Tag Info

Hot answers tagged algorithm

28 votes

Implementation of diceware: do I have to simulate dice roll?

The reason Diceware advocates using dice to select a password is that it ensures the password the user gets is generated randomly. So no, as long as you are certain your program is selecting the ...

Ajedi32

4,853

answered May 21, 2018 at 15:21

18 votes

Accepted

Why is asymmetric encryption less efficient than symmetric encryption?

This depends on the algorithm. Especially with asymmetric cryptography, the speeds vary wildly. You may want to check out eBACS for more detailed and machine-independent benchmarking of various crypto ...

forest

67.8k

answered May 9, 2018 at 23:39

15 votes

Accepted

Do all Authenticator Apps use the same algorithm?

these apps are use the same algorithm which is a generic algorithm not an application developer's algorithm. Am I right ? Yes. There are two commonly used protocol for authenticator apps: HOTP (HMAC-...

Lie Ryan

31.8k

answered Sep 22, 2018 at 14:27

14 votes

Implementation of diceware: do I have to simulate dice roll?

Yes, this is perfectly fine to do. With a good PRNG, each element will have exactly the same odds of being chosen, if you do the limitation (1 to n) correctly. (I have personally done a diceware ...

David

16.2k

answered May 21, 2018 at 15:23

13 votes

Accepted

Is MD5 hashing possible by divide and conquer algorithm

The classical solution is using the Merkle-Tree. To use the Merkle-Tree for uploading, the client forms the Merkle-Tree and calculates the hashes, and sends you the root hash in advance in a secure ...

kelalaka

5,599

answered Dec 10, 2020 at 14:38

11 votes

Accepted

Asymmetric encryption of very small messages

Probably the best you can do is to use Curve25519 to derive a secret and then use the secret to derive a key and IV which are used to encrypt the data symmetrically with an AEAD. That would expand ...

bk2204

9,837

answered Jan 16, 2022 at 22:00

9 votes

Accepted

Drawbacks of ML in cyber security?

You are asking a couple different questions at once: how is ML implemented by a certain vendor, and how could it be implemented to be effective. Let's focus on the later. I have designed such ...

schroeder♦

134k

answered Oct 9, 2017 at 8:54

8 votes

Accepted

Is there such a cryptographic algorithm?

Standard cryptographic algorithms will do this. If you use the wrong key in a standard symmetric cipher (like AES) it will decrypt the data into a random series of bytes that will look like ...

dr jimbob

39.6k

answered Feb 28, 2020 at 14:19

7 votes

Accepted

Is this Python program secure?

Short answer: No, it's not secure. Anything based on substitution ciphers will be vulnerable to frequency analysis. I'm not totally clear what you mean by this: [keygen:] build a dict char -> list ...

Mike Ounsworth

59.6k

answered May 28, 2018 at 18:02

6 votes

Is it more secure encrypting 3 times with GPG?

You may be surprised to learn the answer is "you are probably less secure." Security isn't simply asking "can someone else hack my crypto?" Security is a big picture for protecting yourself and your ...

John Deters

answered Nov 4, 2017 at 18:58

5 votes

Is there a difference between encryption keys and encryption certificates?

Certificates are used to create a Public Key Infrastructure (PKI). Generally the X.509 form of certificates are used, in which case the PKI is called PKIX, after the standard. The private keys within ...

Maarten Bodewes

5,055

answered May 5, 2018 at 20:52

5 votes

Which algorithm is safest if we exclude AES, Twofish, Serpent and Whirpool?

I won't say that it's overkill, but I will say that I think you need to get a better understanding of cryptography before attempting to secure your data for 100+ years. Encrypting in a cascade is ...

forest

67.8k

answered May 13, 2019 at 1:55

5 votes

Accepted

Can a hashing function be implemented insecurely?

Unlikely First of all, the implementation of a hashing function could be faulty in terms of software engineering. That doesn't mean the implementation is insecure per se, but means that you are not ...

usr-local-ΕΨΗΕΛΩΝ

5,448

answered Jun 28, 2019 at 11:58

5 votes

Accepted

Is it possible to brute-force the original message of SHA-256 given the size of original string?

Given the original length L of the string, you could consider that the effort to retrieve it is 92 power L (92 is 26 lowercase + 26 uppercase + 10 digits + 30 punctuation) instead of 2 power 256. So ...

Sibwara

1,378

answered Jul 10, 2020 at 15:02

5 votes

Is there a well-defined algorithm to find preimages in MD5?

You won't be able to find a preimage for MD5. The best preimage attack against MD5 has a complexity of 2123.4 and requires 245 × 11 words of memory. This is faster than brute force, which has a ...

forest

67.8k

answered Apr 22, 2022 at 0:24

4 votes

How to decrypt a text with substitution cipher?

