<<

. 8
( 8)



Instance deduction, 8 security, 571 DASS, 62
Institute of Electrical and Elec- Version 4, 570-571 Denning-Sacco protocol, 63
tronics Engineers, 608 Version 5 messages, 568 with digital signatures, 50
Integrated Services Digital Net- Kerckhoffs, A., 5 interlock protocol, 49-50
work, 563-565 Kerckhoffs™s assumption, 7 Kerberos, 60
Integrity, 2 key and message broadcast,
Key, 3
Interactive protocol, 103 backup, 181-182 51-52
Interchange Key, 581 CDMF shortening, 366 key and message transmis-
Interleave, 210-211 complement, DES, 281-282 sion, 51
Interlock protocol, mutual compromised, 182-183 man-in-the-middle attack,
authentication using, controlling usage, 180 48-49
54-55 dereferencing, 221-222 Needham-Schroeder protocol,
Internal feedback, 203 destroying, 184-185 58-59
International Association for distribution in large net- Neuman-Stubblebine proto-
Cryptologic Research, works, 177 col, 60-62
605 generating, 170-l 75 Otway-Rees protocol, 59-60
International Standards Organi- ANSI X9.17 standard, 175 protocols, formal analysis,
zation: DOD, 175 6568
authentication framework, pass phrases, 174-l 75 with public-key cryptography,
574-577 poor choices, 171-l 73 48
DES adoption, 268 random keys, 173-I 74 with symmetric cryptogra-
International Traffic in Arms reduced keyspaces, 170-l 71 phy, 47-48
Regulations, 61@614 ISDN, 563-564 Wide-Mouth Frog protocol,
Internet, Privacy-Enhanced lifetime, 183-184 56-57
Mail, 577-584 possibly weak, DES, 281-282 without exchanging keys, 5 15
Introducers, 187 semiweak, DES, 280-28 1 Woo-Lam protocol, 63-64
Inverses modulo a number, session, 33, 180 Yahalom, 57-58
246-248 storing, 180-181 Key-exchange algorithms:
IPES, 3 19 transferring, 176-l 77 COMSET, 5 17-5 18
ISDN, 563-565 transmission, error detection, conference key distribution
IS0 8732,359 178 and secret broadcasting,
IS0 9796,472,474,486 updating, 180 523-525
ISO/IEC 9979,607 using, 179-180 Diffie-Hellman, 5 13-5 16
IS0 X.509 protocols, 574-577 verification, 178-l 79 Encrypted Key Exchange,
Iterated block cipher, 347 weak 5 18-522
block ciphers design theory, fortified key negotiation, 522
Jacobi symbol, 252-253 348 Shamir™s three-pass protocol,
J-algebras, 501 DES, 280-28 1 516-517
Jam, 414 Key and message broadcast, station-to-station protocol,
Jennings generator, 383384 51-52 516




