. 5
( 8)


518. T. ElGamal, “A Public-Key Cryptosystem tracts,” Communications of the ACM, v.
28, n. 6, Jun 1985, pp. 637-647.
and a Signature Scheme Based on Discrete
Logarithms,” Advances in Cryptology: 530. S. Even and Y. Yacobi, “Cryptography and
Proceedings of CRYPTO 84, Springer- NP-Completeness.” Proceedings of the 7th
Verlag, 1985, pp. 10-18. International Colloquium on Automata,

Page 694
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

544. U. Feige, A. Fiat, and A. Shamir, “Zero
Languages, and Programming, Springer-
Knowledge Proofs of Identity,” Proceed-
Verlag, 1980, pp. 195-207.
ings of the 19th Annual ACM Symposium
531. H.-H. Evertse, “Linear Structures in Block
on the Theory of Computing, 1987, pp.
Ciphers,” Advances in Cryptology-
EUROCRYPT ˜87 Proceedings, Springer-
Verlag 1988, pp. 249-266. 545. U. Feige, A. Fiat, and A. Shamir, “Zero
Knowledge Proofs of Identity,” Journal of
532. P. Fahn and M.J.B. Robshaw, “Results from
Cryptology, v. 1, n. 2, 1988, pp. 77-94.
the RSA Factoring Challenge,” Technical
Report TR-501, Version 1.3, RSA Laborato- 546. U. Feige and A. Shamir, “Zero Knowledge
ries, Jan 1995. Proofs of Knowledge in Two Rounds,”
533. R.C. Fairfield, A. Matusevich, and J. Plany, Advances in Cryptology-CRYPTO ˜89
“An LSI Digital Encryption Processor Proceedings, Springer-Verlag, 1990, pp.
(DEP),” Advances in Cryptology: Proceed- 526-544.
547. J. Feigenbaum, “Encrypting Problem
ings of CRYPTO 84, Springer-Verlag, 1985,
pp. 115-143. Instances, or, . . , Can You Take Advan-
534. R.C. Fairfield, A. Matusevich, and J. Plany, tage of Someone Without Having to Trust
Him, ” Advances in Cryptology-CRYPTO
“An LSI Digital Encryption Processor
(DEP),” IEEE Communications, v. 23, n. 7, ˜85 Proceedings, Springer-Verlag, 1986, pp.
Jul 1985, pp. 30-41. 477-488.
535. R.C. Fairfield, R.L. Mortenson, and K.B. 548. J. Feigenbaurn, “Overview of Interactive
Koulthart, “An LSI Random Number Gen- Proof Systems and Zero-Knowledge,” in
erator (RNG),” Advances in Cryptology: Contemporary Cryptology: The Science of
Proceedings of CRYPTO 84, Springer- Information Integrity, G. J. Simmons, ed.,
Verlag 1985, pp. 203-230. IEEE Press, 1992, pp. 423-439.
536. “International Business Machines Corp. 549. J. Feigenbaum, M.Y. Liberman, E. Grosse,
License Under Patents,” Federal Register, and J.A. Reeds, “Cryptographic Protection
v. 40, n. 52, 17Mar 1975, p. 12067. of Membership Lists,” Newsletter of the
537. “Solicitation for Public Key Cryptographic International Association of Cryptologic
Algorithms,” Federal Register, v. 47, n. Research, v. 9, 1992, pp. 16-20.
126,30 Jun 1982, p. 28445. 550. J. Feigenbaum, M.Y. Liverman, and R.N.
538. “Proposed Federal Information Processing wright, “Cryptographic Protection of
Standard for Digital Signature Standard Databases and Software,” Distributed
(DSS),” Federal Register, v. 56, n. 169, 30 Computing and Cryptography, J. Feigen-
Aug 1991, pp. 42980-42982. baum and M. Merritt, eds., American
539. “Proposed Federal Information Processing Mathematical Society, 1991, pp. 161-172.
Standard for Secure Hash Standard,” Fed- 551. H. Feistel, “Cryptographic Coding for
eral Register, v. 57, n. 21, 31 Jan 1992, pp. Data-Bank Privacy,” RC 2827, Yorktown
37473749. Heights, NY IBM Research, Mar 1970.
540. “Proposed Reaffirmation of Federal Infor- 552. H. Feistel, “Cryptography and Computer
mation Processing Standard (FIPS) 46-1, Privacy,” Scientific American, v. 228, n. 5,
Data Encryption Standard (DES),” Federal May 1973, pp. 15-23.
Register, v. 57, n. 177, 11 Sep 1992, p. 553. H. Feistel, “Block Cipher Cryptographic
41727. System,” U.S. Patent #3,798,359, 19 Mar
541. “Notice of Proposal for Grant of Exclusive 1974.
Patent License,” Federal Register, v. 58, n, 554. H. Feistel, “Step Code Ciphering System,”
108, 8 Jun 1993, pp. 23105-23106. U.S. Patent #3,798,360, 19 Mar 1974.
542. “Approval of Federal Information Process- 555. H. Feistel, “Centralized Verification Sys-
ing Standards Publication 186, Digital Sig- tem,” U.S. Patent #3,798,605, 19 Mar
nature Standard (DSS),” Federal Register, 1974.
v. 58, n. 96,19 May 1994, pp. 26208-26211. 556. H. Feistel, W.A. Notz, and J.L. Smith,
543. “Proposed Revision of Federal Information “Cryptographic Techniques for Machine
Processing Standard (FIPS) 180, Secure to Machine Data Communications,” RC
Hash Standard,” Federal Register, v. 59, n. 3663, Yorktown Heights, N.Y.: IBM
131, 11 Jul 1994, pp. 3531735318. Research, Dee 1971.

Page 695
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

569. R. Flynn and A.S. Campasano, “Data
557. H. Feistel, W.A. Notz, and J.L. Smith,
Dependent Keys for Selective Encryption
“Some Cryptographic Techniques for
Machine to Machine Data Communica- Terminal,” Proceedings of NCC, vol. 47,
AFIPS Press, 1978, pp. 1127-l 129.
tions,” Proceedings of the IEEE, v. 63, n.
570. R.H. Follett, letter to NIST regarding DSS,
11, Nov 1975, pp. 1545-1554.
558. P. Feldman, “A Practical Scheme for Non- 25 Nov 1991.
571. R. Form, “The Strict Avalanche Criterion:
interactive Verifiable Secret Sharing,” Pro-
Spectral Properties and an Extended Defi-
ceedings of the 28th Annual Symposium
nition,” Advances in Cryptology-
on the Foundations of Computer Science,
CRYPTO ˜88 Proceedings, Springer-Verlag,
1987, pp. 427-437.
1990, pp. 450-468.
559. R.A. Feldman, “Fast Spectral Test for Mea-
572. R. Form, “A Fast Correlation Attack on
suring Nonrandomness and the DES,”
Advances in Cryptology-CRYPTO ˜87 Nonlinearity Feedforward Filtered Shift
Advances in
Proceedings, Springer-Verlag, 1988, pp. Register Sequences,”
Cryptology-CRYPTO ˜89 Proceedings,
Springer-Verlag, 1990, pp. 568-595.
560. R.A. Feldman, “A New Spectral Test for
Nonrandomness and the DES,” IEEE 573. S. Fortune and M. Merritt, “Poker Proto-
cols,” Advances in Cryptology: Proceed-
Transactions on Software Engineering, v.
ings of CRYPTO 84, Springer-Verlag, 1985,
16, n. 3, Mar 1990, pp. 261-267.
561. D.C. Feldmeier and P.R. Karn, “UNIX pp. 454-464.
Password Security-Ten Years Later,” 574. R.B. Fougner, “Public Key Standards and
Licenses,” RFC 1170, Jan 1991.
Advances in Cryptology-CRYPTO ˜89
575. Y. Frankel and M. Yung, “Escrowed
Proceedings, Springer-Verlag, 1990, pp.
44-63. Encryption Systems Visited: Threats,
Attacks, Analysis and Designs,” Advances
562. H. Fell and W. Diffie, “Analysis of a Public
Key Approach Based on Polynomial Sub- in Cryptology-CRYPTO ˜95 Proceedings,
Springer-Verlag, 1995, to appear.
stitution,” Advances in Cryptology-
CRYPTO ˜85 Proceedings, Springer-Verlag, 576. W.F. Friedman, Methods for the Solution of
Running-Key Ciphers, Riverbank Publica-
1986, pp. 427437.
563. N.T. Ferguson, “Single Term Off-Line tion No. 16, Riverbank Labs, 1918.
Coins,” Report CSR9318, Computer Sci- 577. W.F. Friedman, The Index of Coincidence
ence/Department of Algorithms and and Its Applications in Cryptography,
Architecture, CWI, Mar 1993. Riverbank Publication No. 22, Riverbank
564. N.T. Ferguson, “Single Term Off-Line Labs, 1920. Reprinted by Aegean Park
Coins,” Advances in Cryptology-EURO- Press, 1987.
578. W.F. Friedman, Elements of Cryptanalysis,
CRYPT ˜93 Proceedings, Springer-Verlag.
1994, pp. 318328. Laguna Hills, CA: Aegean Park Press,
565. N.T. Ferguson, “Extensions of Single-term 1976.
Coins,” 579. W.F. Friedman, “Cryptology,” Encyclope-
Advances in Cryptology-
CRYPTO ˜93 Proceedings, Springer-Verlag, dia Britannica, v. 6, pp. 844-851, 1967.
1994, pp. 292301. 580. A.M. Frieze, J. Hastad, R. Kannan, J.C.
566. A. Fiat and A. Shamir, “How to Prove Lagarias, and A. Shamir, “Reconstructing
Truncated Integer Variables Satisfying Lin-
Yourself: Practical Solutions to Identifica-
tion and Signature Problems,” Advances ear Congruences,” SIAM Tournal on Com-
in Cryptology-CRYPTO ˜86 Proceedings, puting, v. 17, n. 2, Apr 1988, pp. 262-280.
581. A.M. Frieze, R. Kannan, and J.C. Lagarias,
Springer-Verlag, 1987, pp. 186-194.
567. A. Fiat and A. Shamir, “Unforgeable Proofs “Linear Congruential Generators Do not
of Identity,” Proceedings of Securicom 87, Produce Random Sequences,” Proceedings
of the 25th IEEE Symposium on Founda-
Paris, 1987, pp. 147-153.
568. P. Finch, “A Study of the Blowfish Encryp- tions of Computer Science, 1984, pp.
tion Algorithm,” Ph.D. dissertation, 48@-484.
Department of Computer Science, City 582. E. Fujiaski and T. Okamoto, “On Compar-
University of New York Graduate School ison of Practical Digitial Signature
and University Center, Feb 1995. Schemes,” Proceedings of the 1992 Sym-

