, and I consider it myself complete. However, I'm still looking for validation of my "security" tests. The challenge is not hard - try to reverse/find initial state of the system after 5 (or maybe 6) initial calls to prvhash_core64, and from any number of further XORed adjacent outputs. The project is here: https://github.com/avaneev/prvhash, but I'll copy&paste the C function here, so you do not have to read and wander much. It does look simple, but it's not a "low-effort" kind of thing, I do really can't reverse it with SAT solving, and due to its complex feedback nature I have little idea how to build a reverse formula. Seed,Hash are seed variables, can be initialized to any values (lcg is best kept zero) - so any solution is good here, if you can find breakable initial numbers, that's good too. Note that without XORing SAT solving is very fast, it's a vital part.

    static uint64_t prvhash_core64( uint64_t* const Seed0, uint64_t* const lcg0, uint64_t* const Hash0 )

    { uint64_t Seed = *Seed0; uint64_t lcg = *lcg0; uint64_t Hash = *Hash0;

    Seed *= lcg * 2 + 1;
    
    const uint64_t rs = Seed >> 32 | Seed << 32;
    
    Hash += rs + 0xAAAAAAAAAAAAAAAA;
    
    lcg += Seed + 0x5555555555555555;
    
    Seed ^= Hash;
    
    const uint64_t out = lcg ^ rs;
    
    *Seed0 = Seed; *lcg0 = lcg; *Hash0 = Hash;
    
    return( out );

    }

    So, the basic PRNG with some, currently not formally-proven, security is as follows (XOR two adjacent outputs to produce a single "compressed" PRNG output):

    v = prvhash_core64( &Seed, &lcg, &Hash );
    v ^= prvhash_core64( &Seed, &lcg, &Hash );
    6 Comments
    2024/06/16
    08:25 UTC

    10

    What hardware would be more effient for FHE acceleration?

    I'm currently studying FHE and I'm also really interested in algorithm optimizations. I'm willing on researching about FHE acceleration for my Master's thesis, so I want to know from you: what hardware would you prefer using for accelerating FHE schemes such as CKKS? It needs to be energy efficient and fast.

    2 Comments
    2024/06/14
    01:14 UTC

    3

    using pki to sign documents

    someone please enlighten me about pki subtleties.

    my idea is to use the pki for signing documents that can be verified later. the goal would be to ease the task of the verifier, not using some arcane formats, but something you can check with standard tools.

    what i don't get is that certs expire. will the signature be meaningful after many years? assuming many items on the cert chain are now expired or revoked. the question is: was it valid at the time.

    also, are there any tools to easily verify a document? something i can trust an average IT guy can do. it appears to me that openssl can do it in some steps, which is kinda acceptable.

    is this even a good idea?

    12 Comments
    2024/06/13
    11:47 UTC

    10

    Cryptography II by Dan Boneh has been removed from Coursera, any alternative sources?

    I'm interested in learning about cryptography and I found a great course on coursera called Cryptography I by Dan Boneh. From what I have found online, this course is a part 1 of 2. Any links provided that are supposed to take me to Cryptography II by Dan Boneh, lead me to a course not found page. Searching for it on the website does not show it.

    Does anyone know where I can find this course?

    10 Comments
    2024/06/13
    09:21 UTC

    0

    Spot-On Encryption Suite - FAQ & Forum @ Reddit

    Hello, want to share the FAQ and Forum info for the encryption application Spot-On at Reddit with you, if you may like to join too:

    https://www.reddit.com/r/Spot_On_Encryption/

    Spot-On is an open-source Encrpytion Suite for secure Chat & E-Mail, File Transfer and also Websearch in a F2F distributed URL-Database.

    Means: Spot-On is a Messaging and File-Transfer Application. With RSS you can import, read, search and distribute your feeds f2f to your friends over encrypted connections.

    Enhanced encryption processes have been invented and improved for implementation in Spot-On: such as McEliece-Messaging (Linux), Cryptographic Calling, Zero-Knowledge-Proofs, AutoCrypt via REPLEO and EPKS, Fiasco Forwarding, POPTASTIC-Messaging over E-Mail-Servers, Chipher-Text conversion tools like Rosetta Crypto Pad, Socialist-Millionaire-Security and many more.

    Spot-On utilized the Echo-Protocol for the network, it provids end-to-end encryption (and therefore utilizes not a web-of-trust, which is only point-to-point encryption). Spot-On is in the groupchat and for servers compatible with Smoke Crypto Chat Messenger from F-Droid.org

    0 Comments
    2024/06/12
    09:44 UTC

    0

    Programming Modular Arithmetic for Cryptography (Part 1)

    Hello everyone!

    If you are interested in learning how to program modular arithmetic useful for cryptography I have started a series of blog posts starting with this one here.

    In it I discuss the following topics:

    Introduction to Programming Modular Arithmetic for Cryptography (Part 1)

    1. Why I Chose C++ as The Programming Language for Language Exercises
    2. How to Compile Sample Programs in the C++23 Standard
    3. Definition of Modulus Operation: What Is It?
    4. Integer Safe Program of Modulus Operation Without Risk of Integer Overflow/Underflow
    5. Modular Arithmetic
      1. Why Are We Learning To Code This?
      2. Integer Safe Modular Addition
      3. Integer Safe Modular Subtraction

    My blog post comes complete with exercises and solutions for you to test your understanding. Please let me know if you believe anything is missing in the blog or is factually wrong. Thanks!

    0 Comments
    2024/06/10
    18:47 UTC

    9

    Why Is C The De Facto Standard for Production-Ready Cryptography?

    The vast majority of Cryptographic libraries are still written in C--a language infamous for being unsafe. Why is it that we are still using this language that is known to be difficult to write secure programs in when there are other options that are less vulnerable?

    9 Comments
    2024/06/10
    18:41 UTC

    3

    Weekly cryptography community and meta thread

    Welcome to /r/crypto's weekly community thread!

    This thread is a place where people can freely discuss broader topics (but NO cryptocurrency spam, see the sidebar), perhaps even share some memes (but please keep the worst offenses contained to /r/shittycrypto), engage with the community, discuss meta topics regarding the subreddit itself (such as discussing the customs and subreddit rules, etc), etc.

    Keep in mind that the standard reddiquette rules still apply, i.e. be friendly and constructive!

    So, what's on your mind? Comment below!

    0 Comments
    2024/06/10
    10:00 UTC

    5

    Starting with cryptography

    Hi! I want to become a cryptographer but I do not know where to start. I already know python, does someone have recommendations of websites or books to start my journey in cryptography?

    2 Comments
    2024/06/09
    07:40 UTC

    Back To Top