Page 747
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page
Index


Link-by-link encryption,
Tatebayashi-Matsuzaki- security, 465
Newman, 524525 superincreasing, 463-464 216-218
Key generation, using coin flip- variants, 465-466 combined with end-to-end,
ping, 92 Knapsack problem, 501 219-221
Key length: Known-plaintext attack, 6-7, Linking protocol, timestamp-
comparing symmetric and 151,359 ing, 76-77
public-key, 165-166 Knudsen, Lars, 8, 293,314, 316, Li-Wang algorithm, 346
deciding on, 166-167 348349 Local deduction, 8
DES, 283-284 Knuth, 393, 501 Lock-in, 388
public-key, 158-165 Koblitz, Neal, 480 Logarithms, discrete, see Dis-
DNA computing, 163-164 Konheim, Alan, 266,280 crete logarithm
quantum computing, Kravitz, David, 493 LOKI, 314-316
164165 Kravitz-Reed, 48 1 S-boxes, 349
recommended lengths, KryptoKnight, 571-572 source code, 632-637
161-163 LOKI Double-Block, 451
symmetric, 151-158 Lagged Fibonacci generators, Low decryption exponent
biotechnology as cryptanal- 390 attack, RSA, 473
ysis tool, 156-157 LaGrange interpolating polyno- Low encryption exponent
brute-force attack, 151-154 mial scheme, 528-529 attack, RSA, 472-473
Chinese Lottery, 156-157 Lai, Xuejia, 319, 449 Luby, Michael, 352
neural networks, 155 Langford, Susan, 293 Luby-Rackoff, 352-353
software-based brute-force Law Enforcement Access Field, xDES™, 365
attacks, 154-155 591 LUC, 48 1
thermodynamic limitations Legal issues, 618 Lucas number, 48 1
on brute-force attacks, Legendre symbol, 25 1 Luccio-Mazzone, 501
157-158 Lehmann, 259 Lucifer, 266,303304
using viruses to spread Lehmann algorithm, 259 Lu-Lee cryptosystem, 466
cracking program, Length, shift register, 373 Lyndon words, 501
155-156 Lenstra, Arjen, 159, 162, 257,
Key management, 169-187 485,488 MacGuffin, 346
distributed, 187 LFSR/FCSR summation/parity Madryga, W. E., 304
public-key, 185-187 cascade, 410411 Mafia Fraud, 110
Key negotiation, fortified, 522 Lidl, Rudolph, 48 1 Magic numbers, 423
Key notarization, 562 Linear complexity: Manasse, Mark, 159, 257
Key revocation certificate, 585 profile, 380 Man-in-the-middle attack,
Keyspace, 3 stream ciphers, 380 48-49
flat, 176 Linear congruential generators, Masks, REDOC II, 3 12
nonlinear, 175-l 76 369372 Massey, James, 319, 339,386,
reduced, 170-l 7 1 combining, 371372 418,449
Keystream generator, 197-198 constants, 370 Master Key, 561
counter mode, 206 Linear consistency test, 381 Master Terminal Key, 561
periodic, 202 Linear cryptanalysis: Matsui, Mitsuru, 290-291
Khafre, 3 17-3 18, 349 DES, 29&293 Matsumoto-Imai algorithm, 500
Khufu, 3 17,349 strength against, block cipher Mauborgne, Joseph, 15
Kilian, Joe, 116 design theory, 348349 Maurer, Ueli, 419
Kim, Kwangjo, 298,350 Linear error-correcting codes, Maurer™s randomized stream
Kinetic Protection Device, algorithms based on, 480 cipher, 419
389390 Linear feedback shift registers, Maximal period generator, 369
Klapper, Andy, 404 372-379 MBAL, 344
Klein, Daniel, 53, 171 Galois, 378379 McEliece, Robert, 479
Knapsack algorithms, 462466 primitive polynomials mod 2, McEliece algorithm, 346,
decryption, 465 376-377 479-480
encryption, 464 software, 378379 MD2,441
implementations, 465 stream ciphers using, see MD3,446
patents, 466 Stream ciphers MD4,435-436
public key created from pri- Linear syndrome algorithm, MD5,436-441
vate key, 464 381 MDC, 353354




Page 748
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page
Index


Modulo, inverses, 246-248 N-Hash, 433-435
MDC-2,452-453
MDC-4,452454 Monoalphabetic cipher, 10 Niederreiter, Harald, 501
Montgomery™s method, 244 Niederreiter algorithm, 480
MD-strengthening, 431
Meet-in-the-middle attack, 358, Moore™s Law, 153 Niemi cryptosystem, 466
381 m-sequence, 374 Nobauer, Wilfried, 481
Noise, random, using as ran-
Mental poker, 92-95 MSP, 584
Merkle, Ralph, 34,3 163 18, Muller, Winfried, 48 1 dom-sequence generator,
423-424
358-359,432,455, Multiparty unconditionally
Nonce-verification rule, 66
461-462 secure protocols, 137
Merkle™s puzzles, 34 Multiple-bit generator, 421 Non-Interactive Key Sharing
Merritt, Michael, 67, 5 18, Multiple encryption, 357 systems, 115
quintuple, 366 Nonlinear-feedback shift regis-
520-521,571
Message: Multiple Identity Fraud, 111 ters, 412413
authentication, 56 Multiple-key public-key cryp- Nonlinear keyspace, 175-l 76
Nonrepudiation, 2
broadcasting, 69 tography, 527-528
Privacy-Enhanced Mail, Multiple signatures, 39-40 Notz, Bill, 266
NP-complete problem, 240-242
579-582 Multiplier, 369
recovery, 497-498 Multispeed inner-product gen- graph isomorphism, 104
resending as receipt, 4243 erator, 386-387 knapsack algorithms, 462
Message authentication codes, Mush, 392 McEliece algorithm, 479
Mutual shrinking generator, solving, 163-164
31,455459
bidirectional, 457 NRL Protocol Analyzer, 67-68
392
CBC-MAC, 456 MYK-80, 593-594 NSDD-145,268
IBC-Hash, 458 Nuclear Non-Proliferation Act,
Mykotronx Clipper chip, 328
Jueneman™s methods, 457 MYK-78T, 591-593 610
message authenticator algo- Number field sieve, 256
rithm, 456-457 Nanoteq, 390 Numbers:
one-way hash functions as, National Bureau of Standards, 2adic, 404
458-459 see National Institute of large, 17-l 8
RIPE-MAC, 457-458 Standards and Technology Number theory, 242-255
stream ciphers, 459 National Computer Security Barrett™s algorithm, 244
Message authenticator algo- Center, 599-600 Blum integers, 253
rithm, 456-457 National Institute of Standards Chinese remainder theorem,
Message broadcast, anonymous, and Technology, 600-603 249-250
137-139 DES development, 265-267 Euclid™s algorithm, 245
Message Digest, 435436 Memorandum of Understand- Euler totient function,
Message Digest Cipher, 353 ing, 601-603 248-249
Message Integrity Check, 578 National Security Agency, extended Euclidean algo-
Message-meaning rule, 66 597-599 rithm, 246248
Message Security Protocol, 584 DES development, 266-267 Fermat™s little theorem, 248
Meyer, Carl, 266, 278 export of cryptography, Galois field, computing in,
Meyer, Joseph A., 614 614615 254-255
Meyer-Schilling, 452 Memorandum of Understand- generators, 253-254
Micali, Silvio, 94, 508, 546-547, ing, 60 l-603 greatest common divisor,
552 S-box development role, 278, 245-246
Miller, Gary, 259 280 inverses modulo a number,
Miller, V. S., 480 Navy Research Laboratory, pro- 246-248
Mimic functions, 10 tocol analyzer, 67-68 Jacobi symbol, 252-253
Minimum-disclosure proofs, Needham, Roger, 58,66,216 Legendre symbol, 25 1
108 Needham-Schroeder protocol, modular arithmetic, 242-245
MITRENET, 562-563 58-59 Montgomery™s method, 244
Miyaguchi, Shoji, 308 Networks, large, key distribu- prime numbers, 245
MMB, 325327 tion, 177 quadratic residues, 250-25 1
m™n-bit S box, 349 Neuman-Stubblebine protocol, solving for coefficients, 248
Modular arithmetic, 242-245 60-62 Nyberg, Kaisa, 348
Modular Multiplication-based Neural networks, breaking algo-
Block cipher, 325327 rithms, 155 Oblivious transfer, 116-l 17,
Modular reduction, 242 NewDES, 306308 550




