<<

. 29
( 29)



one-way hash functions, 38“39
versus symmetric cryptography, 216“217
Public-Key Cryptography Standards, 588“589
Public Key Partners, 604“605
Public-key ring, 585
Purchase-key attack, 7



Page 656 of 666
Applied Cryptography: Second Edition - Bruce Schneier



Quadratic nonresidues, 251
Quadratic residues, 250“251
generator, 417
Quadratic sieve, 256
factoring, 159
Quantum computing, 164“165
Quantum cryptography, 554“557
Quintuple encryption, 366
Quisquater, Jean-Jacques, 102, 508
Quisquater-Girault, 450
Rabin, 475“476
Rabin, Michael, 103, 259, 518, 550
Rabin-Miller algorithm, 259“260
RACE Integrity Primitives Evaluation, 605“606
Rackoff, Charles, 352
Rainbow Books, 600
Rambutan, 390
Random keys, 173“174
Random noise, as random-sequence generator, 423“424
Random-number generation, 44
Random-sequence generators, 421“428
biases and correlations, 425“426
computer clock, 424
distilling randomness, 426“428
keyboard latency measurement, 424“425
RAND tables, 422“423
using random noise, 423“424
Random sequences, real, 45“46
Randomized approach, stream ciphers, 415
Randomized stream cipher, 419
Randomness, distilling, 426“428
RAND tables, 422“423
Rao-Nam algorithm, 346
Rate of the language, 234
RC2, 318“319
RC4, 319, 397“398
RC5, 344“346
source code, 659“662
RDES, 297“298
Receipt, resending message as, 42“43
REDOC II, 311“313
REDOC III, 313
Redundancy, of language, 234
Reeds, Jim, 369
Related-key cryptanalysis, 290
Renji, Tao, 482
Renting Passports, 111
Replay attacks, 58“59
Research and Development in Advanced Communication Technologies, Integrity
Primitives Evaluation, 605“606
Resend attack, foiling, 43
Residue, 242
quadratic, 250“251



Page 657 of 666
Applied Cryptography: Second Edition - Bruce Schneier



reduced set, 248
Restricted algorithms, 3
RFC 1421, 578
RFC 1422, 578
RFC 1423, 578
RFC 1424, 578
Richter, Manfield, 423
Riordan, Mark, 583“584
RIPE, 605“606
RIPEM, 583“584
RIPE-MAC, 457“458
RIPE-MD, 445
Rip van Winkle cipher, 418“419
Rivest, Ron, 159, 163, 318“319, 344, 397, 435, 440“441, 444, 446, 467
Rivest Cipher, 318
Robshaw, Matt, 342
Rogaway, Phil, 398
ROM key, 181
ROT13, 11
Rotor machines, 12“13
RSA, 17, 466“474
ability to break, zero-knowledge proofs, 548“549
attack on encrypting and signing with, 473“474
blind signatures, 548
chosen ciphertext attack, 471“472
common modulus attack, 472
compared to DSA, 485
computation time comparison with DSA, 489
as de facto standard, 485“486
EKE implementation, 519
encryption, 468
with DSA, 491
in hardware, 469
low decryption exponent attack, 473
low encryption exponent attack, 472“473
patents, 474
restrictions on use, 473
security, 470“471
speed, 469
standards, 474
RSA Data Security, Inc., 295, 603“604
RSA Factoring Challenge, 257
RSA generator, 417
Rubber-hose cryptanalysis, 7
Rueppel, Ranier, 385“386
Running-key cipher, 12
SAFER K-64, 339“341
SAFER K-128, 341
Salt, 52“53
S-boxes:
alternate, DES, 296“298
Blowfish, 336
Boolean functions in, 350



