Tiny Bytes: RSA
tldr RSA works by exploiting the fact we can’t easily factor 2 large prime numbers and group theory to make a trapdoor permutation, aka a function that turns x into y but y can’t easily be turned into x without a secret. However, implementing RSA gets tricky because there’s lots of subtle attacks.MathRSA takes advantage of the group Z^*_{n} (multiplicative group of integers modulo n). This is the non-negative integers less than n that have an inverse modulo n. 1 x 1 mod n = 1. 0 x int = 0 so ...
Tiny Bytes: Chilling
Hi, Just chilling tonight. Aiming to finish up chapter tomorrow. Night, Lucas
Tiny Bytes: Quickie
Hi, Did much more writing on RSA. Will finish soon. Bye, Lucas
Tiny Bytes: RSA
tldr RSA works by exploiting the fact we can’t easily factor 2 large prime numbers and group theory to make a trapdoor permutation, aka a function that turns x into y but y can’t easily be turned into x without a secret. However, implementing RSA gets tricky because there’s lots of subtle attacks.MathRSA takes advantage of the group Z^*_{n} (multiplicative group of integers modulo n). This is the non-negative integers less than n that have an inverse modulo n. 1 x 1 mod n = 1. 0 x int = 0 so ...
Tiny Bytes: Chilling
Hi, Just chilling tonight. Aiming to finish up chapter tomorrow. Night, Lucas
Tiny Bytes: Quickie
Hi, Did much more writing on RSA. Will finish soon. Bye, Lucas
Subscribe to ldnovak
Subscribe to ldnovak
<100 subscribers
<100 subscribers
Share Dialog
Share Dialog
Yo,
Back to longer form writing this week. Not today because I was bad at starting writing. I got distracted on the coach and next thing it was an hour later. It is ok though. I will not do this tomorrow.
The longer topic I want to learn and write about is post-quantum cryptograph. I hear that NIST just released some more information. I want to know more about this and what those new standards are.
My goal for this topic is to write posts that are educational to my dad and Rawn. They are my audience. If I have time I’ll try to give detail that’s higher level but between the time I need to spend researching and my lack of understanding it’ll be hard to get higher level.
Ideally week I’ll find out:
History and cred of NIST
What the new standards are
Why would someone use different standards
The needs for these standards
What the new choice for standards are
What is lacking with these new choices
Currently, I know that NIST is a legit, US organization that defines cryptographic standards (like picking SHA3). They’ve had research events / competitions to create these standards (i.e., submit different methods, have a bunch of people refine/find holes, repeat until a standard is picked). These competitions are usually focused on a problem (e.g., SHA3 to have a completely different ways of hashing so a vulnerability in SHA2 won’t kill it). While they pick a particular algorithm or approach this doesn’t exclude other approaches from being valid. There could be another good method that doesn’t quite fit exactly what they were looking for (BLAKE was not picked but is still a good, fast hasing algorithm). Other solutions could fit different niches. Other countries can also pick different standards.
I also know that the reason for the recent standard is because quantum computers ban break common cryptographic assumptions. Shorr’s algorithm can factor large numbers in polynomial time -- bye RSA. Quantum computers work in funny ways because bits are no longer 0 or 1, they are anything. This means that some algorithms are exponential speed ups (break assumptions) others are just polynomial (faster but not scary fast). If I remember correctly, a quantum computer can find an element in an array in root(n) time but still needs O(n) time to check the parity of an array.
Because of this variable speed up, some cryptographic assumptions are safe and don’t need to change. Some assumptions are still valid with minor tweaks (increasing the number of bytes of a hash algorithm). Other assumptions are invalid and a completely new approach is needed.
The new standard gives a good examples of this. Symmetric key encryption is safe (I’m not sure if it needs minor adjustments or it’s safe as is). Generating that symmetric key is not (i.e., once we have the shared secret key we are good but we don’t have a safe way for Alice and Bob to get it). Signatures are also toast. I’m not sure why symmetric is safe and the others are toast, I think it has to do with use of RSA and elliptical curves.
My quick reading into the standards is that there is a new good way to generate symmetric keys. The only downside is bigger keys. We don’t have a good way to do signature unfortunately. Why any of this is, I do not know.
Not editing today because sleep.
See y’all,
Lucas
Yo,
Back to longer form writing this week. Not today because I was bad at starting writing. I got distracted on the coach and next thing it was an hour later. It is ok though. I will not do this tomorrow.
The longer topic I want to learn and write about is post-quantum cryptograph. I hear that NIST just released some more information. I want to know more about this and what those new standards are.
My goal for this topic is to write posts that are educational to my dad and Rawn. They are my audience. If I have time I’ll try to give detail that’s higher level but between the time I need to spend researching and my lack of understanding it’ll be hard to get higher level.
Ideally week I’ll find out:
History and cred of NIST
What the new standards are
Why would someone use different standards
The needs for these standards
What the new choice for standards are
What is lacking with these new choices
Currently, I know that NIST is a legit, US organization that defines cryptographic standards (like picking SHA3). They’ve had research events / competitions to create these standards (i.e., submit different methods, have a bunch of people refine/find holes, repeat until a standard is picked). These competitions are usually focused on a problem (e.g., SHA3 to have a completely different ways of hashing so a vulnerability in SHA2 won’t kill it). While they pick a particular algorithm or approach this doesn’t exclude other approaches from being valid. There could be another good method that doesn’t quite fit exactly what they were looking for (BLAKE was not picked but is still a good, fast hasing algorithm). Other solutions could fit different niches. Other countries can also pick different standards.
I also know that the reason for the recent standard is because quantum computers ban break common cryptographic assumptions. Shorr’s algorithm can factor large numbers in polynomial time -- bye RSA. Quantum computers work in funny ways because bits are no longer 0 or 1, they are anything. This means that some algorithms are exponential speed ups (break assumptions) others are just polynomial (faster but not scary fast). If I remember correctly, a quantum computer can find an element in an array in root(n) time but still needs O(n) time to check the parity of an array.
Because of this variable speed up, some cryptographic assumptions are safe and don’t need to change. Some assumptions are still valid with minor tweaks (increasing the number of bytes of a hash algorithm). Other assumptions are invalid and a completely new approach is needed.
The new standard gives a good examples of this. Symmetric key encryption is safe (I’m not sure if it needs minor adjustments or it’s safe as is). Generating that symmetric key is not (i.e., once we have the shared secret key we are good but we don’t have a safe way for Alice and Bob to get it). Signatures are also toast. I’m not sure why symmetric is safe and the others are toast, I think it has to do with use of RSA and elliptical curves.
My quick reading into the standards is that there is a new good way to generate symmetric keys. The only downside is bigger keys. We don’t have a good way to do signature unfortunately. Why any of this is, I do not know.
Not editing today because sleep.
See y’all,
Lucas
No activity yet