Page 749
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page
Index


Plaintext feedback mode, 208
Oblivous signatures, 117 hash length equals block
Plaintext pair, right and wrong
OFB, see Output-feedback mode size, 447449
Ohta, Kazuo, 146,501 LOKI Double-Block, 45 1 pairs, 287
Ohta-Okamoto identification MDC-2 and MDC-4, Pless generator, 413-414
p-NEW scheme, 498
scheme, 508 452454
modified Davies-Meyer,
Okamoto, Tatsuaki, 146, 501 Pohlig, Stephen, 262
l/p generator, 414 4499450 Pohlig-Hellman encryption
One-time pad, 15-17 parallel Davies-Meyer, 45 1 scheme, 474
hiding ciphertext in cipher- Preneel-Bosselaers- Polarized photons, 555
text, 227-228 Govaerts-Vandewalle, 450 Pollard™s Monte Carlo algo-
One-time tape, 418 Quisquater-Girault, 450 rithm, 256
One-way accumulators, 95-96, tandem and abreast Davies- Polyalphabetic substitution
543 Meyer, 45 l-452 cipher, 10-l 1
One-way function, 2930 Ong-Schnorr-Shamir, 498-499, Polygram substitution cipher,
authentication using, 52 531-532 lo-11
bit commitment using, 87-88 Orange Book, 599-600 Polynomials:
coin flipping using, 90 Otway-Rees protocol, 59-60 degree, shift register length,
trap-door, 158 Outerbridge, Richard, 363 374
One-way hash functions, 3031, Outer-CBC, 360 dense, 3 78
351354 Output-feedback mode, irreducible, 255, 48 1
background, 429-431 203-205,208-210 sparse, 378
birthday attacks, 165-166, combined with ECB, 364 Pomerance, Carl, 257
430 DES, 277 Powerline System, 466
choosing, 455 with a nonlinear function, Pre-image, 30
cipher security, 353354 208 Preneel, Bart, 457
compression function, 431 Overtake, 598 Preneel-Bosselaers-Govaerts-
encryption speeds, 456 Overwriting, 229 Vandewalle, 450
HAVAL, 445446 Pretty Good Privacy, 584-587
improved arbitrated solution, Padding: Price, William, 562
76 cipher block chaining mode, Prime numbers, 245
Karn, 351-352 195 generation, 258-261
length, 430-431 electronic codebook mode, DSA, 488-490
Luby-Rackoff, 352-353 190-191 practical considerations,
MD2,441 MD5,436 26&260
MD3,446 Secure Hash Algorithm, 442 relatively prime, 245
MD4,435436 triple encryption with, 362 strong, 261
MD5,436441 Painvin, Georges, 12 Primitive, 253
MD-strengthening, 431 Pass phrases, 174175 Principal square root, 25 1
message authentication Passive attack, 27 Privacy-Enhanced Mail,
codes, 455-459 Passive cheaters, 27 577-584
Patents, 609610; See also spe-
Message Digest Cipher, certificates, 579
353354 cific algorithms documents, 578
multiple signatures, 40 P-boxes: messages, 579-582
N-Hash, 433435 design criteria, 294 RIPEM, 583-584
RIPE-MD, 445 permutation, 275, 277,316 security, 582-583
Secure Hash Algorithm, PEM, see Privacy-Enhanced TIS/PEM, 583
442445 Mail Private key, 5
signing documents with, Perfect secrecy, 235 creating public key from, 464
38-39 Period, 11 for public-key cryptography,
Snefru, 432 shift register, 373 lifetime, 184
as unbiased random-bit gener- Permutation, 237 Probabilistic encryption,
ator, 107 key, DES, 272-273 552-554
using public-key algorithms, PES, 319,324 Problems:
455 Pike, 391392 complexity, 239-241
using symmetric block algo- EXPTIME, 241
PKZIP, 394-395
rithms, 446-455 Plaintext, l-2 hard, 239
AR hash function, 453 Plaintext block chaining mode, intractable, 239
GOST hash function, 454 208 PSPACE, 241




