%% URL: "http://theory.lcs.mit.edu/~rivest/crypto.bib"

%% Maintained by Be Hubbard and Ronald L. Rivest.

%% Last updated 4/2/95 (1268 entries)

%% This bibliography contains COMPLETE listings for:

%% CRYPTO '81--'94, EUROCRYPT '84, AUSCRYPT'90

%% Burg Feuerstein '82

%% and PARTIAL lists for many other conferences.

%% We are in the process of merging into this bibliography the

%% bibliography from "Cryptography: Theory and Practice" by Doug

%% Stinson (CRC Press, 1995). An excellent book! (Thanks, Doug)

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

%% Various journal and conference string definitions:

@string{ASIACRYPT91 = "Advances in Cryptology--ASIACRYPT '91"}

@string{AUSCRYPT90 = "Advances in Cryptology--AUSCRYPT '90"}

@string{AUSCRYPT92 = "Advances in Cryptology--AUSCRYPT '92"}

@string{CACM = {Communications of the ACM}}

@string{JCSS = {JCSS}}

@string{SIAM = {SIAM J.\ Computing}}

@string{ACM = {ACM}}

@string{IEEE = {IEEE}}

@string{AFIPS = {AFIPS}}

@string{CRYPTO81 = "Advances in Cryptology: A Report on CRYPTO 81"}

@string{CRYPTO82 = "Proc.\ CRYPTO 82"}

@string{CRYPTO83 = "Proc.\ CRYPTO 83"}

@string{CRYPTO84 = "Proc.\ CRYPTO 84"}

@string{CRYPTO85 = "Proc.\ CRYPTO 85"}

@string{CRYPTO86 = "Proc.\ CRYPTO 86"}

@string{CRYPTO87 = "Proc.\ CRYPTO 87"}

@string{CRYPTO88 = "Proc.\ CRYPTO 88"}

@string{CRYPTO89 = "Proc.\ CRYPTO 89"}

@string{CRYPTO90 = "Proc.\ CRYPTO 90"}

@string{CRYPTO91 = "Proc.\ CRYPTO 91"}

@string{CRYPTO92 = "Proc.\ CRYPTO 92"}

@string{CRYPTO93 = "Proc.\ CRYPTO 93"}

@string{CRYPTO94 = "Proc.\ CRYPTO 94"}

@string{CRYPTO94 = "Proc.\ CRYPTO 95"}

@string{EUROCRYPT84 = {Proc.\ EUROCRYPT 84}}

@string{EUROCRYPT85 = {Proc.\ EUROCRYPT 85}}

@string{EUROCRYPT86 = {Proc.\ EUROCRYPT 86}}

@string{EUROCRYPT87 = {Proc.\ EUROCRYPT 87}}

@string{EUROCRYPT88 = {Proc.\ EUROCRYPT 88}}

@string{EUROCRYPT89 = {Proc.\ EUROCRYPT 89}}

@string{EUROCRYPT90 = {Proc.\ EUROCRYPT 90}}

@string{EUROCRYPT91 = {Proc.\ EUROCRYPT 91}}

@string{EUROCRYPT92 = {Proc.\ EUROCRYPT 92}}

@string{EUROCRYPT93 = {Proc.\ EUROCRYPT 93}}

@string{EUROCRYPT94 = {Proc.\ EUROCRYPT 94}}

@string{EUROCRYPT95 = {Proc.\ EUROCRYPT 95}}

@string{FOCS77 = {Proc.\ $18$th IEEE Symp.\ on Foundations of Comp.\ Science}}

@string{FOCS78 = {Proc.\ $19$th IEEE Symp.\ on Foundations of Comp.\ Science}}

@string{FOCS79 = {Proc.\ $20$th IEEE Symp.\ on Foundations of Comp.\ Science}}

@string{FOCS80 = {Proc.\ $21$st IEEE Symp.\ on Foundations of Comp.\ Science}}

@string{FOCS81 = {Proc.\ $22$nd IEEE Symp.\ on Foundations of Comp.\ Science}}

@string{FOCS82 = {Proc.\ $23$rd IEEE Symp.\ on Foundations of Comp.\ Science}}

@string{FOCS83 = {Proc.\ $24$th IEEE Symp.\ on Foundations of Comp.\ Science}}

@string{FOCS84 = {Proc.\ $25$th IEEE Symp.\ on Foundations of Comp.\ Science}}

@string{FOCS85 = {Proc.\ $26$th IEEE Symp.\ on Foundations of Comp.\ Science}}

@string{FOCS86 = {Proc.\ $27$th IEEE Symp.\ on Foundations of Comp.\ Science}}

@string{FOCS87 = {Proc.\ $28$th IEEE Symp.\ on Foundations of Comp.\ Science}}

@string{FOCS88 = {Proc.\ $29$th IEEE Symp.\ on Foundations of Comp.\ Science}}

@string{FOCS89 = {Proc.\ $30$th IEEE Symp.\ on Foundations of Comp.\ Science}}

@string{FOCS90 = {Proc.\ $31$st IEEE Symp.\ on Foundations of Comp.\ Science}}

@string{FOCS91 = {Proc.\ $32$nd IEEE Symp.\ on Foundations of Comp.\ Science}}

@string{FOCS92 = {Proc.\ $33$rd IEEE Symp.\ on Foundations of Comp.\ Science}}

@string{FOCS93 = {Proc.\ $34$th IEEE Symp.\ on Foundations of Comp.\ Science}}

@string{FOCS94 = {Proc.\ $35$th IEEE Symp.\ on Foundations of Comp.\ Science}}

@string{FOCS95 = {Proc.\ $36$th IEEE Symp.\ on Foundations of Comp.\ Science}}

@string{STOC79 = {Proc.\ $11$th ACM Symp.\ on Theory of Computing}}

@string{STOC80 = {Proc.\ $12$th ACM Symp.\ on Theory of Computing}}

@string{STOC81 = {Proc.\ $13$th ACM Symp.\ on Theory of Computing}}

@string{STOC82 = {Proc.\ $14$th ACM Symp.\ on Theory of Computing}}

@string{STOC83 = {Proc.\ $15$th ACM Symp.\ on Theory of Computing}}

@string{STOC84 = {Proc.\ $16$th ACM Symp.\ on Theory of Computing}}

@string{STOC85 = {Proc.\ $17$th ACM Symp.\ on Theory of Computing}}

@string{STOC86 = {Proc.\ $18$th ACM Symp.\ on Theory of Computing}}

@string{STOC87 = {Proc.\ $19$th ACM Symp.\ on Theory of Computing}}

@string{STOC88 = {Proc.\ $20$th ACM Symp.\ on Theory of Computing}}

@string{STOC89 = {Proc.\ $21$st ACM Symp.\ on Theory of Computing}}

@string{STOC90 = {Proc.\ $22$nd ACM Symp.\ on Theory of Computing}}

@string{STOC91 = {Proc.\ $23$rd ACM Symp.\ on Theory of Computing}}

@string{STOC92 = {Proc.\ $24$th ACM Symp.\ on Theory of Computing}}

@string{STOC93 = {Proc.\ $25$th ACM Symp.\ on Theory of Computing}}

@string{STOC94 = {Proc.\ $26$th ACM Symp.\ on Theory of Computing}}

@string{STOC95 = {Proc.\ $27$th ACM Symp.\ on Theory of Computing}}

@string{PODC87 = {Proc.\ $6$th ACM Symp.\ on Principles of Distributed Computation}}

@string{PODC86 = {Proc.\ $5$th ACM Symp.\ on Principles of Distributed Computation}}

@string{PODC95 = {Proc.\ $14$th ACM Symp.\ on Principles of Distributed Computation}}

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

%% Sorted into order by latex key value

@inproceedings{AbadiAlBrFeHe88,

author = {M. Abadi and E. Allender and A. Broder and J. Feigenbaum

and L.A. Hemachandra},

title = {On Generating Solved Instances of Computational Problems},

pages = {297--310},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@article{AbadiFeKi89,

author = {Martin Abadi and Joan Feigenbaum and Joe Kilian},

title = {On Hiding Information from an Oracle},

journal = {Journal of Computer and Systems Science},

volume = 39,

number = 1,

year = 1989,

pages = {21--50}

}

@inproceedings{AbadiBuLa92,

author = {M. Abadi and M. Burrows and B. Lampson},

title = {A calculus for access control in distributed systems},

pages = {1--23},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@inproceedings{Abadi97,

author = {Martin Abadi},

title = {On {SDSI}'s Linked Local Name Spaces},

booktitle = {Proceedings 10th IEEE Computer Security Foundations Workshop},

month = Jun,

year = 1997

}

@manual{AccreditedSC81,

author = {{Accredited Standards Committee X3}},

year = {1981},

title = {American National Standard X3.92: Data Encryption Algorithm

({DEA})}

}

@manual{AccreditedSC82,

author = {{Accredited Standards Committee X9}},

year = {1982},

title = {American National Standard X9.9: Financial Institution

Message Authentication}

}

@manual{AccreditedSC85,

author = {{Accredited Standards Committee X9}},

year = {1985},

title = {American National Standard X9.17: Financial Institution

Key Management (Wholesale)}

}

@manual{AccreditedSC93,

newtag = {AccreditedSC93},

author = {{Accredited Standards Committee X9}},

year = {1993},

title = {Working Draft: American National Standard X9.30-199X:

Public Key Cryptography Using Irreversible Algorithms

for the Financial Services Industry: Part 1: The Digital

Signature Algorithm (DSA)},

month = {June 18,}

}

@manual{AccreditedSC93a,

newtag = {AccreditedSC93a},

author = {{Accredited Standards Committee X9}},

year = {1993},

title = {Working Draft: American National Standard X9.30-1993:

Public Key Cryptography Using Irreversible Algorithms

for the Financial Services Industry: Part 2: The Secure

Hash Algorithm ({SHA})}

}

@manual{AccreditedSC93b,

newtag = {AccreditedSC93b},

author = {{Accredited Standards Committee X9}},

year = {1993},

title = {Working Draft: American National Standard X9.30-1993:

Public Key Cryptography Using Irreversible Algorithms

for the Financial Services Industry: Part 4: Management

of Symmetric Algorithm Keys Using {Diffie-Hellman}},

month = {June 4,}

}

@manual{AccreditedSC93c,

newtag = {AccreditedSC93c},

author = {{Accredited Standards Committee X9}},

year = {1993},

title = {Working Draft: American National Standard X9.31-1992:

Public Key Cryptography Using Reversible Algorithms

for the Financial Services Industry: Part 1: The {RSA}

Signature Algorithm},

month = {March 7,}

}

@manual{AccreditedSC93d,

newtag = {AccreditedSC93d},

author = {{Accredited Standards Committee X9}},

year = {1993},

title = {Working Draft: American National Standard X9.31-1992:

Public Key Cryptography Using Reversible Algorithms

for the Financial Services Industry: Part 2: The {MDC-2}

Hash Algorithm},

month = {June 4,}

}

@manual{AccreditedSC93e,

newtag = {AccreditedSC93e},

author = {{Accredited Standards Committee X9}},

year = {1993},

title = {Working Draft: American National Standard X9.31-1993:

Public Key Cryptography Using Reversible Algorithms

for the Financial Services Industry: Part 4: Management

of Symmetric Algorithm Keys Using {RSA}},

month = {June 4,}

}

@manual{AccreditedSC93f,

newtag = {AccreditedSC93f},

author = {{Accredited Standards Committee X9}},

year = {1993},

title = {Working Draft: American National Standard X9.41-1993:

Security Services Management for the Financial Services

Industry},

month = {August}

}

@phdthesis{Adams90,

author = {C.M. Adams},

title = {A formal and practical design procedure for substitution-permutation

network cryptosystems},

school = {Queen's University},

year = 1990

}

@article{Adams92,

author = {Adams, C.M.},

year = {1992},

title = {{On Immunity against Biham and Shamir's ``Differential

Cryptanalysis''}},

journal = {Information Processing Letters},

volume = 41,

number = 2,

pages = {77--80}

}

@inproceedings{AdamsMe88,

author = {Carlisle M. Adams and Henk Meijer},

title = {Security-related comments regarding McEliece's public-key

cryptosystem},

pages = {224--228},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{AdamsTa90,

author = {Carlisle Adams and Stafford Tavares},

title = {Good-{S}-boxes are easy to find},

pages = {612--615},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@article{AdamsTa90a,

author = {C.M. Adams and S.E. Tavares},

title = {Generating and counting binary bent sequences},

journal = {IEEE Transactions on Information Theory},

month = Sep,

year = 1990,

volume = 36,

number = 5,

pages = {1170--1173}

}

@article{AdamsTa90b,

author = {C.M. Adams and S.E. Tavares},

title = {The Structured Design of Cryptographically Good {S}-Boxes},

journal = {Journal of Cryptology},

year = 1990,

volume = 3,

number = 1,

pages = {27--41}

}

@inproceedings{Adleman77,

author = {L. M. Adleman},

title = {A Subexponential Algorithm for the Discrete Logarithm

Problem with Applications to Cryptography},

pages = {55--60},

booktitle = FOCS77,

address = {Providence},

year = 1977,

publisher = {IEEE}

}

@inproceedings{Adleman82,

author = {Leonard Adleman},

title = {Primality Testing},

pages = {10--10},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{Adleman83,

author = {L. M. Adleman},

title = {On Breaking Generalized Knapsack Public Key Cryptosystems},

pages = {402--412},

booktitle = STOC83,

publisher = ACM,

address = {Boston},

year = 1983

}

@inproceedings{Adleman83a,

author = {Leonard M. Adleman},

title = {Implementing an Electronic Notary Public},

pages = {259--265},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{Adleman83b,

author = {Leonard M. Adleman},

title = {On Breaking the Iterated {M}erkle-{H}ellman Public-Key

Cryptosystem},

pages = {303--308},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@techreport{Adleman90,

author = {L. M. Adleman},

title = {Factoring Numbers Using Singular Integers},

institution = {U.S.C. Computer Science Department},

number = {TR 90-20},

month = Sep,

year = 1990

}

@inproceedings{Adleman88,

author = {L.M. Adleman},

title = {An Abstract Theory of Computer Viruses},

pages = {354--374},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Adleman94,

author = {Leonard M. Adleman},

title = {Algorithmic Number Theory--The Complexity Contribution},

booktitle = STOC94,

publisher = ACM,

address = {Montreal, Canada},

year = 1994,

pages = {88--113}

}

@article{Adleman95,

author = {Leonard M. Adleman},

title = {A thousand billion billion sums},

journal = {The Economist},

year = 1995,

pages = {83--84}

}

@inproceedings{AdlemanDe94,

author = {Leonard M. Adleman and Johnathan DeMarrais},

title = {A subexponential algorithm for discrete logarithms

over all finite fields },

pages = {147--158},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@inproceedings{AdlemanHu87,

author = {L. M. Adleman and M. A. Huang},

title = {Recognizing primes in random polynomial time},

pages = {462--469},

booktitle = STOC87,

publisher = ACM,

address = {New York City},

year = 1987

}

@inproceedings{AdlemanMaMi77,

author = {L. M. Adleman and K. Manders and G. Miller},

title = {On taking roots in finite fields},

pages = {175--177},

booktitle = FOCS77,

address = {Providence},

publisher = IEEE,

year = 1977

}

@article{AdlemanPoRu83,

author = {L. M. Adleman and C. Pomerance and R. S. Rumely},

title = {On distinguishing prime numbers from composite numbers},

journal = {Ann. Math.},

volume = 117,

year = 1983,

pages = {173--206}

}

@inproceedings{Agnew85, author = {Gordon B. Agnew},

title = {Secrecy and Privacy in a Local Area Network Environment},

pages = {349--363},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985 }

@inproceedings{AgnewMuVa88,

author = {Agnew, G.B. and Mullin, R.C. and Vanstone, S.A.},

year = 1988,

title = {A secure public key protocol based on discrete exponentiation},

booktitle = {Advances in Cryptology --- Eurocrypt '88},

editor = {C.G. {G\"{u}nther}},

publisher = {Springer-Verlag},

address = {Berlin},

pages = {159--166}

}

@inproceedings{AielloBeVe95,

author = {William Aiello and Mihir Bellare and Ramarathnam Venkatesan},

title = {Knowledge on the Average--- Perfect, Statistical and

Logarithmic},

pages = {469-478},

booktitle = STOC95,

publisher = ACM,

address = {Las Vegas},

year = 1995

}

@article{AielloGoHa90,

author = {W. Aiello and S. Goldwasser and J. Hastad},

title = {On the Power of Interaction},

journal = {Combinatorica},

volume = 10,

number = 1,

year = 1990,

pages = {3-25}

}

@article{AielloHa91,

author = {W. Aiello and J. Hastad},

title = {Statistical Zero Knowledge Can Be Recognized in Two

Rounds},

journal = JCSS,

volume = 42,

year = 1991,

pages = {327--345}

}

@inproceedings{Akl84,

author = {Selim G. Akl},

title = {On the Security of Compressed Encodings},

pages = {209--230},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@inproceedings{AklMe85,

author = {Selim G. Akl and Henk Meijer},

title = {A Fast Pseudo Random Permutation Generator with Applications

to Cryptology},

pages = {269--275},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@inproceedings{AklTa83,

author = {Selim G. Akl and Peter D. Taylor},

title = {Cryptographic Solution to a Multilevel Security Problem},

pages = {237--249},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{AlexiChGoSc84,

author = {W. B. Alexi and B. Chor and O. Goldreich and C. P.

Schnorr},

title = {{RSA/Rabin} bits are ${1/2} + {1/{poly(\log(N))}}$

Secure},

pages = {449--457},

booktitle = FOCS84,

address = {Singer Island},

publisher = IEEE,

year = 1984

}

@article{AlexiChGoSc88,

author = {W. B. Alexi and B. Chor and O. Goldreich and C. P.