Page 658 of 666
Applied Cryptography: Second Edition - Bruce Schneier



DES, key-dependent, 298, 300
design
criteria, 294
security questions, 284
theory, 349“351
Lucifer, 303
NSA role, 278, 280
substitution, 274“276
Scherbius, Arthur, 13
Schlafly, Roger, 394
Schneier, Bruce, 336, 346
Schnorr, Claus, 418, 446, 510
Schnorr authentication and signature scheme, 510“512
Schroeder, Michael, 58, 216
Schwartau, Winn, 300
Sci.crypt, 608“609
Scott, Robert, 306
SEAL, 398“400
source code, 667“673
Secrecy:
ideal, 236
perfect, 235
Secrets, simultaneous exchange, 123“124
Secret sharing, 71“73
without adjudication, 72
with cheaters, 72
with disenrollment, 73
without revealing shares, 73
schemes with prevention, 73
verifiable, 73
Secret-sharing algorithms, 528“531
advanced threshold schemes, 530“531
Asmuth-Bloom, 529“530
cheater detection, 531
Karnin-Greene-Hellman, 530
LaGrange interpolating polynomial scheme, 528“529
vector scheme, 529
Secret splitting, 70“71
digital cash, 142“145
Secure and Fast Encryption Routine, 339
Secure circuit evaluation, 137
Secure elections, 125“134
divided protocols, 133
multiple-key ciphers, 133
simplistic voting protocols, 125“126
voting with
blind signatures, 126“127
single central facility, 128“130
two central facilities, 127“128
Secure elections (Cont.)
voting without central tabulating facility, 130“133
Secure European System for Applications in a Multivendor Environment, 572
Secure Hash Algorithm, 442“445



Page 659 of 666
Applied Cryptography: Second Edition - Bruce Schneier



Secure multiparty computation, 134“137, 551“552
Secure Telephone Unit, 565
Security:
of algorithms, 8“9
Blowfish, 339
cipher block chaining mode, 196“197
ciphers based on one-way hash functions, 353“354
cryptosystem, 234“235
DES, 278, 280“285
algebraic structure, 282“283
current, 300“301
key length, 283“284
weak keys, 280“281
DSA, 491“492
ESIGN, 500
Kerberos, 571
knapsack algorithms, 465
MD5, 440“441
MMB, 326“327
output-feedback mode, 205
PKZIP, 395
Privacy-Enhanced Mail, 582“583
requirements for different information, 167
RSA, 470“471
SEAL, 400
Secure Hash Algorithm, 444“445
self-synchronizing stream cipher, 199
Selector string, 143
Self-decimated generator, 385“387
Self-enforcing protocols, 26“27
Self-recovering, cipher block chaining mode, 196
Self-shrinking generator, 388
Self-synchronizing stream cipher, 198“199
Selmer, E. S., 381
Semiweak keys, DES, 280“281
SESAME, 572
Session keys, 33, 180
SHA, 442“445
Shadows, 71“72
Shamir, Adi, 72, 284“285, 288, 291, 296, 303, 311“312, 314, 319, 416, 434, 462, 467, 502“
504, 508, 516, 528
Shamir™s pseudo-random-number generator, 416
Shamir™s three-pass protocol, 516“517
Shimizu, Akihiro, 308
Shor, Peter, 164
Shrinking generator, 388, 411“412
Signature equation, 496
Signatures, see Digital signatures
Silverman, Bob, 159
Simmons, Gustavus, 72, 79, 493, 501, 531
Simple columnar transposition cipher, 12
Simple relations, 347“348
Simple substitution cipher, 10“11



Page 660 of 666
Applied Cryptography: Second Edition - Bruce Schneier



Simultaneous exchange of secrets, 123“124
Skew, 425
SKEY, 53
SKID, 55“56
Skipjack, 267, 328“329
Smart cards, 587
observer, 146
Universal Electronic Payment System, 589“591
Smith, Lynn, 266
snDES, 298“299
Snefru, 432
Software:
DES implementation, 278“279
encryption, 225
linear feedback shift registers, 378“379
RSA speedups, 469“470
Software-based brute-force attack, 154“155
Software Publishers Association, 608
Solovay, Robert, 259
Solovay-Strassen algorithm, 259
Space complexity, 237
Sparse, 378
Special number field sieve, 160“161
SP network, 347
Square roots:
coin flipping using, 541“542
modulo n, 258
Standards:
public-key cryptography, 588“589
RSA, 474
Station-to-station protocol, 516
Steganography, 9“10
StepRightUp, 414
Stereotyped beginnings, 190
Stereotyped endings, 190
Storage:
data encryption for, 220“222
keys, 180“181
requirements, 9
Stornetta, W. Scott, 75
Straight permutation, 275
Strassen, Volker, 259
Stream algorithms, 4
Stream ciphers, 4, 189, 197“198
A5, 389
additive generators, 390“392
Algorithm M, 393“394
versus block ciphers, 210“211
Blum, Blum, and Shub generator, 417“418
Blum-Micali generator, 416“417
cascading multiple, 419“420
cellular automaton generator, 414
choosing, 420



