. 6
( 8)


Page 710
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

935. L. Lamport, “Password Identification with
922. J.C. Lagarias and A.M. Odlyzko, “Solving
Insecure Communications,” Communica-
Low-Density Subset Sum Problems,” /our-
tions of the ACM, v. 24, n. 11, Nov 1981,
nal of the ACM, v. 32, n. 1, Jan 1985, pp.
pp. 770-772.
936. S. Landau, “Zero-Knowledge and the
923. J.C. Lagarias and J. Reeds, “Unique Extrap-
Department of Defense,” Notices of the
olation of Polynomial Recurrences,” SIAM
American Mathematical Society, v. 35, n.
lournal on Computing, v. 17, n. 2, Apr
1, Jan 1988, pp. 5-12.
1988, pp. 342-362.
937. S. Landau, S. Kent, C. Brooks, S. Charney,
924. X. Lai, Detailed Description and a Sojt-
D. Denning, W. Diffie, A. Lauck, D.
ware Implementation of the IPES Cipher,
Mikker, P. Neumann, and D. Sobel,
unpublished manuscript, 8 Nov 1991.
925. X. Lai, On the Design and Security of “Codes, Keys, and Conflicts: Issues in U.S.
Crypto Policy,” Report of a Special Panel
Block Ciphers, ETH Series in Information
of the ACM U.S. Public Policy Committee
Processing, v. 1, Konstanz: Hartung-Gorre
(USACM), Association for Computing
Verlag, 1992.
Machinery, Jun 1994.
926. X. Lai, personal communication, 1993.
938. S.K. Langford and M.E. Hellman, “Crypt-
927. X. Lai, “Higher Order Derivatives and Dif-
analysis of DES,” presented at 1994 RSA
ferential Cryptanalysis,” Communica-
Data Security conference, Redwood
tions and Cryptography: Two Sides of
Shores, CA, 12-14 Jan 1994.
One Tapestry, R.E. Blahut et al., eds.,
939. D. Lapidot and A. Shamir, “Publicly Verifi-
Kluwer Adademic Publishers, 1994, pp.
able Non-Interactive Zero-Knowledge
928. X. Lai and L. Knudsen, “Attacks on Double Proofs,” Advances in
CRYPTO ˜90 Proceedings, Springer-Verlag,
Block Length Hash Functions,” Fast Sojt-
ware Encryption, Cambridge Security 1991, pp. 353365.
940. A.V. Le, S.M. Matyas, D.B. Johnson, and J.D.
Workshop Proceedings, Springer-Verlag,
Wilkins, “A Public-Key Extension to the
1994, pp. 157-165.
929. X. Lai and J. Massey, “A Proposal for Common Cryptographic Architecture,”
a New Block Encryption Standard,” IBM Systems journal, v. 32, n. 3, 1993, pp.
Advances in Cryptology-EUROCRYPT
˜90 Proceedings, Springer-Verlag, 1991, pp. 941. P. L™Ecuyer, “Efficient and Portable Com-
389-404. bined Random Number Generators,”
930. X. Lai and J. Massey, “Hash Functions Communications of the ACM, v. 31, n. 6,
Based on Block Ciphers,” Advances in Jun 1988, pp. 742-749, 774.
Cryptology-EUROCRYPT ˜92 Proceed- 942. P. L™Ecuyer, “Random Numbers for Simu-
ings, Springer-Verlag, 1992, pp. 55-70. lation,” Communications of the ACM, v.
931. X. Lai, J. Massey, and S. Murphy, “Markov 33, n. 10, Ott 1990, pp. 85-97.
Ciphers and Differential Cryptanalysis,” 943. P.J. Lee and E.F. Brickell, “An Observation
Advances in Cryptology-EUROCRYPT on the Security of McEliece™s Public-Key
˜91 Proceedings, Springer-Verlag, 1991, pp. Cryptosystem,” Advances in Cryptology-
1738. EUROCRYPT ˜88 Proceedings, Springer-
932. X. Lai, R.A. Rueppel, and J. Woollven, “A Verlag, 1988, pp. 275-280.
Fast Cryptographic Checksum Algorithm 944. S. Lee, S. Sung, and K. Kim, “An Efficient
Based on Stream Ciphers,” Advances in Method to Find the Linear Expressions
for Linear Cryptanalysis,” Proceedings of
Cryptology-AUSCRYPT ˜92 Proceedings,
Springer-Verlag 1993, pp. 339348. the 1995 Korea-Iapan Workshop on Injor-
mation Security and Cryptography, Inu-
933. C.S. Laih, J.Y. Lee, C.H. Chen, and L. Harn,
“A New Scheme for ID-based Cryptosys- yama, Japan, 24-26 Jan 1995, pp. 183-
terns and Signatures,” lournal of the Chi-
nese Institute of Engineers, v. 15, n. 2, Sep 945. D.J. Lehmann, “On Primality Tests,” SIAM
1992, pp. 605610. lournal on Computing, v. 11, n. 2, May
934. B.A. LaMacchia and A.M. Odlyzko, “Com- 1982, pp. 374-375.
putation of Discrete Logarithms in Prime 946. T. Leighton, “Failsafe Key Escrow Sys-
Fields,” Designs, Codes, and Cryptogra- tems,” Technical Memo 483, MIT Labora-
phy, v. 1, 1991, pp. 46-62. tory for Computer Science, Aug 1994.

Page 711
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page


nomials,” Electronics Letters, v. 27, n. 3,
947. A. Lempel and M. Cohn, “Maximal Fami-
1991, pp. 228-229.
lies of Bent Sequences,” IEEE Transactions
on Information Theory, v. IT-28, n. 6, Nov 963. F.-X. Li, “How to Break Okamoto™s Cryp-
1982, pp. 865-868. tosystems by Continued Fraction Algo-
948. A.K. Lenstra, “Factoring Multivariate rithm,” ASIACRYPT ˜91 Abstracts, 1991,
Polynomials Over Finite Fields,” fournal pp. 285-289.
964. Y.X. Li and X.M. Wang, “A Joint Authenti-
of Computer System Science, v. 30, n. 2,
cation and Encryption Scheme Based on
Apr 1985, pp. 235-248.
949. A.K. Lenstra, personal communication, Algebraic Coding Theory,” Applied Alge-
1995. bra, Algebraic Algorithms and Error Cor-
recting Codes 9, Springer-Verlag, 1991, pp.
950. A.K. Lenstra and S. Haber, letter to NIST
Regarding DSS, 26 Nov 199 1.
95 1. A.K. Lenstra, H.W. Lenstra Jr., and L. 965. R. Lidl, G.L. Mullen, and G. Turwald, Pit-
“Factoring Polynomials with
Lovlcz, man Monographs and Surveys in Pure and
Applied Mathematics 65: Dickson Polyno-
Rational Coefficients,” Mathematische
mials, London: Longman Scientific and
Annalen, v. 261, n. 4, 1982, pp. 515-534.
Technical, 1993.
952. A.K. Lenstra, H.W. Lenstra, Jr., M.S. Man-
966. R. LidI and W.B. Miiller, “Permutation
asse, and J.M. Pollard, “The Number Field
Sieve,” Proceedings of the 22nd ACM in RSA-Cryptosystems,”
Advances in Cryptology: Proceedings of
Symposium on the Theory of Computing,
1990, pp. 574-572. Crypto 83, Plenum Press, 1984, pp.
953. A.K. Lenstra and H.W. Lenstra, Jr., eds.,
967. R. Lid1 and W.B. Miiller, “Generalizations
Lecture Notes in Mathematics 1554: The
of the Fibonacci Pseudoprimes Test,” Dis-
Development of the Number Field Sieve,
v. 92, 1991, pp.
Springer-Verlag, 1993. crete Mathematics,
954. A.K. Lenstra, H.W. Lenstra, Jr., M.S. Man- 21 l-220.
asse, and J.M. Pollard, “The Factorization 968. R. LidI and W.B. Mtiller, “Primality Test-
of the Ninth Fermat Number,” Mathemat- ing with Lucas Functions,” Advances in
ics of Computation, v. 61, n. 203, 1993, pp. Cryptology-AUSCRYPT ˜92 Proceedings,
319349. Springer-Verlag, 1993, pp. 539-542.
955. A.K. Lenstra and M.S. Manasse, “Factoring 969. R. Lidl, W.B. Muller, and A. Oswald,
by Electronic Mail,” Advances in Cryptol- “Some Remarks on Strong Fibonacci Pseu-
ogy-EUROCRYPT ˜89 Proceedings, doprimes,” Applicable Algebra in Engi-
neering, Communication and Computing,
Springer-Verlag, 1990, pp. 355371.
956. A.K. Lenstra and M.S. Manasse, “Factoring v. 1, n. 1, 1990, pp. 59-65.
with Two Large Primes,” Advances in 970. R. LidI and H. Niederreiter, “Finite Fields,”
Cryptology-EUROCRYPT ˜90 Proceed- Encyclopedia of Mathematics and its
ings, Springer-Verlag, 1991, pp. 72-82. Applications, v. 20, Addison-Wesley, 1983.
957. H.W. Lenstra Jr. “Elliptic Curves and 971. R. Lidl and H. Niederreiter, Introduction
Number-Theoretic Algorithms,” Report to Finite Fields and Their Applications,
86-19, Mathematisch Instituut, Univer- London: Cambridge University Press,
siteit van Amsterdam, 1986. 1986.
958. H.W. Lenstra Jr. “On the Chor-Rivest 972. K. Lieberherr, “Uniform Complexity and
Knapsack Cryptosystem,” fournal of Cryp- Digital Signatures,” Theoretical Computer
tology, v. 3, n. 3, 1991, pp. 149-155. Science, v. 16, n. 1, Ott 1981, pp. 99-110.
959. W.J. LeVeque, Fundamentals of Number 973. C.H. Lim and P.J. Lee, “A Practical Elec-
Theory, Addison-Wesley, 1977. tronic Cash System for Smart Cards,” Pro-
960. L.A. Levin, “One-Way Functions and ceedings of the 1993 Korea-fapan Work-
shop on Information
Pseudo-Random Generators,” Proceedings Security and
of the 17th ACM Symposium on Theory of Cryptography, Seoul, Korea, 24-26 Ott
Computing, 1985, pp. 363365. 1993, pp. 3447.
961. Lexar Corporation, “An Evaluation of the 974. C.H. Lim and P.J.Lee, “Security of Interac-
DES,” Sep 1976. tive DSA Batch Verification,” Electronics
962. D.-X. Li, “Cryptanalysis of Public-Key Dis- Letters, v. 30, n. 19, 15 Sep 1994, pp.
tribution Systems Based on Dickson Poly-