Schnorr},

title = {{RSA}/{Rabin} functions: certain parts are as hard

as the whole},

pages = {194--209},

journal = {SIAM J. Computing},

year = 1988,

month = Apr,

volume = 17,

number = 2

}

@INPROCEEDINGS{Alagar90,

author = {V.S. Alagar},

title = {Range Equations and Range Matrices: A Study in Statistical

Database Security},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {360--385}

}

@inproceedings{AlonGaYu,

author = {N. Alon and Z. Galil and M. Yung},

year = 1995,

title = {Verifiable secret sharing and achieving simultaneity

in the presence of faults},

booktitle = {Proc.\ 3rd Annual European Symposium on Algorithmns},

series = {Lecture Notes in Computer Science 979},

volume = {ESA 95},

publisher = {Springer Verlag},

pages = {523--537}

}

@article{AlonGoHaPe92,

author = {N. Alon and O. Goldreich and J. Hastad and R. Peralta},

title = {Simple Constructions of Almost $k-$wise Independent

Random Variables},

journal = {Journal of Random Structures and Algorithms},

volume = 3,

number = 3,

year = 1992,

pages = {289--304}

}

@article{AlpernSc83,

author = {B. Alpern and F. B. Schneider},

title = {Key exchange using `Keyless Cryptography'},

journal = {Information Processing Letters},

volume = 16,

year = 1983,

pages = {79--81}

}

@Article{AmaKan95,

Author = "E. Amaldi and V. Kann",

Title = "The complexity and approximability of finding

maximum feasible subsystems of linear relations",

Journal = "Theoret. Comput. Sci.",

Volume = "147",

Year = "1995",

Pages = "181--210"

}

@manual{AmeritechMob93,

newtag = {AmeritechMob93},

author = {{Ameritech Mobile Communications {\em et al}}},

year = {1993},

title = {Cellular Digital Packet Data System Specifications:

Part 406: Airlink Security}

}

@article{AmesGaSc83,

author = {S. Ames and M. Gasser and R. Schell},

title = {Security Kernel Design and Implementation; An Introduction},

journal = {IEEE Computer},

volume = 16,

number = 7,

year = 1983

}

@INPROCEEDINGS{Ames90,

author = {M. Ames},

title = {Secure Cryptographic Initialization},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {451--462}

}

@inproceedings{AmiraziziHe82,

author = {Hamid Amirazizi and Martin E. Hellman},

title = {Time-Memory-Processor Tradeoffs},

pages = {7-9},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{AmiraziziKaRe82,

author = {Hamid Amirazizi and Ehud Karnin and Justin Reyneri},

title = {A Polynomial Time Solution for Compact Knapsacks},

pages = {17--19},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@techreport{Anderson72,

author = {J.P. Anderson},

title = {Computer Security Technology Planning Study},

institution = {Hanscom AFB},

number = {ESD--TR--73--51},

month = {October},

year = 1972

}

% note: not in class file cabinet yet

@article{Anderson93,

author = {Ross Anderson},

year = 1993,

title = {A Practical {RSA} Trapdoor},

journal = {Electronics Letters},

volume = 29,

number = 11,

month = {27 May},

pages = 995

}

@article{Anderson94,

author = {Ross J. Anderson},

title = {Why Cryptosystems Fail},

journal = {Communications of the ACM},

month = Nov,

year = 1994,

volume = 37,

number = 11,

pages = {32--41}

}

@inproceedings{AndersonBi96,

author = {Ross Anderson and Eli Biham},

title = {Two Practical and Probably Secure Block Ciphers:

{BEAR} and {LION}},

pages = {114--120},

booktitle = {Fast Software Encryption},

editor = {Dieter Gollman},

publisher = {Springer},

year = 1996,

note = {(Proceedings Third International Workshop,

Feb.\ 1996, Cambridge, UK)}

}

@inproceedings{AndersonKu96,

author = {Ross Anderson and Markus Kuhn},

title = {Tamper Resistance -- a Cautionary Note},

pages = {1--11},

booktitle = {Proceedings of the Second {USENIX} Workshop on

Electronic Commerce},

month = Nov,

year = 1996

}

@misc{AndersonMaSu95,

author = {Ross Anderson and Harry Manifavas and Chris Sutherland},

title = {A Practical Electronic Cash System},

institution = {Computer Laboratory, Pembroke Street, Cambridge {CB2 3QG},

U.K.},

year = 1995,

note = {Available from author: {\tt Ross.Anderson@cl.cam.ac.uk}}

}

@book{Andrews76,

title = {The Theory of Partitions},

author = {George E. Andrews},

publisher = {Addison-Wesley},

year = 1976,

volume = 2,

series = {Encyclopedia of Mathematics and its Applications}

}

@techreport{Angluin82,

author = {D. Angluin},

title = {Lecture notes on the complexity of some problems in

number theory},

institution = {Yale University Computer Science Department},

year = 1982,

month = Aug,

number = {TR-243}

}

@techreport{AngluinLi83,

author = {D. Angluin and D. Lichtenstein},

title = {Provable Security of Cryptosystems: A Survey},

institution = {Yale University Department of Computer Science},

month = Oct,

year = 1983,

number = {TR-288}

}

@INPROCEEDINGS{AnthonyMaSeWi90,

author = {M.H.G. Anthony and K.M. Martin and J. Seberry and P.

Wild},

title = {Some Remarks on Authentication Systems},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {122--139}

}

@book{Anton91,

author = {H. Anton},

title = {Elementary Linear Algebra (Sixth Edition)},

publisher = {John Wiley and Sons},

year = 1991

}

@book{Apostol76,

author = {Tom M. Apostol},

title = {Introduction to Analytic Number Theory},

publisher = {Springer-Verlag},

year = 1976

}

@techreport{AokiOhArMa94,

author = {Aoki, K. and Ohta, K. and Araki, S. and Matsui, M.},

year = {1994},

title = {Linear Cryptanalysis of {FEAL-8} (Experimentation Report)},

institution = {IEICE},

number = {ISEC 94-6 (1994-05)}

}

@InProceedings{AroraLuMoSuSz91,

author = {Sanjeev Arora and Carsten Lund and Rajeev Motwani and

Madhu Sudan and Mario Szegedy},

title = {Proof Verification and Hardness of Approximation Problems},

month = {October},

year = {1991},

booktitle = {Proc.\ 33rd IEEE Foundations of Computer Science},

pages = {14--23}

}

@article{AsmuthBl81,

author = {C. A. Asmuth and G. R. Blakley},

title = {An efficient algorithm for constructing a cryptosystem

which is harder to break than two other cryptosystems},

journal = {Comp.\ and Maths.\ with Appls.},

year = 1981,

volume = 7,

pages = {447--450}

}

@inproceedings{AumannFe94,

author = {Yonatan Aumann and Uriel Feige},

title = {On message proof systems with known space verifiers},

pages = {85--99},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@inproceedings{AvisTa83,

author = {G.M. Avis and S.E. Tavares},

title = {Using Data Uncertainty to Increase the Crypto-Complexity

of Simple Private Key Enciphering Schemes},

pages = {139--143},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{AwerbuchChGoMi86,

author = {Awerbuch, B. and Chor, B. and Goldwasser, S. and Micali,

S.},

year = 1986,

title = {Verifiable secret sharing and achieving simultaneity

in the presence of faults},

booktitle = {Proc.\ 26th Annual IEEE Symp.\ of Foundations of Computer

Science},

publisher = {IEEE},

address = {New York},

pages = {383--395}

}

@inproceedings{Bach83,

author = {Eric Bach},

title = {How to generate factored random numbers},

pages = {184--188},

booktitle = Stoc83,

publisher = Acm,

address = {Boston},

year = 1983

}

@Article{Bach88,

author = {Eric Bach},

title = {How to generate factored random numbers},

pages = {179--193},

journal = {SIAM J. Computing},

year = 1988,

month = Apr,

volume = 17,

number = 2

}

@inproceedings{Bach88a,

author = {Eric Bach},

title = {Intractable Problems in Number Theory},

pages = {77--93},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No. 403 },

publisher = {Springer-Verlag},

year = 1988

}

@incollection{Bach90,

author = {Eric Bach},

title = {Number-Theoretic Algorithms},

booktitle = {Annual Review of Computer Science},

publisher = {Annual Reviews, Inc.},

addr = {Palo Alto},

year = 1990,

volume = 4,

pages = {119--172}

}

@article{Bach91,

author = {Eric Bach},

title = {Toward a Theory of {Pollard's Rho} Method},

journal = {Information and Computation},

volume = 90,

year = 1991,

number = 2,

month = Feb,

pages = {139--155},

comment = {Rigorous approach, in contrast to usual heuristic analysis.

Proves rigorously that for $n=pq$, with $p<q$, that

the chance of successfully factoring $n$ in the first

$\frac{1}{4}\lg(n)$ steps is at least $\Omega(\log^2(p))/p$.}

}

@article{BachMiSh86,

author = {Eric Bach and Gary Miller and Jeffrey Shlalit},

title = {Sums of Divisors, Perfect Numbers, and Factoring},

journal = {{SIAM} Journal of Computing},

year = 1986,

month = Nov,

volume = 15,

number = 4,

pages = {1143--1154}

}

@techreport{Baldwin88,

author = {Robert Baldwin},

title = {Rule Based Analysis of Computer Security},

institution = {MIT Laboratory for Computer Science},

number = {TR--401},

month = {March},

year = 1988

}

@manual{Balenson93,

author = {Balenson, D.},

year = 1993,

month = {February},

title = {{RFC} 1423: Privacy Enhancement for Internet Electronic

Mail: Part {III} -- Algorithms, Modes, and Identifiers},

organization = {Internet Activities Board}

}

@book{Bamford82,

author = {James Bamford},

title = {The Puzzle Palace -- A Report on {NSA}, America's Most

Secret Agency},

publisher = {Houghton Miflin},

address = {Boston},

year = 1982

}

@inproceedings{BaoIg95,

author = {Feng Bao and Yoshihide Igarashi},

title = {Break Finite Automata Public Key Cryptosystem},

booktitle = {ICALP},

note = {Lecture Notes in Computer Science},

year = 1995,

pages = {147--158}

}

@inproceedings{BaritaudCaChGi92,

author = {Thierry Baritaud and Mireille Campana and Pascal Chauvaud

and Henri Gilbert},

title = {On the Security of the Permuted Kernel Identification

Scheme},

pages = {305--311},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No. 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{BaritaudGiGi93,

author = {Baritaud, T. and Gilbert, H. and Girault, M.},

year = 1993,

title = {{FFT} Hashing is not Collision-free},

booktitle = {Advances in Cryptology --- Eurocrypt '92},

editor = {R.A. Rueppel},

pages = {35--44},

publisher = {Springer-Verlag},

address = {Berlin}

}

@article{Barlow92,

author = {Barlow, J.P.},

year = 1992,

month = {July},

title = {Decrypting the puzzle palace},

journal = {Communications of the ACM},

volume = 35,

number = 7,

pages = {25--31}

}

@inproceedings{Barrett87,

author = {Paul Barrett},

title = {Implementing the Rivest Shamir and Adleman public

key encryption algorithm on a standard digital signal

processor},

pages = {311--323},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@inproceedings{BarrettEi90,

author = {Paul Barrett and Raymund Eisele},

title = {The smart diskette -- a universal user token and personal

crypto-engine},

pages = {74--81},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{Bauer83,

author = {Friedrich L. Bauer},

title = {Cryptology - Methods and Maxims},

pages = {31--48},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{BayerHaSt92,

author = {Bayer, D. and Haber, S. and Stornetta, W.S.},

year = {1992},

title = {Improving the efficiency and reliablility of digital

time-stamping},

booktitle = {Sequences '91: Methods in Communication, Security,

and Computer Science},

pages = {329--334},

editor = {Capocelli, R.M.},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{BeaucheminBr88,

author = {Pierre Beauchemin and Gilles Brassard},

title = {A generalization of Hellman's extension of Shannon's

approach to cryptography},

pages = {461--461},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{BeaucheminBrCr87,

author = {Pierre Beauchemin and Gilles Brassard and Claude Cr\'epeau},

title = {Two observations on probabilistic primality testing},

pages = {443--450},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@article{BeaucheminBrCrGoPo88,

author = {Pierre Beauchemin and Gilles Brassard and Claude Cr\'epeau

and Claude Goutier and Carl Pomerance},

title = {The Generation of Random Numbers That Are Probably

Prime},

journal = {Journal of Cryptology},

year = 1988,

volume = 1,

pages = {53--64},

comment = {Earlier version in CRYPTO 86 Proceedings.}

}

@inproceedings{Becker82,

author = {H.J. Becker},

title = {Nonlinear Feedback Shift Register Sequences},

pages = {121--123},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{Beaver90,

author = {Donald Beaver},

title = {Multiparty protocols tolerating half faulty processors},

pages = {560--572},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{Beaver92,

author = {D. Beaver},

title = {Foundations of secure interactive computing},

pages = {377--391},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@inproceedings{Beaver92a,

author = {D. Beaver},

title = {Efficient multiparty protocols using circuit randomization},

pages = {420--432},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@inproceedings{BeaverFeKiRo91,

author = {D. Beaver and J. Feigenbaum and J. Kilian and P. Rogaway},

title = {Security with Low Communication Overhead},

pages = {62--76},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@techreport{BeaverFeOsSh93,

author = {Donald Beaver and Joan Feigenbaum and Rafail

Ostrovsky and Victor Shoup},

title = {Instance-Hiding Proof Systems},

institution = {DIMACS Center for Discrete Mathematics and

Theoretical Computer Science},

number = {TR--93-65},

month = Sep,

year = 1993

}

@inproceedings{BeaverFeSh91,

author = {D. Beaver and J. Feigenbaum and V. Shoup},

title = {Hiding Instances in Zero-Knowledge Proof Systems},

pages = {326--338},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{BeaverGo90,

author = {Donald Beaver and Shafi Goldwasser},

title = {Multiparty computation with faulty majority},

pages = {589--590},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{BeimelCh92,

author = {Amos Beimel and Benny Chor},

title = {Universally Ideal Secret Sharing Schemes},

pages = {183--195},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{BeimelCh94,

author = {Amos Beimel and Benny Chor},

title = {Interaction in key distribution schemes},

pages = {456--479},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@inproceedings{Beker83,

author = {H.J. Beker},

title = {Analogue Speech Security Systems},

pages = {130--146},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@book{BekerPi82,

author = {H. Beker and F. Piper},

title = {Cipher Systems: The Protection of Communications},

publisher = {Northwood},

address = {London},

year = 1982

}

@inproceedings{BekerWa85,

author = {Henry Beker and Michaell Walker},

title = {Key Management for Secure Electronic Funds Transfer

in a Retail Environment},

pages = {401--410},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@techreport{BellLa73,

author = {D. Bell and L. La{P}adula},

title = {Secure Computer Systems: Mathematical Foundations},

institution = {{MITRE} Corporation},

number = {ESD-TR-73-278},

year = 1973

}

@techreport{BellareBaChGu94,

author = {Mihir Bellare and Erol Basturk and Chee-Seng Chow and

Roch Gu\'{e}rin},

title = {Secure Transport Protocols for High Speed Networks},

institution = {IBM},

number = {RC 19981},

month = Jan,

year = 1994

}

@inproceedings{BellareBeFeGo91,

author = {Mihir Bellare and Richard Beigel and Joan Feigenbaum

and Shafi Goldwasser},

title = {Languages that are Easier than their Proofs},

pages = {19--28},

booktitle = FOCS91,

publisher = IEEE,

address = {San Juan},

year = 1991

}

@inproceedings{BellareCoGo90,

author = {Mihir Bellare and Lenore Cowen and Shafi Goldwasser},

title = {On the structure of secret key exchange protocols},

pages = {604--606},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

% This is the final version of what appears in your bib as BellareCoGo90.

% (The entry above is actually not a paper, just a one page "rump session

% abstract" in Crypto).

@inproceedings{BellareCoGo91,

author = {Mihir Bellare and Lenore Cowen and Shafi Goldwasser},

title = {On the structure of secret key exchange protocols},

pages = {79--92},

booktitle = {Distributed Computing and Cryptography},

editor = {J.~Feigenbaum and M.~Merritt},

note = {Dimacs Series in Discrete Mathematics and Theoretical

Computer Science, Volume 2},

publisher = {AMS/ACM},

year = 1991

}

@inproceedings{BellareFeKi95,

author = {Mihir Bellare and Uri Feige and Joe Kilian},

title = {On the Role of Shared Randomness in Two Prover Proof

Systems},

pages = {199--208},

booktitle = {ISTCS95},

publisher = {IEEE},

address = {Tel Aviv},

year = 1995

}

@inproceedings{BellareGaHaHeKrStTsWa95,

author = {M.~Bellare and J.~Garay and R.~Hauser and A.~Herzberg,

H.~Krawczyk and M.~Steiner and G.~Tsudik and M.~Waidner},

title = {$i$KP -- A Family of Secure Electronic Payment Protocols},

pages = {1--20},

booktitle = {Proceedings of the Usenix Electronic Commerce Workshop},

year = 1995

}

@inproceedings{BellareGo90,

author = {Mihir Bellare and Shafi Goldwasser},

title = {New paradigms for digital signatures and message authentication

based on non-interative zero knowledge proofs},

pages = {194--211},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{BellareGo92,

author = {Mihir Bellare and Oded Goldreich},

title = {On Defining Proofs of Knowledge},

pages = {390--420},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@article{BellareGo94,

author = {Mihir Bellare and Shafi Goldwasser},

title = {The complexity of decision versus search},

journal = {SIAM Journal of Computing},

year = 1994,

month = Feb,

volume = 23,

number = 1,

pages = {97--119}

}

@techreport{BellareGo95,

author = {Mihir Bellare and Shafi Goldwasser},

title = {Verifiable Partial Key Escrow},

institution = {Dept. of Computer Science and Engineering, U.C. San Diego},

number = {CS95-447},

year = 1995,

month = Oct

}

@inproceedings{BellareGoGo90,

author = {Mihir Bellare and Oded Goldreich and Shafi Goldwasser},

title = {Randomness in Interactive Proofs},

pages = {563--573},

booktitle = FOCS90,

publisher = IEEE,

address = {St.~Louis},

year = 1990

}

% Journal version of BellareGoGo90:

@article{BellareGoGo93,

author = {Mihir Bellare and Oded Goldreich and Shafi Goldwasser},

title = {Randmoness in Interactive Proofs},

journal = {Computational Complexity},

volume = 4,

number = 4,

year = 1993,

pages = {319--354}

}

@inproceedings{BellareGoGo94,

author = {Mihir Bellare and Oded Goldreich and Shafi Goldwasser},

title = {Incremental cryptography: the case of hashing and signing},

pages = {216--233},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@inproceedings{BellareGoGo95,

author = {Mihir Bellare and Oded Goldreich and Shafi Goldwasser},

title = {Incremental Cryptography with Application to Virus

Protection},

pages = {45-56},

booktitle = STOC95,

publisher = ACM,

address = {Las Vegas},

year = 1995

}

@techreport{BellareGuRo95,

author = {Mihir Bellare and Roch Gu\'{e}rin and Phillip Rogaway},

title = {{XOR MACs}: New Methods for Message Authentication

Using Block Ciphers},

institution = {IBM Research Report},

number = {RC 19970},

month = Mar,

year = 1995

}

@inproceedings{BellareGuRo95b,

author = {Mihir Bellare and Roch Gu\'{e}rin and Phillip Rogaway},

title = {{XOR MACs}: New Methods for Message Authentication

Using Finite Pseudorandom Functions},

pages = {15--28},

booktitle = CRYPTO95,

editor = {Don Coppersmith},

note = {Lecture Notes in Computer Science No.\ 963},

publisher = {Springer},

year = 1995

}

@inproceedings{BellareKiRo94,

author = {Mihir Bellare and Joe Kilian and Phillip Rogaway},

title = {The security of cipher block chaining},

pages = {341--358},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@inproceedings{BellareMi88,

author = {Mihir Bellare and Silvio Micali},

title = {How to Sign Given Any Trapdoor Function},

pages = {32--42},

booktitle = STOC88,

publisher = ACM,

address = {Chicago},

year = 1988

}

@inproceedings{BellareMi88a,

author = {Mihir Bellare and Silvio Micali},

title = {How to Sign Given Any Trapdoor Function},

pages = {200--215},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No. 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{BellareMi90a,

author = {Mihir Bellare and Silvio Micali},

title = {Non-interactive oblivious transfer and applications},

pages = {547--559},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@article{BellareMi92,

author = {Mihir Bellare and Silvio Micali},

title = {How to Sign Given Any Trapdoor Permutation},

journal = {Journal of the ACM},

volume = 39,

number = 1,

year = 1992,

month = Jan,

pages = {214--233}

}

@inproceedings{BellareMiOs90a,

author = {Mihir Bellare and Silvio Micali and Rafail Ostrovsky},

title = {Perfect Zero-Knowledge in Constant Rounds},

pages = {482--493},

booktitle = STOC90,

publisher = ACM,

address = {Baltimore},

year = 1990

}

@inproceedings{BellareMiOs90b,

author = {Mihir Bellare and Silvio Micali and Rafail Ostrovsky},

title = {The (True) Complexity of Statistical Zero-Knowledge},

pages = {494--502},

booktitle = STOC90,

publisher = ACM,

address = {Baltimore},

year = 1990

}

@inproceedings{BellarePe92,

author = {Mihir Bellare and Erez Petrank},

title = {Making Zero-Knowledge Provers Efficient},

pages = {711--722},

booktitle = STOC92,

publisher = ACM,

address = {Victoria},

year = 1992

}

@unpublished{BellareRiBe95,

author = {Mihir Bellare and Ronald L. Rivest},

title = {Translucent Cryptography},

year = 1995,

note = {(To appear.)}

}

@inproceedings{BellareRo93,

author = {Mihir Bellare and Phillip Rogaway},

title = {Random Oracles are Practical: A Paradigm for Designing

Efficient Protocols},

pages = {62--73},

booktitle = {First ACM Conference on Computer and Communications

Security},

publisher = ACM,

address = {Fairfax},

year = 1993

}

@inproceedings{BellareRo94,

author = {Mihir Bellare and Phillip Rogaway},

title = {Entity authentication and key distribution},

pages = {232--249},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@inproceedings{BellareRo94b,

