Skip to content

Instantly share code, notes, and snippets.

David Wong mimoo

Block or report user

Report or block mimoo

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@mimoo
mimoo / ECC.md
Last active May 16, 2019
Elliptic Curve Cryptography
View ECC.md

Elliptic Curve Cryptography

Abstract

  • elliptic curve over the finite field GF(p)

Timeline

Papers

@mimoo
mimoo / MAC.md
Last active May 8, 2019
history of mac
View MAC.md

Message Authentication Codes

  • why is it called MAC?

MACs seems to be used for:

  • authentication and integrity
  • randomness, if used as a PRF (not all MACs are PRFs, HMAC is)
  • key derivation, if used as a PRF in a KDF (HKDF)
@mimoo
mimoo / post_quantum_crypto.md
Last active Apr 3, 2019
Quantum Computers and Cryptography
View post_quantum_crypto.md

I estimate the chance of a practical ECC-breaking quantum computer to be low, e.g. 2^(-10)

Dan Brown

I do not view the threat as particular urgent (i.e. 10+ years away, if ever)

Tony Arcieri

@mimoo
mimoo / disk_encryption.md
Last active Mar 9, 2019
Disk Encryption: Tweakable Wide-block ciphers
View disk_encryption.md

Introduction

This is useful for disk encryption. We need:

  • wide blocks, because we can't store an authentication tag
  • tweakable, because we can't store a nonce

But why can't we transform the metadata into a nonce? Maybe that's what tweak is (or can be).

It looks like:

@mimoo
mimoo / tweak.md
Last active Mar 9, 2019
Tweakable block ciphers
View tweak.md

Introduction

tweaks seems to be the password hashing salts of tweakable block ciphers:

  • it can be public
  • it randomizes the encryption even more
  • it's cheap.

Timeline

@mimoo
mimoo / fpe.md
Last active Mar 9, 2019
History of Format-Preserving Encryption
View fpe.md

Introduction

Format Preserving Encryption (FPE) seems to have been invented principally to encrypt credit card numbers into something that looks like a credit card number. Effectively, FPE is a permutation over the domain of the input.

It seems like the main reason is legacy: a lot of databases where created with size and alphabet restrictions on the field of credit card numbers, other systems and applications were probably built to deal with similar restrictions in order to process or transport these credit card numbers. Since it was deemed (I'm guessing) too costly to improve things so that a ciphertext, an IV and an authentication tag could have been stored in there instead; instead rich banks threw money at the problem and cryptographers took the bait.

It seems like there are three ways to do it:

  • Prefix. Your input domain is very small: write the permutation yourself (01 => 10, 00 => 11, etc.). If you don't have imagination, use AES to encrypt your input domain, and truncate. Hopefully it crea
@mimoo
mimoo / siv.md
Last active Mar 8, 2019
History of SIV mode
View siv.md

Introduction

Here is an history of the Synthetic IV mode of operation which has been two things:

  • a key-wrapper algorithm: that was the main motivation. The point of a key wrapping algorithm is that you do not need to "randomize" the encryption with a nonce (since the key is already random), but you do want to keep the authentication of AEADs.
  • an authenticated cipher that is nonce-misuse resistant: if you use AES-GCM with the same (key, nonce) pair twice, an attacker can then steal the authentication key (and probably forge messages). Using the same (key,nonce) pair twice with SIV only renders the encryption deterministic (so an attacker will notice if a plaintext is encrypted twice).

There has been many versions of SIV, the most promising is the one being standardized by Google and named AES-GCM-SIV.

Timeline

@mimoo
mimoo / compress_tar_gzip.go
Last active May 3, 2019
How to compress a folder in Golang using tar and gzip (works with nested folders)
View compress_tar_gzip.go
package main
import (
"archive/tar"
"bytes"
"compress/gzip"
"fmt"
"io"
"os"
"path/filepath"
@mimoo
mimoo / fizzbuzz.erl
Created Oct 30, 2018
fizzbuzz in erlang :D
View fizzbuzz.erl
-module(fizzbuzz).
-export([main/0]).
main() ->
fizzbuzz(0).
fizzbuzz(N) ->
case N of
_ when N == 100 ->
ok;
@mimoo
mimoo / fizzbuzz.ml
Last active Oct 30, 2018
fizzbuzz in ocaml :D
View fizzbuzz.ml
for i = 0 to 10 do
match i with
| i when i mod 5 = 0 && i mod 3 = 0 -> print_endline "fizzbuzz"
| i when i mod 3 = 0 -> print_endline "fizz"
| i when i mod 5 = 0 -> print_endline "buzz"
| i -> print_int i; print_endline ""
done
You can’t perform that action at this time.