Page 750
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page
Index


Problems (Cont. J Neuman-Stubblebine, 60-62 elliptic curve cryptosystems,
tractable, 239 oblivious signatures, 117 480-48 1
undecidable, 240 oblivious transfer, 116-l 17 finite automaton cryptosys-
See also NP-complete prob- one-way accumulators, 95-96 terns, 482
lem Otway-Rees, 59-60 knapsack algorithms,
Processing complexity, 9 462-466
purpose, 22-23
Product cipher, 347 secret splitting, 70-71 LUC, 48 1
Proofs of Membership, 111 secure circuit evaluation, 137 McEliece, 479-480
Propagating cipher block chain- secure elections, see Secure one-way hash functions
ing mode, 207 elections using, 455
Proposed Encryption Standard, secure multiparty computa- Pohlig-Hellman, 474
319 tion, 134-137 Rabin, 475-476
Protocols, 21,47 self-enforcing, 26-27 RSA, see RSA
adjudicated, 26, 70-71 SESAME, 572 security, 461-462
all-or-nothing disclosure of simultaneous contract sign- strength, 502
secrets, 96 ing, 118-122 Public-key cryptography:
analysis, approaches, 65-66 simultaneous exchange of attacks against, 43-44
anonymous message broad- secrets, 123-124 authentication using, 53-54
cast, 137-139 subliminal charmel, 79-80 coin flipping using, 90-9 1
arbitrated, 23-26 timestamping 75-79 communications using, 3134
attacks against, 27 types, 24 identity-based, 115
authentication, 576-577 Wide-Mouth Frog, 56-57 key exchange with, 48
authentication and key- Woo-Lam, 63-64 multiple-key, 68-69
exchange, formal analy- Yahalom, 57-58 private keys, lifetime, 184
See also Authentication;
sis, 65-68 signing documents with,
BAN logic, 66-67 Zero-knowledge proofs 3738
basic zero-knowledge, Pseudo-Hadamard Transform, one-way hash functions,
102-104 340 3839
bit commitment, 86-88 Pseudo-random function family, versus symmetric cryptogra-
blind signatures, 112-l 15 SEAL, 398399 phy, 216-217
characteristics, 21 Pseudo-random-number genera- Public-Key Cryptography Stan-
cryptographic, 22 tor, 78,416 dards, 588-589
DASS, 62 Pseudo-random sequence, Public Key Partners, 604-605
definition, 21 44-45 Public-key ring, 585
Denning-Sacco, 63 Pseudo-random-sequence gener- Purchase-key attack, 7
digital cash, see Digital cash ator, 44
digital certified mail, 122-123 bit commitment using, 88 Quadratic nonresidues, 251
digital signatures, 40 generating multiple streams, Quadratic residues, 250-251
distributed, timestamping, 420-421 generator, 417
77-78 linear congruential genera- Quadratic sieve, 256
fair coin flips, 89-92 tors, 369-372 factoring, 159
IBM Common Cryptographic linear feedback shift registers, Quantum computing, 164-
Architecture, 573-574 372-379 165
IBM secret-key management, PSPACE, 241 Quantum cryptography,
561-562 Public key, 5 554-557
identity-based public-key certificates, 185-187 Quintuple encryption, 366
cryptography, 115 creating from private key, 464 Quisquater, Jean-Jacques, 102,
interactive, 103 key length, 158-165 508
interlock, 49-50, 54-55 recommended lengths, Quisquater-Girault, 450
Kerberos, 60,566-571 161-163
key escrow, 97-100 key management, 185-187 Rabin, 475476
key exchange, 47-52 Public-key algorithms, 4-5,33, Rabin, Michael, 103,259, 518,
KryptoKnight, 571672 500-502 550
lessons, 64-65 background, 461462 Rabin-Miller algorithm,
mental poker, 92-95 based on linear error-correct- 259-260
multiparty unconditionally ing codes, 480 RACE Integrity Primitives Eval-
secure, 137 Diffie-Hellman, 5 13 uation, 605-606
Needham-Schroeder, 58 ElGamal, 476-479 Rackoff, Charles, 352