author = {Mihir Bellare and Phillip Rogaway},

title = {Optimal Asymmetric Encryption}},

pages = {92--111},

booktitle = {EUROCRYPT94},

editor = {Alfredo De Santis},

note = {Lecture Notes in Computer Science No.\ 950},

publisher = {Springer},

year = 1995

}

@inproceedings{BellareRo95,

author = {Mihir Bellare and Phillip Rogaway},

title = {Provably Secure Session Key Distribution-- The Three

Party Case},

pages = {57--66},

booktitle = STOC95,

publisher = ACM,

address = {Las Vegas},

year = 1995

}

@inproceedings{BellareYu92,

author = {Mihir Bellare and Moti Yung},

title = {Certifying Cryptographic Tools: The Case of Trapdoor

Permutations},

pages = {442--460},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@techreport{BellOl78,

author = {D. A. Bell and S. E. Olding},

title = {An Annotated Bibliography of Cryptography},

institution = {National Physical Laboratory},

year = 1978,

month = Jan,

number = {COM-100}

}

@article{BellovinCh94,

author = {Steven M. Bellovin and William R. Cheswick},

title = {Network Firewalls},

journal = {IEEE Communications Magazine},

month = Sep,

year = 1994,

volume = 32,

number = 9,

pages = {50--57}

}

@inproceedings{Benaloh87,

author = {J. Benaloh},

title = {Secret Sharing Homomorphisms: Keeping Shares of A Secret

Sharing},

booktitle = CRYPTO86,

editor = {A. M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263},

publisher = {Springer},

year = 1987

}

@inproceedings{Benaloh87a,

author = {Josh Cohen Benaloh},

title = {Cryptographic capsules: A disjunctive primative for

interactive protocols},

pages = {213--222},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@inproceedings{BenalohLe88,

author = {J. Benaloh and J. Leichter},

title = {Generalized Secret Sharing and Monotone Functions},

pages = {27--36},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No. 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{BenalohYu86,

author = {J. Benaloh and M.Yung},

title = {Distributing the power of government to enhance the

power of voters},

pages = {52--62},

booktitle = PODC86,

publisher = {ACM},

year = 1986

}

@inproceedings{Ben-AroyaBi94,

author = {Ishai Ben-Aroya and Eli Biham},

title = {Differtial cryptanalysis of Lucifer},

pages = {187--199},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@article{BengioGrDeGoQu91,

author = {Samy Bengio and Gilles Grassard and Yvo G. Desmedt

and Claude Goutier and Jean-Jacques Quisquater},

title = {Secure Implementation of Identification Systems},

journal = {Journal of Cryptology},

year = 1991,

volume = 4,

pages = {175--183}

}

@inproceedings{Ben-OrGo93,

author = {Micahel Ben-Or, Ran Canetti and Oded Goldreich},

title = {Asynchronous Secure Computation},

pages = {52--61},

booktitle = STOC93,

year = 1993

}

@article{Ben-DavidChGoLu92,

author = {S. Ben-David and B. Chor and O. Goldreich and M. Luby},

title = {On the Theory of Average Case Complexity},

journal = {Journal of Computer and System Sciences},

volume = 44,

number = 2,

month = Apr,

year = 1992,

pages = {193--219}

}

@inproceedings{BenderCa90,

author = {Andreas Bender and Guy Castagnoli},

title = {On the implementation of elliptic curve cryptosystems},

pages = {186--193},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{BennettBr85,

author = {Charles H. Bennett and Gilles Brassard},

title = {An Update on Quantum Cryptography},

pages = {475--480},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@inproceedings{BennettBrBrWi83,

author = {Charles H. Bennett and Gilles Brassard and Seth Breidbard

and Stephen Wiesner},

title = {Quantum Cryptography, or Unforgeable Subway Tokens},

pages = {267--275},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{BennettBrCrMa94,

author = {C.H. Bennett and Gilles Brassard and C. Cr\'epeau and

U.M. Maurer},

title = {Generalized privacy amplification},

booktitle = {Proc. 1994 IEEE Internation Symp. of Information Theory},

year = 1994,

pages = {350--350},

note = {Trondheim, Norway, June 27-July1, 94}

}

@inproceedings{BennettBrCrSk92,

author = {C. H. Bennett and G. Brassard and C. Cr\'epeau and

M.-H. Skubiszewska},

title = {Practical Quantum Oblivious Transfer},

pages = {351--366},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@inproceedings{BennettBrRo86,

author = {Charles H. Bennett and Gilles Brassard and Jean-Marc

Robert},

title = {How to Reduce Your Enemy's Information},

pages = {468--476},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@article{BennettBrRo88,

author = {C. H. Bennett and G. Brassard and J. Robert},

title = {Privacy Amplification by Public Discussion},

journal = {SIAM J. Computing},

volume = 17,

number = 2,

year = 1988,

month = Apr,

pages = {210--229}

}

@inproceedings{Ben-OrChSh83,

author = {M. Ben-Or and B. Chor and A. Shamir},

title = {On the Cryptographic Security of Single {RSA} bits},

pages = {421--430},

booktitle = STOC83,

publisher = ACM,

address = {Boston},

year = 1983

}

@inproceedings{Ben-OrGoGoHaKiMi88,

author = {M. Ben-Or and O. Goldreich and S. Goldwasser and J.

H{\aa}stad and J. Kilian and S. Micali and P. Rogaway},

title = {Everything Provable is Provable in Zero-Knowledge},

pages = {37--56},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No. 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Ben-OrGoKiWi88,

author = {Michael Ben-Or and Shafi Goldwasser and Joe Kilian

and Avi Wigderson},

title = {Multi-Prover Interactive Proofs: How to Remove Intractability

Assumptions},

booktitle = STOC88,

pages = {113-132},

year = 1988

}

@inproceedings{Ben-OrGoKiWi90,

author = {Michael Ben-Or and Shafi Goldwasser and Joe Kilian

and Avi Wigderson},

title = {Efficient identification schemes using two prover

interactive proofs},

pages = {498--506},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{Ben-OrGoMiRi85,

author = {M. Ben-Or and O. Goldreich and S. Micali and R. L.

Rivest},

title = {A Fair Protocol for Signing Contracts},

booktitle = {ICALP},

note = {Lecture Notes in Computer Science No. \ 194},

year = 1985,

pages = {43--52}

}

@article{Ben-OrGoMiRi90,

author = {Michael Ben-Or and Oded Goldreich and Silvio Micali

and Ronald L. Rivest},

title = {A Fair Protocol for Signing Contracts},

journal = {IEEE Transactions on Information Theory},

year = 1990,

volume = 36,

number = 1,

pages = {40--46}

}

@inproceedings{Ben-OrGoWi88,

author = {M. Ben-Or and S. Goldwasser and A. Wigderson},

title = {Completeness theorems for fault-tolerant distributed

computing},

pages = {1--10},

booktitle = STOC88,

publisher = ACM,

address = {Chicago},

year = 1988

}

@inproceedings{BergerKaPe86,

author = {Richard Berger and Sampath Kannan and Rene Peralta},

title = {A Framework for the Study of Cryptographic Protocols},

pages = {87--103},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@inproceedings{BergerPeTe85,

author = {R. Berger and R. Peralta and T. Tedrick},

title = {A Provably Secure Oblivious Transfer Protocol},

pages = {379--386},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No. 209},

publisher = {Springer-Verlag},

year = 1985

}

@article{Berkovits82,

author = {Berkovits, Shimshon},

title = {Factoring via Superencryption},

journal = {Cryptologia},

year = 1982,

month = Jul,

volume = 6,

number = 3,

pages = {229--237}

}

@article{Berlekamp70,

author = {E. Berlekamp},

title = {Factoring polynomials over large finite fields},

journal = {Math. Comp},

volume = 24,

year = 1970,

pages = {713--735}

}

@inproceedings{Berson82,

author = {Thomas Berson},

title = {Local Network Cryptosystem Architecture},

pages = {73--78},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{Berson83,

author = {Thomas A. Berson},

title = {Local Network Cryptosystem Architecture: Access Control},

pages = {251--258},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{Berson83a,

author = {Thomas A. Berson},

title = {Long Key Variants of {DES}},

pages = {311--313},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{Berson92,

author = {Berson, T.A.},

year = 1992,

title = {Differential cryptanalysis mod $2^{32}$ with applications

to {MD5}},

booktitle = {Advances in Cryptology --- Eurocrypt '92},

editor = {R.A. Rueppel},

publisher = {Springer-Verlag},

address = {Berlin}

}

@article{Beth95,

author = {Thomas Beth},

title = {Confidential Communication on the Internet},

journal = {Scientific American},

month = Dec,

year = 1995,

pages = {87--91}

}

@inproceedings{BethCoGo87,

author = {T. Beth and B.M. Cook and D. Gollmann},

title = {Architectures for exponentiation in GF$(2{^n})$},

pages = {303--310},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No. 263 },

publisher = {Springer-Verlag},

year = 1987

}

@inproceedings{BethDa90,

author = {Beth, T. and Dai, Zong-duo},

year = {1990},

title = {On the Complexity of Pseudo-Random Sequences - or:

{If} You Can Describe a Sequence It Can't be Random},

booktitle = {Advances in Cryptology --- Eurocrypt '89},

editor = {Quisquater, J.J. and Vandewalle, J.},

pages = {533--543},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{BethDe91,

author = {T. Beth and Y. Desmedt},

title = {Identification Tokens - or: Solving the Chess Grandmaster

Problem},

pages = {169--177},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No. 537},

publisher = {Springer-Verlag},

year = 1991

}

@book{BethFrSi92,

editor = {Beth, T. and Frisch, M. and Simmons, G.J.},

year = 1992,

title = {Public-key Cryptography, State of the Art and Future

Directions},

series = {Lecture Notes in Computer Science},

volume = 578,

publisher = {Springer-Verlag},

address = {Berlin}

}

@book{BethJuLe85,

author = {T.~Beth and D.~Jungnickel and H.~Lenz.},

title = {Design Theory},

publisher = {Bibliographisches Institut, Zurich},

year = 1985

}

@inproceedings{BethLaMa94,

author = {T. Beth and D.E. Lazic and A. Mathias},

title = {Cryptanalysis of cryptosystems based on remote chaos

replication},

pages = {318--331},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No. 839},

publisher = {Springer},

year = 1994

}

@inproceedings{BethPi84,

author = {Beth, T. and Piper, F.},

year = 1984,

title = {The stop-and-go generator},

booktitle = {Advances in Cryptology --- Eurocrypt '84},

editor = {T. Beth and N. Cot and I. Ingemarsson},

pages = {88--92},

publisher = {Springer-Verlag},

address = {Berlin}

}

@book{Beutelspacher94,

newtag = {Beutelspacher94},

author = {A.~Beutelspacher},

title = {Cryptology},

publisher = {Mathematical Association of America},

year = 1994

}

@techreport{Biba75,

author = {K. Biba},

title = {Integrity Consideration for Secure Computer Systems},

institution = {{MITRE} Corporation},

number = {MTR-3153},

year = 1975

}

@inproceedings{BiehlBuTh94,

author = {Ingrid Biehl and Johannes Buchmann and Christoph Thiel},

title = {Cryptographic protocols based on discrete logarithms

in real-quadratic orders},

pages = {56--60},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No. 839},

publisher = {Springer},

year = 1994

}

@inproceedings{BierbrauerGoSt94,

author = {J/"urgen Bierbrauer and K. Gopalakrishnan and D. R.

Stinson},

title = {Bounds for resilient functions and orthogonal arrays},

pages = {247--256},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No. 839},

publisher = {Springer},

year = 1994

}

@inproceedings{BierbrauerJoKaSm94,

author = {J/"urgen Bierbrauer and Thomas Johansson and Gregory

Katatianskii and Ben Smeets},

title = {On families of hash functions via geometric codes and

concatenation},

pages = {331--342},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No. 773},

publisher = {Springer},

year = 1994

}

@inproceedings{Biham94,

author = {Biham, E.},

title = {On Modes of Operation},

booktitle = {Fast Software Encryption},

year = {1994},

editor = {R. Anderson},

publisher = {Springer-Verlag},

series = {Lecture Notes in Computer Science},

volume = 809,

pages = {116--121},

address = {Berlin}

}

@inproceedings{Biham94a,

author = {Biham, E.},

year = {1994},

title = {New Types of Cryptanalytic Attacks Using Related Keys},

booktitle = {Advances in Cryptology --- Eurocrypt'93},

editor = {T. Helleseth},

publisher = {Springer-Verlag},

series = {Lecture Notes in Computer Science},

volume = {765},

pages = {398--409},

address = {Berlin}

}

@inproceedings{Biham95,

author = {Biham, Eli},

title = {Cryptanalysis of Multiple Modes of Operation},

note = {Pre-Proceedings of {ASIACRYPT '94}.

Submitted to J. Cryptology.},

year = 1995,

}

@inproceedings{BihamSh91,

author = {E. Biham and A. Shamir},

title = {Differential Cryptanalysis of {DES}-like Cryptosystems},

pages = {2--21},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No. 537},

publisher = {Springer-Verlag},

year = 1991

}

@article{BihamSh91a,

author = {E. Biham and A. Shamir},

title = {Differential Cryptanalysis of {DES}-like Cryptosystems},

journal = {Journal of Cryptology},

year = 1991,

volume = 4,

pages = {3--72}

}

@inproceedings{BihamSh91b,

author = {Biham, E. and Shamir, A.},

year = 1991,

title = {Differential cryptanalysis of {FEAL} and {N}-{H}ash},

booktitle = {Advances in Cryptology --- Eurocrypt '91},

editor = {D.W. Davies},

pages = {1--16},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{BihamSh92,

author = {E. Biham and A. Shamir},

title = {Differential Cryptanalysis of {Snefru, Khafre, REDOC-II,

LOKI and Lucifer}},

pages = {156-171},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No. 576},

publisher = {Springer},

year = 1992

}

@inproceedings{BihamSh92a,

author = {Eli Biham and Adi Shamir},

title = {Differential Cryptanalysis of the Full 16-Round {DES}},

pages = {487--496},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No. 740},

publisher = {Springer-Verlag},

year = 1992

}

@book{BihamSh93,

author = {E. Biham and A. Shamir},

title = {A Differential Cryptanalysis of the {D}ata {E}ncryption

{S}tandard},

publisher = {Springer-Verlag},

year = 1993

}

@inproceedings{BirdGoHeJaKuMo92,

author = {R. Bird and I. Gopal and A. Herzberg and P. Janson

and S. Kutten and R. Molva and M. Yung},

title = {Systematic Design of Two-Party Authentication Protocols},

pages = {44--61},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No. 576},

publisher = {Springer},

year = 1992

}

@article{Bishop91,

author = {Bishop, M.},

year = 1991,

title = {Privacy-enhanced electronic mail},

journal = {Internetworking: Research and Experience},

volume = 2,

pages = {199--233}

}

@book{Blahut83,

author = {Blahut, R.E.},

title = {Theory and Practice of Error Control Codes},

publisher = {Addison-Wesley},

year = {1983}

}

@inproceedings{BlakeMuVa85,

author = {I.F. Blake and R.C. Mullin and S.A. Vanstone},

title = {Computing Logarithms in {GF}$(2{^n})$},

pages = {73--82},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No. 196},

publisher = {Springer},

year = 1985

}

@inproceedings{Blakley79,

author = {G.~R. Blakley},

title = {Safeguarding cryptographic keys},

booktitle = {Proc.\ AFIPS 1979 National Computer Conference},

publisher = AFIPS,

year = 1979,

pages = {313--317}

}

@inproceedings{Blakley82,

newtag = {Blakley82},

author = {G.Robert Blakley},

title = {Key Management from a Security Viewpoint},

pages = {82--82},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{Blakley85,

author = {G.R. Blakley},

title = {Information Theory without the Finiteness Assumption,

I: Cryptosystems as Group-Theoretic Objects},

pages = {314--338},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No. 196},

publisher = {Springer},

year = 1985

}

@inproceedings{Blakley86,

author = {G.R. Blakley},

title = {Information Theory Without the Finiteness Assumption,

II Unfolding the {DES}},

pages = {282--337},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No. 218},

publisher = {Springer},

year = 1986

}

@inproceedings{BlakleyBlChMa92,

author = {Bob Blakley and G.R. Blakley and Agnes H. Chan and

James L. Massey},

title = {Threshold Schemes with Disenrollment},

pages = {540--548},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No. 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{BonehSh95,

author = {Dan Boneh and James Shaw},

title = {Collusion-Secure Fingerprinting for Digital Data},

pages = {452-465},

booktitle = CRYPTO95,

editor = {Don Coppersmith},

note = {Lecture Notes in Computer Science No.\ 963},

publisher = {Springer},

year = 1995

}

@article{BlakleyBo79,

author = {Blakley, G. R. and I. Borosh},

title = {{Rivest-Shamir-Adleman} Public Key Cryptosystems do

not always conceal messages},

journal = {Computers \& Mathematics with Applications},

volume = 5,

number = 3,

year = 1979,

pages = {169--178}

}

@inproceedings{BlakleyDi87,

author = {G.R. Blakley and R.D. Dixon},

title = {Smallest possible message expansion in threshold schemes},

pages = {266--274},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No. 263 },

publisher = {Springer-Verlag},

year = 1987

}

@inproceedings{BlakleyMe85,

author = {G.R. Blakley and Catherine Meadows},

title = {Security of Ramp Schemes},

pages = {242--268},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No. 196},

publisher = {Springer},

year = 1985

}

@inproceedings{BlakleyMePu86,

author = {G.R. Blakley and Catherine Meadows and G.B. Purdy},

title = {Fingerprinting Long Forgiving Messages},

pages = {180--189},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No. 218},

publisher = {Springer},

year = 1986

}

@inproceedings{BlakleyRu88,

author = {G.R. Blakley and William Rundell},

title = {Cryptosystems based on an analog of heat flow},

pages = {306--329},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No. 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{BlakleySw83,

author = {G.R. Blakley and Laif Swanson},

title = {Infinite Structures in Information Theory},

pages = {39--50},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@misc{BlazeDiRiScShThWi96,

author = {Matt Blaze and Whitfield Diffie and Ronald L. Rivest and

Bruce Schneier and Tsutomu Shimomura and Eric Thompson and

Michael Wiener},

title = {Minimal Key Lengths for Symmetric Ciphers to Provide Adequate

Commercial Security: A Report by an Ad Hoc Group of

Cryptographers and Computer Scientists},

year = {1996},

month = Jan,

note = {Available at {\tt http://www.bsa.org}.}

}

@inproceedings{BlazeFeLa96,

author = {Matt Blaze and Joan Feigenbaum and Jack Lacy},

title = {Decentralized Trust Management},

pages = {(to appear)},

month = {May},

year = {1996},

booktitle = {Proceedings 1996 IEEE Symposium on Security and Privacy}

}

@inproceedings{BleichenbacherMa94,

newtag = {BleichenbacherMa94},

author = {Daniel Bleichenbacher and Ueli M. Maurer},

title = {Directed acyclic graphs, one-way functions and digital

signatures},

pages = {75--82},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No. 839},

publisher = {Springer},

year = 1994

}

@inproceedings{Blom83,

author = {Rolf Blom},

title = {Non-Public Key Distribution},

pages = {231--236},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{Blom85,

author = {Rolf Blom},

title = {An Optimal Class of Symmetric Key Generation Systems},

pages = {335--338},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@misc{BluesteinCrDrJeSi85,

author = {Bluestein, L. and Crandell, P. and Drake, D. and Jedynak,

L. and Simpson, L.},

title = {Two Level Encripting of {RF} Signals},

howpublished = {U.S. Patent No. 4,531,021},

month = {July 23,},

year = {1985}

}

@manual{Blum81,

author = {Blum, M.},

title = {Three applications of the oblivious transfer: Part

I: Coin flipping by telephone; Part II: How to exchange

secrets; Part III: How to send certified electronic

mail},

organization = {Department of EECS},

address = {University of California, Berkeley, CA},

year = {1981}

}

@inproceedings{Blum82,

author = {M. Blum},

title = {Coin Flipping by Telephone},

booktitle = {Proc. IEEE Spring COMPCOM},

year = 1982,

pages = {133-137},

publisher = IEEE,

comment = {Suggests using p = q = 3(4).}

}

@inproceedings{Blum82a,

author = {Manuel Blum},

title = {Coin Flipping by Telephone},

pages = {11-15},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@article{Blum83,