Page 712
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

of the 2nd Annual ACM Conference on
975. H.-Y. Lin and L. Harn, “A Generalized
Computer and Communications Security,
Secret Sharing Scheme with Cheater
ACM Press, 1994, pp. 108-117.
Detection,” Advances in Cryptology-
989. J.H. Loxton, D.S.P. Khoo, G.J. Bird, and J.
ASIACRYPT ˜91 Proceedings, Springer-
Seberry, “A Cubic RSA Code Equivalent to
Verlag 1993, pp. 149-158.
Factorization,” fournal of Cryptology, v. 5,
976. M.-C. Lin, T.-C. Chang, and H.-L. Fu,
n. 2, 1992, pp. 139-150.
“Information Rate of McEliece™s Public-
S.C. Lu and L.N. Lee, “A Simple and Effec-
key Cryptosystem,” Electronics Letters, v.
tive Public-Key Cryptosystem,” COMSAT
26, n. 1, 4 Jan 1990, pp. 1618.
Technical Review, 1979, pp. 15-24.
977. J. Linn, “Privacy Enhancement for Internet
Electronic Mail: Part I-Message Encipher- 991. M. Luby, S. Micah, and C. Rackoff, “How
to Simultaneously Exchange a Secret Bit
ment and Authentication Procedures,”
by Flipping a Symmetrically-Biased Coin,”
RFC 989, Feb 1987.
Proceedings of the 24nd Annual Sympo-
978. J. Linn, “Privacy Enhancement for Internet
sium on the Foundations of Computer Sci-
Electronic Mail: Part I-Message Encipher-
ence, 1983, pp. 1l-22.
ment and Authentication Procedures,”
RFC 1040, Jan 1988. 992. M. Luby and C. Rackoff, “HOW to Con-
979. J. Linn, “Privacy Enhancement for Internet struct Pseudo-Random Permutations from
Pseudorandom Functions,” SIAM fournal
Electronic Mail: Part I-Message Encipher-
ment and Authentication Procedures,” on Computing, Apr 1988, pp. 373386.
RFC 1113, Aug 1989. 993. F. Luccio and S. Mazzone, “A Cryptosys-
980. J. Linn, “Privacy Enhancement for Internet tern for Multiple Communications,” Infor-
Electronic Mail: Part III-Algorithms, mation Processing Letters, v. 10, 1980, pp.
Modes, and Identifiers,” RFC 1115, Aug 180-183.
1989. 994. V. Luchangco and K. Koyama, “An Attack
98 1. J. Linn, “Privacy Enhancement for Internet on an ID-Based Key Sharing System, Pro-
Electronic Mail: Part I-Message Encipher- ceedings of the 1993 Korea-Japan Work-
ment and Authentication Procedures,” shop on Information Security and Cryp-
RFC 1421, Feb 1993. tography, Seoul, Korea, 24-26 Ott 1993,
982. S. Lloyd, “Counting Binary Functions with pp. 262-271.
Certain Cryptographic Properties,” /our- 995. D.J.C. MacKay, “A Free Energy Minimiza-
nal of Cryptology, v. 5, n. 2, 1992, pp. tion Framework for Inferring the State of a
107-131. Shift Register Given the Noisy Output
983. T.M.A. Lomas, “Collision-Freedom, Con- Sequence, ” K.U. Leuven Workshop on
sidered Harmful, or How to Boot a Com- Cryptographic Springer-
puter,” Proceedings of the 1995 Korea- Verlag, 1995, to appear.
fapan Workshop on Information Security 996. M.D. MacLaren and G. Marsaglia, “Uni-
and Cryptography, Inuyama, Japan, 24-26 form Random Number Generators,” four-
Jan 1995, pp. 3542. nal of the ACM v. 12, n. 1, Jan 1965, pp.
984. T.M.A. Lomas and M. Roe, “Forging a 83-89.
Clipper Message,” Communications of the D. MacMillan, “Single Chip Encrypts Data
ACM, v. 37, n. 12, 1994, p. 12. at 14Mb/s,” Electronics, v. 54, n. 12, 16
985. D.L. Long, “The Security of Bits in the Dis- June 1981, pp. 161-165.
crete Logarithm,” Ph.D. dissertation, 998. R. Madhavan and L.E. Peppard, “A Multi-
Princeton University, Jan 1984. processor GaAs RSA Cryptosystem,” Pro-
986. D.L. Long and A. Wigderson, “How Dis- ceedings CCVLSI-89: Canadian Confer-
crete Is the Discrete Log,” Proceedings of ence on Very Large Scale Integration,
the 25th Annual ACM Syposium on the Vancouver, BC, Canada, 22-24 Ott 1989,
Theory of Computing, Apr 1983. pp. 115-122.
987. D. Longley and S. Rigby, “An Automatic 999. W.E. Madryga, “A High Performance
Search for Security Flaws in Key Manage- Encryption Algorithm,” Computer Secu-
ment Schemes,” Computers and Security, rity: A Global Challenge, Elsevier Science
v. 11, n. 1, Jan 1992. pp. 75-89. Publishers, 1984, pp. 557-570.
988. S.H. Low, N.F. Maxemchuk, and S. Paul, M. Mambo, A. Nishikawa, S. Tsujii, and E.
“Anonymous Credit Cards, ” Proceedings Okamoto, “Efficient Secure Broadcast

Page 713
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page


Communication System,” Proceedings of 1012. J.L. Massey and X. Lai, “Device for Con-
the 1993 Korea-Japan Workshop on Infor- verting a Digital Block and the Use
mation Security and Cryptography, Seoul, Thereof,” International Patent PCT/
Korea, 24-26 Ott 1993, pp. 23-33. CH91/00117, 28 Nov 1991.
1001. M. Mambo, K. Usuda, and E. Okamoto, 1013. J.L. Massey andX. Lai, “Device for the Con-
“Proxy Signatures,” Proceedings of the version of a Digital Block and Use of Same,”
1995 Symposium on Cryptography and U.S. Patent #5,214,703, 25 May 1993.
Information Security (SCIS 95), Inuyama, 1014. J.L. Massey and R.A. Rueppel, “Linear
Japan, 24-27 Jan 1995, pp. Bl.l.l-17. Ciphers and Random Sequence Generators
with Multiple Clocks,” Advances in Cryp-
1002. W. Mao and C. Boyd, “Towards Formal
Analysis of Security Protocols,” Proceed- tology: Proceedings of EUROCRYPT 84,
ings of the Computer Security Founda- Springer-Verlag, 1985, pp. 74-87.
tions Workshop VI, IEEE Computer Soci- 1015. M. Matsui, “Linear Cryptanalysis Method
for DES Cipher,” Advances in Cryp-
ety Press, 1993, pp. 147-158.
G. Marsaglia and T.A. Bray, “On-Line Ran-
1003. tology-EUROCRYPT ˜93 Proceedings,
dom Number Generators and their Use in Springer-Verlag, 1994, pp. 386397.
Combinations,” Communications of the 1016. M. Matsui, “Linear Cryptanalysis of DES
Cipher (I),” Proceedings of the 1993 Sym-
ACM, v. 11, n. 11, Nov 1968, p. 757-759.
1004. K.M. Martin, “Untrustworthy Participants posium on Cryptography and Information
in Perfect Secret Sharing Schemes,” Cryp- Security (SCIS 931, Shuzenji, Japan, 2830
tography and Coding III, M.J. Ganley, ed., Jan 1993, pp. 3C.l-14. (In Japanese.)
Oxford: Clarendon Press, 1993, pp. 1017. M. Matsui, “Linear Cryptanalysis Method
255-264. for DES Cipher (III),” Proceedings of the
1005. J.L. Massey, “Shift-Register Synthesis and 1994 Symposium on Cryptography and
BCH Decoding,” IEEE Transactions on Information Security (SCIS 941,Lake Biwa,
Information Theory, v. IT-15, n. 1, Jan Japan, 27-29 Jan 1994, pp. 4A.l-11. (In
1969, pp. 122-127. Japanese.)
1006. J.L. Massey, “Cryptography and System 1018. M. Matsui, “On Correlation Between the
Theory,” Proceedings of the 24th Allerton Order of the S-Boxes and the Strength of
Conference on Communication, Control, DES,” Advances in Cryptology-EURO-
and Computers, 13 Ott 1986, pp. l-8. CRYPT ˜94 Proceedings, Springer-Verlag,
1007. J.L. Massey, “An Introduction to Contem- 1995, to appear.
1019. M. Matsui, “The First Experimental
porary Cryptology,” Proceedings of the
IEEE, v. 76, n. 5., May 1988, pp. 533-549. Cryptanalysis of the Data Encryption
1008. J.L. Massey, “Contemporary Cryptology: Standard,” Advances in Cryptology-
An Introduction,” in Contemporary Cryp- CRYPTO ˜94 Proceedings, Springer-Verlag,
tology: The Science of Information 1994, pp. 1-l 1.
Integrity, G.J. Simmons, ed., IEEE Press, 1020. M. Matsui and A. Yamagishi, “A New
1992, pp. 139. Method for Known Plaintext Attack of
J.L. Massey, “SAFER K-64: A Byte-
1009. FEAL Cipher,” Advances in Cryptology-
Oriented Block-Ciphering Algorithm,” EUROCRYPT ˜92 Proceedings, Springer-
Fast Software Encryption, Cambridge Verlag, 1993, pp. 81-91.
Security Workshop Proceedings, Springer- 1021. T. Matsumoto and H. Imai, “A Class of
Verlag 1994, pp. 1-17. Asymmetric Crypto-Systems Based on
1010. J.L. Massey, “SAFER K-64: One Year Polynomials Over Finite Rings,” IEEE
Later,” K. U. Leuven Workshop on Crypto- International Symposium on Information
graphic Algorithms, Springer-Verlag, 1995, Theory, 1983, pp. 131-132.
to appear. 1022. T. Matsumoto and H. Imai, “On the Key
1011. J.L. Massey and I. Ingemarsson, “The Rip Production System: A Practical Solution to
Van Winkle Cipher-A Simple and Prov- the Key Distribution Problem,” Advances
ably Computationally Secure Cipher with in Cryptology-CRYPTO ˜87 Proceedings,
a Finite Key,” IEEE International Sympo- Springer-Verlag, 1988, pp. 185-193.
sium on Information Theory, Brighton, 1023. T. Matsumoto and H. Imai, “On the Secu-
UK, May 1985. rity of Some Key Sharing Schemes (Part

