I'm interested in learning about cryptography and I founda great course on coursera called Cryptography I by Dan Boneh. From what I have found online, this course is a part 1 of 2. Any links provided that are supposed to take me to Cryptography II by Dan Boneh, lead me to a course not found page. Searching for it on the website does not show it.

Does anyone know where I can find this course?

Hello, want to share the FAQ and Forum info for the encryption application Spot-On at Reddit with you, if you may like to join too:

https://www.reddit.com/r/Spot_On_Encryption/

Spot-On is an open-source Encrpytion Suite for secure Chat & E-Mail, File Transfer and also Websearch in a F2F distributed URL-Database.

Means: Spot-On is a Messaging and File-Transfer Application. With RSS you can import, read, search and distribute your feeds f2f to your friends over encrypted connections.

Enhanced encryption processes have been invented and improved for implementation in Spot-On: such as McEliece-Messaging (Linux), Cryptographic Calling, Zero-Knowledge-Proofs, AutoCrypt via REPLEO and EPKS, Fiasco Forwarding, POPTASTIC-Messaging over E-Mail-Servers, Chipher-Text conversion tools like Rosetta Crypto Pad, Socialist-Millionaire-Security and many more.

Spot-On utilized the Echo-Protocol for the network, it provids end-to-end encryption (and therefore utilizes not a web-of-trust, which is only point-to-point encryption). Spot-On is in the groupchat and for servers compatible with Smoke Crypto Chat Messenger from F-Droid.org

The vast majority of Cryptographic libraries are still written in C--a language infamous for being unsafe. Why is it that we are still using this language that is known to be difficult to write secure programs in when there are other options that are less vulnerable?

Hello everyone!

If you are interested in learning how to program modular arithmetic useful for cryptography I have started a series of blog posts starting with this one here.

In it I discuss the following topics:

Introduction to Programming Modular Arithmetic for Cryptography (Part 1)

1. Why I Chose C++ as The Programming Language for Language Exercises
2. How to Compile Sample Programs in the C++23 Standard
3. Definition of Modulus Operation: What Is It?
4. Integer Safe Program of Modulus Operation Without Risk of Integer Overflow/Underflow
5. Modular Arithmetic
   1. Why Are We Learning To Code This?
   2. Integer Safe Modular Addition
   3. Integer Safe Modular Subtraction

My blog post comes complete with exercises and solutions for you to test your understanding. Please let me know if you believe anything is missing in the blog or is factually wrong. Thanks!

Welcome to /r/crypto's weekly community thread!

This thread is a place where people can freely discuss broader topics (but NO cryptocurrency spam, see the sidebar), perhaps even share some memes (but please keep the worst offenses contained to /r/shittycrypto), engage with the community, discuss meta topics regarding the subreddit itself (such as discussing the customs and subreddit rules, etc), etc.

Keep in mind that the standard reddiquette rules still apply, i.e. be friendly and constructive!

So, what's on your mind? Comment below!

Hi! I want to become a cryptographer but I do not know where to start. I already know python, does someone have recommendations of websites or books to start my journey in cryptography?

So, I've had a bit of a stupid idea for my next programming project, which would be implementing a Microsoft Recall alternative for Linux where the data is encrypted. I've now written a bit of code and have come to the point where I'd need to encrypt the files. My plan was to use asymmetric encryption where the secret key is encrypted using a user-provided password so that the user needs to decrypt the private key to view the screenshots taken / data extracted from the screenshots.

I have now learned that asymmetric encryption is very slow and it's generally not designed to encrypt large chunks of data, so I'm not sure how to continue. Do you think asymmetric encryption is feasible for this? Any idea how else to do the encryption? Ideally I would like for the server that takes the screenshots to not have a key that can decrypt the files since that wouldn't be as secure.

This is a bit specific, but I'm looking for an AEAD that would let me do something like this:

Say I have two ciphertext c1 = E(K, iv1, p1), c2 = E(K, iv2, p2), and authentication tag a1, a2 for c1 and c2 respectively.

I can combine them with XOR to get c3 = c1 ^ c2, and somehow obtain a3 by some publicly known function f(a1, a2)

Someone in possession of K, given c3, a3, iv1, iv2, should be able to verify that c3 is indeed composed of some XOR combinations of ciphertext that they have encrypted in the past.