author = {M. Blum},

title = {How to exchange (secret) keys},

journal = {Trans.\ Computer Systems},

volume = 1,

month = May,

year = 1983,

pages = {175--193},

publisher = ACM,

note = {(Previously published in ACM STOC '83 proceedings,

pages 440--447.)}

}

@inproceedings{Blum84,

author = {M. Blum},

title = {Independent Unbiased Coin Flips from a Correlated Biased

Source: A Finite State {Markov} Chain},

pages = {425--433},

booktitle = FOCS84,

address = {Singer Island},

year = 1984,

publisher = IEEE

}

@inproceedings{BlumBlSh83,

author = {Lenore Blum and Manuel Blum and Michael Shub},

title = {Comparison of Two Pseudo-Random Number Generators},

pages = {61--78},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@article{BlumBlSh86,

author = {L. Blum and M. Blum and M. Shub},

title = {A Simple Unpredictable Pseudo-Random Number Generator},

journal = SIAM,

volume = 15,

number = 2,

month = May,

year = 1986,

pages = {364--383},

comment = {$x^2 \mod N$ generator, where $N$ is product $pq$,

where $p\equiv q \equiv 3 \mod N$. Notes that this

permutes quadratic residues mod $N$.}

}

@article{BlumDeMiPe91,

author = {M. Blum and A. De Santis and S. Micali and G. Persiano},

title = {NonInteractive Zero-Knowledge},

journal = {SIAM J. Computing},

year = 1991,

month = Dec,

volume = 20,

number = 6,

pages = {1084--1118}

}

@inproceedings{BlumFeMi88,

author = {M. Blum and P. Feldman and S. Micali},

title = {Proving Security Against Chosen Cyphertext Attacks},

pages = {256--268},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No. 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{BlumFuKeLi94,

author = {Avrim Blum and Merrick Furst and Michael Kearns and

Richard J. Lipton},

title = {Cryptographic primitives based on hard learning problems},

pages = {278--291},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No. 773},

publisher = {Springer},

year = 1994

}

@inproceedings{BlumGo85,

author = {M. Blum and S. Goldwasser},

title = {An efficient probabilistic public-key encryption scheme

which hides all partial information},

pages = {289--302},

booktitle = CRYPTO84,

publisher = {Springer},

editor = {G. R. Blakley and D. C. Chaum},

year = 1985,

note = {Lecture Notes in Computer Science No. 196}

}

@inproceedings{BlumGo85a,

newtag = {BlumGo85a},

author = {Manuel Blum and Shafi Goldwasser},

title = {An Efficient Probalistic Public Key Encryption Scheme

which Hides All Partial Information},

pages = {289-299},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No. 196},

publisher = {Springer},

year = 1985

}

@article{BlumMi84,

author = {M. Blum and S. Micali},

title = {How to generate cryptographically strong sequences

of pseudo-random bits},

journal = SIAM,

volume = 13,

number = 4,

month = Nov,

year = 1984,

pages = {850--863}

}

@inproceedings{BlumVaVa84,

author = {Manuel Blum and Umesh V. Vazirani and Vijay V. Vazirani},

title = {Reducibility Among Protocols},

pages = {137--146},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@inproceedings{BlundoDeDiGaVa94,

author = {Carlo Blundo and Alfredo De Santis and Giovanni Di

Crescenzo and Antonio Giorgio Gaggia and Ugo Vaccaro},

title = {Multi-secret sharing schemes},

pages = {150--163},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No. 839},

publisher = {Springer},

year = 1994

}

@inproceedings{BlundoDeDiGaVa94a,

author = {Carlo Blundo and Alfredo De Santis and Giovanni Di

Crescenzo and Antonio Giorgio Gaggia and Ugo Vaccaro},

title = {Fully dynamic secret sharing schemes},

pages = {110--125},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No. 773},

publisher = {Springer},

year = 1994

}

@inproceedings{BlundoDeHeKuVaYu92,

author = {Carlo Blundo and Alfredo DeSantis and Amir Herzberg

and Shay Kutten and Ugo Vaccaro and Moti Yung},

title = {Perfectly-Secure Key Distribution for Dynamic Conferences},

pages = {471--486},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No. 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{BlundoDeGaVa92,

author = {Carlo Blundo and Alfredo De Santis and L. Gargano

and Ugo Vaccaro},

title = {On the Information Rate of Secret Sharing Schemes},

pages = {148--167},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No. 740},

publisher = {Springer-Verlag},

year = 1992

}

@article{BoppanaHaZa87,

author = {R. Boppana and J. Hastad and S. Zachos},

title = {Does {co-NP} have Short Interactive Proofs?},

journal = {Information Processing Letters},

volume = 25,

month = May,

year = 1987,

pages = {127--132}

}

@inproceedings{BosCh92,

author = {Jurjen N.E. Bos and David Chaum},

title = {Provable Unforgeable Signatures},

pages = {1--14},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No. 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{BosCo90,

author = {Jurjen Bos and Matthijs Coster},

title = {Addition chain heuristics},

pages = {400--407},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No. 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{BosselaersGoVa94,

author = {Antoon Bosselaers and Ren\'e Govaerts and Joos Vandewalle},

title = {Comparison of three modular reduction functions},

pages = {175--186},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No. 773},

publisher = {Springer},

year = 1994

}

@inproceedings{Bouckaert85,

author = {A. Bouckaert},

title = {Security of Transportable Computerized Files},

pages = {416--425},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@article{Boyar89,

author = {Joan Boyar},

title = {Inferring Sequences Produced by Pseudo-Random Number

Generators},

journal = {Journal of the ACM},

volume = 36,

number = 1,

month = Jan,

year = 1989,

pages = {129--141},

publisher = ACM

}

@inproceedings{BoyarChDaPe91,

author = {J. Boyar and D. Chaum and I. Damg{\aa}rd and T. Pedersen},

title = {Convertible Undeniable Signatures},

pages = {189--205},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No. 537},

publisher = {Springer-Verlag},

year = 1991

}

@article{BoyarFrLu91,

author = {J. Boyar and K. Friedl and C. Lund},

title = {Practical Zero-Knowledge Proofs: Giving Hints and Using

Deficiencies},

journal = {Journal of Cryptology},

year = 1991,

volume = 4,

pages = {185--206}

}

@inproceedings{BoyarPe90,

author = {Joan Boyar and Ren\'e Peralta},

title = {On the concrete complexity of zero-knowledge proofs},

pages = {507--525},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No. 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{Brand90,

author = {Russell L. Brand},

title = {Problems with the normal use of cryptography for providing

security on unclassified networks},

pages = {30--34},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No. 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{Brands94,

author = {Stefan Brands},

title = {Untraceable off-line cash in wallets with observers},

pages = {302--318},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No. 773},

publisher = {Springer},

year = 1994

}

@misc{Brands95a,

author = {Stefan Brands},

title = {Secret-Key Certificates},

year = 1995,

institution = {CWI},

address = {Amsterdam}

}

@misc{Brands95b,

author = {Stefan Brands},

title = {Restrictive Blinding of Secret-Key Certificates},

year = 1995,

institution = {CWI},

address = {Amsterdam}

}

@inproceedings{BrandtDa92,

author = {J\"orgen Brandt and Ivan Damg{\aa}rd},

title = {On Generation of Probable Primes By Incremental Search},

pages = {358--370},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No. 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{BrandtDaLaPe88,

author = {J. Brandt and Ivan Damg{\aa}rd and P. Landrock and

T. Pedersen},

title = {Zero-Knowledge Authentication Scheme with Secret Key

Exchange},

pages = {583--588},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No. 403 },

publisher = {Springer-Verlag},

year = 1988

}

@techreport{BranstadGaKa77,

author = {Branstad, D.K. and Gait, J. and Katzke, S.},

year = {1977},

title = {Report of the {W}orkshop on {C}ryptography in {S}upport

of {C}omputer {S}ecurity},

institution = {National {B}ureau of {S}tandards},

number = {NBSIR 77-1291},

month = {September}

}

@inproceedings{Brassard79,

author = {G. Brassard},

title = {Relativized Cryptography},

booktitle = FOCS79,

address = {San Juan, Puerto Rico},

publisher = IEEE,

year = 1979,

pages = {383--391}

}

@inproceedings{Brassard82,

author = {Gilles Brassard},

title = {An Optimally Secure Relativized Cryptosystem},

pages = {54--58},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{Brassard83,

author = {Gilles Brassard},

title = {On Computationally Secure Authentication Tags Requiring

Short Secret Shared Keys},

pages = {79--86},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@techreport{Brassard87,

newtag = {Brassard87},

author = {G. Brassard},

title = {Introduction to Modern Cryptology},

institution = {D\'epartment d'informatique et de recherche op\'erationelle},

number = {606},

year = 1987

}

@inproceedings{Brassard87a,

author = {Gilles Brassard},

title = {Cryptology in Academia: A Ten Year Retrospective},

booktitle = {Proc. IEEE Spring COMPCOM},

year = 1987,

month = Feb,

pages = {222--226},

publisher = IEEE

}

@book{Brassard88,

author = {Brassard, Gilles},

title = {Modern Cryptology},

year = 1988,

publisher = {Springer-Verlag},

note = {Lecture Notes in Computer Science Number 325}

}

@book{BrassardBr88,

author = {Gilles Brassard and Paul Bratley},

title = {Algorithmics, Theory and Practice},

year = 1988,

publisher = {Prentice Hall}

}

@article{BrassardChCr88,

author = {G. Brassard and D. Chaum and C. Cr\'{e}peau},

title = {Minimum Disclosure Proofs of Knowledge},

journal = JCSS,

volume = 37,

number = 2,

year = 1988,

pages = {156--189}

}

@inproceedings{BrassardCr86,

author = {G. Brassard and C. Cr\'{e}peau},

title = {Nontransitive Transfer of Confidence: A Perfect Zero-Knowledge

Interactive Protocol for {SAT} and Beyond},

pages = {188--195},

booktitle = FOCS86,

publisher = IEEE,

address = {Toronto},

year = 1986

}

@inproceedings{BrassardCr87,

author = {Gilles Brassard and Claude Cr\'{e}peau},

title = {Zero-knowledge simulation of Boolean circuits},

pages = {223--233},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No. 263 },

publisher = {Springer-Verlag},

year = 1987

}

@inproceedings{BrassardCr91,

author = {G. Brassard and C. Cr\'{e}peau},

title = {Quantum Bit Commitment and Coin Tossing Protocols},

pages = {49--61},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No. 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{BrassardCrRo87,

author = {G. Brassard and C. Cr\'{e}peau and Jean-Marc Robert},

title = {All-or-nothing disclosure of secrets},

pages = {234--238},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No. 263 },

publisher = {Springer-Verlag},

year = 1987

}

@article{BrassardCrYu91,

author = {G. Brassard and C. Cr\'{e}peau and M. Yung},

title = {Perfect Zero-Knowledge Computationally Convincing

Proofs for {NP} in Constant Rounds},

journal = {Theoretical Computer Science},

volume = 84,

number = 1,

year = 1991,

pages = {23--52}

}

@inproceedings{BrassardDa88,

author = {G. Brassard and I.B. Damg{\aa}rd},

title = {``Practical IP'' $subseteq$ MA},

pages = {580--582},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No. 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{BrassardYu91,

author = {G. Brassard and M. Yung},

title = {One-Way Group Actions},

pages = {94--108},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No. 537},

publisher = {Springer-Verlag},

year = 1991

}

@article{Brent80,

author = {Richard P. Brent},

title = {An Improved {M}onte {C}arlo Factorization Algorithm},

journal = {BIT},

volume = 20,

number = 2,

year = 1980,

pages = {176--184}

}

@incollection{Brent76,

author = {R.P. Brent},

year = 1976,

title = {Analysis of the binary {Euclidean} algorithm},

booktitle = {Algorithms and Complexity},

editor = {J.F. Traub},

pages = {321-355},

publisher = {Academic Press}

}

@book{Bressoud89,

author = {Bressoud, D.M.},

year = 1989,

title = {Factorization and Primality Testing},

publisher = {Springer-Verlag},

series = {Undergraduate Texts in Mathematics},

address = {New York}

}

@inproceedings{Brickell83,

author = {Ernest F. Brickell},

title = {A Fast Modular Multiplication Algorithm With Application

To Two Key Cryptography},

pages = {51--60},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{Brickell84a,

author = {E. F. Brickell},

title = {Solving Low Density Knapsacks},

pages = {25--37},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@inproceedings{Brickell85,

author = {E. F. Brickell},

title = {Breaking Iterated Knapsacks},

booktitle = CRYPTO84,

publisher = {Springer},

editor = {G. R. Blakley and D. C. Chaum},

year = 1985,

note = {Lecture Notes in Computer Science No. 196},

pages = {342--358}

}

@inproceedings{Brickell85a,

author = {Ernest F. Brickell},

title = {Dependence of Output on Input in {DES}: Small Avalanche

Characteristics},

pages = {342--358},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No. 196},

publisher = {Springer},

year = 1985

}

@article{Brickell88,

author = {E.~F. Brickell},

title = {Some ideal secret sharing schemes},

journal = {Journal of Computer and Systems Science},

volume = 37,

year = 1988,

pages = {156--189}

}

@inproceedings{Brickell90,

author = {Ernest F. Brickell},

title = {A survey of hardware implementation of {RSA}},

pages = {368--370},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No. 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{BrickellChDaVa88,

author = {Ernest F. Brickell and David Chaum and Ivan B. Damg{\aa}rd

and J. van de Graaf},

title = {Gradual and verifiable release of a secret},

pages = {156--166},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No. 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{BrickellDa90,

author = {Ernest F. Brickell and Daniel M. Davenport},

title = {On the classification of idea secret sharing schemes},

pages = {278--285},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No. 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{BrickellDaSi83,

author = {Ernest F. Brickell and J.A. Davis and G.J. Simmons},

title = {A Preliminary Report on the Cryptanalysis of {M}erkle-{H}ellman

Knapsack Cryptosystems},

pages = {289--301},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{BrickellDe86,

author = {Ernest F. Brickell and John M. DeLaurentis},

title = {An Attack on a Signature Scheme Proposed by {Okamoto}

and {Shiraishi}},

pages = {28--32},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No. 218},

publisher = {Springer},

year = 1986

}

@manual{BrickellDeKeMaTu93,

author = {Brickell, E.F. and Denning, D.E. and Kent, S.T. and

Maher, D.P. and Tuchman, W.},

year = 1993,

title = {Skipjack Review, Interim Report: {The Skipjack Algorithm}},

month = {July 28,}

}

@inproceedings{BrickellGoMcWi92,

author = {Brickell, E.F. and Gordon, D.M. and McCurley, K.S.

and Wilson, D.B.},

year = 1992,

title = {Fast exponentiation with precomputation},

booktitle = {Advances in Cryptology --- Eurocrypt '92},

editor = {R.A. Rueppel},

publisher = {Springer-Verlag},

address = {New York},

pages = {200--207}

}

@inproceedings{BrickellLaOd84,

author = {E.F. Brickell and J.C. Largarias and A.M. Odlyzko},

title = {Evaluation of the Adleman Attack on Multiply Iterated

Knapsack Cryptosystems},

pages = {39--42},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@inproceedings{BrickellLeYa88,

author = {E.F. Brickell and P.J. Lee and Y. Yacobi},

title = {Secure audio teleconference},

pages = {418--426},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No. 293 },

publisher = {Springer-Verlag},

year = 1988

}

@article{BrickellMc91,

author = {Ernest F. Brickell and Kevin S. McCurley},

title = {Interactive Identification and Digital Signatures},

journal = {AT\&T Journal},

month = {Nov/Dec},

year = 1991

}

@article{BrickellMc92,

author = {Brickell, E.F. and McCurley, K.S.},

year = 1992,

month = {},

title = {An Interactive Identification Scheme Based on Discrete

Logarithms and Factoring},

journal = {Journal of Cryptology},

volume = 5,

number = 1,

pages = {29--39}

}

@inproceedings{BrickellMo83,

author = {Ernest F. Brickell and J.H. Moore},

title = {Some Remarks on the {Herlestam-Johannesson} Algorithm

for Computing Logarithms over $GF(2^p)$},

pages = {15--19},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{BrickellMoPu87,

author = {E.F. Brickell and J.H. Moore and M.R. Purtill},

title = {Structure in the $S$-boxes of the {DES}},

pages = {3-8},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No. 263 },

publisher = {Springer-Verlag},

year = 1987

}

@article{BrickellOd88,

author = {Brickell, E.F. and Odlyzko, A.M.},

year = 1988,

title = {Cryptanalysis: {A} survey of recent results},

journal = {Proc.\ IEEE},

volume = 76,

pages = {578--593}

}

@incollection{BrickellOd92,

author = {E.~F. Brickell and A.~M. Odlyzko},

year = 1992,

title = {Cryptanalysis, a survey of recent results},

booktitle = {Contemporary Cryptology, The Science of Information

Integrity},

editor = {G.J. Simmons},

publisher = {IEEE Press},

pages = {501--540}

}

@inproceedings{BrickellSt88,

author = {E.F. Brickell and D.R. Stinson},

title = {The Detection of Cheaters in Threshold Schemes},

pages = {564--577},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No. 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{BrickellSt91,

newtag = {BrickellSt91},

author = {Ernest F. Brickell and D.R. Stinson},

title = {Some Improved Bounds on the Information Rate of Perfect

Secret Sharing Schemes},

pages = {242--252},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No. 537},

publisher = {Springer-Verlag},

year = 1991

}

@article{BrickellSt92,

author = {E.~F. Brickell and D.~R. Stinson},

title = {Some improved bounds on the information rate of perfect

secret sharing schemes},

journal = {Journal of Cryptology},

year = 1992,

volume = 5,

pages = {153--166}

}

@book{BrillhartLeSeTuWa88,

author = {Brillhart, J. and Lehmer, D. and Selfridge, J. and

Tuckerman, B. and Wagstaff Jr, S.},

year = 1988,

title = {Factorizations of $b^n \pm 1$, $b=2,3,5,6,7,10,11,12$

up to High Powers},

publisher = {American Mathematical Society},

address = {Providence, Rhode Island},

volume = 22,

series = {Contemporary Mathematics},

edition = {2nd}

}

@incollection{Brittanica89,

author = {Brittanica},

title = {Geometry},

booktitle = {The New Encyclop{\ae}dia Brittanica},

publisher = {Encyclop{\ae}dia Brittanica},

year = 1989,

pages = {927--1000},

note = {(Volume 19)}

}

@inproceedings{BrosciusSm92,

author = {A.G. Broscius and J.M. Smith},

title = {Exploiting parallelism in hardware implementations

of the {DES}},

pages = {367--376},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No. 576},

publisher = {Springer},

year = 1992

}

@article{Brown94,

author = {Patrick W. Brown},

title = {Digital Signature: Are They Legal for Electronic Commerce},

journal = {IEEE Communications Magazine},

month = Sep,

year = 1994,

volume = 32,

number = 9,

pages = {76--80}

}

@inproceedings{BrownPiSe90,

author = {Brown, L. and Pieprzyl, J. and Seberry, J.},

title = {{LOKI}: A Cryptographic Primitive for Authentication

and Secrecy Applications},

year = {1990},

booktitle = {Advances in Cryptology --- Auscrypt '90},

editor = {Seberry, J. and Pieprzyk, J.},

publisher = {Springer Verlag},

address = {Berlin},

pages = {229--236}

}

@INPROCEEDINGS{BrownSe90,

author = {L. Brown and J. Seberry},

title = {Key Scheduling in {DES} type Cryptosystems},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {221--228}