Page 661 of 666
Applied Cryptography: Second Edition - Bruce Schneier



complexity-theoretic approach, 415“418
correlation immunity, 380
counter mode, 206
crypt(1), 414
design and analysis, 379“381
Diffie™s randomized stream cipher, 419
encryption speeds, 420
feedback with carry shift registers, 402“404
Fish, 391
Gifford, 392“393
Hughes XPD/KPD, 389“390
information-theoretic approach, 418
linear complexity, 380
Maurer™s randomized stream cipher, 419
message authentication codes, 459
multiple, generating from single pseudo-random-sequence generator, 420“421
Mush, 392
Nanoteq, 390
nonlinear-feedback shift registers, 412“413
1/p generator, 414
output-feedback mode, 205
Pike, 391“392
PKZIP, 394“395
Pless generator, 413“414
Rambutan, 390
random-sequence generators, 421“428
RC4, 397“398
Rip van Winkle cipher, 418“419
RSA generator, 417
SEAL, 398“400
self-synchronizing, 198“199
synchronous, 202“203
system-theoretic approach, 415“416
using feedback with carry shift registers, 405“412
alternating stop-and-go generators, 410“411
cascade generators, 405
FCSR combining generators, 405, 410
LFSR/FCSR summation/parity cascade, 410“411
shrinking generators, 411“412
using linear feedback shift registers, 381“388
alternating stop-and-go generator, 383, 385
Beth-Piper stop-and-go generator, 383“384
bilateral stop-and-go generator, 384“385
DNRSG, 387
Geffe generator, 382
generalized Geffe generator, 382“383
Gollmann cascade, 387“388
Jennings generator, 383“384
multispeed inner-product generator, 386“387
self-decimated generator, 385“387
self-shrinking generator, 388
shrinking generator, 388
summation generator, 386“387



Page 662 of 666
Applied Cryptography: Second Edition - Bruce Schneier



threshold generator, 384“386
WAKE, 400“402
Strict avalanche criteria, 350
Strong primes, 261
STU-III, 565“566
Subkey, 272
Blowfish, 338“339
Crab, 342“343
IDEA, 322
independent, DES, 295
Subliminal channel, 79“80
applications, 80
DSA, 493, 534“536
ElGamal, 532“533
ESIGN, 533“534
foiling, 536
Ong-Schnorr-Shamir, 531“532
signature algorithm, 79
Subliminal-free signature schemes, 80
Subprotocols, 26
Substitution boxes, 274“276
Substitution ciphers, 10“12
Substitution-permutation network, 347
SubStream, 414
Summation generator, 386“387
Superincreasing knapsack, 463“464
Superincreasing sequence, 463“464
Suppress-replay, 61
Surety Technologies, 79
SXAL8, 344
Symmetric algorithms, 4
Symmetric block algorithms, one-way hash functions using, 446“455
Symmetric cryptography:
bit commitment using, 86“87
communication using, 28“29
key exchange with, 47“48
versus public-key cryptography, 216“217
Symmetric cryptosystems, document signing, 35“37
Symmetric key length, 151“158
Synchronous stream cipher, 202“203
System-theoretic approach, stream ciphers, 415“416
Tap sequence, 373
feedback with carry shift registers, maximal-length, 408“409
Tatebayashi-Matsuzaki-Newman, 524“525
Tavares, Stafford, 334
TEA, 346
TEMPEST, 224
Terminology, 1“9, 39
Terrorist Fraud, 110
Thermodynamics, limitations on brute-force attacks, 157“158
Three-pass protocol, Shamir™s, 516“517
Three-Satisfiability, 242
3“Way, 341“342, 354