Page 714
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

ings of the 1994 IEEE Computer Society
21,” IEICE Japan, Technical Report,
Symposium on Research in Security and
ISEC90-28, 1990.
Privacy, 1994, pp. 147-154.
1024. S.M. Matyas, “Digital Signatures--An
1037. G. Mayhew, R. Frazee, and M. Bianco,
Overview,” Computer Networks, v. 3, n. 2,
“The Kinetic Protection Device,” Proceed-
Apr 1979, pp. 87-94.
ings of the 15th National Computer Secu-
1025. S.M. Matyas, “Key Handling with Control
rity Conference, NIST, 1994, pp. 147-154.
Vectors,” IBM Systems Iournal, v. 30, n. 2,
1038. K.S. McCurley, “A Key Distribution Sys-
1991, pp. 151-174.
tem Equivalent to Factoring,” fournal of
1026. S.M. Matyas, A.V. Le, and D.G. Abraham,
Cryptology, v. 1, n. 2, 1988, pp. 95-106.
“A Key Management Scheme Based on
1039. K.S. McCurley, “The Discrete Logarithm
Control Vectors,” IBM Systems fournal, v.
Problem,” Cryptography and Computa-
30, n. 2, 1991, pp. 175-191.
tional Number Theory (Proceedings of the
1027. S.M. Matyas and C.H. Meyer, “Genera-
Symposium on Applied Mathematics),
tion, Distribution, and Installation of
American Mathematics Society, 1990, pp.
Cryptographic Keys,” IBM Systems four-
nal, v. 17, n. 2, 1978, pp. 126-137.
1028. S.M. Matyas, C.H. Meyer, and J. Oseas, K.S. McCurley, open letter from the Sandia
National Laboratories on the DSA of the
“Generating Strong One-Way Functions
NIST, 7 Nov 1991.
with Cryptographic Algorithm,” IBM
Technical Disclosure Bulletin, v. 27, n. 1041. R.J. McEliece, “A Public-Key Cryptosys-
tern Based on Algebraic Coding Theory,”
lOA, Mar 1985, pp. 5658-5659.
1029. U.M. Maurer, “Provable Security in Cryp- Deep Space Network Progress Report
tography,” Ph.D. dissertation, ETH No. 42-44, Jet Propulsion Laboratory, Califor-
9260, Swiss Federal Institute of Technol- nia Institute of Technology, 1978, pp.
ogy, Ztirich, 1990.
“A Provable-Secure
1030. U.M. Maurer, 1042. R.J. McEliece, Finite Fields for Computer
Scientists and Engineers, Boston: Kluwer
Strongly-Randomized Cipher, ” Advances
in Cryptology-EUROCRYPT ˜90 Pro- Academic Publishers, 1987.
P. McMahon, “SESAME V2 Public Key and
ceedings, Springer-Verlag 1990, pp. 1043.
Authorization Extensions to Kerberos,”
1031. U.M. Maurer, “A Universal Statistical Proceedings of the Internet Society 1995
Symposium on Network and Distributed
Test for Random Bit Generators,”
Systems Security, IEEE Computer Society
Advances in Cryptology-CRYPTO ˜90
Proceedings, Springer-Verlag 1991, pp. Press, 1995, pp. 114-131.
409-420. 1044. C.A. Meadows, “A System for the Specifi-
1032. U.M. Maurer, “A Universal Statistical cation and Analysis of Key Management
Protocols,” Proceedings of the 1991 IEEE
Test for Random Bit Generators,” fournal
Computer Society
of Cryptology, v. 5, n. 2, 1992, pp. 89-106. Symposium on
1033. U.M. Maurer and J.L. Massey, “Cascade Research in Security and Privacy, 1991,
pp. 182-195.
Ciphers: The Importance of Being First,”
Iournal of Cryptology, v. 6, n. 1, 1993, pp. 1045. C.A. Meadows, “Applying Formal Meth-
55-61. ods to the Analysis of a Key Management
1034. U.M. Maurer and J.L. Massey, “Perfect Protocol,” Journal of Computer Security,
v. 1, n. 1, 1992, pp. 535.
Local Randomness in Pseudo-Random
Sequences, ” Advances in Cryptology- 1046. C.A. Meadows, “A Model of Computation
CRYPTO ˜89 Proceedings, Springer-Verlag, for the NRL Protocol Analyzer,” Proceed-
1990, pp. 110-112. ings of the Computer Security Founda-
1035. U.M. Maurer and Y. Yacobi, “Non- tions Workshop VII, IEEE Computer Soci-
interactive Public Key Cryptography,” ety Press, 1994, pp. 84-89.
Advances in Cryptology-EUROCRYPT 1047. C.A. Meadows, “Formal Verification of
˜91 Proceedings, Springer-Verlag, 1991, pp. Cryptographic Protocols: A Survey,”
498607. Advances in Cryptology-ASIACRYPT ˜94
1036. G. Mayhew, “A Low Cost, High Speed Proceedings, Springer-Verlag, 1995, pp.
Encryption System and Method, rr Proceed-

Page 715
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page


1060. A. Menezes, ed., Applications of Finite
1048. G. Medvinsky and B.C. Neuman, “Net-
Fields, Kluwer Academic Publishers,
Cash: A Design for Practical Electronic
Currency on the Internet,” Proceedings of
1061. A. Menezes and S.A. Vanstone, “Elliptic
the 1st Annual ACM Conference on Com-
Curve Cryptosystems and Their Imple-
puter and Communications Security,
mentations,” fournal of Cryptology, v. 6,
ACM Press, 1993, pp. 102-106.
1049. G. Medvinsky and B.C. Neuman, “Elec- n. 4, 1993, pp. 209-224.
1062. A. Menezes and S.A. Vanstone, “The
tronic Currency for the Internet,” Elec-
Implementation of Elliptic Curve Cryp-
tronic Markets, v. 3, n. 9110, Ott 1993, pp.
tosystems,” Advances in Cryptology-
AUSCRYPT ˜90 Proceedings, Springer-
1050. W. Meier, “On the Security of the IDEA
Verlag 1990, pp. 2-13.
Block Cipher,” Advances in Cryptology-
1063. R. Menicocci, “Short Gollmann Cascade
EUROCRYPT ˜93 Proceedings, Springer-
Generators May Be Insecure,” Codes and
Verlag, 1994, pp. 371-385.
Ciphers, Institute of Mathematics and its
1051. W. Meier and 0. Staffelbach, “Fast Corre-
Applications, 1995, pp. 281-297.
lation Attacks on Stream Ciphers,” four-
1064. R.C. Merkle, “Secure Communication
nal of Cryptology, v. 1, n. 3, 1989, pp.
Over Insecure Channels,” Communica-
tions of the ACM, v. 21, n. 4, 1978, pp.
1052. W. Meier and 0. Staffelbach, “Analysis of
Pseudo Random Sequences Generated by
1065. R.C. Merkle, “Secrecy, Authentication,
Cellular Automata,” Advances in Cryptol-
˜91 Proceedings, and Public Key Systems,” Ph.D. disserta-
Springer-Verlag, 1991, pp. 186-199. tion, Stanford University, 1979.
1053. W. Meier and 0. Staffelbach, “Correlation 1066. R.C. Merkle, “Method of Providing Digital
Signatures,” U.S. Patent #4,309,569, 5 Jan
Properties of Combiners with Memory in
Stream Ciphers,” Advances in Cryp- 1982.
1067. R.C. Merkle, “A Digital Signature Based
tology-E UR OCRYPT ˜90 Proceedings,
Springer-Verlag, 1991, pp. 204-213. on a Conventional Encryption Function,”
Advances in Cryptology-CRYPTO ˜87
1054. W. Meier and 0. Staffelbach, “Correlation
Properties of Combiners with Memory in Proceedings, Springer-Verlag 1988, pp.
Stream Ciphers,” Iournal of Cryptology, v.
1068. R.C. Merkle, “A Certified Digital Signa-
5, n. 1, 1992, pp. 67-86.
1055. W. Meier and 0. Staffelbach, “The Self- ture,” Advances in Cryptology-CRYPTO
Shrinking Generator,” Communications ˜89 Proceedings, Springer-Verlag, 1990, pp.
and Cryptography: Two Sides of One 218-238.
Tapestry, R.E. Blahut et al., eds., Kluwer 1069. R.C. Merkle, “One Way Hash Functions
Adademic Publishers, 1994, pp. 287-295. and DES,” Advances in Cryptology-
1056. J. Meijers, “Algebraic-Coded Cryptosys- CRYPTO ˜89 Proceedings, Springer-Verlag,
terns,” Master™s thesis, Technical Univer- 1990, pp. 428-446.
sity Eindhoven, 1990. 1070. R.C. Merkle, “A Fast Software One-Way
1057. J. Meijers and J. van Tilburg, “On the Rao- Hash Function,” fournal of Cryptology, v.
Nam Private-Key Cryptosystem Using 3, n. 1, 1990, pp. 43-58.
Linear Codes,” International Symposium 1071. R.C. Merkle, “Fast Software Encryption
on Information Theory, Budapest, Hun- Functions,” Advances in Cryptology-
gary, 1991. CRYPTO ˜90 Proceedings, Springer-Verlag,
1058. J. Meijers and J. van Tilburg, “An Improved 1991, pp. 476501.
ST-Attack on the Rao-Nam Private-Key 1072. R.C. Merkle, “Method and Apparatus for
Cryptosystem,” International Conference Data Encryption,” U.S. Patent #5,003,597,
on Finite Fields, Coding Theory, and 26 Mar 1991.
Advances in Communications and Com- 1073. R.C. Merkle, personal communication,
puting, Las Vegas, NV, 1991. 1993.
1059. A. Menezes, Elliptic Curve Public Key 1074. R.C. Merkle and M. Hellman, “Hiding
Cryptosystems, Kluwer Academic Pub- Information and Signatures in Trapdoor
lishers, 1993. Knapsacks,” IEEE Transactions on Infor-

Page 716
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

Signature Scheme,” Advances in Cryptol-
mation Theory, v. 24, n. 5, Sep 1978, pp.
ogy-CRYPTO ˜88 Proceedings, Springer-
Verlag, 1990, pp. 244-247.
1075. R.C. Merkle and M. Hellman, “On the
Security of Multiple Encryption,” Com- M.J. Mihajlevic, “A Correlation Attack
on the Binary Sequence Generators
munications of the ACM, v. 24, n. 7, 1981,
pp. 465-467. with Time-Varying Output Function,”
Advances in Cryptology-ASIACRYPT ˜94
1076. M. Merritt, “Cryptographic Protocols,”
Proceedings, Springer-Verlag, 1995, pp.
Ph.D. dissertation, Georgia Institute of
Technology, GIT-ICS-83/6, Feb 1983. 67-79.
1077. M. Merritt, “Towards a Theory of Crypto- 1090. M.J. MihajleviE and J.D. GoliE, “A Fast
Iterative Algorithm for a Shift Register
graphic Systems: A Critique of Crypto-
Internal State Reconstruction Given the
Complexity,” Distributed Computing and
Noisy Output Sequence,” Advances in
Cryptography, J. Feigenbaum and M. Mer-
ritt, eds., American Mathematical Society, Cryptology-AUSCRYPT ˜90 Proceedings,
1991, pp. 203-212. Springer-Verlag. 1990, pp. 165-175.
1078. C.H. Meyer, “Ciphertext/Plaintext and 1091. M.J. MihajleviE and J.D. GoliE, “Conver-
gence of a Bayesian Iterative Error-
Ciphertext/Key Dependencies vs. Number
of Rounds for Data Encryption Standard,” Correction Procedure to a Noisy Shift Reg-
AFIPS Conference Proceedings, 47, 1978, ister Sequence,” Advances in Cryptology
pp. 1119-1126. -EUROCRYPT ˜92 Proceedings, Springer-
1079. C.H. Meyer, “Cryptography-A State of Verlag, 1993, pp. 124-137.
the Art Review,” Proceedings of Com- 1092. J.K. Millen, S.C. Clark, and S.B. Freedman,
peuro ˜89, VLSI and Computer Peripher- “The Interrogator: Protocol Security Analy-
als, 3rd Annual European Computer Con- sis,” IEEE Transactions on Software Engi-
ference, IEEE Press, 1989, pp. 150-154. neering, v. SE-13,n. 2, Feb 1987, pp. 274-288.
1080. C.H. Meyer and SM. Matyas, Cryptogra- 1093. G.L. Miller, “Riemann™s Hypothesis and
phy: A New Dimension in Computer Data Tests for Primality,” Iournal of Computer
Security, New York: John Wiley W Sons, Systems Science, v. 13, n. 3, Dee 1976, pp.
1982. 300317.
1081. C.H. Meyer and M. Schilling “Secure Pro- 1094. S.P. Miller, B.C. Neuman, J.I. Schiller, and
gram Load with Manipulation Detection J.H. Saltzer, “Section E.2.1: Kerberos
Authentication and
Code,” Proceedings of Securicom ˜88, Authorization
1988, pp. 111-130. System,” MIT Project Athena, Dee 1987.
1082. C.H. Meyer and W.L. Tuchman, “Pseudo- 1095. VS. Miller, “Use of Elliptic Curves in
Random Codes Can Be Cracked,” Elec- Cryptography,” Advances in Cryptology-
tronic Design, v. 23, Nov 1972. CRYPTO ˜85 Proceedings, Springer-Verlag,
1083. C.H. Meyer and W.L. Tuchman, “Design 1986, pp. 417-426.
Considerations for Cryptography,” Pro- 1096. M. Minsky, Computation: Finite and Infi-
ceedings of the NCC, v. 42, Montvale, NJ: nite Machines, Englewood Cliffs, NJ:
AFIPS Press, Nov 1979, pp. 594-597. Prentice-Hall, 1967.
1084. S. Micali, “Fair Public-Key Crypto- 1097. C.J. Mitchell, “Authenticating Multi-Cast
systems,” Advances in Cryptology- Internet Electronic Mail Messages Using a
CRYPTO ˜92 Proceedings, Springer-Verlag, Bidirectional MAC Is Insecure,” draft
1993, pp. 113-138. manuscript, 1990.
1085. S. Micali, “Fair Cryptosystems,” MIT/ 1098. C.J. Mitchell, “Enumerating Boolean
LCS/TR-579.b, MIT Laboratory for Com- Functions of Cryptographic Significance,”
puter Science, Nov 1993. Journal of Cryptology, v. 2, n. 3, 1990, pp.
1086. S. Micali, “Fair Cryptosystems and Meth- 155-170.
ods for Use,” U.S. Patent #5,276,737, 4 Jan C.J. Mitchell, F. Piper, and P. Wild, “Digital
1994. Signatures,” Contemporary Cryptology:
1087. S. Micali, “Fair Cryptosystems and Meth- The Science of Information Integrity, G.J.
ods for Use,” U.S. Patent #5,315,658, 24 Simmons, ed., IEEE Press, 1991, pp.
May 1994. 325378.
1088. S. Micali and A. Shamir, “An Improve- 1100. CJ. Mitchell, M. Walker, and D. Rush,
ment on the Fiat-Shamir Identification and “CCITT/ISO Standards for Secure Message