}

@inproceedings{BrugiaImWo85,

author = {Odoardo Brugia and Salvatore Improta and William Wolfowicz},

title = {An Encryption and Authentication Procedure for Tele-surveillance

Systems},

pages = {437--445},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@inproceedings{Brynielsson86,

author = {Brynielsson, L.},

year = {1986},

title = {On the Linear Complexity of Combined Shift Register

Sequences},

booktitle = {Advances in Cryptology --- Eurocrypt '85},

editor = {Pichler, F.},

publisher = {Springer-Verlag},

address = {Berlin},

pages = {156--166}

}

@inproceedings{BuchmannDu91,

author = {J. Buchmann and S. D\"{u}llmann},

title = {On the Computation of Discrete Logarithms in Class

Groups},

pages = {134--149},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No. 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{BuchmannLoZa94,

author = {J. Buchmann and J. Loho and J. Zayer},

title = {An implementation of the general number field sieve},

pages = {159--165 },

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No. 773},

publisher = {Springer},

year = 1994

}

@inproceedings{BuchmannWi90,

author = {Johannes A. Buchmann and Hugh C. Williams},

title = {A key exchange system based on real quadratic fields},

pages = {335--343},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No. 435},

publisher = {Springer-Verlag},

year = 1990

}

@article{Buell87,

author = {Duncan A. Buell},

title = {Factoring: Algorithms, Computations, and Computers},

journal = {Journal of Supercomputing},

year = 1987,

volume = 1,

pages = {191--216},

comment = {Good discussion of elliptic curve methods, p-1, and

others.}

}

@book{BuhlerLePo94,

author = {J.P. Buhler and H.W. Lenstra and Carl Pomerance},

title = {The development of the number field sieve},

year = 1994,

publisher = {Springer-Verlag},

series = {Lecture Notes in Mathematics},

volume = 1554

}

@misc{Bura75,

author = {Michael Craig Bura},

title = {Increasing the Pick Resisteance of the Pin-Tumbler

Cylinder Lock},

note = {Bachelor of Science Thesis},

month = Jun,

year = 1975,

institution = {MIT}

}

@article{Burmester89,

author = {Mike Burmester},

title = {Remarks on Soundness of proofs},

journal = {Electronics Letters},

volume = 25,

number = 22,

year = 1989,

month = Oct,

pages = {1509--1510}

}

@article{Burmester92,

author = {Mike Burmester},

title = {An almost-constant round interactive zero-knowledge proof},

journal = {Information Processing Letters},

volume = 42,

month = May,

year = 1992,

pages = {81--87}

}

@inproceedings{Burmester94,

author = {Mike Burmester},

title = {On the risk of opening distributed keys},

pages = {308--317},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No. 839},

publisher = {Springer},

year = 1994

}

@article{BurmesterDeBe92,

author = {Burmester, M.V.D. and Desmedt, Y.G. and Beth, T.},

year = 1992,

title = {Efficient zero-knowledge identification schemes for

smart cards},

journal = {Computer Journal},

volume = 35,

pages = {21--29}

}

@unpublished{BurmesterRiSh96,

author = {Mike Burmester and Ronald L. Rivest and Adi Shamir},

title = {Geometric Cryptography},

}

@article{BurrowsAbNe90,

author = {Michael Burrows and Martin Abadi and Roger Needham},

title = {A Logic of Authentication},

journal = {ACM Transactions on Computer Systems},

volume = 8,

number = 1,

year = 1990,

month = Feb,

pages = {18--36}

}

@inproceedings{Cade87,

author = {John J. Cade},

title = {A modification of a broken public-key cipher},

pages = {64--83},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No. 263 },

publisher = {Springer-Verlag},

year = 1987

}

@inproceedings{CamionCaChSe92,

author = {P. Camion and C. Carlet and P. Charpin and N. Sendrier},

title = {On Correlation-Immune Functions},

pages = {86--100},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No. 576},

publisher = {Springer},

year = 1992

}

@inproceedings{CampbellWi92,

author = {Keith W. Campbell and Michael J. Wiener},

title = {{DES} is not a Group},

pages = {512--520},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No. 740},

publisher = {Springer-Verlag},

year = 1992

}

@article{CanettiGo93,

author = {R. Canetti and O. Goldreich},

title = {Bounds on Tradeoffs between Randmoness and Communication

Complexity},

journal = {Computational Complexity},

volume = 3,

year = 1993,

pages = {141--167}

}

@inproceedings{CanettiHe94,

author = {Ran Canetti and Amir Herzberg},

title = {Maintaining security in the presence of transient faults},

pages = {425--438},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No. 839},

publisher = {Springer},

year = 1994

}

@inproceedings{CanettiRa93,

author = {Ran Canetti and Tal Rabin},

title = {Fast Asynchronous Byzantine Agreement with Optimal

Resilience},

pages = {42--51},

booktitle = STOC93,

year = 1993

}

@article{CanfieldErPo83,

author = {Canfield, E.R. and Erd\"{o}s, P. and Pomerance, C.},

year = 1983,

title = {On a problem of {Oppenheim} concerning {`Factorisatio

Numerorum'}},

journal = {J. Number Theory},

volume = 17,

pages = {1--28}

}

@inproceedings{CapocelliDeGaVa92,

author = {R.M. Capocelli and A. De Santis and L. Gargano and

U. Vaccaro},

title = {On the size of shares for secret sharing schemes},

pages = {101--113},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No. 576},

publisher = {Springer},

year = 1992

}

@article{CapocelliDeGaVa93,

author = {R.~M. Capocelli and A.~{De Santis} and L.~Gargano

and U.~Vaccaro},

title = {On the size of shares for secret sharing schemes},

journal = {Journal of Cryptology},

year = 1993,

volume = 6,

pages = {157--167}

}

@inproceedings{Carlet92,

author = {Claude Carlet},

title = {Partially-Bent Functions},

pages = {280--291},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No. 740},

publisher = {Springer-Verlag},

year = 1992

}

@INPROCEEDINGS{Carroll90,

author = {J.M. Carroll},

title = {The Three Faces of Information Security},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {433--450}

}

@phdthesis{Carter89,

author = {Carter, G.D.},

title = {Aspects of local linear complexity},

school = {University of London},

year = {1989}

}

@manual{CaseFeScDa90,

author = {Case, J. and M. Fedor and M. Schoffstall and J. Davin},

year = 1990,

month = {May},

title = {{RFC} 1157: The Simple Network Management Protocol},

organization = {Internet Activities Board}

}

@manual{CCITT-X.40088,

newtag = {CCITT-X.40088},

author = {{CCITT}},

year = 1988,

title = {Recommendation $X.400$: Message Handling System and

Service Overview}

}

@manual{CCITT-X.41188,

newtag = {CCITT-X.41188},

author = {{CCITT (Consultative Committee on International Telegraphy

and Telephony)}},

year = 1988,

title = {Recommendation $X.411$: Message Handling Systems: Message

Transfer System: Abstract Service Definition and Procedures}

}

@manual{CCITT-X.43591,

newtag = {CCITT-X.43591},

author = {{CCITT (Consultative Committee on International Telegraphy

and Telephony)}},

year = {1991},

title = {Recommendation $X.435$: Message Handling Systems: EDI

Messaging System}

}

@manual{CCITTConsult88a,

oldtag = {CCITT-X.500},

author = {{CCITT (Consultative Committee on International Telegraphy

and Telephony)}},

year = 1988,

title = {Recommendation $X.500$: The Directory --- Overview

of Concepts, Models and Services}

}

@manual{CCITTConsult88b,

oldtag = {CCITT-X.509},

author = {{CCITT (Consultative Committee on International Telegraphy

and Telephony)}},

year = 1988,

title = {Recommendation $X.509$: The Directory---Authentication

Framework}

}

@manual{CCITTConsult91a,

oldtag = {CCITT-X.800},

author = {{CCITT (Consultative Committee on International Telegraphy

and Telephony)}},

year = {1991},

title = {Recommendation $X.800$: Security Architecture for Open

Systems Interconnection for CCITT Applications}

}

@book{Chaitin87,

author = {Chaitin, G.J.},

title = {Information, Randomness and Incompleteness},

publisher = {World Scientific Publishing},

address = {Singapore},

year = {1987}

}

@article{Chaitin66,

author = {Chaitin, G.J.},

year = 1966,

title = {On the length of programs for computing finite binary

sequences},

journal = {J. {ACM}},

month = {October},

volume = 13,

number = {4},

pages = {547--569}

}

@inproceedings{ChanGa87,

author = {Agnes Hui Chan and Richard A. Games},

title = {On the linear span of binary sequences obtained from

finite geometries},

pages = {405--417},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No. 263 },

publisher = {Springer-Verlag},

year = 1987

}

@article{ChanGaKe82,

author = {Chan, A.H. and Games, R.A. and Key, E.L.},

year = 1982,

title = {On the Complexities of de {B}ruijn Sequences},

journal = {J. Comb. Theory},

series = {A},

volume = 33,

pages = {233--246}

}

@inproceedings{ChanGa90,

author = {Agnes H. Chan and Richard A. Games},

title = {On the quadratic spans of periodic sequences},

pages = {82--89},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No. 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{ChanGaRu94,

author = {Chan, A.H. and Games, R.A. and Rushanan, J.},

year = {1994},

title = {On Quadratic $M$-sequences},

booktitle = {Fast Software Encryption},

editor = {R. Anderson},

publisher = {Springer-Verlag},

series = {Lecture Notes in Computer Science},

volume = 809,

address = {Berlin},

pages = {166--173}

}

@inproceedings{ChaoTaTs94,

author = {Jinhui Chao and Kazuo Tanada and Shigeo Tsujii},

title = {Design of elliptic curves with controllable lower boundary

of extension degree for reduction attacks},

pages = {50--55},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No. 839},

publisher = {Springer},

year = 1994

}

@article{Chaum81,

author = {D. Chaum},

title = {Untraceable electronic mail, return addresses, and

digital pseudonyms},

journal = CACM,

volume = 24,

month = Feb,

year = 1981,

pages = {84--88}

}

@inproceedings{Chaum82,

author = {David L. Chaum},

title = {Verification by Anonymous Monitors},

pages = {138--139},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{Chaum83,

author = {David Chaum},

title = {Blind Signatures for Untraceable Payments},

pages = {199--203},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{Chaum84,

author = {David Chaum},

title = {Blind Signature System},

pages = {153--153},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@inproceedings{Chaum84a,

author = {David Chaum},

title = {Design Concepts for Tamper Responding Systems},

pages = {387--392},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@inproceedings{Chaum85,

author = {David Chaum},

title = {New Secret Codes Can Prevent a Computerized Big Brother},

pages = {432--433},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No. 196},

publisher = {Springer},

year = 1985

}

@inproceedings{Chaum85a,

author = {David Chaum},

title = {How to Keep a Secret Alive: Extensible Partial Key,

Key Safeguarding, and Threshold Systems},

pages = {481--485},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No. 196},

publisher = {Springer},

year = 1985

}

@article{Chaum85b,

author = {David Chaum},

title = {Security Without Identification: Transaction

Systems to Make Big Brother Obsolete},

year = 1985,

month = {Oct},

journal = {Communications of the ACM},

volume = 28,

number = 10,

pages = {1030--1044}

}

@inproceedings{Chaum87,

author = {David Chaum},

title = {Demonstrating that a public predicate can be satisfied

without revealing any information about how},

pages = {195--199},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No. 263 },

publisher = {Springer-Verlag},

year = 1987

}

@article{Chaum88,

author = {David Chaum},

title = {The Dining Cryptographers Problem: Unconditional

Sender and Recipient Untraceability},

journal = {Journal of Cryptology},

year = 1988,

volume = 1,

pages = {65-75}

}

@misc{Chaum88a,

author = {David Chaum},

title = {Blind unanticipated signature systems},

howpublished = {U.S. Patent No. 4,759,064},

year = {1988}

}

@misc{Chaum88b,

author = {David Chaum},

title = {Blind signature systems},

howpublished = {U.S. Patent No. 4,759,063},

year = {1988}

}

@inproceedings{Chaum95,

author = {David Chaum},

title = {Designated Confirmer Signatures},

pages = {~},

booktitle = {Proceedings EUROCRYPT 94 (to appear)},

year = 1995,

publisher = {Springer-Verlag}

}

@inproceedings{ChaumEv86,

author = {Chaum, D. and Evertse, J.},

year = 1986,

title = {Crytanalysis of {DES} with a reduced number of rounds,

sequences of linear factors in block ciphers},

booktitle = {Advances in Cryptology --- Crypto '85},

editor = {H.C. Williams},

publisher = {Springer-Verlag},

address = {New York},

pages = {192--211}

}

@inproceedings{ChaumEv86a,

author = {David Chaum and Jan-Hendrik Evertse},

title = {Cryptanalysis of {DES} with a Reduced Number of Rounds},

pages = {192--211},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No. 218},

publisher = {Springer},

year = 1986

}

@inproceedings{Chaum90,

author = {David Chaum},

title = {The Spymasters double-agent problem: Multiparty computations

secure unconditionally from minorities and cryptographically

from majorities},

pages = {591--603},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No. 435},

publisher = {Springer-Verlag},

year = 1990

}

@INPROCEEDINGS{Chaum90a,

author = {D. Chaum},

title = {Showing Credentials Without Identification: Transferring

Signatures Between Unconditionally Unlinkable Pseudonyms},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {246--264}

}

@article{Chaum92,

author = {D. Chaum},

title = {Achieving Electronic Privacy},

journal = {Scientific American},

volume = 267,

number = 2,

month = Aug,

year = 1992,

pages = {96--101}

}

@inproceedings{ChaumCrDa88,

author = {David Chaum and Claude Cr\'epeau and Ivan {Damg{\aa}rd}},

title = {Multiparty unconditionally secure protocols},

pages = {462--462},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No. 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{ChaumCrDa88a,

author = {D. Chaum and C. Crepeau and I. {Damg{\aa}rd}},

title = {Multi-party unconditionally secure protocols},

booktitle = STOC88,

publisher = ACM,

address = {Chicago},

year = 1988

}

@inproceedings{ChaumDaVa88,

author = {David Chaum and Ivan B. Damg{\aa}rd and Jeroen van

de Graaf},

title = {Multiparty computations ensuring privacy of each party's

input and correctness of the result},

pages = {87--119},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No. 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{ChaumEv87,

author = {David Chaum and Jan-Hendrik Evertse},

title = {A secure and privacy-protecting protocol for transmitting

personal information between organizations},

pages = {118--167},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No. 263 },

publisher = {Springer-Verlag},

year = 1987

}

@inproceedings{ChaumEvVaPe87,

author = {David Chaum and Jan-Hendrik Evertse and Jeroen van

de Graaf and Ren\'e Peralta},

title = {Demonstrating possession of a discrete logarithm without

revealing it},

pages = {200--212},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No. 263 },

publisher = {Springer-Verlag},

year = 1987

}

@inproceedings{ChaumFiNa88,

author = {D. Chaum and A. Fiat and M. Naor},

title = {Untraceable Electronic Cash},

pages = {319--327},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No. 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{ChaumVaPf92,

author = {D. Chaum and E. van Heijst and B. Pfitzmann},

title = {Cryptographically strong undeniable signatures, unconditionally

secure for the signer},

pages = {470--484},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No. 576},

publisher = {Springer},

year = 1992

}

@inproceedings{ChaumPe92,

author = {David Chaum and Torben Pryds Pedersen},

title = {Wallet Databases with Observers},

pages = {89--105},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No. 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{ChaumRo91,

author = {D. Chaum and S. Roijakkers},

title = {Unconditionally Secure Digital Signatures},

pages = {206--215},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No. 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{ChaumVa90,

author = {David Chaum and Hans Van Antwerpen},

title = {Undeniable signatures},

pages = {212--217},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No. 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{CheeJoSt92,

author = {Y.M. Chee and A. Joux and J. Stern},

title = {The cryptoanalysis of a new public-key cryptosystem

based on modular knapsacks},

pages = {204--212},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No. 576},

publisher = {Springer},

year = 1992

}

@article{CheheylGaHuMi81,

author = {M.H. Cheyel and M. Gasser and G.A. Huff and J.K. Millen},

title = {Verifying Security},

journal = {ACM Computing Surveys},

volume = 13,

number = 3,

pages = {279--339},

year = 1981

}

@inproceedings{Chen85,

author = {Su-shing Chen},

title = {On Rotation Group and Encryption of Analog Signals},

pages = {95--100},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No. 196},

publisher = {Springer},

year = 1985

}

@unpublished{Chen94,

author = {Kefei Chen},

title = {Improved {Girault} Identification Scheme},

month = Dec,

year = 1994,

note = {no note}

}

@phdthesis{Cheng81,

author = {Cheng, U.},

title = {Properties of Sequences},

school = {University of Southern California},

year = {1981}

}

@inproceedings{ChepyzhovSm91,

author = {Chepyzhov, V. and Smeets, B.},

year = 1991,

title = {On a Fast Correlation Attack on Certain Stream Ciphers},

booktitle = {Advances in Cryptology --- Eurocrypt '91},

editor = {D.W. Davies},

pages = {176--185},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{ChickTa90,

author = {Gerald C. Chick and Stafford E. Tavares},

title = {Flexible access control with master keys},

pages = {316--323},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No. 435},

publisher = {Springer-Verlag},

year = 1990

}

@article{Chokhani94,

author = {Santosh Chokhani},

title = {Toward a National Public Key Infrastructure},

journal = {IEEE Communications Magazine},

month = Sep,

year = 1994,

volume = 32,

number = 9,

pages = {70--74}

}

@inproceedings{ChorFiNa94,

author = {Benny Chor and Amos Fiat and Moni Naor},

title = {Tracing traitors},

pages = {257--270},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No. 839},

publisher = {Springer},

year = 1994

}

@inproceedings{ChorGo85,

author = {Benny Chor and Oded Goldreich},

title = {{RSA}/Rabin Least Significant Bits are $\frac{1}{2}

+ 1/$ {\em poly(log $N$)} Secure},

pages = {303-313},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No. 196},

publisher = {Springer},

year = 1985

}

@inproceedings{ChorGo85a,

author = {B. Chor and O. Goldreich},

title = {Unbiased Bits from Sources of Weak Randomness and

Probabilistic Communication Complexity},

booktitle = FOCS85,

address = {Portland},

publisher = IEEE,

pages = {429--442},

year = 1985

}

@article{ChorGo88,

author = {B. Chor and O. Goldreich},

title = {Unbiased bits from sources of weak randomness and

probabilistic communication complexity},

journal = {SIAM J. Computing},

year = 1988,

month = Apr,

volume = 17,

number = 2,

pages = {230--261}

}

@article{ChorGo90,

author = {B. Chor and O. Goldreich},

title = {An Improved Parallel Algorithm for Integer {GCD}},

journal = {Algorithmica},

volume = 5,

year = 1990,

pages = {1--10}

}

@inproceedings{ChorGoGo86,

author = {Benny Chor and Oded Goldreich and Shafi Goldwasser},

title = {The Bit Security of Modular Squaring Given Partial

Factorization of the Modulos},

pages = {448--457},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No. 218},

publisher = {Springer},

year = 1986

}

@inproceedings{ChorGoMiAw85,

author = {B. Chor and S. Goldwasser and S. Micali and B. Awerbuch},

title = {Verifiable secret sharing and achieving simultaneity

in the presence of faults},

booktitle = FOCS85,

address = {Portland},

year = 1985,

pages = {383--395},

publisher = IEEE

}

@inproceedings{ChorKu89,

author = {B. Chor and E. Kushilevitz},

title = {A Zero-One Law for {Boolean} Privacy},

booktitle = STOC89,

publisher = ACM,

address = {Seattle},

year = 1989,

pages = {62--72},

comment = {See ChorKu91 for the journal version.}

}

@article{ChorKu91,

author = {B. Chor and E. Kushilevitz},

title = {A Zero-One Law for {Boolean} Privacy},

journal = {SIAM J. Disc. Math.},

year = 1991,

volume = 4,

pages = {36--47}

}

@inproceedings{ChorKu90,

author = {Benny Chor and Eyal Kushilevitz},

title = {Secret sharing over infinite domains},

pages = {299--306},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No. 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{ChorRa87,