Page 696
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

594. P. Gallay and E. Depret, “A Cryptography
posium on Cryptography and Information
Microprocessor,” 1988 IEEE International
Security (SCIS 92), Tateshina, Japan, 24
Solid-State Circuits Conference Digest of
Apr 1994, pp. lA.l-12.
Technical Papers, 1988, pp. 148-149.
583. A. Fujioka, T. Okamoto, and S. Miyaguchi,
595. R.A. Games, “There are no de Bruijn
“ESIGN: An Efficient Digital Signature
Sequences of Span n with Complexity 2”-™
Implementation for Smart Cards,”
+ n + 1,” Journal of Combinatorical The-
Advances in Cryptology-EUROCRYPT
ory, Series A, v. 34, n. 2, Mar 1983, pp.
˜91 Proceedings, Springer-Verlag, 1991, pp.
584. 596. R.A. Games and A.H. Chan, “A Fast Algo-
A. Fujioka, T. Okamoto, and K. Ohta,
“Interactive Bi-Proof Systems and Undeni- rithm for Determining the Complexity of
able Signature Schemes,” Advances in a Binary Sequence with 2”,” IEEE Transac-
Cryptology-EUROCRYPT ˜91 Proceed- tions on Information Theory, v. IT-29, n. 1,
ings, Springer-Verlag, 1991, pp. 243-256. Jan 1983, pp. 144-146.
585. A. Fujioka, T. Okamoto, and K. Ohta, “A 597. R.A. Games, A.H. Chan, and E.L. Key, “On
Practical Secret Voting Scheme for Large the Complexity of de Bruijn Sequences,”
Scale Elections,” Advances in Cryp- Tournal of Combinatorical Theory, Series
tology-AUSCRYPT ˜92 Proceedings, A, v. 33, n. 1, Nov 1982, pp. 233-246.
Springer-Verlag, 1993, pp. 244-25 1. 598. S.H. Gao and G.L. Mullen, “Dickson Poly-
586. K. Gaardner and E. Snekkenes, “Applying nomials and Irreducible Polynomials over
a Formal Analysis Technique to the Finite Fields,” Tournal of Number Theory,
CCIlT X.509 Strong Two-Way Authenti- v. 49, n. 1, Ott 1994, pp. 18-132.
cation Protocol,” Tournal of Cryptology, v. 599. M. Gardner, “A New Kind of Cipher That
3, n. 2, 1991, pp. 81-98. Would Take Millions of Years to Break,”
587. H.F. Gaines, Cryptanalysis, American Scientific American, v. 237, n. 8, Aug
Photographic Press, 1937. (Reprinted by 1977, pp. 120-124.
Dover Publications, 1956.) 600. M.R. Garey and D.S. Johnson, Computers
588. J. Gait, “A New Nonlinear Pseudorandom and Intractability: A Guide to the Theory
Number Generator,” IEEE Transactions of NJ-Completeness, W.H. Freeman and
on Software Engineering, v. SE-3, n. 5, Sep co., 1979.
1977, pp. 359363. 601. S.L. Garfinkel, PGP: Pretty Good Privacy,
589. J. Gait, “Short Cycling in the Kravitz-Reed Sebastopol, CA: O™Reilly and Associates,
Public Key Encryption System,” Electron- 1995.
ics Letters, v. 18, n. 16, 5 Aug 1982, pp. 602. C.W. Gardiner, “Distributed Public Key
706707. Certificate Management,” Proceedings of
590. Z. Galil, S. Haber, and M. Yung, “A Private the Privacy and Security Research Group
Interactive Test of a Boolean Predicate and 1993 Workshop on Network and Dis-
Minimum-Knowledge Public-Key Cryp- tributed System Security, The Internet
tosystems,” Proceedings of the 26th IEEE Society, 1993, pp. 69-73.
Symposium on Foundations of Computer 603. G. Garon and R. Outerbridge, “DES
Science, 1985, pp. 360371. Watch: An Examination of the Sufficiency
591. Z. Galil, S. Haber, and M. Yung, “Crypto- of the Data Encryption Standard for Finan-
graphic Computation: Secure Fault- cial Institution Information Security in
Tolerant Protocols and the Public-Key the 1990™s,” Cryptologia, v. 15, n. 3, Jul
Model,” Advances in Cryptology- 1991, pp. 177-193.
CRYPTO ˜87 Proceedings, Springer-Verlag, 604. M. Gasser, A. Goldstein, C. Kaufman, and
1988, pp. 135-155. B. Lampson, “The Digital Distributed Sys-
592. Z. Galil, S. Haber, and M. Yung, “Mini- tems Security Architecture,” Proceedings
mum-Knowledge Interactive Proofs for of the 12th National Computer Security
Decision Problems,” SIAM Tournal on Conference, NIST, 1989, pp. 305319.
Computing, v. 18, n. 4, 1989, pp. 711-739. 605. J. von zur Gathen, D. Kozen, and S. Lan-
593. R.G. Gallager, Information Theory and dau, “Functional Decomposition of Poly-
Reliable Communications, New York: nomials,” Proceedings of the 28th IEEE
John Wiley & Sons, 1968. Symposium on the Foundations of Com-

Page 697
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page


617. 0. Goldreich and E. Kushilevitz, “A Per-
puter Science, IEEE Press, 1987, pp. 127-
fect Zero-Knowledge Proof for a Problem
Equivalent to Discrete Logarithm,”
606. P.R. Geffe, “How to Protect Data With
Advances in Cryptology-CRYPTO ˜88
Ciphers That are Really Hard to Break,”
Proceedings, Springer-Verlag, 1990, pp.
Electronics, v. 46, n. 1, Jan 1973, pp.
607. D.K. Gifford, D. Heitmann, D.A. Segal, 618. 0. Goldreich and E. Kushilevitz, “A Per-
R.G. Cote, K. Tanacea, and D.E. Burmas- fect Zero-Knowledge Proof for a Problem
Equivalent to Discrete Logarithm,” Iour-
ter, “Boston Community Information Sys-
tem 1986 Experimental Test Results,” nal of Cryptology, v. 6, n. 2, 1993, pp.
97-l 16.
MIT/LCS/TR-397, MIT Laboratory for
619. 0. Goldreich, S. Micali, and A. Wigderson,
Computer Science, Aug 1987.
“Proofs That Yield Nothing but Their
608. D.K. Gifford, J.M. Lucassen, and ST.
Berlin, “The Application of Digital Broad- Validity and a Methodology of Crypto-
graphic Protocol Design,” Proceedings of
cast Communication to Large Scale Infor-
the 27th IEEE Symposium on the Founda-
mation Systems,” IEEE Journal on
Selected Areas in Communications, v. 3, tions of Computer Science, 1986, pp.
n. 3, May 1985, pp. 457-467. 174-187.
620. 0. Goldreich, S. Micali, and A. Wigderson,
609. D.K. Gifford and D.A. Segal, “Boston Com-
“How to Prove All NP Statements in Zero
munity Information System 1987-1988
Knowledge and a Methodology of Crypto-
Experimental Test Results,” MIT/LCS/
TR-422, MIT Laboratory for Computer Sci- graphic Protocol Design,” Advances in
Cryptology-CRYPTO ˜86 Proceedings,
ence, May 1989.
Springer-Verlag, 1987, pp. 171-185.
610. H. Gilbert and G. Chase, “A Statistical
Attack on the Feal-8 Cryptosystem,” 621. 0. Goldreich, S. Micali, and A. Wigderson,
Advances in Cryptology-CRYPTO ˜90 “How to Play Any Mental Game,” Pro-
Proceedings, Springer-Verlag 1991, pp. ceedings of the 19th ACM Symposium on
2233. the Theory of Computing, 1987, pp.
611. H. Gilbert and P. Chauvaud, “A Chosen 218-229.
Plaintext Attack of the 16-Round Khufu 622. 0. Goldreich, S. Micali, and A. Wigderson,
Cryptosystem,” “Proofs That Yield Nothing but Their
Advances in Cryptol-
ogy-CRYPTO ˜94 Proceedings, Springer- Validity and a Methodology of Crypto-
Verlag, 1994, pp. 259-268. graphic Protocol Design,” fournal of the
612. M. Girault, “Hash-Functions Using Mod- ACM, v. 38, n. 1, Jul 1991, pp. 691-729.
ulo-iv Operations,” Advances in Cryptol- 623. S. Goldwasser and J. Kilian, “Almost All
Primes Can Be Quickly Certified,” Pro-
ogy-EUROCRYPT ˜87 Proceedings,
Springer-Verlag 1988, pp. 217-226. ceedings of the 18th ACM Symposium on
613. J. Gleick, “A New Approach to Protecting the Theory of Computing, 1986, pp. 316-
Secrets is Discovered,” The New York 329.
Times, 18 Feb 1987, pp. Cl and C3. 624. S. Goldwasser and S. Micali, “Probabilistic
614. J.-M. Goethals and C. Couvreur, “A Crypt- Encryption and How to Play Mental Poker
analytic Attack on the Lu-Lee Public-Key Keeping Secret All Partial Information,”
Cryptosystem,” Philips fournal of Re- Proceedings of the 14th ACM Symposium
search, v. 35, 1980, pp. 301306. on the Theory of Computing, 1982, pp.
615. 0. Goldreich, “A Uniform-Complexity 270-299.
Treatment of Encryption and Zero- 625. S. Goldwasser and S. Micali, “Probabilistic
Knowledge, fournal of Cryptology, v. 6, n. Encryption, ” Iournal of Computer and
1, 1993, pp. 21-53. System Sciences, v. 28, n. 2, Apr 1984, pp.
616. 0. Goldreich and H. Krawczyk, “On the 270-299.
Composition of Zero Knowledge Proof 626. S. Goldwasser, S. Micali, and C. Rackoff,
Systems,” Proceedings on the 17th Inter- “The Knowledge Complexity of Interac-
national Colloquium on Automata, Lan- tive Proof Systems,” Proceedings of the
guages, and Programming, Springer- 17th ACM Symposium on Theory of Com-
Verlag, 1990, pp. 268-282. puting, 1985, pp. 291304.