Page 717
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page


rithm,” Mathematics of Computation, v.
Handling,” IEEE fournal on Selected Areas
54, n. 190, 1990, pp. 839-854.
in Communications, v. 7, n. 4, May 1989,
1114. J.H. Moore, “Protocol Failures in Cryp-
pp. 5 17-524.
tosystems,” Proceedings of the IEEE, v. 76,
1101. S. Miyaguchi, “Fast Encryption Algorithm
n. 5, May 1988.
for the RSA Cryptographic System,” Pro-
1115. J.H. Moore, “Protocol Failures in Cryp-
ceedings of Compcon 82, IEEE Press, pp.
tosystems,” in Contemporary Cryptology:
The Science of Information Integrity, G.J.
1102. S. Miyaguchi, “The FEAL-8 Cryptosystem
Simmons, ed., IEEE Press, 1992, pp.
and Call for Attack,” Advances in Cryptol-
ogy-CRYPTO ˜89 Proceedings, Springer-
1116. J.H. Moore and G.J. Simmons, “Cycle
Verlag, 1990, pp. 624-627.
S. Miyagnchi, “Expansion of the FEAL Structure of the DES with Weak and Semi-
Weak Keys,” Advances in Cryptology-
Cipher,” NTT Review, v. 2, n. 6, Nov 1990.
CRYPTO ˜86 Proceedings, Springer-Verlag,
1104. S. Miyaguchi, “The FEAL Cipher Family,”
1987, pp. 3-32.
Advances in Cryptology-CRYPTO ˜90
1117. T. Moriyasu, M. Morii, and M. Kasahara,
Proceedings, Springer-Verlag, 1991, pp.
“Nonlinear Pseudorandom Number Gen-
erator with Dynamic Structure and Its
1105. S. Miyaguchi, K. Ohta, and M. Iwata, “128-
Properties,” Proceedings of the 1994 Sym-
bit Hash Function (N-Hash),” Proceedings
posium on Cryptography and Information
of SECURICOM ˜90, 1990, pp. 127-137.
Security (SCIS 94) Biwako, Japan, 27-29
1106. S. Miyaguchi, K. Ohta, and M. Iwata, “128-
Jan 1994, pp. 8A.l-11.
bit Hash Function (N-Hash),” N7T
1118. R. Morris, “The Data Encryption Stan-
Review, v. 2, n. 6, Nov 1990, pp. 128-132.
dard-Retrospective and Prospects,” IEEE
1107. S. Miyaguchi, K. Ohta, and M. Iwata,
Communications Magazine, v. 16, n. 6,
“Confirmation that Some Hash Functions
Nov 1978, pp. 11-14.
Are Not Collision Free,” Advances in
1119. R. Morris, remarks at the 1993 Cambridge
Cryptology-EUROCRYPT ˜90 Proceed-
ings, Springer-Verlag, 1991, pp. 326343. Protocols Workshop, 1993.
1108. S. Miyaguchi, A. Shiraishi, and A. R. Morris, N.J.A. Sloane, and A.D. Wyner,
“Assessment of the NBS Proposed Data
Shimizu, “Fast Data Encipherment Algo-
Encryption Standard,” Cryptologia, v. 1, n.
rithm FEAL-8,” Review of the Electrical
Communication Laboratories, v. 36, n. 4, 3, Jul 1977, pp. 281-291.
1121. R. Morris and K. Thompson, “Password
1109. H. Miyano, “Differential Cryptanalysis on Security: A Case History,” Communica-
CALC and Its Evaluation,” Proceedings of tions of the ACM, v. 22, n. 11, Nov 1979,
the 1992 Symposium on Cryptography pp. 594-597.
and Information Security (SCIS 92), S.B. Morris, “Escrow Encryption,” lecture
Tateshina, Japan, 2-4 Apr 1992, pp. 7B.l-8. at MIT Laboratory for Computer Science, 2
Jun 1994.
1110. R. Molva, G. Tsudik, E. van Herreweghen,
and S. Zatti, “KryptoKnight Authentica- M.N. Morrison and J. Brillhart, “A Method
tion and Key Distribution System,” Pro- of Factoring and the Factorization of F,,”
ceedings of European Symposium on Mathematics of Computation, v. 29, n.
Research in Computer Security, Toulouse, 129, Jan 1975, pp. 183-205.
France, Nov 1992. L.E. Moser, “A Logic of Knowledge and
1111. P.L. Montgomery, “Modular Multiplica- Belief for Reasoning About Computer
tion without Trial Division,” Mathemat- Security,” Proceedings of the Computer
ics of Computation, v. 44, n. 170, 1985, pp. Security Foundations Workshop II, IEEE
519-521. Computer Society Press, 1989, pp. 57-63.
1125. Motorola Government Electronics Divi-
1112. P.L. Montgomery, “Speeding the Pollard
and Elliptic Curve Methods of Factoriza- sion, Advanced Techniques in Network
tion,” Mathematics of Computation, v. 48, Security, Scottsdale, AZ, 1977.
n. 177, Jan 1987, pp. 243-264. 1126. W.B. Miiller, “Polynomial Functions in
1113. P.L. Montgomery and R. Silverman, “An Modern Cryptology,” Contributions to
General Algebra 3: Proceedings of the
FFT Extension to the p-l Factoring Algo-

Page 718
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

Conference, Vienna: Verlag 21st Annual ACM Symposium on the The-
ory of Computing, 1989, pp. 33-43.
Holder-Pichler-Tempsky, 1985, pp. 732.
1127. W.B. Miiller and W. Nobauer, “Some 1139. National Bureau of Standards, “Report of
Remarks on Public-Key Cryptography,” the Workshop on Estimation of Significant
Studia Scientiarum Mathematicarum Advances in Computer Technology,”
NBSIR76-1189, National Bureau of Stan-
Hungarica, v. 16, 1981, pp. 71-76.
1128. W.B. Mtiler and W. Niibauer, “Cryptanaly- dards, U.S. Department of Commerce,
sis of the Dickson Scheme,” Advances in 21-22 Sep 1976, Dee 1977.
Cryptology-EUROCRYPT ˜8.5 Proceed- 1140. National Bureau of Standards, NBS FIPS
ings, Springer-Verlag. 1986, pp. 50-61. PUB 46, “Data Encryption Standard,”
1129. C. Muller-Scholer, “A Microprocessor- National Bureau of Standards, U.S. Depart-
Based Cryptoprocessor,” IEEE Micro, Ott ment of Commerce, Jan 1977.
1983, pp. 5-15. 1141. National Bureau of Standards, NBS FIPS
1130. R.C. Mullin, E. Nemeth, and N. Weiden- PUB 46-1, “Data Encryption Standard,”
hofer, “Will Public Key Cryptosystems U.S. Department of Commerce, Jan 1988.
Live Up to Their Expectations?-HEP 1142. National Bureau of Standards, NBS FIPS
Implementation of the Discrete Log Code- PUB 74, “Guidelines for Implementing and
breaker,” ICPP 85, pp. 193-196. Using the NBS Data Encryption Standard,”
1131. Y. Murakami and S. Kasahara, “An ID- U.S. Department of Commerce, Apr 1981.
Based Key Distribution Scheme,” IEICE 1143. National Bureau of Standards, NBS FIPS
Japan, Technical Report, ISEC90-26, 1990. PUB 81, “DES Modes of Operation,” U.S.
1132. S. Murphy, “The Cryptanalysis of FEAL-4 Department of Commerce, Dee 1980.
with 20 Chosen Plaintexts,” fournal of 1144. National Bureau of Standards, NBS FIPS
Cryptology, v. 2, n. 3, 1990, pp. 145-154. PUB 112, “Password Usage,” U.S. Depart-
1133. E.D. Myers, “STU-III-Multilevel Secure ment of Commerce, May 1985.
Computer Interface,” Proceedings of the 1145. National Bureau of Standards, NBS FIPS
Tenth Annual Computer Security Applica- PUB 113, “Computer Data Authentica-
tions Conference, IEEE Computer Society tion,” U.S. Department of Commerce,
Press, 1994, pp. 170-179. May 1985.
1134. D. Naccache, “Can O.S.S. be Repaired? 1146. National Computer Security Center,
Proposal for a New Practical Signature “Trusted Network Interpretation of the
Scheme,” Advances in Cryptology- Trusted Computer System Evaluation Cri-
EUROCRYPT ˜93 Proceedings, Springer- teria,” NCSC-TG-005 Version 1, Jul 1987.
Verlag, 1994, pp. 233-239. 1147. National Computer Security Center,
1135. D. Naccache, D. M™RaIhi, D. Raphaeli, and “Trusted Database Management System
S. Vaudenay, ˜Can D.S.A. be Improved? Interpretation of the Trusted Computer
Complexity Trade-Offs with the Digital System Evaluation Criteria,” NCSC-TG-
Signature Standard,” Advances in Cryptol- 021 Version 1, Apr 1991.
ogy-EUROCRYPT ˜94 Proceedings, 1148. National Computer Security Center, “A
Springer-Verlag. 1995, to appear. Guide to Understanding Data Remember-
1136. Y. Nakao, T. Kaneko, K. Koyama, and R. ante in Automated Information Systems,”
Terada, “A Study on the Security of RDES- NCSC-TG-025 Version 2, Sep 1991.
1 Cryptosystem against Linear Cryptanal- 1149. National Institute of Standards and Tech-
ysis,” Proceedings of the 1995 Iapan-Korea nology, NIST FIPS PUB XX, “Digital Sig-
Workshop on Information Security and nature Standard,” U.S. Department of
Cryptography, Inuyama, Japan, 24-27 Jan Commerce, DRAFT, 19 Aug 1991.
1995, pp. 163-172. 1150. National Institute of Standards and Tech-
1137. M. Naor, “Bit Commitment Using Pseudo- nology, NIST FIPS PUB 46-2, “Data
Randomness,” Advances in Cryptology- Encryption Standard,” U.S. Department of
CRYPTO ˜89 Proceedings, Springer-Verlag, Commerce, Dee 93.
1990, pp. 128-136. 1151. National Institute of Standards and Tech-
1138. M. Naor and M. Yung, “Universal One- nology, NIST FIPS PUB 171, “Key Manage-
Way Hash Functions and Their Crypto- ment Using X9.17,” U.S. Department of
graphic Application,” Proceedings of the Commerce, Apr 92.