Page 751
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page
Index


Riordan, Mark, 583-584 design
Rainbow Books, 600
RIPE, 605-606 criteria, 294
Rambutan, 390
RIPEM, 583-584 security questions, 284
Random keys, 173-l 74
Random noise, as random- theory, 34935 1
RIPE-MAC, 457-458
sequence generator, RIPE-MD, 445 Lucifer, 303
4233424 Rip van Winkle cipher, 418419 NSA role, 278, 280
Random-number generation, 44 Rivest, Ron, 159, 163, 318319, substitution, 274-276
Random-sequence generators, 344,397,435,440-441, Scherbius, Arthur, 13
421-428 444,446,467 Schlafly, Roger, 394
biases and correlations, Rivest Cipher, 3 18 Schneier, Bruce, 336, 346
425426 Robshaw, Matt, 342 Schnorr, Claus, 418, 446,510
computer clock, 424 Rogaway, Phil, 398 Schnorr authentication and sig-
distilling randomness, ROM key, 18 1 nature scheme, 5 lO-
426428 ROT13, 11 512
keyboard latency measure- Rotor machines, 12-13 Schroeder, Michael, 58,216
ment, 424425 RSA, 17,466474 Schwartau, Winn, 300
RAND tables, 422-423 ability to break, zero-knowl- Scicrypt, 608-609
using random noise, 423-424 edge proofs, 548-549 Scott, Robert, 306
Random sequences, real, 4546 attack on encrypting and SEAL, 398400
Randomized approach, stream signing with, 473-474 source code, 667673
ciphers, 4 15 blind signatures, 548 Secrecy:
Randomized stream cipher, chosen ciphertext attack, ideal, 236
419 471-472 perfect, 235
Randomness, distilling, common modulus attack, Secrets, simultaneous
426-428 472 exchange,123-124
RAND tables, 422-423 compared to DSA, 485 Secret sharing, 71-73
Rao-Nam algorithm, 346 computation time compari- without adjudication, 72
Rate of the language, 234 son with DSA, 489 with cheaters, 72
RC2,318-319 as de facto standard, 485-486 with disenrollment, 73
RC4,319,397398 EKE implementation, 5 19 without revealing shares, 73
RC5,344-346 encryption, 468 schemes with prevention, 73
source code, 659-662 with DSA, 491 verifiable, 73
RDES, 297-298 in hardware, 469 Secret-sharing algorithms,
Receipt, resending message as, low decryption exponent 528-53 1
42-43 attack, 473 advanced threshold schemes,
REDOC II, 311313 low encryption exponent 530-531
REDOC III, 3 13 attack, 472-473 Asmuth-Bloom, 529-530
Redundancy, of language, 234 patents, 474 cheater detection, 531
Reeds, Jim, 369 restrictions on use, 473 Karnin-Greene-Hellman, 530
Related-key cryptanalysis, 290 security, 470-471 LaGrange interpolating poly-
Renji, Tao, 482 speed, 469 nomial scheme, 528-529
Renting Passports, 111 standards, 474 vector scheme, 529
Replay attacks, 58-59 RSA Data Security, Inc., 295, Secret splitting, 7t%71
Research and Development in 603404 digital cash, 142-145
Advanced Communica- RSA Factoring Challenge, 257 Secure and Fast Encryption
tion Technologies, RSA generator, 417 Routine, 339
Integrity Primitives Eval- Rubber-hose cryptanalysis, 7 Secure circuit evaluation, 137
uation, 605-606 Rueppel, Ranier, 385386 Secure elections, 125-134
Resend attack, foiling, 43 Running-key cipher, 12 divided protocols, 133
Residue, 242 multiple-key ciphers, 133
quadratic, 250-25 1 SAFER K-64,339341 simplistic voting protocols,
reduced set, 248 SAFER K-128,341 125-126
Restricted algorithms, 3 Salt, 52-53 voting with
RFC 1421,578 S-boxes: blind signatures, 126-127
RFC 1422, 578 alternate, DES, 296-298 single central facility,
RFC 1423,578 Blowfish, 336 128-130
RFC 1424,578 Boolean functions in, 350 two central facilities,
Richter, Manfield, 423 DES, key-dependent, 298,300 127-128