author = {Benny Chor and Michael Rabin},

title = {Achieving independence in logarithmic number of rounds},

pages = {260--268},

booktitle = PODC87,

publisher = {ACM},

year = 1987

}

@article{ChorRi88,

author = {B. Chor and R. L. Rivest},

title = {A knapsack type public-key cryptosystem based on arithmetic

in finite fields},

pages = {901--909},

journal = {IEEE Trans.\ Inform.\ Theory},

volume = 34,

number = 5,

month = Sep,

year = 1988

}

@inproceedings{ChorRi85,

author = {B. Chor and R. L. Rivest},

title = {A knapsack type public-key cryptosystem based on arithmetic

in finite fields},

pages = {54--65},

booktitle = CRYPTO84,

publisher = {Springer},

editor = {G. R. Blakley and D. C. Chaum},

year = 1985,

note = {Lecture Notes in Computer Science No. 196, This article

appeared in IEEE Trans. Inform. Theory (1988).}

}

@inproceedings{ChuangDu91,

author = {C.C. Chuang and J.G. Dunham},

title = {Matrix Extensions of the {RSA} Algorithm},

pages = {140--155},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No. 537},

publisher = {Springer-Verlag},

year = 1991

}

@article{ClarkHo94,

author = {Paul C. Clark and Lance J. Hoffman},

title = {{BITS}: A Smartcard Protected Operating System},

journal = {Communications of the ACM},

month = Nov,

year = 1994,

volume = 37,

number = 11,

pages = {66--70}

}

@inproceedings{ClarkWi87,

author = {D. Clark and D. Wilson},

title = {A Comparison of Commercial and Military Computer

Security Policies},

booktitle = {IEEE Security Privacy},

year = 1987

}

@inproceedings{Cleve86,

author = {R. Cleve},

title = {Limits on the Security of Coin Flips When Half the

Processors are Faulty},

pages = {364--369},

booktitle = STOC86,

publisher = ACM,

address = {Berkeley},

year = 1986

}

@inproceedings{Cleve90,

author = {Richard Cleve},

title = {Controlled gradual disclosure schemes for random bits

and their applications},

pages = {573--588},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No. 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{Cleve91,

author = {R. Cleve},

title = {Complexity Theoretic Issues Concerning Block Ciphers

Related to {D.E.S.}},

pages = {530--544},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No. 537},

publisher = {Springer-Verlag},

year = 1991

}

@techreport{Cohen89,

author = {Cohen, Danny},

title = {Electronic Commerce},

institution = {Information Sciences Institute},

number = {ISI/RR-89-244},

month = Oct,

year = 1989

}

@inproceedings{CohenFi85,

author = {J. D. Cohen and M. J. Fischer},

title = {A robust and verifiable cryptographically secure election

scheme},

booktitle = FOCS85,

address = {Portland},

publisher = IEEE,

year = 1985,

pages = {372--382}

}

@article{CohenLe84,

author = {H. Cohen and Lenstra, Jr., H. W.},

title = {Primality Testing and {Jacobi} Sums},

journal = {Mathematics of Computation},

year = {1984},

volume = 42,

number = 165,

mon = jan,

pages = {297--330}

}

@article{Colossus97,

author = {Barry Fox and Jeremy Webb},

title = {A Colossal adventure},

journal = {New Scientist},

volume = 154,

number = 2081,

mon = May,

year = 1997,

pages = {38--43}

}

@article{Comba90,

author = {P. G. Comba},

title = {Exponentiation Cryptosystems on the {IBM PC}},

journal = {IBM Systems Journal},

year = 1990,

volume = 29,

number = 4,

pages = {526--538}

}

@manual{ComiteFranca89,

oldtag = {ComiteFdONoBa89},

author = {{Comit\'{e} Fran\c{c}ais d'Organisation et de Normalisation

Bancaire}},

year = 1989,

title = {Echanges T\'{e}l\'ematiques entre les Banques et leurs

Clients, Standard {ETEBAC} 5, v1.1},

address = {Paris}

}

@manual{ComptrollerG91,

newtag = {ComptrollerG91},

author = {{Comptroller General of the United States}},

year = 1991,

month = {December 13,},

title = {Matter of {National Institute of Standards and Technology}

--- {Use} of Electronic Data Interchange Technology

to Create Valid Obligations},

note = {File B-245714}

}

@INPROCEEDINGS{CooperPa90,

author = {R.H. Cooper and W. Patterson},

title = {{RSA} as a Benchmark for Multiprocessor Machines},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {356--359}

}

@inproceedings{Coppersmith84,

author = {D. Coppersmith},

title = {Evaluating Logarithms in {$GF(2^n)$}},

booktitle = STOC84,

pages = {201--207},

address = {Washington, D.C.},

year = 1984,

publisher = ACM

}

@article{Coppersmith84b,

author = {D. Coppersmith},

title = {Fast evaluation of logarithms in fields of characterstic

two.},

journal = {IEEE Trans. Inform. Theory},

volume = {IT-30},

year = 1984,

pages = {587--594}

}

@inproceedings{Coppersmith86,

author = {Coppersmith, D.},

year = 1986,

title = {The real reason for {R}ivest's phenomenon},

booktitle = {Advances in Cryptology --- Crypto '85},

editor = {H.C. Williams},

publisher = {Springer-Verlag},

address = {New York},

pages = {535--536}

}

@inproceedings{Coppersmith86a,

author = {D. Coppersmith},

title = {Cheating at Mental Poker},

pages = {104--107},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No. 218},

publisher = {Springer},

year = 1986

}

@inproceedings{Coppersmith86b,

newtag = {Coppersmith86b},

author = {Don Coppersmith},

title = {Another Birthday Attack},

pages = {14--17},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No. 218},

publisher = {Springer},

year = 1986

}

@article{Coppersmith87,

author = {Coppersmith, D.},

title = {Cryptography},

journal = {IBM J. Res. Dev.},

volume = 31,

number = 2,

year = 1987,

pages = {244-248}

}

@misc{Coppersmith89,

author = {D. Coppersmith},

title = {{Analysis of {ISO/CCITT} Document X.509 Annex {D}}},

howpublished = {Internal Memo, IBM T.J. Watson Center},

month = {June 11,},

year = {1989}

}

@techreport{Coppersmith92,

author = {Don Coppersmith},

title = {The Data Encryption Standard ({DES}) and its Strength

Against Attacks},

institution = {IBM T.J. Watson Research Center},

year = 1992,

month = Dec,

number = {RC 18613(81421)}

}

@inproceedings{Coppersmith94,

author = {Don Coppersmith},

title = {Attack on the cryptographic scheme {NIKS-TAS}},

pages = {294--307},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No. 839},

publisher = {Springer},

year = 1994

}

@techreport{CoppersmithFrPaRe96,

author = {Don Coppersmith and Matthew Franklin and Jacques Patarin

and Michael Reiter},

title = {Low-Exponent {RSA} with Related Messages},

institution = {IBM T.J. Watson Research Lab},

number = {IBM RC 20318},

month = {December 27,},

year = 1995,

note = {(To appear in Eurocrypt '96)}

}

@article{CoppersmithGr75,

author = {Don Coppersmith and E. Grossman},

title = {Generators for certain alternating groups with applications

to cryptology},

journal = {SIAM Journal on Applied Mathematics},

year = 1975,

volume = 29,

pages = {624--627}

}

@inproceedings{CoppersmithKrMa94,

author = {Don Coppersmith and Hugo Krawczyk and Yishay Mansour},

title = {The shrinking generator},

pages = {22--39},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No. 773},

publisher = {Springer},

year = 1994

}

@article{CoppersmithOdSc86,

author = {D. Coppersmith and A. M. Odlyzko and R. Schroeppel},

title = {Discrete Logarithms in {$GF(p)$}},

journal = {Algorithmica},

volume = 1,

number = 1,

year = 1986,

pages = {1--16}

}

@misc{CoppersmithPiMeMaHyOsBrSc90,

newtag = {CoppersmithPiMeMaHyOsBrSc90},

author = {D. Coppersmith and S. Pilpel and C.H. Meyer and S.M.

Matyas and M.M. Hyden and J. Oseas and B. Brachtl and

M. Schilling},

title = {Data authentication using modification dectection codes

based on a public one way encryption function},

howpublished = {U.S. Patent No. 4,908,861},

month = {March 13,},

year = {1990}

}

@inproceedings{CoppersmithStVa94,

author = {Don Coppersmith and Jacques Stern and Serge Vaudenay},

title = {Attacks on the birational permutation signature schemes},

pages = {435--443},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No. 773},

publisher = {Springer},

year = 1994

}

@book{CormenLeRi90,

author = {Thomas H. Cormen and Charles E. Leiserson and Ronald

L. Rivest},

title = {Introduction to Algorithms},

year = 1990,

publisher = {MIT Press/McGraw-Hill}

}

@manual{Cramer95,

author = {R.J.F. Cramer},

year = {1995},

title = {On shared randomness and the size of secure signatures},

month = {April},

organization = {Centrum voor Wiskunde en Informatica},

note = {Report {CS}-{R}9530}

}

@inproceedings{CramerDaSc94,

author = {Ronald Cramer and Ivan {Damg{\aa}rd} and Berry

Schoenmakers},

title = {Proofs of partial knowledge and simplified design of

witness hiding protocols},

pages = {174--187},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No. 839},

publisher = {Springer},

year = 1994

}

@inproceedings{Crepeau86,

author = {Claude Cr\'epeau},

title = {A Secure Poker Protocol that Minimizes the Effect

of Player Coalitions},

pages = {73--86},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No. 218},

publisher = {Springer},

year = 1986

}

@inproceedings{Crepeau87,

newtag = {Crepeau87},

author = {Claude Cr\'epeau},

title = {A zero-knowledge poker protocol that achieves confidentiality

of the players' strategy or how to achieve an electronic

poker face},

pages = {239--247},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No. 263 },

publisher = {Springer-Verlag},

year = 1987

}

@inproceedings{Crepeau88,

author = {Claude Cr\'epeau},

title = {Equivalence between two flavours of oblivious transfers},

pages = {350--354},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No. 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{CrepeauKi88,

author = {Claude Cr\'epeau and Joe Kilian},

title = {Weakening Security Assumptions and Oblivious Transfer},

pages = {2--7},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No. 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{CrepeauKi94,

author = {Claude Cr\'epeau and Joe Kilian},

title = {Discreet solitary games},

pages = {319--330},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No. 773},

publisher = {Springer},

year = 1994

}

@article{Cullyer89,

author = {W. Cullyer},

title = {Implementing high integrity systems:

the Viper microprocessor},

journal = {IEEE AES Magazine},

month = {May},

year = 1989

}

% note: not in class file cabinet yet

@techreport{Curry90,

author = {Curry, David A.},

year = 1990,

title = {Improving the Security of Your {UNIX} System},

institution = {{SRI} International},

number = {ITSTD-721-FR-90-21},

address = {Menlo Park, CA},

month = {April}

}

@inproceedings{Cusick91,

author = {Cusick, T.W.},

year = 1991,

title = {The {REDOC-II} Cryptosystem},

booktitle = {Advances in Cryptology --- Crypto '90},

editor = {Menezes, A.J. and Vanstone, S.A.},

publisher = {Springer-Verlag},

address = {New York},

pages = {545--563}

}

@inproceedings{Cusick94,

author = {Cusick, T.W.},

year = 1994,

title = {{B}oolean functions satisfying a higher order strict

avalanche criterion},

booktitle = {Advances in Cryptology --- Eurocrypt '93},

editor = {T. Helleseth},

publisher = {Springer-Verlag},

series = {Lecture Notes in Computer Science},

volume = {765},

pages = {102--117},

address = {Berlin}

}

@inproceedings{CusickWo91,

author = {T.W. Cusick and M.C. Wood},

title = {The {REDOC II} Cryptosystem},

pages = {545-563},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No. 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{DaemenGoVa93,

author = {Daemen, J. and Govaerts, R. and Vandewalle, J.},

year = 1993,

title = {Block ciphers based on Modular Arithmetic},

booktitle = {State and {P}rogress in the {R}esearch of {C}ryptography,

1993},

pages = {80--89}

}

@inproceedings{DaemenGoVa93a,

author = {Daemen, J. and Govaerts, R. and Vandewalle, J.},

year = 1993,

title = {Cryptanalysis of {MUX-LFSR} Based Scramblers},

booktitle = {State and {P}rogress in the {R}esearch of {C}ryptography,

1993},

pages = {55--61}

}

@inproceedings{DaemenGoVa94,

author = {Joan Daemen and Ren\'e Govaerts and Joos Vandewalle},

title = {Weak keys for {IDEA}},

pages = {224--231},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No. 773},

publisher = {Springer},

year = 1994

}

@article{Dai86,

author = {Dai, Zong-duo},

year = 1986,

title = {Proof of {R}ueppel's linear complexity conjecture},

journal = {IEEE Transactions on Information Theory},

volume = {IT-32},

pages = {440--443}

}

@INPROCEEDINGS{DaiZe90,

author = {Z. Dai and K. Zeng},

title = {Continued Fractions and {Berlekamp-Massey} Algorithm},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {24--31}

}

@inproceedings{Damgard88,

author = {I.B. Damg{\aa}rd},

title = {On the Randomness of {Legendre and Jacobi} Sequences},

pages = {163--172},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No. 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Damgard88a,

author = {I.B. Damg{\aa}rd},

title = {Payment Systems and Credential Mechanisms with Provable

Security Against Abuse by Individuals},

pages = {328--335},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No. 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Damgard90b,

author = {Ivan Damg{\aa}rd},

title = {On the existence of a bit commitment schemes and zero-knowledge

proofs},

pages = {17--29},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No. 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{Damgard90c,

author = {Ivan Damg{\aa}rd},

title = {A Design principle for hash functions},

pages = {416--427},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No. 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{Damgard92,

author = {I. Damg{\aa}rd},

title = {Towards practical public key systems secure against

chosen ciphertext attacks},

pages = {445--456},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No. 576},

publisher = {Springer},

year = 1992

}

@inproceedings{DamgardBj90,

newtag = {DamgardBj90},

author = {I. Damg{\aa}rd and Ivan Bjerre},

title = {A Design Principle for Hash Functions},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No. 435},

publisher = {Springer},

year = 1990,

pages = {416--427}

}

@article{DamgardLaPo93,

author = {Ivan Damg{\aa}rd and Peter Landrock and Carl Pomerance},

title = {Average case error estimates for the strong probable

prime test},

journal = {Mathematics of Computation},

year = {1993},

volume = 61,

number = 203,

mon = jul,

pages = {177--194}

}

@inproceedings{DamgardLaPo94,

author = {Ivan Damg{\aa}rd and Peter Landrock and Carl Pomerance},

title = {Interactive hashing can simplify zero-knowledge protocol

design without computational assumptions},

pages = {100--109},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No. 773},

publisher = {Springer},

year = 1994

}

@inproceedings{DamgardPePf94,

author = {Damg{\aa}rd and Torben P. Pedersen and Birgit Pfitzmann},

title = {On the existence of statistically hiding bit commitment

schemes and fail-stop signatures},

pages = {250--265},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No. 773},

publisher = {Springer},

year = 1994

}

@techreport{Davida82,

author = {Davida, G.},

year = 1982,

title = {Chosen signature cryptanalysis of the {RSA} public

key cryptosystem},

number = {TR-CS-82-2},

institution = {Dept of EECS, University of Wisconsin, Milwaukee}

}

@inproceedings{DavidaDa88,

author = {George I. Davida and Frank B. Dancs},

title = {A crypto-engine},

pages = {257--268},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No. 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{DavidaMa88,

author = {George I. Davida and Brian J. Matt},

title = {Arbitration in tamper proof systems (If {DES} $\approx$

{RSA} then what's the difference between true signature

and arbitrated signature schemes?)},

pages = {216--222},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No. 293 },

publisher = {Springer-Verlag},

year = 1988

}

@book{Davies81,

editor = {D. W. Davies},

title = {Tutorial: The Security of Data in Networks},

publisher = IEEE,

year = 1981,

note = {IEEE Computer Society Order \#366}

}

@inproceedings{Davies82,

author = {Donald W. Davies},

title = {Some Regular Properties of the {DES}},

pages = {41--41},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{Davies83,

author = {Donald W. Davies},

title = {Some Regular Properties of the `{D}ata {E}ncryption

{S}tandard' Algorithm},

pages = {89--96},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{Davies84,

author = {Donald W. Davies},

title = {Use of the `Signature Token' to Create a Negotiable

Document},

pages = {377--382},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@inproceedings{Davies85,

author = {Donald Watts Davies},

title = {A Message Authenticator Algorithm},

pages = {393--400},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No. 196},

publisher = {Springer},

year = 1985

}

@inproceedings{DaviesPa83,

author = {Davies, D.W. and Parkin, G.I.P.},

year = 1983,

title = {The average cycle size of the key stream in output

feedback encipherment},

booktitle = {Advances in Cryptology --- Crypto '82},

publisher = {Plenum Press},

address = {New York},

pages = {97--98}

}

%Same paper, dif source

@inproceedings{DaviesPa83a,

author = {D.W. Davies and G.I.P. Parkin},

title = {The average cycle size of the key stream in output

feedback encipherment},

pages = {263--279},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@techreport{DaviesPr79,

author = {D. W. Davies and W. L. Price},

title = {A Protocol for Secure Communication},

institution = {National Physical Laboratory},

year = 1979,

month = Jan,

number = {NACS 21/79}

}

@inproceedings{DaviesPr80,

author = {D. W. Davies and W. L. Price},

title = {The Application of Digital Signatures Based on Public-Key

Cryptosystems},

booktitle = {Proc.\ Fifth Intl.\ Computer Communications Conference},

year = 1980,

month = Oct,

pages = {525--530}

}

@techreport{DaviesPr80a,

author = {Davies, D.W. and Price, W.L.},

year = 1980,

title = {Selected papers in cryptography and data security},

institution = {National Physical Laboratory},

number = {DNACS 38/80},

month = {November}

}

@book{DaviesPr84,

author = {D. W. Davies and W. L. Price},

title = {Security for Computer Networks: An Introduction to

Data Security in Teleprocessing and Electronic Funds

Transfer},

publisher = {John Wiley and Sons},

address = {New York},

year = 1984

}

@inproceedings{DavioDeGoHoQu85,

author = {Marc Davio and Yvo Desmedt and Jo Goubert and Frank

Hoornaert and Jean-Jacques Quisquater},

title = {Efficient Hardware and Software Implementations for

the {DES}},

pages = {144-146},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No. 196},

publisher = {Springer},

year = 1985

}

@inproceedings{DavioDeFoGoHuNePiQuVaWo84,

newwtag = {DavioDeFoGoHuNePiQuVaWo84},

author = {Marc Davio and Yvo Desmedt and Marc Foss\'eprez and

Ren\'e Govaerts and Jan Hulsbosch and Patrik Neutjens

and Philippe Piret and Jean-Jacques Quisquater and

Joos Vandewalle and Pascal Wouters},

year = 1984,

title = {Analytical Characteristics of the {DES}},

booktitle = {Advances in Cryptology --- Crypto '83},

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

pages = {171--202}

}

@inproceedings{DavioDeQu85,

author = {Marc Davio and Yvo Desmedt and Jean-Jacques Quisquater},

title = {Propagation Characteristics of the {DES}},

pages = {62--73},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@inproceedings{DavioGoQu83,

author = {M. Davio and J-M. Goethals and J.-J. Quisquater},

title = {Authentication Procedures},

pages = {283--288},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@article{Davis78,

author = {Davis, R.},

year = {1978},

title = {The {D}ata {E}ncryption {S}tandard in Perspective},

journal = {{IEEE} Comms. Soc. Mag.},

volume = 16,

number = 6,

pages = {5--10}

}

@inproceedings{DavisHo84,

author = {J.A. Davis and D.B. Holdridge},

title = {Factorization Using the Quadratic Sieve Algorithm},

pages = {103--113},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@inproceedings{DavisHo85,

author = {J.A. Davis and D.B. Holdridge},

title = {An Update on Factorization at Sandia National Laboratories},

pages = {114--114},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@inproceedings{DavisHoSi85,

author = {James A. Davis and Diane B. Holdridge and Gustavus

J. Simmons},

title = {Status Report on Factoring (At the {Sandia National

Laboratories}},

pages = {183--215},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No. 209},

publisher = {Springer},

address = {Paris},

year = 1985

}

@inproceedings{DavisIhFe94,

author = {Don Davis and Ross Ihaka and Philip Fenstermacher},

title = {Cryptographic randomness from air turbulence in disk

drives},

pages = {114-120},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No. 839},

publisher = {Springer},

year = 1994

}

@INPROCEEDINGS{DawsonGo90,

author = {E. Dawson and B. Goldburg},

title = {Universal Logic Sequences},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {426--432}