Page 698
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

Coding, H.J. Beker and EC. Piper, eds.,
627. S. Goldwasser, S. Micah, and C. Rackoff,
“The Knowledge Complexity of Interac- Oxford Clarendon Press, 1989, pp.
tive Proof Systems,” SIAM fournal on 289-297.
Computing, v. 18, n. 1, Feb 1989, pp. 186- 639. D. Gollmann, “Transformation Matrices
208. of Clock-Controlled Shift Registers,”
628. S. Goldwasser, S. Micali, and R.L. Rivest, Cryptography and Coding III, M.J. Ganley,
ed., Oxford: Clarendon Press, 1993, pp.
“A Digital Signature Scheme Secure
Against Adaptive 197-210.
Attacks,” SIAM lournal on Computing, v. 640. D. Gollmamr and W.G. Chambers, “Lock-
17, n. 2, Apr 1988, pp. 281308. In Effect in Cascades of Clock-Controlled
629. S. Goldwasser, S. Micali, and AC. Yao, Shift-Registers,” Advances in Cryptol-
“On Signatures and Authentication,” ogy-EUROCRYPT ˜88 Proceedings,
Springer-Verlag, 1988, pp. 331343.
Advances in Cryptology: Proceedings of
Crypto 82, Plenum Press, 1983, pp. D. Gollmann and W.G. Chambers, “Clock-
211-215. Controlled Shift Registers: A Review,”
630. J.D. GoliE, “On the Linear Complexity of IEEE fournal on Selected Areas in Com-
Functions of Periodic GF(q) Sequences,” munications, v. 7, n. 4, May 1989, pp.
IEEE Transactions on Information Theory, 525-533.
v. IT-35, n. 1, Jan 1989, pp. 69-75. 642. D. Gollmann and W.G. Chambers, “A
631. J.D. GoliE, “Linear Cryptanalysis of Cryptanalysis of Step,,,-cascades,” Ad-
Stream Ciphers,” K. U. Leuven Workshop vances in Cryptology-EUROCRYPT ˜89
on Cryptographic Algorithms, Springer- Proceedings, Springer-Verlag, 1990, pp.
Verlag, 1995, pp. 262-282. 680-687.
632. J.D. GoliE, “Towards Fast Correlation 643. S.W. Golomb, Shift Register Sequences,
Attacks on Irregularly Clocked Shift Regis- San Francisco: Holden-Day, 1967.
ters,” Advances in Cryptology-EURO- (Reprinted by Aegean Park Press, 1982.)
CRYPT ˜95 Proceedings, Springer-Verlag. L. Gong, “A Security Risk of Depending on
1995, to appear. Synchronized Clocks,” Operating Systems
633. J.D. GoliE and M.J. Mihajlevic, “A Gener- Review, v. 26, n. 1, Jan 1992, pp. 49-53.
alized Correlation Attack on a Class of 645. L. Gong, R. Needham, and R. Yahalom,
Stream Ciphers Based on the Levenshtein “Reasoning About Belief in Cryptographic
Distance,” Journal of Cryptology, v. 3, n. 3, Protocols,” Proceedings of the 1991 IEEE
1991, pp. 201-212. Computer Society Symposium on Re-
634. J.D. GoliE and L. O™Connor, “Embedding search in Security and Privacy, 1991, pp.
and Probabilistic Correlation Attacks on 234-248.
Clock-Controlled Shift Registers,” Ad- R.M. Goodman and A.J. McAuley, “A New
vances in Cryptology-EUROCRYPT ˜94 Trapdoor Knapsack Public Key Cryptosys-
Proceedings, Springer-Verlag, 1995, to tern,” Advances in Cryptology: Proceed-
appear. ings of EUROCRYPT 84, Springer-Verlag,
635. R. Golliver, A.K. Lenstra, K.S. McCurley, 1985, pp. 150-158.
“Lattice Sieving and Trial Division,” Pro- R.M. Goodman and A.J. McAuley, “A New
ceedings of the Algorithmic Number The- Trapdoor Knapsack Public Key Cryptosys-
ory Symposium, Cornell, 1994, to appear. tern,” IEE Proceedings, v. 132, pt. E, n. 6,
636. D. Gollmamr, “Kaskadenschaltungen takt- Nov 1985, pp. 289-292.
gesteuerter Schieberegister als Pseudozu- 648. D.M. Gordon, “Discrete Logarithms Using
fallszahlengeneratoren,” Ph.D. disserta- the Number Field Sieve,” Preprint, 28 Mar
tion, Universitat Linz, 1983. (In German.) 1991.
637. D. Gollmann, “Pseudo Random Properties 649. D.M. Gordon and K.S. McCurley, “Com-
of Cascade Connections of Clock Con- putation of Discrete Logarithms in Fields
trolled Shift Registers,” Advances in Cryp- of Characteristic Two,” presented at the
tology: Proceedings of EUROCRYPT 84, rump session of CRYPTO ˜91, Aug 1991.
Springer-Verlag, 1985, pp. 93-98. 650. D.M. Gordon and K.S. McCurley, “Mas-
638. D. Gollmann, “Correlation Analysis of sively Parallel Computation of Discrete
Cascaded Sequences,” Cryptography and Logarithms,” Advances in Cryptology-

Page 699
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

CRYPTO ˜92 Proceedings, Springer-Verlag, 661. J. Grollman and A.L. Selman, “Complexity
Measures for Public-Key Cryptosystems,”
1993, pp. 312-323.
651. J.A. Gordon, “Strong Primes are Easy to Proceedings of the 25th IEEE Symposium
Find,” Advances in Cryptology: Proceed- on the Foundations of Computer Science,
ings of EUROCRYPT 84, Springer-Verlag, 1984, pp. 495-503.
1985, pp. 216-223. 662. GSA Federal Standard 1026, “Telecommu-
652. J.A. Gordon, “Very Simple Method to Find nications: General Security Requirements
the Minimal Polynomial of an Arbitrary for Equipment Using the Data Encryption
Non-Zero Element of a Finite Field,” Elec- Standard,” General Services Administra-
tronics Letters, v. 12, n. 2.59 Dee 1976, pp. tion, Apr 1982.
663-664. 663. GSA Federal Standard 1027, “Telecommu-
nications: Interoperability and Security
653. J.A. Gordon and R. Retkin, “Are Big S-
Boxes Best?” Cryptography, Proceedings of Requirements for Use of the Data Encryp-
the Workshop on Cryptography, Burg tion Standard in the Physical and Data
Feuerstein, Germany, March 29-April 2, Link Layers of Data Communications,”
1982, Springer-Verlag, 1983, pp. 257-262. General Services Administration, Jan 1983.
654. M. Goresky and A. Klapper, “Feedback 664. GSA Federal Standard 1028, “Interoper-
Registers Based on Ramified Extension of ability and Security Requirements for Use
the 2-adic Numbers,” Advances in Cryp- of the Data Encryption Standard with
tology-EUROCRYPT ˜94 Proceedings, CCITT Group 3 Facsimile Equipment,”
Springer-Verlag 1995, to appear. General Services Administration, Apr
655. GOST, Gosudarstvennyi Standard 28 147-89, 1985.
“Cryptographic Protection for Data Process- 665. P. Guam, “Cellular Automaton Public Key
ing Systems,” Government Committee of Cryptosystems,” Complex Systems, v. 1,
the USSR for Standards, 1989. [In Russian.) 1987, pp. 51-56.
656. GOST R 34.10-94, Gosudarstvemryi Stan- 666. H. Guan, “An Analysis of the Finite
dard of Russian Federation, “Information Automata Public Key Algorithm,” CHI-
technology. Cryptographic Data Security. NACRYPT ˜94, Xidian, China, 11-15 Nov
Produce and check procedures of Elec- 1994, pp. 120-126. (In Chinese.)
tronic Digital Signature based on Asym- 667. G. Guanella, “Means for and Method for
metric Cryptographic Algorithm.” Gov- Secret Signalling” U.S. Patent #2,405,500,
ernment Committee of the Russia for 6 Aug 1946.
Standards, 1994. (In Russian.) 668. M. Gude, “Concept for a High-
657. GOST R 34.1 l-94, Gosudarstvemiyi Stan- Performance Random Number Generator
dard of Russian Federation, “Information Based on Physical Random Phenomena,”
technology. Cryptographic .Data Security. Frequenz, v. 39, 1985, pp. 187-190.
Hashing function.” Government Commit- 669. M. Gude, “Ein quasi-idealer Gleichverteil-
tee of the Russia for Standards, 1994. (In ungsgenerator basierend auf physikalis-
Russian.) then Zufallsphanomenen,” Ph.D. disserta-
658. R. Gdttfert and H. Niederreiter, “On the tion, Aachen University of Technology,
Linear Complexity of Products of Shift- 1987. (In German.)
Register Sequences,” Advances in Cryp- 670. L.C. Guillou and J.-J.Quisquater, “A Prac-
tology-EUROCRYPT ˜93 Proceedings, tical Zero-Knowledge Protocol Fitted to
Springer-Verlag 1994, pp. 151-158. Security Microprocessor Minimizing Both
659. R. Gijttfert and H. Niederreiter, “A Gen- Transmission and Memory,” Advances in
eral Lower Bound for the Linear Complex- Cryptology-EUROCRYPT ˜88 Proceed-
ity of the Product of Shift-Register ings, Springer-Verlag, 1988, pp. 123-128.
Sequences,” Advances in Cryptology- 671. L.C. Guillou and J.-J.Quisquater, “A ˜Para-
EUROCRYPT ˜94 Proceedings, Springer- doxical™ Identity-Based Signature Scheme
Verlag 1995, to appear. Resulting from Zero-Knowledge,” Ad-
660. J. van de Graaf and R. Peralta, “A Simple vances in Cryptology-CRYPTO ˜88 Pro-
and Secure Way to Show the Validity of ceedings, Springer-Verlag. 1990, pp. 216
Your Public Key,” Advances in Cryptol- 2.31.
ogy-CRYPTO ˜87 Proceedings, Springer- 672. L.C. Guillou, M. Ugon, and J.-J. Quis-
Verlag, 1988, pp. 128-134. quater, “The Smart Card: A Standardized