Page 752
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page
Index


Shadows, 71-72 Standards:
Secure elections (Cont.)
Shamir, Adi, 72, 284-285, 288, public-key cryptography, 588-
voting without central tabu-
lating facility, 130-133 291,296,303,311312, 589
Secure European System for 314,319, 416, 434, 462, RSA, 474
Applications in a Multi- 467,502-504,508,516, Station-to-station protocol, 516
vendor Environment, 528 Steganography, 9-10
Shamir™s pseudo-random- StepRightUp, 414
572
Secure Hash Algorithm, number generator, 416 Stereotyped beginnings, 190
442445 Shamir™s three-pass protocol, Stereotyped endings, 190
Secure multiparty computation, 516-517 Storage:
134-137,551˜552 Shimizu, Akihiro, 308 data encryption for, 220-222
Shor, Peter, 164
Secure Telephone Unit, 565 keys, 180-181
Security: Shrinking generator, 388, requirements, 9
of algorithms, 8-9 411-412 Stornetta, W. Scott, 75
Blowfish, 339 Signature equation, 496 Straight permutation, 275
cipher block chaining mode, Signatures, see Digital signa- Strassen, Volker, 259
Stream algorithms, 4
196-197 tures
ciphers based on one-way Silverman, Bob, 159 Stream ciphers, 4, 189, 197-198
hash functions, 353-354 A5,389
Simmons, Gustavus, 72, 79,
cryptosystem, 234235 493,501,531 additive generators, 390392
DES, 278,280-285 Simple columnar transposition Algorithm M, 393394
algebraic structure, cipher, 12 versus block ciphers, 210-
282-283 Simple relations, 347348 211
current, 300301 Simple substitution cipher, Blum, Blum, and Shub gener-
key length, 283-284 ator, 417-418
lo-11
weak keys, 280-28 1 Simultaneous exchange of Blum-Micali generator,
DSA, 491-492 secrets, 123-124 416-417
ESIGN, 500 Skew, 425 cascading multiple, 419-
Kerberos, 571 SKEY, 53 420
knapsack algorithms, 465 SKID, 55-56 cellular automaton generator,
MD5,44&441 Skipjack, 267,328329 414
MMB, 326-327 Smart cards, 587 choosing, 420
output-feedback mode, 205 observer, 146 complexity-theoretic
PKZIP, 395 Universal Electronic Payment approach, 415-418
Privacy-Enhanced Mail, System, 589691 correlation immunity, 380
582-583 Smith, Lynn, 266 counter mode, 206
requirements for different s”DES, 298-299 crypt(l), 414
information, 167 Snefru, 432 design and analysis, 379-
RSA, 470-471 Software: 381
SEAL, 400 DES implementation, 278-279 Diffie™s randomized stream
Secure Hash Algorithm, encryption, 225 cipher, 419
444-445 linear feedback shift registers, encryption speeds, 420
self-synchronizing stream 378379 feedback with carry shift reg-
cipher, 199 RSA speedups, 469470 isters, 402-404
Selector string, 143 Software-based brute-force Fish, 391
Self-decimated generator, attack, 154-155 Gifford, 392393
385387 Software Publishers Associa- Hughes XPD/KPD, 389390
Self-enforcing protocols, 2627 tion, 608 information-theoretic
Self-recovering, cipher block Solovay, Robert, 259 approach, 418
chaining mode, 196 Solovay-Strassen algorithm, 259 linear complexity, 380
Self-shrinking generator, 388 Space complexity, 237 Maurer™s randomized stream
Self-synchronizing stream Sparse, 378 cipher, 419
cipher, 198-199 Special number field sieve, message authentication
Selmer, E. S., 381 160-161 codes, 459
Semiweak keys, DES, 280-281 SP network, 347 multiple, generating from sin-
SESAME, 572 Square roots: gle pseudo-random-
Session keys, 33, 180 coin flipping using, 541-542 sequence generator,
SHA, 442445 modulo n, 258 420-421