}

@inproceedings{DawsonTa91,

author = {Dawson, M.H. and Tavares, S.E.},

year = 1991,

title = {An Expanded set of {S}-box design Criteria based on

information theory and its relation to DIfferential-like

attacks},

booktitle = {Advances in Cryptology --- Eurocrypt '91},

editor = {D.W. Davies},

publisher = {Springer-Verlag},

address = {Berlin},

pages = {352--367}

}

@inproceedings{DawsonTa91a,

author = {Dawson, M.H. and Tavares, S.E.},

title = {An Expanded Set of Design Criteria for Substitution

Boxes and their Use in Strengthening {DES-like} Cryptosystems},

pages = {191-195},

booktitle = {IEEE Pacific Rim Conference on Communications, Computers,

and Signal Processing},

publisher = {IEEE},

year = 1991

}

@inproceedings{DeanFeWa96,

author = {Drew Dean and Edward W. Felten And Dan S. Wallach},

title = {Java Security: From {HotJava} to Netscape and Beyond},

pages = {190--200},

month = {May},

year = {1996},

booktitle = {Proceedings 1996 IEEE Symposium on Security and Privacy}

}

@techreport{DeanWa95,

author = {Drew Dean and Dan S. Wallach},

title = {Security Flaws in the HotJava Web Browser},

institution = {Princeton University},

month = Nov,

year = 1995

}

@article{DeBruijn46,

author = {de Bruijn, N.G.},

year = {1946},

title = {A Combinatorial Problem},

journal = {Nederl. Akad. Wetensch. Proc.},

volume = 49,

pages = {758--764}

}

@inproceedings{DeJongeCh86,

author = {Wiebren de Jonge and David Chaum},

title = {Attacks on Some {RSA} Signatures},

pages = {18--27},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No. 218},

publisher = {Springer},

year = 1986

}

@inproceedings{DeJongeCh87,

author = {Wiebren de Jonge and David Chaum},

title = {Some Variations on {RSA} Signatures and Their Security},

pages = {49--59},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No. 263 },

publisher = {Springer-Verlag},

year = 1987

}

@article{DeLaurentis84,

author = {J.~M. DeLaurentis},

title = {A further weakness in the common modulus protocol

for the {RSA} cryptosystem},

journal = {Cryptologia},

year = 1984,

volume = 8,

pages = {253--259}

}

@inproceedings{DeLaurentis88,

author = {J.M. DeLaurentis},

title = {Components and cycles of a random function},

pages = {231--242},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No. 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{DelosQu94,

author = {Olivier Delos and Jean-Jacques Quisquater},

title = {An identity-based signature scheme with bounded life-span},

pages = {83--94},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No. 839},

publisher = {Springer},

year = 1994

}

@inproceedings{DelsarteDeOdPi85,

author = {P. Delsarte and Y. Desmedt and A. Odlyzko and P. Piret},

title = {Fast Cryptanalysis of the {Matsumoto-Imai} Public

Key Scheme},

pages = {142--149},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@book{DeMilloDoJoLi78,

editor = {R. A. DeMillo and D. P. Dobkin and A. Jones and R.

J. Lipton},

title = {Foundations of Secure Computation},

publisher = {Academic Press},

address = {New York},

year = 1978

}

@inproceedings{DeMilloLyMe82,

author = {R. A. DeMillo and N. Lynch and M. J. Merritt},

title = {Cryptographic Protocols},

pages = {383--400},

booktitle = STOC82,

publisher = ACM,

address = {San Francisco},

year = 1982

}

@inproceedings{DeMilloLyMe82a,

author = {Richard deMillo and Nancy Lynch and Michael J. Merritt},

title = {The Design and Analysis of Cryptographic Protocols},

pages = {71--72},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{DenBoer88,

author = {denBoer, B.},

year = 1988,

title = {Cryptanalysis of {FEAL}},

booktitle = {Advances in Cryptology --- Eurocrypt '88},

editor = {C.G. {G\"{u}nther}},

publisher = {Springer-Verlag},

address = {Berlin},

pages = {293--300}

}

@inproceedings{DenBoer88a,

author = {B. denBoer},

title = {{Diffie-Hillman} is as Strong as Discrete Log for Certain

Primes},

pages = {530--539},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No. 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{DenBoerBo92,

author = {denBoer, B. and A. Bosselaers},

title = {An attack on the last two rounds of {MD4}},

pages = {194--203},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No. 576},

publisher = {Springer},

year = 1992

}

@inproceedings{DenBoerBo94,

author = {denBoer, B. and Bosselaers, A.},

year = 1994,

title = {Collisions for the compression function of {MD5}},

booktitle = {Advances in Cryptology --- Eurocrypt '93},

editor = {T. Helleseth},

publisher = {Springer-Verlag},

series = {Lecture Notes in Computer Science},

volume = {765},

pages = {293--304},

address = {Berlin}

}

@article{Denning76,

author = {D. Denning},

title = {A Lattice Model of Secure Information Flow},

journal = {Communications of the ACM},

volume = 19,

number = 5,

pages = {236--243},

year = 1976

}

@book{Denning83,

author = {D. E. Denning},

title = {Cryptography and Data Security},

publisher = {Addison-Wesley},

address = {Reading, Mass.},

year = {1982}

}

@inproceedings{Denning84,

author = {Dorothy E. Denning},

title = {Field Encryption and Authentication},

pages = {231--247},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@inproceedings{Denning86,

author = {D. Denning},

title = {An Intrusion Detection Model},

booktitle = {IEEE Security and Privacy},

year = 1986

}

@article{Denning93,

author = {Denning, D.E.},

year = {1993},

title = {The {Clipper} Encryption System},

journal = {American Scientist},

volume = 81,

number = 4,

month = {July--August},

pages = {319--323}

}

@article{Denning94,

author = {Dorothy E. Denning},

title = {Key Escrowing Today},

journal = {IEEE Communications Magazine},

month = Sep,

year = 1994,

volume = 32,

number = 9,

pages = {58--68}

}

@article{Denning95,

author = {Dorothy E. Denning},

title = {Resolving the Encryption Dilemma: The Case for the

{Clipper Chip}},

journal = {Technology Review},

month = Jul,

year = 1995,

pages = {48--55}

}

@article{Denning96,

author = {Dorothy E. Denning},

title = {A Taxonomy for Key Escrow Encryption Sytstems},

journal = {Communications of the ACM},

volume = 39,

number = 3,

pages = {34--40},

year = 1996

}

@article{DenningDe79,

author = {D. E. Denning and P. J. Denning},

title = {Data Security},

journal = {ACM Computing Surveys},

volume = 11,

month = Sep,

year = 1979,

pages = {227--249}

}

@inproceedings{DennyDoLeMa94,

author = {T. Denny and B. Dodson and A.K. Lenstra and M.S. Manasse},

title = {On the factorization of {RSA}-120},

pages = {166--174},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No. 773},

publisher = {Springer},

year = 1994

}

@inproceedings{DeSantisDeFrYu94,

author = {Alredo De Santis and Yvo Desmedt and Yair Frankel

and Moti Yung},

title = {How to Share a Function Securely},

booktitle = STOC94,

publisher = ACM,

address = {Montreal, Canada},

year = 1994,

pages = {522--533}

}

@inproceedings{DeSantisDiPe94,

author = {A. De Santis and G. Di Crescenzo and G. Persiano},

title = {Secret sharing and perfect zero-knowledge},

pages = {73--84},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No. 773},

publisher = {Springer},

year = 1994

}

@inproceedings{DeSantisDePe94,

author = {Alfredo De Santis and Giovanni De Crescenzo and Giuseppe

Persiano},

title = {On Monotone Formula Closure of {SZK}},

booktitle = STOC94,

publisher = ACM,

address = {Montreal, Canada},

year = 1994,

pages = {454--465}

}

@inproceedings{DeSantisMiPe88,

author = {Alfredo De Santis and Silvio Micali and Giuseppe Persiano},

title = {Non-interactive zero-knowledge proof systems},

pages = {52--72},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No. 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{DeSantisYu91,

author = {A. De Santis and M. Yung},

title = {Crptograpic Applications of the Non-Interactive Metaproof

and Many-Prover Systems},

pages = {366--377},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No. 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{Desmedt86,

author = {Yvo Desmedt},

title = {Unconditionally Secure Authentication Schemes and

Practical and Theoretical Consequences},

pages = {42--55},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No. 218},

publisher = {Springer},

year = 1986

}

@inproceedings{Desmedt87,

author = {Yvo Desmedt},

title = {Is there an ultimate use of cryptography?},

pages = {459--463},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No. 263 },

publisher = {Springer-Verlag},

year = 1987

}

@inproceedings{Desmedt88,

author = {Yvo Desmedt},

title = {Society and group oriented cryptography: A new concept},

pages = {120--127},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No. 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Desmedt88a,

author = {Y. Desmedt},

title = {Abuses in Cryptography and How to Fight Them},

pages = {375--389},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No. 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Desmedt90,

author = {Yvo G. Desmedt},

title = {Making conditionally secure cryptosystems unconditionally

abuse-free in a general context},

pages = {6--16},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No. 435},

publisher = {Springer-Verlag},

year = 1990

}

@article{Desmedt94,

author = {Yvo G. Desmedt},

title = {Threshold Cryptography},

journal = {European Transactions on Telecommunications},

volume = 5,

number = 4,

month = Jul,

year = 1994,

pages = {449--457}

}

@inproceedings{DesmedtFr90,

author = {Yvo Desmedt and Yair Frankel},

title = {Threshold cryptosystems},

pages = {307--315},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No. 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{DesmedtFr92,

author = {Y. Desmedt and Y. Frankel},

title = {Shared generation of authenticators and signatures},

pages = {457--469},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No. 576},

publisher = {Springer},

year = 1992

}

@techreport{DesmedtFr92a,

author = {Desmedt, Y.G. and Frankel, Y.},

year = 1992,

title = {Parallel reliable threshold multisignature},

institution = {Department of E.E. and C.S., University of Wisconsin-Milwaukee},

number = {TR-92-04-02},

month = {April}

}

@techreport{DesmedtFr92b,

author = {Yvo Desmedt and Yair Frankel},

year = 1992,

title = {Homomorphic Zero-knowledge threshold schemes over

any finite {Abelian} group},

institution = {Department of E.E. and C.S., University of

Wisconsin-Milwaukee},

number = {TR-91-6-02},

month = {Feb}

}

@inproceedings{DesmedtGoBe88,

author = {Yvo Desmedt and Claude Goutier and Samy Bengio},

title = {Special uses and abuses of the {Fiat-Shamir} passport

protocol},

pages = {21--39},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No. 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{DesmedtOd86,

author = {Y. Desmedt and A. M. Odlyzko},

title = {A chosen text attack on the {RSA} cryptosystem and

some discrete logarithm schemes},

pages = {516--522},

booktitle = CRYPTO85,

editor = {H. C. Williams},

publisher = {Springer},

year = 1986,

note = {Lecture Notes in Computer Science No. 218}

}

@inproceedings{DesmedtQu87,

author = {Yvo Desmedt and Jean-Jacques Quisquater},

title = {Public-key systems based on the difficulty of tampering

(Is there a difference between {DES} and {RSA}?)},

pages = {111--117},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No. 263 },

publisher = {Springer-Verlag},

year = 1987

}

@inproceedings{DesmedtQuDa85,

author = {Desmedt, Y.G. and Quisquater, J.J. and Davio, M.},

year = 1985,

title = {Dependence of Output on Input in {DES}: Small Avalanche

Characteristics},

booktitle = {Advances in Cryptology --- Crypto '84},

editor = {Blakley, G.R. and Chaum, D.},

publisher = {Springer-Verlag},

address = {New York},

pages = {359--376}

}

@inproceedings{DesmedtQuDa85a,

author = {Yvo Desmedt and Jean-Jacques Quisquater and Marc Davio},

title = {Dependence of Output on Input in {DES}: Small Avalanche

Characteristics},

pages = {359--376},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No. 196},

publisher = {Springer},

year = 1985

}

@inproceedings{DesmedtYu91,

author = {Y. Desmedt and M. Yung},

title = {Abritrated Unconditionally Secure Authentication Can

Be Unconditionally Protected Against Arbiter's Attacks},

pages = {177--188},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No. 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{DeSoete88,

author = {M. DeSoete},

title = {Bounds and Constructions for Authentication-Secrecy

Codes with Splitting},

pages = {311--318},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No. 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{DeSoeteQuVe90,

author = {Marijke DeSoete and Jean-Jacques Quisquater and Klaus

Vedder},

title = {A signature with shared verification scheme},

pages = {253--262},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No. 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{DeWaleffeQu91,

author = {D. deWaleffe and J.J. Quisquater},

title = {{CORSAIR}: A {SMART} Card for Public Key Cryptosystems},

pages = {502--514},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No. 537},

publisher = {Springer-Verlag},

year = 1991

}

@inbook{DeWaleffeQu91a,

author = {D. de~Waleffe and J.-J.~Quisquater},

title = {Better login protocols for computer networks},

publisher = {Lecture Notes in Computer Science, 1993, No.\ 741},

note = {Computer Security and Industrial Cryptography, State

of the Art and Evolution, ESAT Course},

month = May,

year = 1991,

pages = {50--70}

}

@book{Dickson19,

author = {Dickson, L.},

title = {History of the Theory of Numbers},

publisher = {Chelsea Pub. Co.},

year = {1919},

address = {London}

}

@inproceedings{Diffie82,

author = {Whitfield Diffie},

title = {Cryptography, the Next Two Decades},

pages = {84--108},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{Diffie86,

author = {Whitfield Diffie},

title = {Security for the {DoD} Transmission Control Protocol},

pages = {108--127},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

%% Following needs to be checked against original

@article{Diffie88,

author = {W. Diffie},

title = {The First Ten Years of Public-Key Cryptography},

journal = {Proc. IEEE},

month = May,

year = 1988,

volume = {76},

number = {5},

pages = {560-577},

note = {Reprinted in Simmons' collection}

}

@inproceedings{DiffieHe76a,

author = {W. Diffie and M. E. Hellman},

title = {Multiuser Cryptographic Techniques},

booktitle = {Proc.\ AFIPS 1976 National Computer Conference},

publisher = AFIPS,

address = {Montvale, N.J.},

year = 1976,

pages = {109--112}

}

@article{DiffieHe76b,

author = {W. Diffie and M. E. Hellman},

title = {New Directions in Cryptography},

journal = {IEEE Trans.\ Inform.\ Theory},

volume = {IT-22},

month = Nov,

year = 1976,

pages = {644--654}

}

@article{DiffieHe77,

author = {W. Diffie and M. E. Hellman},

title = {Exhaustive Cryptanalysis of the {NBS} Data Encryption

Standard},

journal = {Computer},

volume = 10,

year = 1977,

month = Jun,

pages = {74--84}

}

@article{DiffieHe79,

author = {W. Diffie and M. E. Hellman},

title = {Privacy and Authentication: An Introduction to Cryptography},

journal = {Proc.\ IEEE},

volume = 67,

year = 1979,

month = Mar,

pages = {397--429}

}

@incollection{DiffieHe84,

author = {W. Diffie and M. E. Hellman},

title = {An Introduction to Cryptography},

booktitle = {Advances in Data Communication Management},

chapter = 4,

pages = {44-134},

editor = {Slonim and Unger and Fisher},

publisher = {Wiley},

year = 1984

}

@inproceedings{DiffieKlDeGlSm82,

author = {Whitfield Diffie and Melville Klein and Michael L.

Dertouzos and Andrew Gleason and Dean Smith},

title = {National Security and Commercial Security: Division

of Responsibility},

pages = {154--156},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04, transcription of panel discussion},

year = 1982

}

@article{DiffieVaWi92,

newtag = {DiffieVaWi92},

author = {Whitfield~Diffie and Paul C. Van Oorschot and Michael

J. Wiener},

title = {Authentication and authenticated key exchanges},

journal = {Designs, Codes, and Cryptography},

volume = 2,

number = 2,

month = Jun,

year = 1992,

pages = {107--125}

}

@INPROCEEDINGS{Ding90,

author = {C. Ding},

title = {Lower Bounds on the Weight Complexities of Cascaded

Binary Sequences},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {39--43}

}

@article{Dixon84,

author = {John D. Dixon},

title = {Factorization and Primality Tests},

journal = {The American Mathematical Monthly},

year = 1984,

month = {June-July},

volume = 91,

number = 6,

pages = {333--352}

}

@inproceedings{DixonLe93,

author = {Dixon, B. and Lenstra, A.K.},

year = 1993,

title = {Massively parallel elliptic curve factoring},

booktitle = {Advances in Cryptology --- Eurocrypt '92},

editor = {R.A. Rueppel},

pages = {183--193},

publisher = {Springer-Verlag},

address = {Berlin}

}

@manual{Dod85,

newtag = {Dod85},

author = {{Department of Defense}},

title = {{CSC-STD-002-85}: Department of Defense ({DoD}) Password

Management Guidelines},

year = 1985

}

@manual{Dod85a,

newtag = {Dod85a},

author = {{Department of Defense}},

title = {{DoD 5200.28-STD}: Department of Defense ({DoD}) Trusted

Computer System Evaluation Criteria ({TCSEC})},

year = 1985

}

@inproceedings{DolevDwNa91,

author = {D. Dolev and C. Dwork and M. Naor},

title = {Non-malleable cryptography},

booktitle = STOC91,

publisher = ACM,

year = 1991,

pages = {542--552}

}

@inproceedings{DolevEvKa83,

author = {D. Dolev and S. Even and R. M. Karp},

title = {On the Security of Ping-Pong Protocols},

pages = {177--186},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{DolevWi83,

author = {Danny Dolev and Avi Wigderson},

title = {On the Security of Multi-Party Protocols in Distributed

Systems},

pages = {167--175},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{DolevYa81,

author = {D. Dolev and A. C. Yao},

title = {On the Security of Public Key Protocols},

pages = {350--357},

booktitle = FOCS81,

publisher = IEEE,

year = 1981,

address = {Nashville}

}

@article{Domingo-FerrerHu90,

newtag = {Domingo-FerrerHu90},

author = {Josep Domingo-Ferrer and LLorenc Huguet-Rotger},

title = {Secure Network Bootstrapping: An algorithm for authentic

key exchange and digital signatures},

journal = {Computers and Security},

year = 1990,

month = Apr,

volume = 9,

number = 2,

pages = {145--152},

comment = {Like commutative encryption and El Gamal combined,

sort of.}

}

@book{Drake67,

author = {Drake, A.W.},

year = 1967,

title = {Fundamentals of Applied Probability Theory},

publisher = {McGraw-Hill Book Company},

address = {New York}

}

@article{Duff89,

author = {Tom Duff},

title = {Experience with viruses on UNIX systems},

journal = {Computing Systems},

volume = 2,

number = 2,

pages = {155--171},

year = 1989

}

@inproceedings{DusseKa90,

author = {Stephen R. Duss\'e and Burton S. {Kaliski Jr.}},

year = 1990,

title = {A cryptographic library for the {Motorola} {DSP56000}},

booktitle = {Advances in Cryptology --- Eurocrypt '90},

editor = {I.B. Damg{\aa}rd},

pages = {230--244},

publisher = {Springer-Verlag},

address = {New York}

}

@inproceedings{DworkFeKiNaSa92,

author = {Cynthia Dwork and Uri Feige and Joe Kilian and Moni

Naor and Muli Safra},

title = {Low sommunication 2-Prover Zero-Knowledge Proofs for

{\em NP}},

pages = {215--227},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{Dwork92,

author = {Cynthia Dwork},

title = {On verification in secret sharing},

pages = {114--128},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@inproceedings{DworkNa92,

author = {Cynthia Dwork and Moni Naor},

title = {Pricing via Processing or Combatting Junk Mail},

pages = {139--147},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{DworkNa94,

author = {Cynthia Dwork and Moni Naor},

title = {An efficient existentially unforgeable signature scheme

and its applications},

pages = {234--246},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@inproceedings{DworkSt88,