Page 700
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page


Certificate,” U.S. Patent #5,373,561, 13
Security Device Dedicated to Public Cryp-
Dee 1994.
tology,” Contemporary Cryptology: The
T. Habutsu, Y. Nishio, I. Sasase, and S.
Science of Information Integrity, G. Sim-
Mori, “A Secret Key Cryptosystem by Iter-
mons, ed., IEEE Press, 1992, pp. 561-613.
ating a Chaotic Map,” Transactions of the
673. C.G. Gunther, “Alternating Step Genera-
Institute of Electronics, Information, and
tors Controlled by de Bruijn Sequences,”
Communication Engineers, v. E73, n. 7, Jul
Advances in Cryptology-EUROCRYPT
1990, pp. 1041-1044.
˜87 Proceedings, Springer-Verlag. 1988, pp.
T. Habutsu, Y. Nishio, I. Sasase, and S.
5-14. 688.
Mori, “A Secret Key Cryptosystem by Iter-
674. C.G. Gunther, “An Identity-based Key-
exchange Protocol,” Advances in Cryptol- ating a Chaotic Map,” Advances in Cryp-
ogy-EUROCRYPT ˜89 Proceedings, tology-EUROCRYPT ˜91 Proceedings,
Springer-Verlag. 1991, pp. 127-140.
Springer-Verlag, 1990, pp. 2937.
675. H. Gustafson, E. Dawson, and B. Caelli, S. Hada and H. Tanaka, “An Improvement
“Comparison of Block Ciphers,” Advances Scheme of DES against Differential Crypt-
in Cryptology-AUSCRYPT ˜90 Proceed- analysis,” Proceedings of the 1994 Sympo-
ings, Springer-Verlag, 1990, pp. 208-220. sium on Cryptography and Information
676. P. Gutmann, personal communication, Security (SCIS 94) Lake Biwa, Japan,
1993. 27-29 Jan 1994, pp 14A.l-11. (In Japanese.)
677. H. Gutowitz, “A Cellular Automaton 690. B.C.W. Hagelin, “The Story of the Hagelin
Cryptosystem: Specification and Call for Cryptos,” Cryptologia, v. 18, n. 3, Jul 1994,
Attack,” unpublished manuscript, Aug pp. 204-242.
1992. 691. T. Hansen and G.L. Mullen, “Primitive
678. H. Gutowitz, “Method and Apparatus for Polynomials over Finite Fields,” Mathe-
Encryption, Decryption, and Authentica- matics of Computation, v. 59, n. 200, Ott
tion Using Dynamical Systems,” U.S. 1992, pp. 639-643.
Patent #5,365,589, 15 Nov 1994. 692. S. Harada and S. Kasahara, “An ID-Based
679. H. Gutowitz, “Cryptography with Dynam- Key Sharing Scheme Without Preliminary
ical Systems,” Cellular Automata and Communication,” IEICE Japan, Technical
Cooperative Phenomenon, Kluwer Aca- Report, ISEC89-38, 1989. (In Japanese.]
demic Press, 1993. 693. S. Harari, “A Correlation Cryptographic
680. R.K. Guy, “How to Factor a Number,” Scheme,” EUROCODE ˜96Interna-
Fifth Manitoba Conference on Numeral tional Symposium on Coding Theory,
Mathematics Congressus Numerantium, Springer-Verlag, 1991, pp. 180-192.
v. 16, 1976, pp. 49-89. 694. T. Hardjono and J. Seberry, “Authentication
681. R.K. Guy, Unsolved Problems in Number via Multi-Service Tickets in the Kuperee
Theory, Springer-Verlag, 1981. Server,” Computer Security-ESORICS 94,
682. S. Haber and W.S. Stornetta, “How to Springer-Verlag 1994, pp. 144-160.
Time-Stamp a Digital Document,” 695. L. Harn and T. Kiesler, “New Scheme for
Advances in Cryptology-CRYPTO ˜90 Digital Multisignatures,” Electronics Let-
Proceedings, Springer-Verlag, 1991, pp. ters, v. 25, n. 15, 20 Jul 1989, pp. 1002-
437455. 1003.
683. S. Haber and W.S. Stornetta, “How to 696. L. Harn and T. Kiesler, “Improved Rabin™s
Time-Stamp a Digital Document,” fournal Scheme with High Efficiency,” Electronics
of Cryptology, v. 3, n. 2, 1991, pp. 99-112. Letters, v. 25, n. 15, 20 Jul 1989, p. 1016.
684. S. Haber and W.S. Stornetta, “Digital Doc- 697. L. Harn and T. Kiesler, “Two New Effi-
ument Time-Stamping with Catenate Cer- cient Cryptosystems Based on Rabin™s
tificate,” U.S. Patent #5,136,646, 4 Aug Scheme,” Fifth Annual Computer Security
1992. Applications Conference, IEEE Computer
685. S. Haber and W.S. Stornetta, “Method for Society Press, 1990, pp. 263-270.
Secure Time-Stamping of Digital Docu- 698. L. Harn and D.-C. Wang, “Cryptanalysis
ments,” U.S. Patent #5,136,647, 4 Aug and Modification of Digital Signature
1992. Scheme Based on Error-Correcting Codes,”
686. S. Haber and W.S. Stornetta, “Method of Electronics Letters, v. 28, n. 2, 10 Jan 1992,
Extending the Validity of a Cryptographic p. 157-159.

Page 701
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page


711. N. Heintze and J.D. ˜Iygar, “A Model for
699. L. Ham and Y. Xu, “Design of Generalized
Secure Protocols and their Compositions,”
ElGamal Type Digital Signature Schemes
Proceedings of the 1994 IEEE Computer
Based on Discrete Logarithm,” Electronics
Society Symposium on Research in Secu-
Letters, v. 30, n. 24, 24 Nov 1994, p.
rity and Privacy, 1994, pp. 2-13.
712. M.E. Hellman, “An Extension of the Shan-
700. L. Harn and S. Yang, “Group-Oriented
non Theory Approach to Cryptography,”
Undeniable Signature Schemes without
IEEE Transactions on Information Theory,
the Assistance of a Mutually Trusted
v. IT-23, n. 3, May 1977, pp. 289-294.
Party,” Advances in Cryptology-
713. M.E. Hellman, “The Mathematics of Pub-
AUSCRYPT ˜92 Proceedings, Springer-
lic-Key Cryptography,” Scientific Ameri-
Verlag, 1993, pp. 133-142.
can, v. 241, n. 8, Aug 1979, pp. 146-157.
701. G. Harper, A. Menezes, and S. Vanstone,
714. M.E. Hellman, “DES Will Be Totally Inse-
“Public-Key Cryptosystems with Very
cure within Ten Years,” IEEE Spectrum, v.
Small Key Lengths,” Advances in Cryptol-
˜92 Proceedings, 16, n. 7, Jul 1979, pp. 32-39.
715. M.E. Hellman, “On DES-Based Syn-
Springer-Verlag, 1993, pp. 163-173.
chronous Encryption,” Dept. of Electrical
702. C. Harpes, “Notes on High Order Differen-
Engineering, Stanford University, 1980.
tial Cryptanalysis of DES,” internal report,
716. M.E. Hellman, “A Cryptanalytic Time-
Signal and Information Processing Labora-
Memory Trade Off,” IEEE Transactions on
tory, Swiss Federal Institute of Technol-
Information Theory, v. 26, n. 4, Jul 1980,
ogy, Aug 1993.
pp. 401-406.
703. G.W. Hart, “To Decode Short Cryp-
717. M.E. Hellman, “Another Cryptanalytic
tograms,” Communications of the ACM,
Attack on ˜A Cryptosystem for Multiple
v. 37, n. 9, Sep 1994, pp. 102-108.
Communications™,” Information Process-
704. J. Hastad, “On Using RSA with Low Expo-
ing Letters, v. 12, 1981, pp. 182-183.
nent in a Public Key Network,” Advances
718. M.E. Hellman, W. Diffie, and R.C. Merkle,
in Cryptology-CRYPTO ˜85 Proceedings,
“Cryptographic Apparatus and Method,”
Springer-Verlag, 1986, pp. 403-408.
U.S. Patent #4,200,770, 29 Apr 1980.
705. J. Hastad and A. Shamir, “The Crypto-
719. M.E. Hellman, W. Diffie, and R.C. Merkle,
graphic Security of Truncated Linearly
“Cryptographic Apparatus and Method,”
Related Variables,” Proceedings of the
Canada Patent #1,121,480, 6 Apr 1982.
17th Annual ACM Symposium on the
720. M.E. Hellman and R.C. Merkle, “Public
Theory of Computing, 1985, pp. 356-362.
Apparatus and
706. R.C. Hauser and E.S. Lee, “Verification and Key
Method,” U.S. Patent #4,218,582, 19 Aug
Modelling of Authentication Protocols,”
ESORICS 92, Proceedings of the Second
721. M.E. Helhnan, R. Merkle, R. Schroeppel,
European Symposium on Research in
L. Washington, W. Diffie, S. Pohlig, and P.
Computer Security, Springer-Verlag, 1992,
Schweitzer, “Results of an Initial Attempt
pp. 131-154.
to Cryptanalyze the NBS Data Encryption
707. B. Hayes, “Anonymous One-Time Signa-
Standard,” Technical Report SEL 76-042,
tures and Flexible Untraceable Electronic
Information Systems Lab, Department of
Cash, ” Advances in Cryptology-
Electrical Engineering, Stanford Univer-
AUSCRYPT ˜90 Proceedings, Springer-
sity, 1976.
Verlag, 1990, pp. 294-305.
722. M.E. Hellman and S.C. Pohlig, “Exponen-
708. D.K. He, “LUC Public Key Cryptosystem
tiation Cryptographic Apparatus and
and its Properties,” CHINACRYPT ˜94,
Method,” U.S. Patent #4,424,414, 3 Jan
Xidian, China, 11-15 Nov 1994, pp. 60-69.
(In Chinese.)
723. M.E. Hellman and J.M. Reyneri, “Distribu-
709. J. He and T. Kiesler, “Enhancing the Secu-
tion of Drainage in the DES,” Advances in
rity of ElGamal™s Signature Scheme,” IEE
Cryptology: Proceedings of Crypto 82,
Proceedings on Computers and Digital
Techniques, v. 141, n.3,1994, pp. 193-195. Plenum Press, 1983, pp. 129-131.
724. F. Hendessi and M.R. Aref, “A Successful
710. E.H. Hebern, “Electronic Coding Machine,”
Attack Against the DES,” Third Canadian
U.S. Patent #1,510,441,30 Sep 1924.