Page 753
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

Index


Mush, 392 Strict avalanche criteria, 350 TEA, 346
Nanoteq, 390 Strong primes, 261 TEMPEST, 224
nonlinear-feedback shift reg- STU-III, 565-566 Terminology, l-9,39
isters, 412413 Subkey, 272 Terrorist Fraud, 110
l/p generator, 414 Blowfish, 338339 Thermodynamics, limitations
output-feedback mode, 205 Crab, 342343 on brute-force attacks,
Pike, 391392 IDEA, 322 157-158
PKZIP, 394-395 independent, DES, 295 Three-pass protocol, Shamir™s,
Pless generator, 413-414 Subliminal channel, 79-80 516517
Rambutan, 390 applications, 80 Three-Satisfiability, 242
random-sequence generators, DSA, 493,534-536 a-Way, 341342,354
421428 ElGamal, 532-533 source code, 654-659
RC4,397398 ESIGN, 533-534 Three-Way Marriage Problem,
Rip van Winkle cipher, foiling, 536 242
418-419 Ong-Schnorr-Shamir, Threshold generator, 384-386
RSA generator, 417 53 l-532 Threshold schemes, 71-72,
SEAL, 398400 signature algorithm, 79 53tX53 1
self-synchronizing, 198-199 Subliminal-free signature Ticket-Granting Service, 567
synchronous, 202-203 schemes, 80 Ticket Granting Ticket, 569
system-theoretic approach, Subprotocols, 26 Tickets, 568
415-416 Substitution boxes, 274-276 Time complexity, 237
using feedback with carry Substitution ciphers, lo-12 Timestamping, 75
shift registers, 405412 Substitution-permutation net- arbitrated solution, 75-76
alternating stop-and-go gen- work, 347 digital signatures, 38
erators, 410-411 SubStream, 414 distributed protocol, 77-78
cascade generators, 405 Summation generator, 386387 improved arbitrated solution,
FCSR combining genera- Superincreasing knapsack, 76
tors, 405, 410 463-464 improvements, 78-79
LFSR/FCSR Superincreasing sequence, linking protocol, 76-77
summation/parity cas- 463-464 patented protocols, 78-79
cade, 410411 Suppress-replay, 61 protocols, 75-79
shrinking generators, 41 l- Surety Technologies, 79 TIS/PEM, 583
412 SKAL8,344 Total break, 8
using linear feedback shift Symmetric algorithms, 4 Traffic analysis, 219
registers, 381388 Symmetric block algorithms, Traffic-flow security, 2 17
alternating stop-and-go gen- one-way hash functions Transfer, oblivious, 116-l 17
erator, 383, 385 using, 446-455 Transposition, 237
Beth-Piper stop-and-go gen- Symmetric cryptography: ciphers, 12
erator, 383-384 bit commitment using, 86-87 Trapdoor one-way function, 30
bilateral stop-and-go gener- communication using, 28-29 Traveling Salesman Problem,
ator, 384-385 key exchange with, 47-48 241-242
DNRSG, 387 versus public-key cryptogra- Trees, digital signatures, 37
Geffe generator, 382 phy, 216-217 Trial division, 256
generalized Geffe generator, Symmetric cryptosystems, doc- Triple encryption, 358363
382383 ument signing, 35-37 encrypt-decrypt-encrypt
Gollmann cascade, 387388 Symmetric key length, 151-158 mode, 359
Jennings generator, 383384 Synchronous stream cipher, with minimum key, 360
multispeed inner-product 202-203 modes, 360-362
generator, 386387 System-theoretic approach, with three keys, 360
self-decimated generator, stream ciphers, 415-416 with two keys, 358359
385-387 variants, 362363
self-shrinking generator, 388 Tap sequence, 373 TSD, 594-595
shrinking generator, 388 feedback with carry shift reg- Tsujii-Kurosawa-Itoh-Fujioka-
summation generator, isters, maximal-length, Matsumoto, 501
386-387 4088409 Tuchman, Walt, 266, 278, 280,
threshold generator, Tatebayashi-Matsuzaki- 294,303,358
384-386 Newman, 524-525 Tuckerman, Bryant, 266
WAKE, 400-402 Tavares, Stafford, 334 Turing, Alan, 240




Page 754
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

Index


Turing machine, 239,241 VLSI 6868,278 Yung, Moti, 81
2-adic numbers, 404 Voting, see Secure elections Yuval, Gideon, 430

UEPS, 589-591 WAKE, 400-402 Zero-knowledge proofs,
Uncertainty, 234 Wayner, Peter, 10 lOl-109,548-549
Unconditional sender and recip- Weak keys: ability to break RSA, 548-549
ient untraceability, 138 block ciphers design theory, Chess Grandmaster Problem,
Undeniable digital signatures, 348 109
8 l-82,536-539 DES, 280-28 1 computational, 108
Unicity distance, 235-236 Wheeler, David, 400 discrete logarithm, 548
Unit key, 59 I Whitening, 363,366367 generalities, 108-109
United States, export rules, Wide-Mouth Frog protocol, identity, 109-l 11
610-616 56-57 Mafia Fraud, 110
Universal Electronic Payment Wiener, Michael, 153, 284, minimum-disclosure, 108
System, 589-591 359 Multiple Identity Fraud, 111
Unpredictable, to left and to Williams, 475-476 n is Blum integer, 549
right, 417 Wolfram, Steve, 414, 446 noninteractive, 106-107
Updating, keys, 180 Wood, Michael, 3 11,3 13 no-use, 108
Utah Digital Signature Act, 618 Woo-Lam protocol, 63-64 parallel, 106
Word Auto Key Encryption, perfect, 108
van Oorschot, Paul, 359 400 Proofs of Membership, 111
Vector scheme, 529 Work factor, 9 Renting Passports, 111
Verification, keys, 178-l 79 statistical, 108
Verification block, 179 xDES™, 365366 Terrorist Fraud, 110
Verification equation, 496 XOR, 13-15 Zero-knowledge protocol:
Vernam, Gilbert, 15 XPD, 389390 basic, 102-104
Vigenere cipher, l&l 1, 14 graph isomorphism, 104-105
Vino, 346 Yagisawa algorithm, 501 Hamiltonian cycles, 105-106
Viruses, to spread cracking pro- Yahalom, 57-58 Zierler, Neal, 38 1
gram, 155-156 Yao™s millionaire problem, 55 1 Zimmermann, Philip, 584