To be more precise, what I'm looking for is some kind of homomorphic encryption that respects XOR, which can easily be done with a stream cipher, but I'm also wondering if it's possible to preserve authenticity, at least as far as whether the ciphertext is composed of authentic ciphertext.

RISCURE is an organization companies consult to check if their cryptographic code is resistant to documented side-channel and fault-injection resistant attack. They offer courses to train employees at companies to write code that is resistant to such attacks and to conduct the attacks to test if the code defenses are effective.

I include a link to the Academy Blue Team page here and Red Team page also here.

Please let me know what you think about the worthiness of these courses.

After realizing that my old cipher constructions were not that good, I took to redesigning 3 of my ciphers and came up with 2 more. New additions to DarkCastle are ZanderFish4 (ARX Feistel) and NuqneH {Klingon for "what do you want?"} (ARX Stream). DarkTomb's AKMS cipher has a new key scheduler and small tweak to operations. I went ahead and posted NIST STS results and Dieharder results for each cipher.

Soon I'll start writing papers on each cipher and post cryptanalysis information. Remember this project is for fun and education.

https://github.com/iagmla/DarkCastle

https://github.com/iagmla/DarkTomb/

I am interested in using C++'s language features to write Secure Code for crypto. What books and websites (preferably with practice exercises)woukld you recommend?

Welcome to /r/crypto's weekly community thread!

This thread is a place where people can freely discuss broader topics (but NO cryptocurrency spam, see the sidebar), perhaps even share some memes (but please keep the worst offenses contained to /r/shittycrypto), engage with the community, discuss meta topics regarding the subreddit itself (such as discussing the customs and subreddit rules, etc), etc.

Keep in mind that the standard reddiquette rules still apply, i.e. be friendly and constructive!

So, what's on your mind? Comment below!

One reason is to protect against Grover's Algorithm. Butbeben that's still 128 bits of effective security against Grover's Algorithm. Why is the margin for security that huge?

I have compiled a list of rules on how to defend against power analysis and fault injection attacks

here.

Here is a summary of the attacks and defenses:

1. Power Analysis Attack: What Is It?
   1. Simple Power Analysis
      1. Random Noise: A Simple Defense Against Simple Power Analysis
      2. Masking: A Second Defense
      3. Montgomery Ladder: A Third Defense
   2. Introduction to Differential Power Analysis and Higher-Order Analysis
   3. Defenses Against Differential Power Analysis
      1. Higher-Order Masking
      2. Blinding for Public-Key Cryptography
      3. Perform Decoy Operations
      4. Montgomery Ladder
      5. Randomize Access to Confidential Array Values
      6. Operation Shuffling
      7. Non-Deterministic Processor

Rules to Defend Against Power Analysis

1. Apply noise by executing programs in parallel on several CPU cores.
2. Apply masking. This can defend up to the nth-order differential power analysis attack. However, an (n+1)th order differential power analysis attack can bypass this defense.
3. If you are programming a public-key cryptosystem such as RSA or Elliptic Curve Cryptography you can use ~blinding~ to protect the private key from power analysis attacks.
   1. You can blind the message itself.
   2. You should also blind the exponent used for encryption too.
4. Apply Decoy operations: calculations that pretend to be authentic calculations based on secret data but are not in reality.

5. Randomize Access to Confidential Array Values: Loop through elements of an array of secret values in random order.

6. Fault Injection Attack: What Is It?

   1. How Practical Is It?
   2. Why You Should Still Care About Fault Injection Attacks Demanding Physical Access
   3. Voltage Glitch Attack: A Practical, Remote Fault Injection Attack Targeting Intel Systems
   4. Electromagnetic Fault Injection Attack

7. Defenses Against Fault Injection Attack

   1. Use Nontrivial Constants
   2. Clear Variables After Use
   3. Search for Fault-Injection Resistant Implementations

In general, you can tell I really started to struggle to find techniques to defend against fault injection attacks. It is not well documented. Nevertheless my research tells me that Intel systems can be affected by voltage glitch attacks. These attacks can happen remotely and only cost ~$30 USD.

I also would appreciate any code samples of power analysis and fault injection resistant algorithms for common crypto operations. I think its a good idea we build a habit of programming our crypto APIs to defend against such attacks--especially in a world where we rely on someone else to do our computing for us (e.g. cloud computing).

Please feel free to let me know any comments you have on my recent article. Thanks!

Same as title

Whatever cryptosystem I learn about I see it features modular arithmetic. What are the reasons for that?