Page 702
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

Dream or Reality?” Advances in Cryp-
Workshop on Information Theory and
tology-EUROCRYPT ˜88 Proceedings,
Applications, Springer-Verlag, 1994, pp.
Springer-Verlag, 1988, pp. 257-264.
725. T. Herlestam, “Critical Remarks on Some 738. F. Hoornaert, J. Goubert, and Y. Desmedt,
“Efficient Hardware Implementation of
Public-Key Cryptosystems,” BIT, v. 18,
the DES,” Advances in Cryptology: Pro-
1978, pp. 493-496.
ceedings of CRYPTO 84, Springer-Verlag,
726. T. Herlestam, “On Functions of Linear
1985, pp. 147-173.
Shift Register Sequences”, Advances in
739. E. Horowitz and S. Sahni, Fundamentals of
Cryptology-EUROCRYPT ˜85, Springer-
Computer Algorithms, Rockville, MD:
Verlag, 1986, pp. 119-129.
727. T. Herlestam and R. Johannesson, “On Computer Science Press, 1978.
Computing Logarithms over GF(2P),” BIT, 740. P. Horster, H. Petersen, and M. Michels,
v. 21, 1981, pp. 326334. “Meta-ElGamal Signature Schemes,” Pro-
728. H.M. Heys and S.E. Tavares, “On the Secu- ceedings of the 2nd Annual ACM Confer-
rity of the CAST Encryption Algorithm,” ence on Computer and Communications
Proceedings of the Canadian Conference on Security, ACM Press, 1994, pp. 96-107.
Electrical and Computer Engineering, Hali- 741. P. Horster, H. Petersen, and M. Michels,
fax, Nova Scotia, Sep 1994, pp. 332-335. “Meta Message Recovery and Meta Blind
729. H.M. Heys and SE. Tavares, “The Design Signature Schemes Based on the Discrete
of Substitution-Permutation Networks Logarithm Problem and their Applica-
Resistant to Differential and Linear Crypt- tions,” Advances in Cryptology-ASIA-
analysis,” Proceedings of the 2nd Annual CRYPT ˜94 Proceedings, Springer-Verlag,
ACM Conference on Computer and Com- 1995, pp. 224-237.
munications Security, ACM Press, 1994, 742. L.K. Hua, Introduction to Number Theory,
pp. 148-155. Springer-Verlag, 1982.
730. E. Heyst and T.P. Pederson, “How to Make 743. K. Huber, “Specialized Attack on Chor-
Fail-Stop Signatures,” Advances in Cryp- Rivest Public Key Cryptosystem,” Elec-
tology-EUROCRYPT ˜92 Proceedings, tronics Letters, v. 27, n. 23, 7 Nov 1991, pp.
Springer-Verlag, 1993, pp. 366-377. 2130-2131.
731. E. Heyst, T.P. Pederson, and B. Pfitzmann, 744. E. Hughes, “A Cypherpunk™s Manifesto,” 9
“New Construction of Fail-Stop Signa- Mar 1993.
tures and Lower Bounds,” Advances in 745. E. Hughes, “An Encrypted Key Transmis-
Cryptology-CRYPTO ˜92 Proceedings, sion Protocol,” presented at the rump ses-
Springer-Verlag, 1993, pp. 1530. sion of CRYPTO ˜94, Aug 1994.
732. L.S. Hill, “Cryptography in an Algebraic 746. H. Hule and W.B. Miiller, “On the RSA-
Alphabet,” American Mathematical Cryptosystem with Wrong Keys,” Contri-
Monthly, v. 36, Jun-Jul 1929, pp. 306-312. butions to General Algebra 6, Vienna: Ver-
733. P.J.M. Hin, “Channel-Error-Correcting Pri- lag Hiilder-Pichler-Tempsky, 1988, pp.
vacy Cryptosystems,” Ph.D. dissertation, 103-109.
Delft University of Technology, 1986. (In 747. H.A. Hussain, J.W.A. Sada, and S.M.
Dutch.) Kalipha, “New Multistage Knapsack Pub-
734. R. Hirschfeld, “Making Electronic Refunds lic-Key Cryptosystem,” International
Safer,” Advances in Cryptology- Iournal of Systems Science, v. 22, n. 11,
CRYPTO ˜92 Proceedings, Springer-Verlag, Nov 1991, pp. 2313-2320.
1993, pp. 106-112. 748. T. Hwang, “Attacks on Okamoto and
735. A. Hodges, Alan Ttxing: The Enigma of Tanaka™s One-Way ID-Based Key Distribu-
Intelligence, Simon and Schuster, 1983. tion System,” Information Processing Let-
736. W. Hohl, X. Lai, T. Meier, and C. Waldvo- ters, v. 43, n. 2, Aug 1992, pp. 83-86.
gel, “Security of Iterated Hash Functions 749. T. Hwang and T.R.N. Rao, “Secret Error-
Based on Block Ciphers,” Advances in Correcting Codes (SECC),” Advances in
Cryptology-CRYPTO ˜93 Proceedings, Cryptology-CRYPTO ˜88 Proceedings,
Springer-Verlag. 1994, pp. 379390. Springer-Verlag, 1990, pp. 540-563.
737. F. Hoornaert, M. Decroos, J. Vandewalle, 750. C. I™Anson and C. Mitchell, “Security
and R. Govaerts, “Fast RSA-Hardware: Defects in CCITT Recommendation

Page 703
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page


X.509-the Directory Authentication 762. ISO/IEC 9796, “Information Technology-
Framework,” Computer Communications Security Techniques-Digital Signature
Scheme Giving Message Recovery,” Inter-
Review, v. 20, n. 2, Apr 1990, pp. 30-34.
national Organization for Standardization,
75 1. IBM, “Common Cryptographic Architec-
ture: Cryptographic Application Program- Jul 1991.
ming Interface Reference,” SC40-1675-1, 763. ISO/IEC 9797, “Data Cryptographic Tech-
niques-Data Integrity Mechanism Using
IBM Corp., Nov 1990.
a Cryptographic Check Function Employ-
752. IBM, “Common Cryptographic Architec-
ing a Block Cipher Algorithm,” Interna-
ture: Cryptographic Application Program-
tional Organization for Standardization,
ming Interface Reference-Public Key
Algorithm,” IBM Corp., Mar 1993. 1989.
764. IS0 DIS 10118 DRAFT, “Information
753. R. Impagliazzo and M. Yung, “Direct Min-
Technology-Security Techniques-Hash
imum-Knowledge Computations,” Ad-
Functions,” International™Organization for
vances in Cryptology-CRYPTO ˜87 Pro-
Standardization, 1989.
ceedings, Springer-Verlag, 1988, pp. 40-51.
765. IS0 DIS 10118 DRAFT, “Information
754. I. Ingemarsson, “A New Algorithm for the
Technology-Security Techniques-Hash
Solution of the Knapsack Problem,” Lec-
Functions,” International Organization for
ture Notes in Computer Science 149;
Cryptography: Proceedings of the Work- Standardization, April 1991.
766. IS0 N98, “Hash Functions Using a Pseudo
shop on Cryptography, Springer-Verlag,
Random Algorithm,” working document,
1983, pp. 309315.
ISO-IEC/JTCl/SC27/WG2, International
755. I. Ingemarsson, “Delay Estimation for
Truly Random Binary Sequences or How Organization for Standardization, 1992.
767. IS0 N179, “AR Fingerprint Function,”
to Measure the Length of Rip van Winkle™s
Sleep,” Communications and Cryptogra- working document, ISOIEC/JTCl/SC27/
WG2, International Organization for Stan-
phy: rrtvo Sides of One Tapestry, R.E.
dardization, 1992.
Blahut et al., eds., Kluwer Adademic Pub-
lishers, 1994, pp. 179-186. 768. ISO/IEC 10118, “Information Technol-
ogy-security Techniques--Hash Func-
756. I. Ingemarsson and G.J. Simmons, “A Pro-
tions-part 1: General and Part 2: Hash-
tocol to Set Up Shared Secret Schemes
Functions Using an n-Bit Block Cipher
without the Assistance of a Mutually
Algorithm, ” International Organization
Trusted Party,” Advances in Cryptology-
EUROCRYPT ˜90 Proceedings, Springer- for Standardization, 1993.
Verlag, 1991, pp. 266-282. 769. K. Ito, S. Kondo, and Y. Mitsuoka,
“SKAL8/MBAL Algorithm,” Technical
757. I. Ingemarsson, D.T. Tang, and C.K. Wong,
“A Conference Key Distribution System,” Report, ISEC93-68, IEICE Japan, 1993. (In
IEEE Transactions on Information Theory, Japanese.)
v. IT-28, n. 5, Sep 1982, pp. 714720. 770. K.R. Iversen, “The Application of Crypto-
758. IS0 DIS 8730, “Banking-Requirements graphic Zero-Knowledge Techniques in
for Message Authentication (Wholesale),” Computerized Secret Ballot Election
Association for Payment Clearing Ser- Schemes,” Ph.D. dissertation, IDT-report
1991:3, Norwegian Institute of Technol-
vices, London, Jul 1987.
759. IS0 DIS 8731-1, “Banking-Approved ogy, Feb 1991.
Algorithms for Message Authentication- 771. K.R. Iversen, “A Cryptographic Scheme for
Part 1: DEA,” Association for Payment Computerized Elections,”
Clearing Services, London, 1987. Advances in Cryptology-CRYPTO ˜91
Proceedings, Springer-Verlag, 1992, pp.
760. IS0 DIS 8731-2, “Banking-Approved
Algorithms for Message Authentication- 405-419.
Part Authenticator 772. K. Iwamura, T. Matsumoto, and H. Imai,
2: Message
“An Implementation Method for RSA Cryp-
Algorithm,” Association for Payment
Clearing Services, London, 1987. tosystem with Parallel Processing,” 7bns-
761. IS0 DIS 8732, “Banking-Key Manage- actions of the Institute of Electronics, Infor-
ment (Wholesale),” Association for Pay- mation, and Communication Engineers, v.
ment Clearing Services, London, Dee 1987. J75-A, n. 8, Aug 1992, pp. 1301-1311.