Page 663 of 666
Applied Cryptography: Second Edition - Bruce Schneier



source code, 654“659
Three-Way Marriage Problem, 242
Threshold generator, 384“386
Threshold schemes, 71“72, 530“531
Ticket-Granting Service, 567
Ticket Granting Ticket, 569
Tickets, 568
Time complexity, 237
Timestamping, 75
arbitrated solution, 75“76
digital signatures, 38
distributed protocol, 77“78
improved arbitrated solution, 76
improvements, 78“79
linking protocol, 76“77
patented protocols, 78“79
protocols, 75“79
TIS/PEM, 583
Total break, 8
Traffic analysis, 219
Traffic-flow security, 217
Transfer, oblivious, 116“117
Transposition, 237
ciphers, 12
Trapdoor one-way function, 30
Traveling Salesman Problem, 241“242
Trees, digital signatures, 37
Trial division, 256
Triple encryption, 358“363
encrypt-decrypt-encrypt mode, 359
with minimum key, 360
modes, 360“362
with three keys, 360
with two keys, 358“359
variants, 362“363
TSD, 594“595
Tsujii-Kurosawa-Itoh-Fujioka-Matsumoto, 501
Tuchman, Walt, 266, 278, 280, 294, 303, 358
Tuckerman, Bryant, 266
Turing, Alan, 240
Turing machine, 239, 241
2“adic numbers, 404
UEPS, 589“591
Uncertainty, 234
Unconditional sender and recipient untraceability, 138
Undeniable digital signatures, 81“82, 536“539
Unicity distance, 235“236
Unit key, 591
United States, export rules, 610“616
Universal Electronic Payment System, 589“591
Unpredictable, to left and to right, 417
Updating, keys, 180
Utah Digital Signature Act, 618



Page 664 of 666
Applied Cryptography: Second Edition - Bruce Schneier



van Oorschot, Paul, 359
Vector scheme, 529
Verification, keys, 178“179
Verification block, 179
Verification equation, 496
Vernam, Gilbert, 15
Vigenere cipher, 10“11, 14
Vino, 346
Viruses, to spread cracking program, 155“156
VLSI 6868, 278
Voting, see Secure elections
WAKE, 400“402
Wayner, Peter, 10
Weak keys:
block ciphers design theory, 348
DES, 280“281
Wheeler, David, 400
Whitening, 363, 366“367
Wide-Mouth Frog protocol, 56“57
Wiener, Michael, 153, 284, 359
Williams, 475“476
Wolfram, Steve, 414, 446
Wood, Michael, 311, 313
Woo-Lam protocol, 63“64
Word Auto Key Encryption, 400
Work factor, 9
xDES1, 365“366
XOR, 13“15
XPD, 389“390
Yagisawa algorithm, 501
Yahalom, 57“58
Yao™s millionaire problem, 551
Yung, Moti, 81
Yuval, Gideon, 430
Zero-knowledge proofs, 101“109, 548“549
ability to break RSA, 548“549
Chess Grandmaster Problem, 109
computational, 108
discrete logarithm, 548
generalities, 108“109
identity, 109“111
Mafia Fraud, 110
minimum-disclosure, 108
Multiple Identity Fraud, 111
n is Blum integer, 549
noninteractive, 106“107
no-use, 108
parallel, 106
perfect, 108
Proofs of Membership, 111
Renting Passports, 111
statistical, 108
Terrorist Fraud, 110



Page 665 of 666
Applied Cryptography: Second Edition - Bruce Schneier



Zero-knowledge protocol:
basic, 102“104
graph isomorphism, 104“105
Hamiltonian cycles, 105“106
Zierler, Neal, 381
Zimmermann, Philip, 584




Page 666 of 666

<<

. 29
( 29)