Comment by Command Master on Why don't basically all "clusters" and similar...
Shamir's secret sharing is provably information-theoretically secure — even an unbounded adversary can't learn anything about the secret if he doesn't have enough shares
View ArticleComment by Command Master on A semantically secure encryption scheme can not...
@kelalaka The definition I know of semantic security requires $|m_1| = |m_2|$, otherwise the length of the output can't be bounded by a polynomial (because if it was you could encrypt $0$ and a random...
View ArticleComment by Command Master on Homomorphic encryption with multiple keys that...
If the key of $f\cdot g$ is compromised and the attack knows a message encrypted with $f, g$ then he can decrypt messages. It might be possible to hide the keys themselves, but you still get a total break
View ArticleComment by Command Master on Secret sharing scheme which cannot tell fake...
@Mikero it doesn't - you can't tell the real shares, so you couldn't recover it from the array
View ArticleComment by Command Master on Is F(k,k) $\oplus$ F(k,x) a pseudorandom...
If you randomly choose a value $r$ and then look at $G(x) = \hat{F}(k, r) \oplus \hat{F}(k, x)$, what happens?
View ArticleComment by Command Master on Where are TRNGs an absolute need?
Could you clarify what you mean by "a long running prejudice on this site towards OTPs"?
View ArticleComment by Command Master on Detecting Cheaters in a Secret Sharing Scheme...
You can try using a Reed—Solomon decoding algorithm, perhaps some can incorporate the knowledge of $m$.
View ArticleHow big does M need to be in Blum Blum Shub?
I've read that Blum Blum Shub is a CSPRNG, defined by $x_{n+1} = x_n^2 \bmod M$. I didn't understand that, and couldn't find any sources on how big $M$ should be.Are 32 bits enough? 64 bits? Or are...
View ArticleAnswer by Command Master for Homomorphic encryption with multiple keys that...
If an attacker has the key of $f\cdot g$, then assuming he knows some pair $x, f(x)$, he can decrypt messages encrypted with $g$ - he can use the homomorphism to calculate $f(x) \cdot g(y) = f\cdot...
View ArticleAnswer by Command Master for Is it possible: delayed secure hamming distance
If you can have multiple servers of which at least one isn't compromised this is possible, using something similar to function secret sharing.Let's say there are $n$ bits. Alice would share each of her...
View ArticleComment by Command Master on One-way permutation over a small interval?
Showing that a function is invertible usually requires either to explicitly exhibit an inverse, and I'm not aware of any case where that inverse wouldn't be polynomial, or for it to be mathematically...
View ArticleComment by Command Master on How often do hard-to-factor numbers occur?
This seems more like a question in number theory than cryptography, how many semiprimes are there in some range whose smallest factor is bigger than some bound and the factors aren't too close. Are...
View ArticleComment by Command Master on Using Shamir secret sharing algorithm for strings
The second method stops the secret sharing from being information theoretically secure (which is a property of Shamir's algorithm).
View ArticleComment by Command Master on How do I generate a sequence of numbers with...
@fgrieu as I read the question the adversary actually knows $V$. But it is indeed unclear if the list is the input or we only need to find an order for $[0, 2^b)$
View ArticleComment by Command Master on Why is zero knowledge defined via simulation...
Have you tried looking at examples of simulators for classic zero knowledge problems (proving quadratic residuosity of some number, for example)? I think it could help with intuition for what this...
View Article