Page 704
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

rithm,” 1st ACM Conference on Com-
773. W.J. Jaburek, “A Generalization of ElGa-
puter and Communications Security,
mal™s Public Key Cryptosystem,” Ad-
ACM Press, 1993, pp. 93-96.
vances in Cryptology-EUROCRYPT ˜89
J.P. Jordan, “A Variant of a Public-Key
Proceedings, 1990, Springer-Verlag, pp.
Cryptosystem Based on Goppa Codes,”
Sigact News, v. 15, n. 1, 1983, pp. 61-66.
774. N.S. James, R. Lidi, and H. Niederreiter,
787. A. Joux and L. Granboulan, “A Practical
“Breaking the Cade Cipher,” Advances in
Attack Against Knapsack Based Hash
Cryptology-CRYPTO ˜86 Proceedings,
Functions,” Advances in Cryptology-
1987, Springer-Verlag, pp. 60-63.
EUROCRYPT ˜94 Proceedings, Springer-
775. C.J.A. Jansen, “On the Key Storage
Requirements for Secure Terminals,” Verlag, 1995, to appear.
Computers and Security, v. 5, n. 2, Jun 788. A. Joux and J. Stern, “Cryptanalysis of
Another Knapsack Cryptosystem,” Ad-
1986, pp. 145-149.
776. C.J.A. Jansen, “Investigations on Nonlin- vances in Cryptology-ASIACRYPT ˜91
ear Streamcipher Systems: Construction Proceedings, Springer-Verlag, 1993, pp.
and Evaluation Methods,” Ph.D. disserta- 470476.
R.R. Jueneman, “Analysis of Certain
tion, Technical University of Delft, 1989. 789.
Aspects of Output-Feedback Mode,”
777. C.J.A. Jansen and D.E. Boekee, “Modes of
Blockcipher Algorithms and their Protec- Advances in Cryptology: Proceedings of
tion against Active Eavesdropping,” Crypto 82, Plenum Press, 1983, pp. 99-127.
790. R.R. Jueneman, “Electronic Document
Advances in Cryptology-EUROCRYPT
˜87 Proceedings, Springer-Verlag, 1988, pp. Authentication,” IEEE Network Maga-
281-286. zine, v. 1, n. 2, Apr 1978, pp. 17-23.
778. S.M. Jennings, “A Special Class of Binary 791. R.R. Jueneman, “A High Speed Manip-
Sequences,” Ph.D. dissertation, University ulation Detection Code,” Advances in
of London, 1980. Cryptology-CRYPTO ˜86 Proceedings,
779. S.M. Jennings, “Multiplexed Sequences: Springer-Verlag, 1987, pp. 327346.
Some Properties of the Minimum Polyno- 792. R.R. Jueneman, S.M. Matyas, and C.H.
mial,” Lecture Notes in Computer Science Meyer, “Message Authentication with
149; Cryptography: Proceedings of the Manipulation Detection Codes,” Proceed-
Workshop on Cryptography, Springer- ings of the 1983 IEEE Computer Society
Verlag, 1983, pp. 189-206. Symposium on Research in Security and
780. S.M. Jennings, “Autocorrelation Function Privacy, 1983, pp. 733-54.
of the Multiplexed Sequence,” IEE Pro- 793. R.R. Jueneman, S.M. Matyas, and C.H.
ceedings, v. 131, n. 2, Apr 1984, pp. Meyer, “Message Authentication,” IEEE
169-172. Communications Magazine, v. 23, n. 9,
781. T. Jin, “Care and Feeding of Your Three- Sep 1985, pp. 29-40.
Headed Dog,” Document Number IAG-90- 794. D. Kahn, The Codebreakers: The Story of
011, Hewlett-Packard, May 1990. Secret Writing, New York: Macmillan
782. T. Jin, “Living with Your Three-Headed Publishing Co., 1967.
Dog” Document Number IAG-90-012, 795. D. Kahn, Kahn on Codes, New York:
Hewlett-Packard, May 1990. Macmillan Publishing Co., 1983.
783. A. Jiwa, J. Seberry, and Y. Zheng, “Beacon 796. D. Kahn, Seizing the Enigma, Boston:
Based Authentication,” Computer Secu- Houghton Mifflin Co., 1991.
rity-ESORICS 94, Springer-Verlag, 1994, 797. P. Kaijser, T. Parker, and D. Pinkas,
pp. 125-141. “SESAME: The Solution to Security for
784. D.B. Johnson, G.M. Dolan, M.J. Kelly, A.V. Open Distributed Systems,” lournal of
Le, and SM. Matyas, “Common Crypto- Computer Communications, v. 17, n. 4,
graphic Architecture Cryptographic Appli- Jul 1994, pp. 501-518.
cation Programming Interface,” IBM Sys- 798. R. Kailar and V.D. Gilgor, “On Belief Evo-
tems Iournal, v. 30, n. 2, 1991, pp. 130-150. lution in Authentication Protocols,” Pro-
785. D.B. Johnson, S.M. Matyas, A.V. Le, and ceedings of the Computer Security Foun-
J.D. Wilkins, “Design of the Commercial dations Workshop IV, IEEE Computer
Data Masking Facility Data Privacy Algo- Society Press, 1991, pp. 102-116.

Page 705
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page


813. R.G. Kammer, statement before the U.S.
799. B.S. Kaliski, “A Pseudo Random Bit Gener-
government Subcommittee on Telecom-
ator Based on Elliptic Logarithms,” Mas-
munications and Finance, Committee on
ter™s thesis, Massachusetts Institute of
Energy and Commerce, 29 Apr 1993.
Technology, 1987.
814. T. Kaneko, K. Koyama, and R. Terada,
800. B.S. Kaliski, letter to NIST regarding DSS,
“Dynamic Swapping Schemes and Differ-
4 Nov 1991.
ential Cryptanalysis, Proceedings of the
801. B.S. Kaliski, “The MD2 Message Digest
1993 Korea-lapan Workshop on Informa-
Algorithm,” RFC 1319, Apr 1992.
tion Security and Cryptography, Seoul,
802. B.S. Kaliski, “Privacy Enhancement for
Korea, 24-26 Ott 1993, pp. 292301.
Internet Electronic Mail: Part IV Key Cer-
815. T. Kaneko, K. Koyama, and R. Terada,
tificates and Related Services,” RFC 1424,
“Dynamic Swapping Schemes and Differ-
Feb 1993.
ential Cryptanalysis,” nansactions of the
803. B.S. Kaliski, “An Overview of the PKCS
Institute of Electronics, Information, and
Standards,” RSA Laboratories, Nov 1993.
Communication Engineers, v. E77-A, n. 8,
804. B.S. Kaliski, “A Survey of Encryption Stan-
Aug 1994, pp. 1328-1336.
dards, IEEEMicro, v. 13, n. 6, Dee 1993, pp.
816. T. Kaneko and H. Miyano, “A Study on the
Strength Evaluation of Randomized DES-
805. B.S. Kaliski, personal communication,
Like Cryptosystems against Chosen Plain
text Attacks,” Proceedings of the 1993
806. B.S. Kaliski, “On the Security and Perfor-
Symposium on Cryptography and Infor-
mance of Several Triple-DES Modes,” RSA
mation Security (SCIS 93). Shuzenji,
Laboratories, draft manuscript, Jan 1994.
Japan, 2830 Jan 1993, pp. 15C.l-10.
807. B.S. Kaliski, R.L. Rivest, and A.T. Sher-
8 17. J. Kari, “A Cryptosystem Based on Proposi-
man, “Is the Data Encryption Standard
tional Logic,” Machines, Languages, and
a Group?“, Advances in Cryptology-
Complexity: 5th International Meeting of
EUROCRYPT ˜85, Springer-Verlag, 1986,
Young Computer Scientists, Selected Con-
pp. 81-95.
tributions, Springer-Verlag, 1989, pp.
808. B.S. Kaliski, R.L. Rivest, and A.T. Sherman,
“Is the Data Encryption Standard a Pure
818. E.D. Karnin, J.W. Greene, and M.E. Hell-
Cipher? (Results of More Cycling Experi-
ments in DES),” Advances in Cryptology- man, “On Sharing Secret Systems,” IEEE
˜ltansactions on Information Theory, v. IT-
CRYPTO ˜85 Proceedings, Springer-Verlag,
1986, pp. 212-226. 29, 1983, pp. 3541.
819. F.W. Kasiski, Die Geheimschriften und die
809. B.S. Kaliski, R.L. Rivest, and A.T. Sher-
Dechifiir-kunst, ES. Miller und Sohn,
man, “Is the Data Encryption Standard a
1863. (In German.)
Group? (Results of Cycling Experiments
on DES),” Iournal of Cryptology, v. 1, n. 1, 820. A. Kehne, J. Schonwalder, and H. Langen-
dorfer, “A Nonce-Based Protocol for Multi-
1988, pp. 3-36.
810. B.S. Kaliski and M.J.B. Robshaw, “Fast ple Authentications,” Operating Systems
Block Cipher Proposal,” Fust Software Review, v. 26, n. 4, Ott 1992, pp. 84-89.
Encryption, Cambridge Security Work- 821. J. Kelsey, personal communication, 1994.
822. R. Kemmerer, “Analyzing Encryption Pro-
shop Proceedings, Springer-Verlag, 1994,
tocols Using Formal Verification Tech-
pp. 33-40.
811. B.S. Kaliski and M.J.B. Robshaw, “Linear niques, ” IEEE lournal on Selected Areas in
Cryptanalysis Using Multiple Approxi- Communications, v. 7, n. 4, May 1989, pp.
mations,” Advances in Cryptology- 448457.
823. R. Kemmerer, C.A. Meadows, and J.
CRYPTO ˜94 Proceedings, Springer-Verlag,
1994, pp. 2639. Millen, “Three Systems for Cryptographic
812. B.S. Kaliski and M.J.B. Robshaw, “Linear Protocol Analysis,” Iournal of Cryptology,
Cryptanalysis Using Multiple Approxima- v. 7, n. 2, 1994, pp. 79-130.
824. ST. Kent, “Encryption-Based Protection
tions and FEAL,” K.V. Leuven Workshop
on Cryptographic Algorithms, Springer- Protocols for Interactive User-Computer
Communications,” MIT/LCS/TR-162,
Verlag, 1995, to appear.