Page 719
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page


1152. National Institute of Standards and Tech- 1166. H. Niederreiter, “A Public-Key Cryptosys-
nology, NIST FIPS PUB 180, “Secure Hash tern Based on Shift Register Sequences,”
Standard,” U.S. Department of Commerce, Advances in Cryptology-EUROCRYPT
May 93. ˜85 Proceedings, Springer-Verlag, 1986, pp.
1153. National Institute of Standards and Tech- 3539.
nology, NIST FIPS PUB 185, “Escrowed 1167. H. Niederreiter, “Knapsack-Type Cryp-
Encryption Standard,” U.S. Department of tosystems and Algebraic Coding Theory,”
Commerce, Feb 94. Problems of Control and Information The-
1154. National Institute of Standards and Tech- ory, v. 15, n. 2, 1986, pp. 159-166.
nology, NIST FIPS PUB 186, “Digital Sig- 1168. H. Niederreiter, “The Linear Complexity
nature Standard,” U.S. Department of Profile and the Jump Complexity of
Commerce, May 1994. Keystream Sequences,” Advances in Cryp-
1155. National Institute of Standards and Tech- tology-EUROCRYPT ˜90 Proceedings,
Springer-Verlag, 1991, pp. 174-188.
nology, “Clipper Chip Technology,” 30
Apr 1993. 1169. V. Niemi, “A New Trapdoor in Knap-
1156. National Institute of Standards and Tech- sacks, ” Advances in Cryptology--EURO-
nology, “Capstone Chip Technology,” 30 CRYPT ˜90 Proceedings, Springer-Verlag,
Apr 1993. 1991, pp. 405-411.
1157. J. Nechvatal, “Public Key Cryptography,” 1170. V. Niemi and A. Renvall, “How to Prevent
NIST Special Publication 800-2, National Buying of Voters in Computer Elections,”
Institute of Standards and Technology, Advances in Cryptology-ASIACRYPT ˜94
U.S. Department of Commerce, Apr 199 1. Proceedings, Springer-Verlag, 1995, pp.
1158. J. Nechvatal, “Public Key Cryptography,” 164-170.
Contemporary Cryptology: The Science of 1171. I. Niven and H.A. Zuckerman, An Intro-
Information Integrity, G. J. Simmons, ed., duction to the Theory of Numbers, New
IEEE Press, 1992, pp. 177-288. York: John Wiley & Sons, 1972.
1159. R.M. Needham and M.D. Schroeder, 1172. R. Niibauer, “Cryptanalysis of the RCdei
“Using Encryption for Authentication in Scheme,” Contributions to General Alge-
Large Networks of Computers,” Commu- bra 3: Proceedings of the Vienna Confer-
nications of the ACM, v. 21, n. 12, Dee ence, Verlag Holder-Pichler-Tempsky,
1978, pp. 993-999. Vienna, 1985, pp. 255-264.
1160. R.M. Needham and M.D. Schroeder, 1173. R. NBbauer, “Cryptanalysis of a Public-
“Authentication Revisited,” Operating Key Cryptosystem Based on Dickson-
Systems Review, v. 21, n. 1, 1987, p. 7. Polynomials, ” Mathematics Slovaca, v.
1161. D.M. Nessett, “A Critique of the Burrows, 38, n. 4, 1988, pp. 309323.
Abadi, and Needham Logic,” Operating 1174. K. Noguchi, H. Ashiya, Y. Sane, and T.
System Review, v. 20, n. 2, Apr 1990, pp. Kaneko, “A Study on Differential Attack
3538. of MBAL Cryptosystem,” Proceedings of
1162. B.C. Neuman and S. Stubblebine, “A Note the 1994 Symposium on Cryptography
on the Use of Timestamps as Nonces,” and Information Security (SCIS 94). Lake
Operating Systems Review, v. 27, n. 2, Apr Biwa, Japan, 27-29 Jan 1994, pp. 14B.l-7.
1993, pp. 10-14. (In Japanese.)
1163. B.C. Neuman and T. Ts™o, “Kerberos: An 1175. H. Nurmi, A. Salomaa, and L. Santean,
Authentication Service for Computer Net- “Secret Ballot Elections in Computer Net-
works,” IEEE Communications Magazine, works,” Computers eJ Security, v. 10,
v. 32, n. 9, Sep 1994, pp. 3338. 1991, pp. 553-560.
1164. L. Neuwirth, “Statement of Lee Neuwirth 1176. K. Nyberg, “Construction of Bent Func-
of Cylink on HR145,” submitted to con- tions and Difference Sets,” Advances in
gressional committees considering HR145, Cryptology-EUROCRYPT ˜91 Proceed-
Feb 1987. ings, Springer-Verlag, 1991, pp. 151-160.
1165. D.B. Newman, Jr. and R.L. Pickholtz, 1177. K. Nyberg, “Perfect Nonlinear S-Boxes,”
“Cryptography in the Private Sector,” Advances in Cryptology-EUROCRYPT
IEEE Communications Magazine, v. 24, n. ˜91 Proceedings, Springer-Verlag, 1991, pp.
8, Aug 1986, pp. 7-10. 378386.

Page 720
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

1190. A. Odlyzko, “Progress in Integer Factoriza-
1178. K. Nyberg “On the Construction of Highly
tion and Discrete Logarithms,” unpub-
Nonlinear Permutations,” Advances in
lished manuscript, Feb 1995.
Cryptology-EUROCRYPT ˜92 Proceed-
1191. Office of Technology Assessment, U.S.
ings, Springer-Verlag 1991, pp. 92-98.
Congress, “Defending Secrets, Sharing
1179. K. Nyberg, “Differentially Uniform Map-
Data: New Locks and Keys for Electronic
pings for Cryptography,” Advances in
Communication,” OTA-CIT-310, Wash-
Cryptology-EUROCRYPT ˜93 Proceed-
ington, DC.: U.S. Government Printing
ings, Springer-Verlag, 1994, pp. 55-64.
1180. K. Nyberg, “Provable Security against Office, Ott 1987.
1192. B. O™Higgins, W. Diffie, L. Strawczynski,
Differential Cryptanalysis,” presented at
the rump session of Eurocrypt ˜94, May and R. de Hoog, “Encryption and ISDN-a
Natural Fit,” Proceedings of the 1987
International Switching Symposium,
1181. K. Nyberg and L.R. Knudsen, “Provable
Security against Differential Cryptanaly- 1987, pp. 863-869.
1193. Y. Ohnishi, “A Study on Data Security,”
sis,” Advances in Cryptology-CRYPTO
˜92 Proceedings, Springer-Verlag, 1993, pp. Master™s thesis, Tohuku University, Japan,
566-574. 1988. (In Japanese.)
1182. K. Nyberg and L.R. Knudsen, “Provable 1194. K. Ohta, “A Secure and Efficient Encrypted
Broadcast Communication System Using a
Security against Differential Cryptanaly-
sis,” Journal of Cryptology, v. 8, n. 1, 1995, Public Master Key,” Transactions of the
pp. 2737. Institute of Electronics, Information, and
1183. K. Nyberg and R.A. Rueppel, “A New Sig- Communication Engineers, v. J70-D, n. 8,
nature Scheme Based on the DSA Giving Aug 1987, pp. 1616-1624.
Message Recovery,” 1st ACM Conference 1195. K. Ohta, “An Electrical Voting Scheme
on Computer and Communications Secu- Using a Single Administrator,” IEICE
rity, ACM Press, 1993, pp. 58-61. Spring National Convention, A-294, 1988,
1184. K. Nyberg and R.A. Rueppel, “Message v. 1, p. 296. (In Japanese.)
Recovery for Signature Schemes Based on 1196. K. Ohta, “Identity-based Authentication
the Discrete Logarithm Problem,” Advances Schemes Using the RSA Cryptosystem,”
in Cryptology-EUROCRYPT ˜94 Proceed- Transactions of the Institute of Electron-
ings, Springer-Verlag 1995, to appear. ics, Information, and Communication
1185. L. O™Connor, “Enumerating Nondegener- Engineers, v. J72D-II, n. 8, Aug 1989, pp.
ate Permutations,” Advances in Cryp- 612-620.
tology-E UROCRYPT ˜93 Proceedings, 1197. K. Ohta and M. Matsui, “Differential At-
Springer-Verlag 1994, pp. 368-377. tack on Message Authentication Codes,”
1186. L. O™Connor, “On the Distribution of Advances in Cryptology-CRYPTO ˜93
Characteristics in Bijective Mappings,” Proceedings, Springer-Verlag. 1994, pp.
Advances in Cryptology-EUROCRYPT 200-223.
˜93 Proceedings, Springer-Verlag 1994, pp. 1198. K. Ohta and T. Okamoto, “Practical Exten-
360-370. sion of Fiat-Shamir Scheme,” Electronics
1187. L. O™Connor, “On the Distribution of Letters, v. 24, n. 15, 1988, pp. 955-956.
Characteristics in Composite Permuta- 1199. K. Ohta and T. Okamoto, “A Modification
tions,” Advances in Cryptology- of the Fiat-Shamir Scheme,” Advances in
CRYPTO ˜93 Proceedings, Springer-Verlag, Cryptology-CRYPTO ˜88 Proceedings,
1994, pp. 403-412. Springer-Verlag, 1990, pp. 232-243.
1188. L. O™Connor and A. Klapper, “Algebraic 1200. K. Ohta and T. Okamoto, “A Digital Mul-
Nonlinearity and Its Application to Cryp- tisignature Scheme Based on the Fiat-
tography,” Journal of Cryptology, v. 7, n. 3, Shamir Scheme,” Advances in Cryp-
1994, pp. 133-151. tology-ASIACRYPT ˜91 Proceedings,
1189. A. odlyzko, “Discrete Logarithms in Springer-Verlag, 1993, pp. 139-148.
Finite Fields and Their Cryptographic Sig- 1201. K. Ohta, T. Okamoto and K. Koyama,
nificance,” Advances in Cryptology: Pro- “Membership Authentication for Hierar-
ceedings of EUROCRYPT 84, Springer- chy Multigroups Using the Extended Fiat-
Verlag, 1985, pp. 224-314. Shamir Scheme,” Advances in Cryptol-

