Photo by Joel M Mathey on Unsplash

In computing, we often need things to be fast, but sometimes we need to slow things down and create a problem that cannot be scaled onto parallel processors. One of these applications is in the hashing of a password. The fast hash crackers can process SHA-1 and SHA-256 hashes at rates that can be over 1 terahashes per second. That’s 1,000 billion passwords tried every second. These crackers often run on Cloud-based systems and use GPUs with over 4,000 cores.

In many applications, we need to generate an encryption key. For this, we could create a random key, but we…


Photo by 铮 夏 on Unsplash

Those who innovate often do not take things for granted and often probe things to understand what actually happens under the hood. So, let’s pose a simple question …

In TrueCrypt (now known as VeraCrypt) we have disk encryption, why when I change my password for access does it not actually change the encryption key for the disk encryption, or does it?

TrueCrypt creates an encrypted volume, and where the user just has to reveal their password in order to access it. In order to convert a password into an encryption key, we often use a key derivation function (KDF)…


The protection of encryption keys is important, and where they often have to be protected. This is especially important for a symmetric key or for a private key of a public key pair. For this, we can use key wrapping and make sure the key cannot be used, unless we have a secret master key. One standard for this is RFC 5649 [here] and which defines the Advanced Encryption Standard (AES) Key Wrap algorithm (AES-KW1, AES-KW2).

With AES-KW, we use an AES key-encryption key (KEK) with a length of 128, 192, or 256 bits, and where we will get 64-bit…


Photo by ConvertKit on Unsplash

And so the good news is that we are moving to open up our borders safely with the usage of vaccination passports. In the EU, we see the Digital Green Certificate (DGC) and it’s a great step forward. But, for a way forward, have we missed a great opportunity to do things properly, and create a scalable system for the future?

Certainly, the collaboration of health care authorities across the EU is an excellent approach, but technically the devil will be in the detail, and the current solution is just a plain old PKI solution with a centralised infrastructure. …


We opened the Blockpass ID Lab less than three years ago. Our focus was — and still is — to build systems around the citizen. These systems should respect the rights of every person to privacy, and in making sure we still embedded trust into every transaction.


Here’s a quick question … do you know the Luxembourgish for sponges? Also, where in the world would you find a place called Esch? Well, you might do soon, especially if a SPARKLE-derived method wins the NIST competition for lightweight cryptography.

NIST has previously defined two classic standards: AES and SHA-3, and they have reached the final stage for the assessment of two more key standards: quantum robust cryptography and light-weight cryptography. The results of these are likely to be announced within the next 12 months. …


The NIST competition for lightweight cryptography has reached the final stage, and with a shortlist of 10 candidates. Each differs in their approach, but they aim to create a cryptography method that is secure, has a low footprint, and is robust against attacks.

So while many of the contenders, such as ASCON, GIFT and Isap, use the sponge method derived from the SHA-3 standard (Keccak), Romulus takes a more traditional approach and looks towards a more traditional light-weight crypto approach. Overall it is defined as a tweakable block cipher (TBC) and which supports authenticated encryption with associated data (AEAD). …


Photo by Denny Müller on Unsplash

There have been many examples of systems being cracked through side-channel analysis. One of these methods is differential power analysis (DPA) and where an intruder can obverse the operation of the encryption key through electrical disturbances. One way to overcome these problems is to only use a key for a short time, and then to generate a new one. If an intruder finds one of the keys, it will only be relevant for a short-time, before they have to rediscover the new key. This is likely to be expensive in cost and time. We thus need a way to have…


Photo by NOAA on Unsplash

When can you get a hash function and also implement encryption? Well, you can when you have a sponge, and which stores and processes a permutation value. It was first introduced with SHA-3 and where we define a state size (S) of 1600 bits (Keccak-f[1600]). This state (S) is made up from r (rate) and c (capacity). The total bits in the state is thus 1,600 bits. With this we can either use it as a hashing method or as an authenticated encryption method:

A background on the sponge method is here.

The lightweight nature of the sponge method…

Prof Bill Buchanan OBE

Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. EU Citizen. Auld Reekie native. Old World Breaker. New World Creator.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store