Page 706
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

MIT Laboratory for Computer Science, sis,” Workshop on Selected Areas in Cryp-
tography-workshop Record, Kingston,
May 1976.
Ontario, 5-6 May 1994, pp. 70-81.
825. ST. Kent, “Privacy Enhancement for Inter-
838. K. Kim, S. Park, and S. Lee, “How to
net Electronic Mail: Part II: Certificate-
Based Key Management,” RFC 1422, Feb Strengthen DES against Two Robust
Attacks,” Proceedings of the 1995 lapan-
Korea Workshop on Information Security
826. ST. Kent, “Understanding the Internet
Certification System,” Proceedings of and Cryptography, Inuyama, Japan, 24-27
INET ˜93, The Internet Society, 1993, pp. Jan 1995, 173-182.
BABl-BABlO. 839. K. Kim, S. Park, and S. Lee, “Reconstruc-
827. ST. Kent and J. Linn, “Privacy Enhance- tion of s2DES S-Boxes and their Immunity
ment for Internet Electronic Mail: Part IL to Differential Cryptanalysis,” Proceed-
Certificate-Based Key Management,” RFC ings of the 1993 Korea-japan Workshop on
1114, Aug 1989. Information Security and Cryptography,
828. V. Kessler and G. Wedel, “AUTOLOGAn Seoul, Korea, 24-26 Ott 1993, pp. 282-29 1.
Advanced Logic of Authentication,” Pro- 840. S. Kim and B.S. Urn, “A Multipurpose
Membership Proof System Based on Dis-
ceedings of the Computer Security Foun-
dations Workshop VII, IEEE Computer crete Logarithm,” Proceedings of the 1993
Society Press, 1994, pp. 90-99. Korea-Japan Workshop on Information
829. E.L. Key, “An Analysis of the Structure Security and Cryptography, Seoul, Korea,
and Complexity of Nonlinear Binary 24-26 Ott 1993, pp. 177-183.
Sequence Generators,” IEEE Transactions 841. P. Kinnucan, “Data Encryption Gurus:
on Information Theory, v. IT-22, n. 6, Nov Tuchman and Meyer,” Cryptologia, v. 2, n.
1976, pp. 732-736. 4, Ott 1978.
830. T. Kiesler and L. Harn, “RSA Blocking and 842. A. KIapper, “The Vulnerability of Geomet-
Multisignature Schemes with No Bit ric Sequences Based on Fields of Odd Char-
Expansion,” Electronics Letters, v. 26, n. acteristic,” )ournal of Cryptology, v. 7, n.
18,30 Aug 1990, pp. 1490-1491. 1, 1994, pp. 33-52.
831. J. Kilian, Uses of Randomness in Algo- 843. A. Klapper, “Feedback with Carry Shift
rithms and Protocols, MIT Press, 1990. Registers over Finite Fields,” K. U. Leuven
832. J. Kilian, “Achieving Zero-Knowledge Workshop on Cryptographic Algorithms,
Robustly,” Advances in Cryptology- Springer-Verlag 1995, to appear.
CRYPTO ˜90 Proceedings, Springer-Verlag, 844. A. KIapper and M. Goresky, “2-adic Shift
1991, pp. 313325. Registers,” Fast Software Encryption,
833. J. Kilian and T. Leighton, “Failsafe Key Cambridge Security Workshop Proceed-
Escrow,” MIT/LCS/TR-636, MIT Labora- ings, Springer-Verlag, 1994, pp. 174-l 78.
tory for Computer Science, Aug 1994. 845. A. KIapper and M. Goresky, “2-adic Shift
834. K. Kim, “Construction of DES-Like S- Registers,” Technical Report #239-93,
Boxes Based on Boolean Functions Satis- Department of Computer Science, Univer-
fying the SAC,” Advances in Cryptology- sity of Kentucky, 19 Apr 1994.
ASIACRYPT ˜91 Proceedings, Springer- 846. A. KIapper and M. Goresky, “Large Period
Verlag, 1993, pp. 59-72. Nearly de Bruijn FCSR Sequences,”
835. K. Kim, S. Lee, and S. Park, “Necessary Advances in Cryptology-EUROCRYPT
Conditions to Strengthen DES S-Boxes ˜95 Proceedings, Springer-Verlag, 1995, pp.
Against Linear Cryptanalysis,” Proceedings 263-273.
of the 1994 Symposium on Cryptography 847. D.V. Klein, ” ˜Foiling the Cracker™: A Sur-
and Information Security (SCIS 94), Lake vey of, and Implications to, Password Secu-
Biwa, Japan, 27-29 Jan 1994, pp. 15D.l-9. rity,” Proceedings of the USENIX UNIX
836. K. Kim, S. Lee, and S. Park, “How to Security Workshop, Aug 1990, pp. 5-14.
Strengthen DES against Differential 848. D.V. Klein, personal communication,
Attack,” unpublished manuscript, 1994. 1994.
837. K. Kim, S. Lee, S. Park, and D. Lee, “DES 849. C.S. Kline and G.J. Popek, “Public Key vs.
Can Be Immune to Differential Cryptanaly- Conventional Key Cryptosystems,” Pro-

Page 707
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

˜95 Proceedings, Springer-Verlag, 1995, to
ceedings of AFIPS National Computer
Conference, pp. 831-837.
863. D. Knuth, The Art of Computer Program-
850. H.-J. Knobloch, “A Smart Card Implemen-
ming: Volume 2, Seminumerical Algo-
tation of the Fiat-Shamir Identification
rithms, 2nd edition, Addison-Wesley, 1981.
Scheme,” Advances in Cryptology-
864. D. Knuth, “Deciphering a Linear Congru-
EUROCRPYT ˜88 Proceedings, Springer-
ential Encryption,” IEEE Transactions on
Verlag, 1988, pp. 87-95.
Information Theory, v. IT-31, n. 1, Jan
851. T. Knoph, J. Frii(31, W. Beller, and T.
1985, pp. 49-52.
Giesler, “A Hardware Implementation of a
865. K. Kobayashi and L. Aoki, “On Linear
Modified DES Algorithm,” Microprocess-
Cryptanalysis of MBAL,” Proceedings of
ing and Microprogramming, v. 30, 1990,
the 1995 Symposium on Cryptography and
pp. 59-66.
Information Security (SCIS 95), Inuyama,
852. L.R. Knudsen, “Cryptanalysis of LOKI,”
Japan, 24-27 Jan 1995, pp. A4.2.1-9.
Advances in Cryptology-ASIACRYPT ˜91
866. K. Kobayashi, K. Tamura, and Y. Nemoto,
Proceedings, Springer-Verlag, 1993, pp.
“Two-dimensional Modified Rabin Cryp-
tosystem,” Transactions of the Institute of
853. L.R. Knudsen, “Cryptanalysis of LOKI,”
Electronics, Information, and Communi-
Cryptography and Coding III, M.J. Ganley,
cation Engineers, v. J72-D, n. 5, May 1989,
ed., Oxford: Clarendon Press, 1993, pp.
pp. 850-85 1. (In Japanese.)
N. Koblitz, “Elliptic Curve Cryptosys-
854. L.R. Knudsen, “Cryptanalysis of LOK191,”
terns,” Mathematics of Computation, v.
Advances in Cryptology-AUSCRYPT ˜92
48, n. 177, 1987, pp. 203-209.
Proceedings, Springer-Verlag, 1993, pp.
868. N. Koblitz, “A Family of Jacobians Suitable
for Discrete Log Cryptosystems,” Advances
855. L.R. Knudsen, “Iterative Characteristics of
in Cryptology-CRYPTO ˜88 Proceedings,
DES and s2DES,” Advances in Cryptol-
Springer-Verlag 1990, pp. 94-99.
ogy-CRYPTO ˜92, Springer-Verlag, 1993,
869. N. Koblitz, “Constructing Elliptic Curve
pp. 497-511.
Cryptosystems in Characteristic 2,” Ad-
856. L.R. Knudsen, “An Analysis of Kim, Park,
vances in Cryptology-CRYPTO ˜90 Pro-
and Lee™s DES-Like S-Boxes,” unpublished
ceedings, Springer-Verlag, 1991, pp.
manuscript, 1993.
857. L.R. Knudsen, “Practically Secure Feistel
870. N. Koblitz, “Hyperelliptic Cryptosystems,”
Ciphers,” Fast Software Encryption, Cam-
fournal of Cryptology, v. 1, n. 3, 1989, pp.
bridge Security Workshop Proceedings,
Springer-Verlag, 1994, pp. 211-221. 129-150.
N. Koblitz, “CM-Curves with Good
858. L.R. Knudsen, “Block Ciphers-Analysis, 871.
Cryptographic Properties,” Advances in
Design, Applications,” Ph.D. dissertation,
Cryptology-CRYPTO ˜91 Proceedings,
Aarhus University, Nov 1994.
859. L.R. Knudsen, personal communication, Springer-Verlag, 1992, pp. 279-287.
872. C.K. KOC, “High-Speed RSA Implementa-
tion,” Version 2.0, RSA Laboratories, Nov
860. L.R. Knudsen, “Applications of Higher
Order Differentials and Partial Differen- 1994.
873. M.J. Kochanski, “Remarks on Lu and Lee™s
tials,” K.U. Leuven Workshop on Crypto-
graphic Algorithms, Springer-Verlag, 1995, Proposals,” Cryptologia, v. 4, n. 4, 1980,
to appear. pp. 204-207.
874. M.J. Kochanski, “Developing an RSA
861. L.R. Knudsen and X. Lai, “New Attacks on
All Double Block Length Hash Functions Chip,” Advances in Cryptology-CRYPTO
˜85 Proceedings, Springer-Verlag, 1986, pp.
of Hash Rate 1, Including the Parallel-
DM,” Advances in Cryptology-EURO- 350-357.
CRYPT ˜94 Proceedings, Springer-Verlag, 875. J.T. Kohl, “The Use of Encryption in Ker-
beros for Network Authentication,” Ad-
1995, to appear.
vances in Cryptology-CRYPTO ˜89 Pro-
862. L.R. Knudsen, “A Weakness in SAFER K-
64,” Advances in Cryptology-CRYPTO ceedings, Springer-Verlag, 1990, pp. 35-43.