Page 755
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page




Information
Security BOOKS FROM JOHN WILEY AND SONS




E-Mail Security Protection and Security Digital Money
on the Information
How to Keep Your Electronic Mes- The New Era of Internet Commerce
sages Private DANIEL LYNCH AND LESLIE LUNDQUIST
Superhighway
BY BRUCE SCHNEIER
Until now, commerce on the Internet
BY FREDERICK B. COHEN
has been shackled by the lack of
E-Mail Security is about protecting elec-
secure transactions. Digital Money
tronic mail from spies, interlopers, and The FBI estimates that each year as
offers an executive briefing on this vital
spoofs-people who may want to much as $5 billion is lost to computer
topic. Exploring the technical underpin-
crime. Just how serious is the problem
destroy, alter, or just look at your
nings of what can and will
private communications. This book of information security and how can it
be done on the Net, it explains
affect your life? How vulnerable is your
shows how you can protect the finan-
the processes, issues, and strategic
cial information, contract negotiations organization™s information system?
considerations of a variety of
or personal Now get the answers to these and
correspondence you
approaches to secure transactions,
other critical questions in the most
entrust to public or private networks.
including digital signatures. You™ll
penetrating and broad-ranging investi-
Security expert Bruce Schneier shows
learn about the pros and cons of each
gation ever written on the problems of
how this protection is available right
approach so you can decide which is
protection and security on the informa-
now, with free or inexpensive software.
best for your business.
tion superhighway. This book reveals
The book includes detailed information
on PGP and PEM. the full magnitude of computer secu-
ISSN# 947ld417BX
rity, the impact of faulty security sys- S24.9S US/S29.S9 CAN
ISBN# 047101818-X
tems and practical steps you can take Paper 2S9 PP. 1995
Price 824.91 US/832.S0 CAN
to protect your organization.
Paper 3.94 pp. 1994

ISBN# 9471.119881
Price $24.9S US/bBZ.Stl CAN
PaPer 394 PP. 1994




WILEY Available at Bookstores Everywhere Prices subject to change
l

For more information small - compbks@jwiley.com
@ Pubhhm Smce
1807 or Visit the Wiley Computer Book Web page at http://www.wiley.com/CompBooks/CompBooks.html




Page 756
Prev. Chapter Home Previous Page
Next Page
Prev. page
Next Page

1
The Applied Cryptography Source Code Disk Set
A source code disk set (three disks) associated with this book is available directly from
the author. Included on these disks you will find:
Symmetric Algorithms: Complete Systems:
RIPEM
Vigenere Cipher
Playfair Cipher PGP
TZS-PEM
Hill Cipher
RSAREF
CRYPT (1)
CRYPT (3) Other:
Enigma LaGrange Threshold Scheme
Mimic Functions
DES - 10 versions
Probabilistic Prime Number Generation
Lucifer - 2 versions
Random Number Generation using
NewDES
FEAL-N Oscillators
FEAL-XN Random Number Generation using
REDOC ZZ Keyboard Latency
REDOC ZZZ Frequency Analysis
LOKZ89 WordPerfect Password Cracker
Text:
LOKZ91
Khufu Defense Trade Regulations
IDEA - 3 versions DOD Orange Book
CA 1.1 European Computer Security Green Book
MDC Various NZST FZPS
GOST Various Internet RFCs
BLOWFISH And more!
3-Way
SAFER K-64
The disks also include a file containing correc-
SAFER K-128
tions for all mistakes found in the book, as well as
NewDE
any updated information on any of the topics cov-
NSEA
ered in the text: new algorithms, new protocols,
RC4
new cryptanalytic results, and so on.
PKZZP
The MS-DOS disks are available from the
SEAL
author, and will be updated twice a year. Cost is
WAKE
$40 for a set, and $120 for a two-year subscription.
Public-Key Algorithms: Please send check or money order in U.S. funds,
RSA drawn on a U.S. bank, to:
Diffie-Hellman
DSA Bruce Schneier
One-Way Hash Functions: Counterpane Systems
Snefru 7115 W. North Ave., Suite 16
N-Hash Oak Park, IL 60302-1002
MD4 - 3 versions
MD5 - 2 versions Please allow four weeks for delivery, and
MD2 include your e-mail address if you have one. Due
SHA to the export restrictions on many of the algo-
HAVAL rithms on these disks, they will only be mailed to
RIPE-MD addresses within the United States and Canada.
Apologies to the foreign readers of this book.




Page 757

<<

. 8
( 8)