Page 721
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page


ogy-E UROCRYPT posium on Cryptography and Information
˜90 Proceedings,
Springer-Verlag, 1991, pp. 446457. Security (SCIS 94), Lake Biwa, Japan,
E. Okamoto and K. Tanaka, “Key Distribu- 27-29 Jan 1994, pp. 16B.l-11.
tion Based on Identification Information,” 1214. T. Okamoto and K. Sakurai, “Efficient
IEEE Iournal on Selected Areas in Com- Algorithms for the Construction of Hyper-
munication, v. 7, n. 4, May 1989, pp. elliptic Cryptosystems,” Advances in
481485. Cryptology-CRYPTO ˜91 Proceedings,
1203. T. Okamoto, “Fast Public-Key Cryptosys- Springer-Verlag, 1992, pp. 267-278.
1215. T. Okamoto and A. Shiraishi, “A Fast Sig-
terns Using Congruent Polynomial Equa-
tions,” Electronics Letters, v. 22, n. 11, nature Scheme Based on Quadratic
1986, pp. 581-582. Inequalities,” Proceedings of the 1985
1204. Symposium on Security and Privacy, IEEE,
T. Okamoto, “Modification of a Public-
Apr 1985, pp. 123-132.
Key Cryptosystem,” Electronics Letters, v.
23, n. 16, 1987, pp. 814-815. 1216. J.D. Olsen, R.A. Scholtz, and L.R. Welch,
1205. “Bent Function Sequences,” IEEE Transac-
T. Okamoto, “A Fast Signature Scheme
tions on Information Theory, v. IT-28, n. 6,
Based on Congruential Polynomial Opera-
tions,” IEEE Transactions on Information Nov 1982, pp. 858-864.
Theory, v. 36, n. 1, 1990, pp. 47-53. 1217. H. Ong and C.P. Schnorr, “Signatures
1206. T. Okamoto, “Provably Secure and Practi- through Approximate Representations by
Quadratic Forms,” Advances in Cryptol-
cal Identification Schemes and Corre-
sponding Signature Schemes,” Advances ogy: Proceedings of Crypto 83, Plenum
in Cryptology-CRYPTO ˜92 Proceedings, Press, 1984.
Springer-Verlag, 1993, pp. 31-53. 1218. H. Ong and C.P. Schnorr, “Fast Signature
1207. T. Okamoto, A. Fujioka, and E. Fujisaki, Generation with a Fiat Shamir-Like
“An Efficient Digital Signature Scheme Scheme,” Advances in Cryptology-
Based on Elliptic\ Curve over the Ring z” EUROCRYPT ˜90 Proceedings, Springer-
Advances in Cryptology-CRYPTO ˜92 Pro- Verlag, 1991, pp. 432440.
ceedings, Springer-Verlag, 1993, pp. 54-65. 1219. H. Ong, C.P. Schnorr, and A. Shamir, “An
T. Okamoto, S. Miyaguchi, A. Shiraishi, Efficient Signature Scheme Based on Poly-
and T. Kawoaka, “Signed Document nomial Equations,” Proceedings of the
Transmission System,” U.S. Patent 16th Annual Symposium on the Theory of
#4,625,076, 25 Nov 1986. Computing, 1984, pp. 208-216.
T. Okamoto and K. Ohta, “Disposable 1220. H. Ong, C.P. Schnorr, and A. Shamir, “Effi-
Zero-Knowledge Authentication and Their cient Signature Schemes Based on Polyno-
Applications to Untraceable Electronic mial Equations,” Advances in Cryptology:
Cash,” Advances in Cryptology- Proceedings of CRYPTO 84, Springer-
CRYPTO ˜89 Proceedings, Springer-Verlag, Verlag, 1985, pp. 37-46.
1990, pp. 134-149. 1221. Open Shop Information Services, OSIS
T. Okamoto and K. Ohta, “How to Utilize Security Aspects, OSIS European Working
the Randomness of Zero-Knowledge Group, WGl, final report, Ott 1985.
Proofs, ” Advances in Cryptology- 1222. G.A. Orton, M.P. Roy, P.A. Scott, L.E. Pep-
CRYPTO ˜90 Proceedings, Springer-Verlag, pard, and S.E. Tavares, “VLSI Implementa-
1991, pp. 456-475. tion of Public-Key Encryption Algo-
T. Okamoto and K. Ohta, “Universal Elec- rithms,” Advances in Cryptology-
tronic Cash,” Advances in Cryptology- CRYPTO ˜86 Proceedings, Springer-Verlag,
CRYPTO ˜91 Proceedings, Springer-Verlag, 1987, pp. 277301.
1992, pp. 324-337. 1223. H. Orup, E. Svendsen, and E. Andreasen,
T. Okamoto and K. Ohta, “Survey of Digi-
1212. “VICTOR-An Efficient RSA Hardware
tal Signature Schemes,” Proceedings of the Implementation,” Advances in Cryptol-
Third Symposium on State and Progress of ogy-EUROCRYPT ˜90 Proceedings,
Research in Cryptography, Fondazone Ugo Springer-Verlag, 1991, pp. 245-252.
Bordoni, Rome, 1993, pp. 17-29. 1224. D. Otway and 0. Rees, “Efficient and
T. Okamoto and K. Ohta, “Designated Timely Mutual Authentication,” Operat-
Confirmer Signatures Using Trapdoor ing Systems Review, v. 21, n. 1, 1987, pp.
Functions,” Proceedings of the 1994 Sym- 8-10.

Page 722
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

1225. G. Pagels-Fick, “Implementation Issues for ogy-EUROCRYPT ˜85, Springer-Verlag,
1986, pp. 62-72.
Master Key Distribution and Protected
Keyload Procedures, ” Computers and 1238. I. Peterson, “Monte Carlo Physics: A Cau-
tionary Lesson,” Science News, v. 142, n.
Security: A Global Challenge, Proceedings
of IFIPISEC ˜83, North Holland: Elsevier 25, 19 Dee 1992, p. 422.
Science Publishers, 1984, pp. 381390. 1239. B. Pfitzmann, “Fail-Stop Signatures: Prin-
1226. CM. Papadimitriou, Computational ciples and Applications,” Proceedings of
Complexity, Addison-Wesley, 1994. COMPUSEC ˜92, Eighth World Confer-
1227. C.S. Park, “Improving Code Rate of ence on Computer Security, Audit, and
McEliece™s Public-key Cryptosystem,” Control, Elsevier Science Publishers, 1991,
Electronics Letters, v. 25, n. 21, 12 Ott pp. 125-134.
1989, pp. 1466-1467. 1240. B. Pfitzmann and M. Waidner, “Formal
1228. S. Park, Y. Kim, S. Lee, and K. Kim, Aspects of Fail-Stop Signatures,” FakultBt
“Attacks on Tanaka™s Non-interactive Key fti Informatik, University Karlsruhe,
Sharing Scheme,” Proceedings of the 1995 Report 22/90, 1990.
Symposium on Cryptography and Infor- 1241. B. Pfitzmann and M. Waidner, “Fail-Stop
mation Security (SCIS 95), Inuyama, Signatures and Their Application,” Securi-
Japan, 24-27 Jan 1995, pp. B3.4.1-4. corn ˜91, 1991, pp. 145-160.
1229. S.J. Park, K.H. Lee, and D.H. Won, “An 1242. B. Pfitzmann and M. Waidner, “Uncondi-
Entrusted Undeniable Signature,” Pro- tional Concealment with Cryptographic
ceedings of the 1995 lapan-Korea Work- Ruggedness,” VIS ˜91 Verlassliche Infor-
shop on Information Security and Cryp- mationsysteme Proceedings, Darmstadt,
tography, Inuyama, Japan, 24-27 Jan 1995, Germany, 13-15 March 1991, pp. 3-2-320.
pp. 120-126. (In German.)
1230. S.J. Park, K.H. Lee, and D.H. Won, “A Prac- 1243. B. Pfitzmann and M. Waidner, “How to
tical Group Signature,” Proceedings of the Break and Repair a ˜Provably Secure™
1995 lapan-Korea Workshop on Informa- Untraceable Payment System,” Advances
tion Security and Cryptography, Inuyama, in Cryptology-CRYPTO ˜91 Proceedings,
Japan, 24-27 Jan 1995, pp. 127-133. Springer-Verlag, 1992, pp. 338350.
1231. SK. Park and K.W. Miller, “Random Num- 1244. C.F! Pfleeger, Security in Computing,
ber Generators: Good Ones Are Hard to Englewood Cliffs, N.J.: Prentice-Hall,
Find,” Communications of the ACM, v. 1989.
31, n. 10,Oct 1988, pp. 1192-1201. 1245. S.J.D. Phoenix and PD. Townsend, “Quan-
1232. J. Patarin, “How to Find and Avoid Colli- tum Cryptography and Secure Optical
sions for the Knapsack Hash Function,” Communication,” BT Technology Iournal,
Advances in Cryptology-EUROCRYPT v. 11, n. 2, Apr 1993, pp. 65-75.
˜93 Proceedings, Springer-Verlag, 1994, pp. 1246. J. Pieprzyk, “On Public-Key Cryptosys-
305317. terns Built Using Polynomial Rings,”
1233. W. Patterson, Mathematical Cryptology for Advances in Cryptology-EUROCRYPT
Computer Scientists and Mathematicians, ˜85, Springer-Verlag, 1986, pp. 73-80.
Totowa, N.J.: Rowman & Littlefield, 1987. 1247. J. Pieprzyk, “Error Propagation Property
1234. W.H. Payne, “Public Key Cryptography Is and Applications in Cryptography,” IEE
Easy to Break,” William H. Payne, unpub- Proceedings-E, Computers and Digital
lished manuscript, 16 Ott 90. Techniques, v. 136, n. 4, Jul 1989, pp.
1235. T.P. Pederson, “Distributed Provers with 262-270.
Applications to Undeniable Signatures,” 1248. D. Pinkas, T. Parker, and P. Kaijser,
Advances in Cryptology-EUROCRYPT “SESAME: An Introduction,” Issue 1.2,
˜91 Proceedings, Springer-Verlag, 1991, pp. Bull, ICL, and SNI, Sep 1993.
221-242. 1249. F. Piper, “Stream Ciphers,” Elektrotechnic
1236. S. Peleg and A. Rosenfield, “Breaking Sub- und Maschinenbau, v. 104, n. 12,1987, pp.
stitution Ciphers Using a Relaxation Algo- 564-568.
rithm,” Communications of the ACM, v. 1250. VS. Pless, “Encryption Schemes for Com-
22, n. 11, Nov 1979, pp. 598-605. puter Confidentiality, ” IEEE Z?ansactions
1237. R. Peralta, “Simultaneous Security of Bits on Computing, v. C-26, n. 11, Nov 1977,
in the Discrete Log.” Advances in Cryptol- pp. 1133-l 136.