Page 708
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

888. K. Koyama, “Direct Demonstration of
876. J.T. Kohl, “The Evolution of the Kerberos
Authentication Service,” EurOpen Conjer- the Power to Break Public-Key Crypto-
systems,” Advances in Cryptology-
ence Proceedings, May 1991, pp. 295313.
877. J.T. Kohl and B.C. Neuman, “The Kerberos AUSCRYPT ˜90 Proceedings, Springer-
Network Authentication Service,” RFC Verlag, 1990, pp. 14-21.
1510, Sep 1993. 889. K. Koyama, “Security and Unique Deci-
878. J.T. Kohl, B.C. Neuman, and T. Ts™o, “The pherability of Two-dimensional Public Key
Evolution of the Kerberos Authentication Cryptosystems,” Transactions of the Insti-
System,” Distributed Open Systems, IEEE tute of Electronics, Information, and
Computer Society Press, 1994, pp. 78-94. Communication Engineers, v. E73, n. 7, Jul
879. Kohnfelder, “Toward a Practical Public 1990, pp. 1057-1067.
Key Cryptosystem,” Bachelor™s thesis, 890. K. Koyama, U.M. Maurer, T. Okamoto,
MIT Department of Electrical Engineering, and S.A. Vanstone, “New Public-Key
May 1978. Schemes Based on Elliptic Curves over the
880. A.G. Konheim, Cryptography: A Primer, Ring Z,,” Advances in Cryptology-
New York: John Wiley & Sons, 1981. CRYPTO ˜91 Proceedings, Springer-Verlag,
881. A.G. Konheim, M.H. Mack, R.K. McNeill, 1992, pp. 252-266.
B. Tuckerman, and G. Waldbaum, “The 891. K. Koyama and K. Ohta, “Identity-based
IPS Cryptographic Programs,” IBM Sys- Conference Key Distribution System,” Ad-
tems fournal, v. 19, n. 2, 1980, pp. vances in Cryptology-CRYPTO ˜87 Pro-
253-283. ceedings, Springer-Verlag, 1988,pp. 175-l 84.
882. VI. Korzhik and AI. Turkin, “Cryptanaly- 892. K. Koyama and T. Okamoto, “Elliptic
sis of McEliece™s Public-Key Cryptosys- Curve Cryptosystems and Their Applica-
tern,” Advances in Cryptology-EURO- tions,” IEICE Transactions on Informa-
CRYPT ˜91 Proceedings, Springer-Verlag, tion and Systems, v. E75-D, n. 1, Jan 1992,
1991, pp. 68-70. pp. 50-57.
883. S.C. Kothari, “Generalized Linear Thresh- 893. K. Koyama and R. Terada, “How to
old Scheme,” Advances in Cryptology: Strengthen DES-Like Cryptosystems
Proceedings of CRYPTO 84, Springer- against Differential Cryptanalysis,” Trans-
Verlag, 1985, pp. 231-241. actions of the Institute of Electronics,
884. J. Kowalchuk, B.P. Schanning, and S. Pow- Information, and Communication Engi-
ers, “Communication Privacy: Integration neers, v. E76-A, n. 1, Jan 1993, pp. 63-69.
of Public and Secret Key Cryptography,” 894. K. Koyama and R. Terada, “Probabilistic
Proceedings of the National Telecommu- Swapping Schemes to Strengthen DES
nication Conference, IEEE Press, 1980, pp. against Differential Cryptanalysis,” Pro- ceedings of the 1993 Symposium on Cryp-
885. K. Koyama, “A Master Key for the RSA tography and Information Security (SCIS
Public-Key Cryptosystem,” Transactions 931, Shuzenji, Japan, 2830 Jan 1993, pp.
of the Institute of Electronics, Injorma- 15D.l-12.
tion, and Communication Engineers, v. 895. K. Koyama and Y. Tsuruoka, “Speeding up
J65-D, n. 2, Feb 1982, pp. 163-170. Elliptic Cryptosystems Using a Singled
886. K. Koyama, “A Cryptosystem Using the Binary Window Method,” Advances in
Master Key for Multi-Address Communi- Cryptology-CRYPTO ˜92 Proceedings,
cations,” Transactions of the Institute of Springer-Verlag 1993, pp. 345357.
Electronics, Information, and Communi- 896. E. Kranakis, Primality and Cryptography,
cation Engineers, v. J65-D, n. 9, Sep 1982, Wiler-Teubner Series in Computer Sci-
pp. 1151-l 158. ence, 1986.
887. K. Koyama, “Demonstrating Membership 897. D. Kravitz, “Digital Signature Algorithm,”
of a Group Using the Shizuya-Koyama- U.S. Patent #5,231,668, 27 Jul 1993.
Itoh (SKI) Protocol,” Proceedings of the 898. D. Kravitz and I. Reed, “Extension of RSA
1989 Symposium on Cryptography and Cryptostructure: A Galois Approach,”
Information Security (SCIS 89), Gotenba, Electronics Letters, v. 18, n. 6, 18 Mar
Japan, 1989. 1982, pp. 255-256.

Page 709
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page


912. K. Kusuda and T. Matsumoto, “Optimiza-
899. H. Krawczyk, “How to Predict Congruen-
tion of the Time-Memory Trade-Off Crypt-
tial Generators,” Advances in Cryptol-
analysis and Its Application to Block
ogy-CRYPTO ˜89 Proceedings, Springer-
Ciphers,” Proceedings of the 1995 Sympo-
Verlag, 1990, pp. 138-153.
sium on Cryptography and Information
900. H. Krawczyk, “How to Predict Congruen-
Security (SCIS 951, Inuyama, Japan, 24-27
tial Generators,” fournal of Algorithms, v.
Jan 1995, pp. A3.2.1-11. (In Japanese.)
13, n. 4, Dee 1992, pp. 527-545.
913. H. Kuwakado and K. Koyama, “Security of
901. H. Krawczyk, “The Shrinking Generator:
RSA-Type Cryptosystems Over Elliptic
Some Practical Considerations,” Fast Soft-
Curves against Hastad Attack,” Electron-
ware Encryption, Cambridge Security
ics Letters, v. 30, n. 22, 27 Ott 1994, pp.
Workshop Proceedings, Springer-Verlag,
1843-l 844.
1994, pp. 45-46.
914. H. Kuwakado and K. Koyama, “A New
902. G.J. Kiihn, “Algorithms for Self-Synch-
RSA-Type Cryptosystem over Singular
ronizing Ciphers,” Proceedings of COM-
Elliptic Curves,” IMA Conference on
SIG 88, 1988.
Applications of Finite Fields, Oxford Uni-
903. G.J. Kuhn, F. Bruwer, and W. Smit, “˜n Vin-
versity Press, to appear.
nige Veeldoelige Enkripsievlokkie,” Pro-
915. H. Kuwakado and K. Koyama, “A New
ceedings of Injosec 90, 1990. (In Afrikaans.)
RSA-Type Scheme Based on Singular
904. S. Kullback, Statistical Methods in Crypt-
Cubic Curves,” Proceedings of the 1995
U.S. Government Printing
fapan-Korea Workshop on Information
Office, 1935. Reprinted by Aegean Park
Security and Cryptography, Inuyama,
Press, 1976.
Japan, 24-27 Jan 1995, pp. 144-151.
905. P.V. Kumar, R.A. Scholtz, and L.R. Welch,
916. M. Kwan, “An Eight Bit Weakness in the
“Generalized Bent Functions and their Prop-
LOKI Cryptosystem,” technical report,
erties,” fournal of Combinational Thwry,
Australian Defense Force Academy, Apr
Series A, v. 40, n. 1, Sep 1985, pp. 90-107.
906. M. Kurosaki, T. Matsumoto, and H. Imai,
917. M. Kwan and J. Pieprzyk, “A General Pur-
“Simple Methods for Multipurpose Certi-
pose Technique for Locating Key Scheduling
fication,” Proceedings of the 1989 Sympo-
Weakness in DES-Like Cryptosystems,”
sium on Cryptography and Information
Advances in Cryptology-ASIACRYPT ˜91
Security (SCIS 89), Gotenba, Japan, 1989.
907. M. Kurosaki, T. Matsumoto, and H. Imai, Proceedings, Springer-Verlag, 1991, pp.
“Proving that You Belong to at Least One
918. J.B. Lacy, D.P. Mitchell, and W.M. Schell,
of the Specified Groups,” Proceedings of
“CryptoLib: Cryptography in Software,”
the 1990 Symposium on Cryptography
UNIX Security Symposium IV Proceed-
and Information Security (SCIS 90),
Hihondaira, Japan, 1990. ings, USENIX Association, 1993, pp. 1-17.
919. J.C. Lagarias, “Knapsack Public Key Cryp-
908. K. Kurosawa, “Key Changeable ID-Based
tosystems and Diophantine Approxima-
Cryptosystem,” Electronics Letters, v. 25,
tions,” Advances in Cryptology: Proceed-
n. 9, 27 Apr 1989, pp. 577-578.
ings of Crypto 83, Plenum Press, 1984, pp.
909. K. Kurosawa, T. Ito, and M. Takeuchi,
“Public Key Cryptosystem Using a Recip- 3-23.
rocal Number with the Same Intractability 920. J.C. Lagarias, “Performance Analysis of
as Factoring a Large Number,” Cryptolo- Shamir™s Attack on the Basic Merkle-
gia, v. 12, n. 4, Ott 1988, pp. 225-233. Hellman Knapsack Cryptosystem,” Lec-
910. K. Kurosawa, C. Park, and K. Sakano, ture Notes in Computer Science 172; Pro-
“Group Signer/Verifier Separation Scheme,” ceedings of the 1lth International
Proceedings of the 1995 fapan-Korea Work- Colloquium on Automata, Languages,
shop on Information Security and Cryptog- and Programming (ICALP), Springer-
raphy, Inuyama, Japan, 24-27 Jan 1995, Verlag, 1984, pp. 312-323.
134-143. 921. J.C. Lagarias and A.M. Odlyzko, “Solving
Low-Density Subset Sum Problems,” Pro-
911. G.C. Kurtz, D. Shanks, and H.C. Williams,
“Fast Primality Tests for Numbers Less ceedings of the 24th IEEE Symposium on
than 50*109,” Mathematics of Computa- Foundations of Computer Science, 1983,
tion, v. 46, n. 174, Apr 1986, pp. 691-701. pp. l-10.


. 5
( 8)