Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [arithmetic]

Arithmetic is a branch of mathematics usually concerned with the four operations (adding, subtracting, multiplication and division) of positive numbers.

Arithmetic is a branch of mathematics usually concerned with the four operations (adding, subtracting, multiplication and division) of positive numbers. In other words: arithmetic describes the mathematics of integers, rational numbers, real numbers, or complex numbers under addition, subtraction, multiplication, and division.

39 questions
34
votes
3 answers

What is bignum-free RSA?

I recently saw a claim that BearSSL has a bignum-free implementation of RSA. What does this mean? I don't see how one could implement RSA without bignum arithmetic.
Elias
  • 4,933
  • 1
  • 16
  • 32
12
votes
2 answers

Why is multiplication uncommon in cryptographic primitives?

Modern computers (which crypto programs are usually run on) have a 64-bit multiply, and it only takes one cycle. It's pretty decent mixing at next to no cost. For block ciphers: Multiplication by a constant is nonlinear (when combined with other…
EPICI
  • 359
  • 2
  • 7
11
votes
5 answers

How to best obtain bit sequences from throwing normal dice?

Throwing normal dice, one can get sequences of digits in [0,5]. In practice, which is the best procedure to transform such sequences into a desired number of bit sequences?
Mok-Kong Shen
  • 1,302
  • 1
  • 11
  • 15
10
votes
1 answer

What exactly is addition modulo $2^{32}$ in cryptography?

EDIT: I've been confusing this the whole time. What I've been wanting to say this whole time is addition modulo $2^{32}$ not addition modulo 32 as the question originally said. Thanks for pointing that. I can't find any information on this and I…
BTent
  • 103
  • 1
  • 1
  • 5
8
votes
2 answers

Timing attack on modular exponentiation

It is known that computing $a^x \bmod N$ takes $O(|x| + \mathrm{pop}(x))$ multiplications modulo $N$, where $|x|$ is the number of bits of $x$ and $\mathrm{pop}(x)$ is the number of $1$ bits (Hamming weight). This suggests a side channel attack by…
Smit Johnth
  • 1,731
  • 4
  • 18
  • 27
7
votes
2 answers

How to avoid side channel attacks when handling large numbers?

For cryptography, the platforms have limited size as 32 or 64-bit operations. We definitely need big numbers to implement the encryption/decryption and digital signatures for cryptosystems like RSA, Elliptic Curve, etc. We have seen lots of side…
kelalaka
  • 49,797
  • 12
  • 123
  • 211
7
votes
2 answers

Endomorphism ring of a Elliptic Curve and $j$ invariant

I am reading Schoof's 1995 paper, Counting points on elliptic curves over finite fields, page 236, Proposition 6.1(i). I am trying to understand page 238 (second paragraph) of the proof: if the conductor is $1$ then $j$ invariant is $0$, or…
student
  • 83
  • 5
6
votes
1 answer

Which is the relation between Zero-Knowledge Proofs of Knowledge and circuits?

With the risen popularity of Zero-Knowledge Proofs of Knowledge (ZKPoKs) such as Pinocchio, Groth16 and Sonic, to name some ZKPoKs that are popularly known as zk-SNARKs, I got engaged to understand what is going on behind the hood on these…
Bean Guy
  • 772
  • 3
  • 11
5
votes
1 answer

Simple example for CP-ABE (Ciphertext policy attribute-based encryption)

I'm currently working on Ciphertext Policy Attribute-Based Encryption (CP-ABE). So far I'm only using it with a basic understanding how it actually works. Now I want to understand it a bit better, but I've never learned anything about bilinear…
Baertierchen
  • 51
  • 1
  • 1
  • 3
5
votes
1 answer

Purpose of leading zero in PKCS1-v1_5 padding

According to this document the padded message has the following structure: $EM \;= \; 0x00 \; || \; 0x02 \; || \; PS \; || \; 0x00 \; || \; M$ What is the purpose of this null byte at the beginning of the message? After OS2IP decoding (also…
user9070
4
votes
1 answer

Definition of Circuit Satisfiability In The Context of zk-SNARKs

A standard theorem is that boolean circuit satisfiability is NP-complete (shown in CLRS, for example). I am interested in what these statements formally mean. From CLRS, I can cite that $$\text{CIRCUIT-SAT} = \{C \mid \text{$C$ is a satisfiable…
cadaniluk
  • 229
  • 1
  • 4
4
votes
1 answer

Problem about complexity of Chinese remainder theorem

I have a question about CRT. Assuming, that we have this system (S): x=a0 mod n0 x=a1 mod n1 with N=n0*n1 and n0,n1 are two distinct prime numbers. Then the complexity in terms of binary operation is O(log(N)^2) in order to find x. My problem is…
Altario
  • 61
  • 2
4
votes
3 answers

Is there a way of encryption that allows to check what encrypted values are close to their mean?

I am looking for a way to allow parties to publicize encrypted values that can only be decrypted by one or a select few other parties, but that allow everyone to check how close they are to the mean of all such publicized values. This of course…
Qqwy
  • 91
  • 5
4
votes
1 answer

How to prove the conclusion " linear operation $\mathsf{XOR}$ does not affect the division property"?

Division property is proposed as a generalized integral property at Eurocrypt 2015 by Yosuke Todo in his paper Structural evaluation by generalized integral property, And in paper Integral Cryptanalysis on Full MISTY1. It says " linear operation…
L0ngx1ng
  • 143
  • 4
4
votes
1 answer

Reference for basic secret sharing and MPC arithmetic algorithms

I am looking for references for the most basic secret sharing and MPC arithmetic algorithms for generic rings or prime fields. Problem: Suppose there are $m$ parties $P_1, \ldots, P_m$ which wish to do arithmetic over a ring. They hold some secret…
Kolja
  • 165
  • 1
  • 10
1
2 3