Page 723
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page


1264. B. Preneel, “Cryptographic Hash Func-
125 1. J.B. Plumstead, “Inferring a Sequence Gen-
erated by a Linear Congruence,” Proceed- tions,” European Transactions on Telecom-
ings of the 23rd IEEE Symposium on the munications, v 5, n. 4, Jul/Aug 1994, pp.
Foundations of Computer Science, 1982,
pp. 153-159. 1265. B. Preneel, personal communication, 1995.
1252. R. Poet, “The Design of Special Purpose 1266. B. Preneel, A. Bosselaers, R. Govaerts, and
Hardware to Factor Large Integers,” Com- J. Vandewalle, “Collision-Free Hash Func-
puter Physics Communications, v. 37, tions Based on Block Cipher Algorithms,”
1985, pp. 337-341. Proceedings of the 1989 Carnahan Confer-
1253. S.C. Pohlig and M.E. Hellman, “An ence on Security Technology, 1989, pp.
Improved Algorithm for Computing Loga- 203-210.
rithms in GF(p) and Its Cryptographic Sig- 1267. B. Preneel, R. Govaerts, and J. Vandewalle,
nificance,” IEEE Transactions on Informa- “An Attack on Two Hash Functions by
tion Theory, v. 24, n. 1, Jan 1978, pp. Zheng-Matsumoto-Imai,” Advances in
106-111. Cryptology-ASIACRYPT ˜92 Proceed-
1254. J.M. Pollard, “A Monte Carlo Method for ings, Springer-Verlag, 1993, pp. 535-538.
Factorization,” i3fl v. 15, 1975, pp. 331334. 1268. B. Preneel, R. Govaerts, and J. Vandewalle,
1255. J.M. Pollard and C.P. Schnorr, “An Effi- “Hash Functions Based on Block Ciphers:
cient Solution of the Congruence x2 + ky2 = A Synthetic Approach,” Advances in
m [mod n),” IEEE Transactions on Infor- Cryptology-CRYPTO ˜93 Proceedings,
mation Theory, v. IT-33, n. 5, Sep 1987, pp. Springer-Verlag. 1994, pp. 368378.
702-709. 1269. B. Preneel, M. Nuttin, V. Rijmen, and J.
1256. C. Pomerance, “Recent Developments in Buelens, “Cryptanalysis of the CFB mode
Primality Testing,” The Mathematical of the DES with a Reduced Number of
Intelligencer, v. 3, n. 3, 1981, pp. 97-105. Rounds,” Advances in Cryptology-
1257. C. Pomerance, “The Quadratic Sieve Fac- CRYPTO ˜93 Proceedings, Springer-Verlag,
toring Algorithm, n Advances in Cryptol- 1994, pp. 212-223.
ogy: Proceedings of EUROCRYPT 84, 1270. B. Preneel and V. Rijmen, “On Using Max-
Springer-Verlag 1985, 169-182. imum Likelihood to Optimize Recent
1258. C. Pomerance, “Fast, Rigorous Factoriza- Cryptanalytic Techniques,” presented at
tion and Discrete Logarithm Algorithms,” the rump session of EUROCRYPT ˜94,
Discrete Algorithms and Complexity, New May 1994.
York: Academic Press, 1987, pp. 119-143. 1271. B. Preneel, W. Van Leekwijck, L. Van Lin-
1259. C. Pomerance, J.W. Smith, and R. Tuler, den, R. Govaerts, and J. Vandewalle, “Prop-
“A Pipe-Line Architecture for Factoring agation Characteristics of Boolean Func-
Large Integers with the Quadratic Sieve tions, ” Advances in Cryptology-
Algorithm,” SIAM fournal on Computing, EUROCRYPT ˜90 Proceedings, Springer-
v. 17, n. 2, Apr 1988, pp. 387-403. Verlag 1991, pp. 161-173.
1260. G.J. Popek and C.S. Kline, “Encryption and 1272. W.H. Press, B.P. Flannery, S.A. Teukolsky,
Secure Computer Networks,” ACM Com- and W.T. Vetterling, Numerical Recipes in
puting Surveys, v. 11, n. 4, Dee 1979, pp. C: The Art of Scientific Computing, Cam-
331356. bridge University Press, 1988.
1261. F. Pratt, Secret and Urgent, Blue Ribbon 1273. W. Price, “Key Management for Data Enci-
Books, 1942. pherment,” Security: Proceedings of
1262. B. Preneel, “Analysis and Design of Cryp- IFIPISEC ˜83, North Holland: Elsevier Sci-
tographic Hash Functions,” Ph.D. disserta- ence Publishers, 1983.
tion, Katholieke Universiteit Leuven, Jan 1274. G.P. Purdy, “A High-Security Log-in Proce-
1993. dure,” Communications of the ACM, v.
1263. B. Preneel, “Differential Cryptanalysis of 17, n. 8, Aug 1974, pp. 442-445.
Hash Functions Based on Block Ciphers,” 1275. J.-J. Quisquater, “AMouncing the Smart
Proceedings of the 1st ACM Conference on Card with RSA Capability,” Proceedings of
Computer and Communications Security, the Conference: IC Cards and Applications,
1993, pp. 183-188. Today and Tomorrow, Amsterdam, 1989.

Page 724
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

1276. J.-J. Quisquater and C. Couvreur, “Fast 1287. M.O. Rabin, “Fingerprinting by Random
Decipherment Algorithm for RSA Public- Polynomials, ” Technical Report TR- 15-81,
Center for Research in Computing Tech-
Key Cryptosystem,” Electronic Letters, v.
nology, Harvard University, 1981.
18, 1982, pp. 155-168.
1277. J.-J. Quisquater and J.-P Delescaille, 1288. T. Rabin and M. Ben-Or, “Verifiable Secret
“Other Cycling Tests for DES,” Advances Sharing and Multiparty Protocols with
in Cryptology-CRYPTO ˜87 Proceedings, Honest Majority,” Proceedings of the 21st
Springer-Verlag, 1988, pp. 255-256. ACM Symposium on the Theory of Com-
1278. J.-J. Quisquater and Y.G. Desmedt, “Chi- puting, 1989, pp. 73-85.
nese Lotto as an Exhaustive Code-Breaking 1289. RAND Corporation, A Million Random
Machine,” Computer, v. 24, n. 11, Nov Digits with 100,000 Normal Deviates,
1991, pp. 14-22. Glencoe, IL: Free Press Publishers, 1955.
1279. J.-J. Quisquater and M. Girault, “2n-bit 1290. T.R.N. Rao, “Cryposystems Using Alge-
Hash Functions Using n-bit Symmetric braic Codes,” International Conference on
Block Cipher Algorithms, Advances in Computer Systems and Signal Processing,
Cryptology-EUROCRYPT ˜89 Proceed- Bangalore, India, Dee 1984.
ings, Springer-Verlag, 1990, pp. 102-109. 1291. T.R.N. Rao, “On Struit-Tilburg Cryptanal-
1280. J.-J. Quisquater and L.C. Guillou, “Des ysis of Rao-Nam Scheme,” Advances in
Procedts d™Authentification Bases sur une Cryptology-CRYPTO ˜87 Proceedings,
Publication de Problemes Complexes et Springer-Verlag, 1988, pp. 458-460.
Personnalises dont les Solutions Main- 1292. T.R.N. Rao and K.H. Nam, “Private-Key
tenues Secretes Constituent autant d™Ac- Algebraic-Coded Cryptosystems,” Ad-
creditations,” Proceedings of SECURI- vances in Cryptology-CRYPTO ˜86 Pro-
COM ˜89: 7th Worldwide Congress on ceedings, Springer-Verlag. 1987, pp. 3548.
Computer and Communications Security 1293. T.R.N. Rao and K.H. Nam, “Private-Key
and Protection, SocietC d™Edition et d™Or- Algebraic-Code Encryptions,” IEEE Trans-
ganisation d™Expositions Professionnelles, actions on Information Theory, v. 35, n. 4,
1989, pp. 149-158. (In French.) Jul 1989, pp. 829-833.
1281. J.-J., Myriam, Muriel, and Michael 1294. J.A. Reeds, “Cracking Random Number
Quisquater; L., Marie Amuck, Gai™d, Anna, Generator,” Cryptologia, v. 1, n. 1, Jan
Gwenole, and Soazig Guillou; and T. 1977, pp. 20-26.
Berson, “How to Explain Zero-Knowledge 1295. J.A. Reeds, “Cracking a Multiplicative
Protocols to Your Children,” Advances in Congruential Encryption Algorithm,” in
Cryptology-CRYPTO ˜89 Proceedings, Information Linkage Between Applied
Springer-Verlag, 1990, pp. 628-63 1. Mathematics and Industry, P.C.C. Wang,
1282. M.O. Rabin, “Digital Signatures,” Founda- ed., Academic Press, 1979, pp. 467-472.
tions of Secure Communication, New 1296. J.A. Reeds, “Solution of Challenge
York: Academic Press, 1978, pp. 155-168. Cipher,” Cryptologia, v. 3, n. 2, Apr 1979,
1283. M.O. Rabin, “Digital Signatures and pp. 83-95.
Public-Key Functions as Intractable as Fac- 1297. J.A. Reeds and J.L. Manferdelli, “DES Has
torization,” MIT Laboratory for Computer No Per Round Linear Factors,” Advances
Science, Technical Report, MIT/LCS/TR- in Cryptology: Proceedings of CRYPTO 84,
212, Jan 1979. Springer-Verlag, 1985, pp. 377-389.
1284. M.O. Rabin, “Probabilistic Algorithm for 1298. J.A. Reeds and N.J.A. Sloane, “Shift Regis-
Testing Primality,” fournal of Number ter Synthesis (Modulo m),” SIAM fournal
Theory, v. 12, n. 1, Feb 1980, pp. 128- 138. on Computing, v. 14, n. 3, Aug 1985, pp.
1285. M.O. Rabin, “Probabilistic Algorithms in 505-513.
Finite Fields,” SIAM fournal on Comput- 1299. J.A. Reeds and P.J. Weinberger, “File Secu-
ing, v. 9, n. 2, May 1980, pp. 273-280. rity and the UNIX Crypt Command,”
1286. M.O. Rabin, “How to Exchange Secrets by AT&T Technical Journal, v. 63, n. 8, Ott
Oblivious Transfer, ” Technical Memo TR- 1984, pp. 1673-1683.
81, Aiken Computer Laboratory, Harvard 1300. T. Renji, “On Finite Automaton One-Key
University, 198 1. Cryptosystems,” Fast Software Encryption,