You should be able to crack it with some simple statistics analysis, using common patterns of english language. For example the word 'the' or 'is' will appear frequently and same word would appear the ...

Kaiyi Li

answered Aug 27, 2017 at 21:53

4 votes

Accepted

How to interpret security impact of "Server Signature Algorithms" (sslscan)

Here is the code: https://github.com/rbsec/sslscan/blob/master/sslscan.c#L5584 The software has an array of values of TLS "SignatureAndHashAlgorithm", 2 byte values which before TLS 1.3 used ...

Z.T.

8,794

answered Jun 23, 2020 at 14:18

4 votes

Always leaking ext4 superblock

As a practical matter, every encrypted data container is going to have some sort of unencrypted (but possibly authenticated) metadata to help identify it and extract important information, like ...

bk2204

9,837

answered Apr 27, 2022 at 22:10

3 votes

What is the standard practice to maintain a password for different websites?

As @josef already mentioned, the best solution is to use a password manager and generate a random password for every account. Here are a few best practices regarding the use of e.g. KeePass: Make ...

SeeYouInDisneyland

1,472

answered Nov 12, 2018 at 10:37

3 votes

What is the standard practice to maintain a password for different websites?

There are different mitigations suggested like for example PasswordCard or some hints how to extend your password with the site name or even hash tools. But the only best practice is to use a ...

Josef

6,021

answered Nov 12, 2018 at 10:22

3 votes

Encryption and Hash algorithms explanation

Encryption describes a method to encrypt and decrypt data. In other words, you can get the original data back, if you know the key. Encryption can further be divided into symmetric encryption and ...

Jacco

7,772

answered Jan 24, 2019 at 8:24

3 votes

Accepted

Is there a standard checksum for verifying multipart key fragments?

There is no standard algorithm for key verification*, but there are standard checksums. Assuming verification is done to detect simple mistakes when retrieving or submitting the key, any reliable ...

forest

67.8k

answered May 25, 2018 at 2:35

3 votes

Do all Authenticator Apps use the same algorithm?

All of the apps you listed share an algorithm. This allows them to be compatible and largely interchangeable. However, there are other schemes that appear nearly identical from a user standpoint but ...

TBridges42

answered Sep 25, 2018 at 2:05

3 votes

Implementation of diceware: do I have to simulate dice roll?

Ajedi32's answer is a great one. I wanted to emphasize one detail which may help answer your question better. The key to secure password generation is to ensure that your password is unpredictable. ...

Cort Ammon

9,486

answered May 22, 2018 at 15:35

3 votes

Accepted

Promotional code based on numerical value

no additional field in the database - through algorithm the promotional code can be decoded back to userid While this would usually be solved through an additional table with cross references, ...

Tobi Nary

14.5k

answered Apr 18, 2018 at 11:10

3 votes

What is the most crypto-resistive algorithm to safely send information?

There is not a known answer to this. There are algorithms that are viewed as secure and algorithms that aren't - "secure" algorithms may contain flaws but to date they are not publicly known. Schneier ...

Hector

answered Oct 4, 2017 at 13:51

3 votes

Rearranging hash adds no security?

First of all, based on Kerckhoffs's principle, you must assume that an attacker knows the algorithm you used to hash the passwords, so doing things differently than others won't make you secure by ...

Benoit Esnard

14.7k

answered Mar 14, 2018 at 12:15

3 votes

Using a home-brewed hash for passwords for a insignificant website

This might make sense under the assumption that an attacker doesn't know how your algorithm works. Unfortunately that isn't a realistic assumption. Sometimes the attacker is an insider (in fact, ...

Conor Mancone

31.9k

answered Feb 6, 2020 at 14:49

3 votes

How bad would a Hash algorithm leak would be?

Algorithms used by web sites for salting and hashing passwords are generally not secret. For example, the algorithm used by Argon2 (which is a modern function for salting and hashing passwords) can ...

mti2935

answered Mar 14, 2024 at 18:32

2 votes

Accepted

Hide algorithm and variables

You are looking for something called fully homomorphic encryption. The gist of it is that party A can compute stuff using your variables without knowing your variables (mind blown, I know). It would ...

user196499

1,121

answered Feb 23, 2018 at 20:52

Only top scored, non community-wiki answers of a minimum length are eligible

164

questions tagged

algorithm

algorithm × 164
encryption × 55
hash × 47
cryptography × 23
passwords × 18
aes × 10
authentication × 7
decryption × 7
rsa × 6
php × 5
password-management × 5
brute-force × 5
asymmetric × 5
key × 5
digital-signature × 4
file-encryption × 4
.net × 4
salt × 4
md5 × 4
bcrypt × 4
cipher-selection × 4
sha256 × 4
tls × 3
password-cracking × 3
databases × 3

Tag Info

Hot answers tagged algorithm

Related Tags