Fast Fourier Transform and Number Theoretic Transform 快速傅里叶变换与数论变换
tl;dr: The Fast Fourier Transform (FFT) is generally credited to Cooley and Tukey in 1965, although its earliest ideas can be traced back to Gauss’s unpublished manuscript around 1805. FFT is one of the foundational algorithms behind modern high-performance computation: it accelerates integer multiplication and polynomial multiplication, and was...
概要: 快速傅里叶变换(Fast Fourier Transform)普遍认为由 Cooley 和 Tukey 在 1965 年提出,但是其最早的思想可追溯到 Gauss 约 1805 年的未刊手稿。快速傅里叶变换是几乎目前所有高性能计算的基础算法,可以有效加速整数乘法以及多项式乘法,被 IEEE 誉为 20 世纪十大算法之一。目前 NIST 后量子密码标准化中的 Kyber、Dilithium、Falcon 等方案均涉及快速傅里叶变换和它的应用变体快速数论变换(NTT)。除此之外,在零知识证明协议(比如 Plonk 协议)、全同态加密(比如 BFV,TFHE)中,NTT 都是它们落地应用必不可少的关键加速算法。本文详细介绍快速傅里叶变换与数论变换数学的理论与实际的应用价值。
Parallelizable Memory-Efficient Hash Collision Search 可并行的内存高效的哈希碰撞算法
tl;dr: This article discusses three generic hash-collision search methods: the birthday-paradox collision algorithm, Pollard’s rho with Floyd cycle detection, and the parallelizable Pollard’s lambda method based on Distinguished Points. These generic methods can be generalized in a similar way to integer factorization and discrete logarithm prob...
概要: 本文讨论三类通用哈希碰撞搜索方法:基于生日悖论的碰撞算法(Birthday Paradox)、结合 Floyd 循环检测的 Pollard’s rho 算法,以及可并行的 Pollard’s Lambda 算法(Distinguished Points),这些通用算法可以类似地泛化到整数分解和离散对数问题的求解。
SIDH: Supersingular Isogeny Key Exchange
概要: 介绍 Supersingular Isogeny Key Exchange 的核心: 超奇异椭圆曲线、 J-invariant 和 Isogeny,最后介绍标准的 SIDH 协议。本文是对 Supersingular isogeny key exchange for beginners 原文的一份笔记式整理/翻译,原文更适合入门阅读。
ZK-SNARK: Deep Dive into Groth16
tl;dr: Groth16 is one of the most popular and efficient Zero-Knowledge Succinct Non-interactive Arguments of Knowledge (zk-SNARKs) based on Quadratic Arithmetic Programs (QAPs). This post provides a detailed walkthrough of the Groth16 protocol, covering its setup, proving, and verification phases, along with the underlying mathematical principles.
BLACKHAT MEA 2025 Whack-A-Scratch
tl;dr: I tried the intended solution after the game. An impressive challenge about linear algebra and Legendre symbol.
DownUnderCTF 2025 Crypto Writeup
tl;dr: Writeup of the crypto challenges from DownUnderCTF 2025. Exploits and source code are available in the repository tl2cents/CTF-Writeups.
DiceCTF NIL-CIRC: Garbled Circuit Optimizations and Malicious OT Receiver
tl;dr: This blog will introduce the naive Yao’s garbled circuit and state-of-the-art gate optimizations in fancy-garbling library (implementation of BMR16). This blog also serves as a detailed writeup of DiceCTF 2025 NIL-CIRC.
Notes on Formal Language and Generic Proof System
tl;dr: Some insightful notes from the moonmath book. Introdcue definitions of formal language, R1CS and quadratic arithmetic program in zero-knowledge proof systems.
Elliptic Curves, Group Laws and Isomorphisms
tl;dr: Concepts of Weierstrass Curves, Projective Plane, Montgomery Curves and Twisted Edwards Curves. Brief notes and remarks of the moon-math book.
hxp CTF 2024 Writeup
tl;dr: Writeups for circus, cccircus, cccccircus and spiky elf. Related tags: Galois Field, MITM.
SECCON CTF 2024 Quals Writeup
tl;dr: Last week, I participated in SECON CTF 2024 in team Never Stop Exploiting. Here are the writeups for challenges dual_summon, Tidal wave and Trillion Ether solved by me.
Intro to Bilinear Map Intro to Bilinear Map
tl;dr: This article introduces the definition, properties of bilinear maps, and their applications in cryptography such as the MOV attack, single-round three-party DH protocol, and Identity-Based Encryption.
概要: 介绍双线性映射(Bilinear Map)的定义、性质,以及双线性映射在密码学中的应用:MOV 攻击,单轮三方 DH 协议, Identity-Based Encryption 等。
Reed-Solomon code in McEliece and Niederreiter Reed-Solomon code in McEliece and Niederreiter
Abstract: This article introduces the Generalized Reed-Solomon Code (GRS) along with the McEliece and Niederreiter encryption algorithms. Although GRS is a very efficient linear code, the standard McEliece implementation uses Goppa Code instead of the simpler and more efficient GRS code due to security issues with GRS encoding in the aforementio...
概要: 介绍 Generalized Reed-Solomon Code(GRS),McEliece 和 Niederreiter 加密算法。GRS 虽然是非常高效的线性编码,但是在标准的 McEliece 中使用了 Goppa Code,而不是更简单高效的 GRS 编码,是因为 GRS 编码在上述两个密码体制中存在安全性问题,即 Sidelnikov-Shestakov attack。本篇博客是对 GRS 线性编码和其相关攻击的简单介绍。
HITCON CTF 2024 Qual Crypto Writeup
tl;dr: Writeups for crypto challenges of HITCON CTF qual. The specific tags are Algebraic Immunity Attack, Fast Correlation Attack, Matrix Trace, ZKP of Factoring.
R3CTF 2024 Crypto Writeup
tl;dr: Writeups for R3CTF 2024 including challenges r0,1,2system and TinySeal and SPARROW. Amazing challenges about: poly-nonce attack of ECDSA, BFV fully homomorphic encryption and linearization of symmetric cipher.
23 post articles, 2 pages.