Page 725
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page


analysis of Hash Functions Based on
Cambridge Security Workshop Proceed-
ings, Springer-Verlag, 1994, pp. 135-148. Block Ciphers,” K.U. Leuven Workshop
1301. T. Renji and C. Shihua, “A Finite Automa- on Cryptographic Algorithms, Springer-
ton Public Key Cryptosystems and Digital Verlag, 1995, to appear.
Signature,” Chinese fournal of Computers, 1314. R.L. Rivest, “A Description of a Single-
v. 8, 1985, pp. 401-409. (In Chinese.) Chip Implementation of the RSA Cipher,”
1302. T. Renji and C. Shihua, “Two Varieties of LAMBDA Magazine, v. 1, n. 3, Fall 1980,
Finite Automaton Public Key Cryptosys- pp. 14-18.
terns and Digital Signature,” fournal of 1315. R.L. Rivest, “Statistical Analysis of the
Computer Science and Tecnology, v. 1, Hagelin Cryptograph,” Cryptologia, v. 5,
1986, pp. 9-18. (In Chinese.) n. 1, Jan 1981, pp. 27-32.
1303. T. Renji and C. Shihua, “An Implementation 1316. R.L. Rivest, “A Short Report on the RSA
of Identity-based Cryptosystems and Signa- Chip,” Advances in Cryptology: Proceedings
ture Schemes by Finite Automaton Public of Crypto 82, Plenum Press, 1983, p. 327.
Key Cryptosystems,” Advances in Cryptol- 1317. R.L. Rivest, “RSA Chips (Past/Present/
ogy-CHINACRYPT ˜92, Bejing: Science Future),” Advances in Cryptology: Pro-
Press, 1992, pp. 87-104. (In Chinese.) ceedings of EUROCRYPT 84, Springer-
1304. T. Renji and C. Shihua, “Note on Finite Verlag, 1985, pp. 159-168.
Automaton Public Key Cryptosystems,” 1318. R.L. Rivest, “The MD4 Message Digest
CHINACRYPT ˜94, Kidian, China, 11-15 Algorithm,” RFC 1186, Ott 1990.
Nov 1994, pp. 76-80. 1319. R.L. Rivest, “The MD4 Message Digest
1305. Research and Development in Advanced Algorithm,” Advances in Cryptology-
Communication Technologies in Europe, CRYPTO ˜90 Proceedings, Springer-Verlag,
RIPE Integrity Primitives: Final Report of 1991, pp. 303311.
RACE Integrity Primitives Evaluation 1320. R.L. Rivest, “The RC4 Encryption Algo-
(RZO40), RACE, June 1992. rithm,” RSA Data Security, Inc., Mar 1992.
1306. J.M. Reyneri and E.D. Karnin, “Coin Flip- 1321. R.L. Rivest, “The MD4 Message Digest
ping by Telephone,” IEEE Transactions on Algorithm,” RFC 1320, Apr 1992.
Information Theory, v. IT-30, n. 5, Sep 1322. R.L. Rivest, “The MD5 Message Digest
1984, pp. 775-776. Algorithm,” RFC 1321, Apr 1992.
1307. P. Ribenboim, The Book of Prime Number 1323. R.L. Rivest, “Dr. Ron Rivest on the Diffi-
Records, Springer-Verlag 1988. culty of Factoring,” Ciphertext: The RSA
1308. P. Ribenboim, The Little Book of Big Newsletter, v. 1, n. 1, Fall 1993, pp. 6, 8.
Primes, Springer-Verlag 1991. 1324. R.L. Rivest, “The RC5 Encryption Algo-
1309. M. Richter, “Ein Rauschgenerator zur rithm,” Dr. Dobb™s fournal, v. 20, n. 1, Jan
Gewinnung won quasi-idealen Zufall- 95, pp. 146-148.
szahlen fiir die stochastische Simulation,” 1325. R.L. Rivest, “The RC5 Encryption Algo-
Ph.D. dissertation, Aachen University of rithm,” K. U. Leuven Workshop on Crypto-
Technology, 1992. (In German.) graphic Algorithms, Springer-Verlag, 1995,
1310. R.F. Rieden, J.B. Snyder, R.J. Widman, and to appear.
W.J.Barnard, “A Two-Chip Implementation 1326. R.L. Rivest, M.E. Hellman, J.C. Anderson,
of the RSA Public Encryption Algorithm,” and J.W. Lyons, “Responses to NIST™s Pro-
Proceedings of GOMAC (Government posal,” Communications of the ACM, v.
Microcircuit Applications Conference), 35, n. 7, Jul 1992, pp. 41-54.
Nov 1982, pp. 24-27. 1327. R.L. Rivest and A. Shamir, “How to Expose
1311. H. Riesel, Prime Numbers and Computer an Eavesdropper,” Communications of the
Methods for Factorization, Boston: ACM, v. 27, n. 4, Apr 1984, pp. 393395.
Birkhaiiser, 1985. 1328. R.L. Rivest, A. Shamir, and L.M. Adleman,
1312. K. Rihaczek, “Data Interchange and Legal “A Method for Obtaining Digital Signa-
Security-Signature Surrogates,” Comput- tures and Public-Key Cryptosystems,”
ers d Security, v. 13, n. 4, Sep 1994, pp. Communications of the ACM, v. 21, n. 2,
287-293. Feb 1978, pp. 120-126.
1313. V. Rijmen and B. Preneel, “Improved 1329. R.L. Rivest, A. Shamir, and L.M. Adleman,
Characteristics for Differential Crypt- “On Digital Signatures and Public Key

Page 726
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

1343. T. Rosati, “A High Speed Data Encryption
Cryptosystems,” MIT Laboratory for
Processor for Public Key Cryptography,”
Computer Science, Technical Report,
Proceedings of the IEEE Custom Integrated
MIT/LCS/TR-212, Jan 1979.
Circuits Conference, 1989, pp. 12.3.1-12.3.5.
1330. R.L. Rivest, A. Shamir, and L.M. Adleman,
“Cryptographic Communications System 1344. O.S. Rothaus, “On ˜Bent™ Functions,” Iour-
nal of Combinational Theory, Series A, v.
and Method,” U.S. Patent #4,405,829, 20
20, n. 3, 1976, pp. 300-305.
Sep 1983.
1331. M.J.B. Robshaw, “Implementations of the 1345. RSA Laboratories, “PKCS #l: RSA Encryp-
Search for Pseudo-Collisions in MD5,” tion Standard,” version 1.5, Nov 1993.
1346. RSA Laboratories, “PKCS #3: Diffie-
Technical Report TR-103, Version 2.0,
RSA Laboratories, Nov 1993. Hellman Key-Agreement Standard,” ver-
sion 1.4, Nov 1993.
1332. M.J.B. Robshaw, “The Final Report of
RACE 1040: A Technical Summary,” 1347. RSA Laboratories, “PKCS #5: Password-
Based Encryption Standard,” version 1.5,
Technical Report TR-9001, Version 1.0,
RSA Laboratories, Jull993. Nov 1993.
1333. M.J.B. Robshaw, “On Evaluating the Lin- 1348. RSA Laboratories, “PKCS #6: Extended-
ear Complexity of a Sequence of Least Certificate Syntax Standard,” version 1.5,
Period 2”,” Designs, Codes and Cryptogra- Nov 1993.
phy, v. 4, n. 3, 1994, pp. 263-269. 1349. RSA Laboratories, “PKCS #7: Crypto-
1334. M.J.B. Rob&w, “Block Ciphers,” Techni- graphic Message Syntax Standard,” version
cal Report TR-601, RSA Laboratories, Jul 1.5, Nov 1993.
1994. 1350. RSA Laboratories, “PKCS #8: Private Key
1335. M. J.B. Robshaw, “MD2, MD4, MD5, SHA, Information Syntax Standard,” version 1.2,
and Other Hash Functions,” Technical Nov 1993.
Report TR-101, Version 3.0, RSA Laborato- 1351. RSA Laboratories, “PKCS #9: Selected
ries, Jul 1994. Attribute Types,” version 1.1, Nov 1993.
1336. M.J.B. Robshaw, “On Pseudo-Collisions in 1352. RSA Laboratories, “PKCS #lo: Certifica-
MD5,” Technical Report TR-102, Version tion Request Syntax Standard,” version
1.1, RSA Laboratories, Jul 1994. 1.0, Nov 1993.
1337. M.J.B. Robshaw, “Security of RC4,” Tech- 1353. RSA Laboratories, “PKCS #ll: Crypto-
nical Report TR-401, RSA Laboratories, Jul graphic Token Interface Standard,” version
1994. 1.0, Apr 95.
1338. M.J.B. Robshaw, personal communication, 1354. RSA Laboratories, “PKCS #12: Public Key
1995. User Information Syntax Standard,” ver-
1339. M. Roe, “Reverse Engineering of an EES sion 1.0, 1995.
Device,” K. U. Leuven Workshop on Cryp- 1355. A.D. Rubin and P. Honeyman, “Formal
tographic Algorithms, Springer-Verlag, Methods for the Analysis of Authentica-
1995, to appear. tion Protocols,” draft manuscript, 1994.
1340. P. Rogaway and D. Coppersmith, “A Soft- 1356. F. Rubin, “Decrypting a Stream Cipher
ware-oriented Encryption Algorithm,” Based on J-K Flip-Flops,” IEEE Transac-
Fast Software Encryption, Cambridge tions on Computing, v. C-28, n. 7, Jull979,
Security Workshop Proceedings, Springer- pp. 483-487.
Verlag 1994, pp. 56-63. 1357. R.A. Rueppel, Analysis and Design of
1341. H.L. Rogers, “An Overview of the Cand- Stream Ciphers, Springer-Verlag, 1986.
ware Program,” Proceedings of the 3rd 1358. R.A. Rueppel, “Correlation Immunity and
Annual Symposium on PhysicallElec- the Summation Combiner,” Advances in
tronic Security, Armed Forces Communi- Cryptology-EUROCRYPT ˜85, Springer-
cations and Electronics Association, paper Verlag, 1986, pp. 260-272.
31, Aug 1987. 1359. R.A. Rueppel, ˜When Shift Registers
1342. J. Rompel, “One-Way Functions Are Nec- Clock Themselves,” Advances in Cryp-
essary and Sufficient for Secure Signa- tology-EUROCRYPT ˜87 Proceedings,
tures,” Proceedings of the 22nd Annual Springer-Verlag, 1987, pp. 53-64.
ACM Symposium on the Theory of Com- 1360. R.A. Rueppel, “Security Models and
puting, 1990, pp. 387-394. Notions for Stream Ciphers,” Cryptogra-

Page 727
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page


Proceedings, Springer-Verlag, 1994, p.
phy and Coding II, C. Mitchell, ed.,
Oxford: Clarendon Press, 1992, pp. 41 l-424.
1372. K. Sako and J. Kilian, “Receipt-Free Mix-
Type Voting Scheme-A Practical Solution
1361. R.A. Rueppel, “On the Security of
to the Implementation of a Voting Booth,”
Schnorr™s Pseudo-Random Sequence Gen-
erator,” Advances in Cryptology-EURO- Advances in Cryptology-EUROCRYPT
˜95 Proceedings, Springer-Verlag, 1995, pp.
CRYPT ˜89 Proceedings, Springer-Verlag,
1990, pp. 423428.
1362. R.A. Rueppel, “Stream Ciphers,” Contern- 1373. A. Salomaa, Public-Key Cryptography,
porary Cryptology: The Science of Infor- Springer-Verlag, 1990.
mation Integrity, G.J. Simmons, ed., IEEE 1374. A. Salomaa and L. Santean, “Secret Selling


. 6
( 8)