author = {C. Dwork and L. Stockmeyer},

title = {Zero-Knowledge with Finite State Verifiers},

pages = {71--76},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No. 403 },

publisher = {Springer-Verlag},

year = 1988

}

@manual{EastlakeKa96,

author = {Donald E. Eastlake, 3rd and Charles W. Kaufman},

title = {{D}omain {N}ame {S}ystem Security Extensions},

year = 1996,

month = {January 30,},

organization = {Internet DNS Security Working Group},

note = {(Available at:\hfill

{\tt ftp://ftp.isi.edu/draft-ietf-dnssec-secext-09.txt})}

}

@inproceedings{Eberle92,

author = {Hans Eberle},

title = {A High-Speed {DES} Implementation for Network Applications},

pages = {521--539},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{Ecker83,

author = {A. Ecker},

title = {Finite Semigroups and the {RSA}-Cryptosystem},

pages = {353--369},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{Ecker85,

author = {A. Ecker},

title = {Time-division Multiplexing Scramblers: Selecting Permutations

and Testing the Systems},

pages = {399--415},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@inproceedings{EichinRo89,

author = {M.W. Eichin and J.A. Rochlis},

title = {With Microscope and Tweezers: An Analysis of

the Internet Virus of November 1988},

booktitle = {IEEE Security and Privacy},

pages = {326--343},

year = 1989

}

@inproceedings{EierLa83,

author = {R. Eier and Dipl.-Ing. H. Lagger},

title = {Trapdoors in Knapsack Cryptosystems},

pages = {316--322},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{ElGamal84,

author = {Taher ElGamal},

title = {A Subexponential-Time Algorithm for Computing Discrete

Logarithms over $GF(p^{2})$},

pages = {275--292},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@article{ElGamal85,

author = {T. El Gamal},

title = {A Public Key Cryptosystem and a Signature Scheme Based

on Discrete Logarithms},

journal = {IEEE Trans.\ Inform.\ Theory},

volume = 31,

year = 1985,

pages = {469--472}

}

%same paper, different source

@inproceedings{ElGamal85a,

author = {Taher El Gamal},

title = {A Public Key Cryptosystem and a Signature Scheme Based

on Discrete Logarithms},

pages = {10--18},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@article{ElGamal85b,

author = {ElGamal, T.},

year = 1985,

title = {A subexponential-time algorithm for computing discrete

logarithms over {$GF(p^2)$}},

journal = {IEEE Transactions on Information Theory},

volume = {IT-31},

pages = {473--481}

}

@inproceedings{ElGamal86,

author = {Taher ElGamal},

title = {On Computing Logarithms Over Finite Fields},

pages = {396--402},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@article{Elias72,

author = {P. Elias},

title = {The efficient construction of an unbiased random sequence},

journal = {Ann.\ Math.\ Statist.},

volume = 43,

number = 3,

year = 1972,

pages = {865--870}

}

@misc{Ellison98,

author = {Ellison, Carl M.},

title = {{SPKI} Certificate Documentation},

year = {1998},

howpublished = {(See {\tt http://www.clark.net/pub/cme/html/spki.html})}

}

@mastersthesis{Erdmann92,

author = {Erdmann, E.D.},

year = 1992,

title = {Empirical Tests of Binary Keystreams},

school = {University of London}

}

@article{ErdosPo86,

author = {Paul Erd\"{o}s and Carl Pomerance},

title = {On the Number of False Witnesses for a Composite Number},

journal = {Mathematics of Computation},

year = 1986,

month = Jan,

volume = 46,

number = 173,

pages = {259--279}

}

@inproceedings{EstesAdKoMcMi86,

author = {Dennis Estes and Leonard M. Adleman and Kireeti Kompella

and Kevin S. McCurley and Gary L. Miller},

title = {Breaking the {Ong-Schnorr-Shamir} Signature Scheme

for Quadratic Number Fields},

pages = {3--13},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@article{EvansKaWe74,

author = {A. Evans and W. Kantrowitz and E. Weiss},

title = {A user authentication scheme not requiring secrecy

in the computer},

journal = {CACM},

volume = 17,

month = Aug,

year = 1974,

pages = {437--442}

}

@inproceedings{Even82,

author = {Shimon Even},

title = {Protocol for Signing Contracts},

pages = {148--153},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{Even91,

author = {S. Even},

title = {Systolic Modular Multiplication},

pages = {619--624},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@article{EvenGo81,

author = {S. Even and O. Goldreich},

title = {The Minimum Length Generator Sequence in {NP-Hard}},

journal = {Journal of Algorithms},

year = 1981,

volume = 2,

pages = {311--313}

}

@inproceedings{EvenGo83,

author = {S. Even and O. Goldreich},

title = {On the Security of Multi-Party Ping-Pong Protocols},

booktitle = FOCS83,

publisher = IEEE,

year = 1983,

address = {Tucson},

pages = {34--39}

}

@inproceedings{EvenGo83a,

author = {Shimon Even and Oded Goldreich},

title = {On the Security of Multi-Party Ping-Pong Protocols},

pages = {315--315},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983,

comment = {Abstract of their FOCS '83 paper}

}

@article{EvenGo83b,

author = {Even, S. and Goldreich, O.},

title = {DES-like functions can generate the Alternating Group},

journal = {IEEE Trans. on Information Theory},

volume = {IT-29},

number = {6},

year = 1983,

pages = {863--865}

}

@inproceedings{EvenGo84,

author = {S. Even and O. Goldreich},

title = {On the power of cascade ciphers},

pages = {43--50},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@inproceedings{EvenGo84a,

author = {Shimon Even and Oded Goldreich},

title = {Electronic Wallet},

pages = {383--386},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@article{EvenGo85,

author = {S. Even and O. Goldreich},

title = {On the power of cascade ciphers},

journal = {ACM Tras.\ Computer Systems},

volume = 3,

month = May,

year = 1985,

pages = {108--116}

}

@inproceedings{EvenGoLe83,

author = {S. Even and O. Goldreich and A. Lempel},

title = {A Randomized Protocol for Signing Contracts},

pages = {205--210},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@article{EvenGoLe85,

author = {S. Even and O. Goldreich and A. Lempel},

title = {A Randomized Protocol for Signing Contracts},

journal = {Communications of the ACM},

year = 1985,

volume = 28,

pages = {637--647}

}

@inproceedings{EvenGoMi90,

author = {Shimon Even and Oded Goldreich and Silvio Micali},

title = {On-line/off-line digital signatures},

pages = {263--277},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{EvenGoSh86,

author = {Shimon Even and Oded Goldreich and Adi Shamir},

title = {On the Security of Ping-Pong Protocols When Implemented

Using the {RSA}},

pages = {58--72},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@techreport{EvenYa80,

author = {S. Even and Y. Yacobi},

title = {An Observation Concerning the Complexity of Problems

with Few Solutions and its Application to Cryptography},

institution = {Technion C. S. Dept},

year = 1980,

number = {TR-167}

}

@techreport{EvenYa80a,

author = {S. Even and Y. Yacobi},

title = {Cryptocomplexity and {NP}-Completeness},

institution = {Technion C. S. Dept},

year = 1980,

number = {TR-172}

}

@article{Fabry74,

author = {R. Fabry},

title = {Capability-Based Addressing},

journal = {Communications of the ACM},

volume = 17,

number = 7,

year = 1974,

month = {July},

pages = {403--412}

}

@article{FaginNaWi96,

author = {Ronald Fagin and Moni Naor and Peter Winkler},

title = {Comparing Information Without Leaking It},

journal = {Communications of the ACM},

volume = 39,

number = 5,

pages = {77--85},

month = May,

year = 1996

}

@manual{Fahn93,

author = {Fahn, P.},

year = 1993,

title = {{Answers to Frequently Asked Questions About Today's

Cryptography}},

organization = {RSA Laboratories},

month = {September},

note = {Version 2.0}

}

@techreport{FahnRo94,

author = {Fahn, P. and Robshaw, M.J.B.},

institution = {RSA Laboratories},

year = 1994,

month = {February},

title = {Results from the {RSA} {F}actoring {C}hallenge},

number = {TR - 501},

note = {Revised June, 1994}

}

@inproceedings{FairfieldMaPl85,

author = {R.C. Fairfield and A. Matusevich and J. Plany},

title = {An {LSI} Digital Encryption Processor {DEP}},

pages = {115-143},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@inproceedings{FairfieldMoCo85,

author = {R.C. Fairfield and R.L. Mortenson and K.B. Coulthart},

title = {An {LSI} Random Number Generator ({RNG})},

pages = {203--230},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@inproceedings{Fam84,

author = {Bahaa W. Fam},

title = {Improving the Security of Exponential Key Exchange},

pages = {359--368},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@InProceedings{FeigeFiSh87,

author = {Uriel Feige and Amos Fiat and Adi Shamir},

title = {Zero Knowledge Proofs of Identity},

year = 1987,

pages = {210-217},

booktitle = {Proc.\ 19th ACM Symp. on Theory of Computing},

month = {May}

}

@article{FeigeFiSh88,

author = {U. Feige and A. Fiat and A. Shamir},

title = {Zero knowledge proofs of identity},

journal = {Journal of Cryptology},

year = 1988,

volume = 1,

number = 2,

pages = {77-94}

}

@unpublished{FeigeGoLoSaSz91,

author = {U. Feige and and S. Goldwasser and L. Lovasz and S.

Safra and M. Szegedi},

title = {The Difficulty of Approximating Clique},

booktitle = FOCS91,

note = {no note},

publisher = IEEE,

year = 1991,

pages = {2-13}

}

@inproceedings{FeigeGoLoSaSz91a,

author = {U. Feige and S. Goldwasser and L. Lovasz and S. Safra

and M. Szegedi},

title = {Approximating the Clique is Almost {NP}-Complete},

booktitle = FOCS91,

publisher = IEEE,

year = 1991,

pages = {34--39}

}

@inproceedings{FeigeSh90,

author = {Uriel Feige and Adi Shamir},

title = {Zero knowledge proofs of knowledge in two rounds},

pages = {526--545},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@InProceedings{FeigeSh90a,

author = {U. Feige and A. Shamir},

title = {Witness Indistinguishable and Witness Hiding Protocols},

year = 1990,

pages = {416--426},

booktitle = {Proc.\ 22nd ACM Symp. on Theory of Computing},

month = {May}

}

@inproceedings{FeigeShTe88,

author = {U. Feige and A. Shamir and M. Tennenholtz},

title = {The Noisy Oracle Problem},

pages = {284--286},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Feigenbaum86,

author = {Joan Feigenbaum},

title = {Encrypting Problem Instances: Or...Can You Take Advantage

of Someone Without Having to Trust Him?},

pages = {477--488},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@article{Feigenbaum93,

author = {Joan Feigenbaum},

title = {Locally random reductions in interactive complexity theory},

journal = {DIMACS Series in Discrete Mathematics and Theoretical

Computer Science},

year = 1993,

volume = 13,

pages = {73--98}

}

@article{FeigenbaumFo93,

author = {Joan Feigenbaum and Lance Fortnow},

title = {Random-self-reducibility of complete sets},

journal = {SIAM Journal of Computing},

year = 1993,

volume = 22,

number = 5,

pages = {994--1005}

}

@article{FeigenbaumLiWr91,

author = {Joan Feigenbaum and Mark Y. Liberman and Rebecca N. Wright},

title = {Cryptograpphic protection of databases and software},

journal = {DIMACS Series in Discrete Mathematics and Theoretical

Computer Science},

year = 1991,

volume = 2,

pages = {161--172}

}

@article{Feistel73,

author = {H. Feistel},

title = {Cryptography and Computer Privacy},

journal = {Scientific American},

volume = 228,

month = May,

year = 1973,

pages = {15--23}

}

@misc{Feistel74,

author = {Feistel, H.},

title = {Block cipher cryptographic system},

howpublished = {U.S. Patent No. 3,798,359},

year = {1974}

}

@article{FeistelNoSm75,

author = {Horst Feistel and William A. Notz and J. Lynn Smith},

title = {Some Cryptographic Techniques for Machine-to-Machine

Data Communications},

journal = {Proc.\ IEEE},

volume = 63,

number = 11,

year = 1975,

month = Nov,

pages = {1545--1554}

}

@inproceedings{Feldman88,

author = {Frank A. Feldman},

title = {Fast spectral tests for measuring nonrandomness and

the {DES}},

pages = {243--254},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Feldman87,

author = {P. Feldman},

title = {A practical scheme for non-interactive verifiable

secret sharing},

pages = {427--438},

booktitle = FOCS87,

publisher = IEEE,

address = {Los Angeles},

year = 1987

}

@inproceedings{FeldmanMi85,

author = {P. Feldman and S. Micali},

title = {Byzantine Agreement in Constant Expected Time (and

Trusting No One)},

pages = {267--276},

booktitle = FOCS85,

address = {Portland},

publisher = IEEE,

year = 1985

}

@inproceedings{FeldmeirerKa90,

author = {David C. Feldmeirer and Philip R. Karn},

title = {{UNIX} password security - Ten years later},

pages = {44--63},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{FellDi86,

author = {Harriet Fell and Whitfield Diffie},

title = {Analysis of a Public Key Approach Based on Polynomial

Substitution},

pages = {340--349},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@inproceedings{FellowsKo92,

author = {Michael Fellows and Neal Koblitz},

title = {{Kid Krypto}},

pages = {371--389},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{Ferguson94,

author = {Niels Ferguson},

title = {Extensions of single-term coins},

pages = {292--301},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@INPROCEEDINGS{Ferreira90,

author = {R. Ferreira},

title = {The Practical Application of State of the Art Security

in Real Environments},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {334--355}

}

@inproceedings{Fiat90,

author = {Amos Fiat},

title = {Batch {RSA}},

pages = {175--185},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{FiatNa91,

author = {Amos Fiat and Moni Naor},

title = {Rigorous time/space trade-offs for inverting functions},

booktitle = STOC91,

publisher = ACM,

year = 1991,

pages = {534--541}

}

@inproceedings{FiatNa94,

author = {Amos Fiat and Moni Naor},

title = {Broadcast encryption},

pages = {480--491},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@inproceedings{FiatSh87,

author = {A. Fiat and A. Shamir},

title = {How to prove yourself: practical solutions to identification

and signature problems},

pages = {186--194},

booktitle = CRYPTO86,

editor = {A. M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263},

publisher = {Springer},

year = 1987

}

@inproceedings{FiatSh87a,

author = {Amos Fiat and Adi Shamir},

title = {How to prove yourself: Practical solutions to identification

and signature problems},

pages = {186--194},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@inproceedings{FindlayJo90,

author = {Paul A. Findlay and Brian A. Johnson},

title = {Modular exponentiation using recursive sums of residues},

pages = {371--386},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{FischerWr92,

author = {M.J. Fischer and R.N. Wright},

title = {Multiparty secret key exchange using a random deal

of cards},

pages = {141--155},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@inproceedings{Forre88,

author = {R. Forr\'e},

title = {The Strict Avalanche Criterion: Spectral Properties

of Boolean Functions and an Extended Definition},

pages = {450--468},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{FortuneMe85,

author = {Steven Fortune and Michael Merritt},

title = {Poker Protocols},

pages = {454-464},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@techreport{FrankelDe92,

author = {Yair Frankel and Yvo Desmedt},

year = 1992,

title = {Distributed reliable threshold multisignature},

institution = {Department of E.E. and C.S., University of

Wisconsin-Milwaukee},

number = {TR-92-04-02},

month = {Apr}

}

@inproceedings{FrankelDeBu92,

author = {Yair Frankel and Yvo Desmedt and Mike Burmester},

title = {Non-Existence of Homomorphic General Sharing Schemes

for Some Key Spaces},

pages = {549--557},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{FranklinHa94,

author = {Matthew Franklin and Stuart Haber},

title = {Joint encryption and message-efficient secure computation},

pages = {266--277},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@article{FranklinRe96,

author = {Matthew K. Franklin and Michael K. Reiter},

title = {The Design and Implementation of a Secure Auction Service},

journal = {IEEE Transactions onSoftware Engineering},

note = {to appear},

year = 1996

}

@article{FriezeHaKaLaSh88,

newtag = {FriezeHaKaLaSh88},

author = {A. M. Frieze and J. Hastad and R. Kannan and J. C.

Lagarias and A. Shamir},

title = {Reconstructing Truncated Integer Variables Satisfying

Linear Congruences},

journal = {SIAM J. Computing},

year = 1988,

month = Apr,

volume = 17,

number = 2,

pages = {262--280}

}

@inproceedings{FujiokaOkOh92,

author = {Atsushi Fujioka and Tatsuaki Okamoto and Kazuo Ohta},

title = {A Practical Secret Voting Scheme for Large Scale Elections},

booktitle = AUSCRYPT92,

year = 1992,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 718,

publisher = {Springer-Verlag},

pages = {244--251}

}

@inproceedings{Fumy88,

author = {Walter Fumy},

title = {On the F-function of {FEAL}},

pages = {434--437},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{FumyMu91,

author = {W. Fumy and M. Munzert},

title = {A Modular Approach to Key Distribution},

pages = {274--284},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@inbook{FurerGoMaSiZa89,

author = {M. Furer and O. Goldreich and Y. Mansour and M. Sipser

and S. Zachos},

title = {On Completeness and Soundness in Interactive Proof

Systems},

publisher = {JAI Press},

note = {Advances in computing research Vol 5: Randomness and

computation},

year = 1989,

pages = {429--442}

}

@INPROCEEDINGS{GaarderSn90,

author = {K. Gaarder and E. Snekkenes},

title = {On the Formal Analysis of {PKCS} Authentication Protocols},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {106--121}

}

@book{Gaines56,

author = {H. F. Gaines},

title = {Cryptanalysis: A Study of Ciphers and Their Solutions},

publisher = {Dover},

year = 1956

}

@inproceedings{GalilHaYu85,

author = {Z. Galil and S. Haber and M. Yung},

title = {A private interactive test of a Boolean predicate and

minimum-knowledge public-key cryptosystems},

pages = {360--371},

booktitle = FOCS85,

publisher = IEEE,

address = {Portland},

year = 1985

}

@inproceedings{GalilHaYu86,

author = {Zvi Galil and Stuart Haber and Moti Yung},

title = {Symmetric Public-Key Encryption},

pages = {128--137},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@inproceedings{GalilHaYu88,

author = {Zvi Galil and Stuart Haber and Moti Yung},

title = {Cryptographic computation: Secure faut-tolerant protocols

and the public-key model},

pages = {135--155},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@article{GalilMa91,

author = {Zvi Galil and Oded Margalit},

title = {An Almost Linear-Time Algorithm for the Dense Subset-Sum

Problem},

journal = {SIAM J. Comput.},

year = 1991,

month = Dec,

volume = 20,

number = 6,

pages = {1157--1189},

comment = {Algorithm runs in time O(L log L), where L is upper

bound on input numbers}

}

@inproceedings{GanderMa94,

author = {M.J. Gander and U.M. Maurer},

title = {On the secret-key rate of binary random variables},

booktitle = {Proc. 1994 IEEE Internation Symp. of Information Theory},

year = 1994,

pages = {351--351},

note = {Trondheim, Norway, June 27-July1, 94}

}

@article{Ganesan96,

author = {Ravi Ganesan},

title = {The Yaksha Security System},

journal = {Communications of the ACM},

volume = 39,

number = 3,

pages = {55--60},

month = March,

year = 1996

}

@article{Gardner77,

author = {Martin Gardner},

title = {Mathematical Games},

journal = {Scientific American},

volume = 237,

number = 2,

year = 1977,

pages = {120--124},

comment = {Gives RSA challenge cipher.}

}

@book{GareyJo79,

author = {M. Garey and D. S. Johnson},

title = {Computers and Intractability: A Guide to the Theory

of {NP}-Completeness},

publisher = {Freeman},

year = 1979

}

@book{Garlinski79,

author = {J. Garl{i\'ns}ki},

title = {Intercept: The Enigma War},

publisher = {Dent},

address = {London},

year = 1979

}

@inproceedings{Gasser82,

author = {Morrie Gasser},

title = {Limitations on the Use of Encryption to Enforce Mandatory

Security},

pages = {130--134},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@book{Gauss65,

author = {Gauss, Carl Friedrich},

title = {Disquisitiones {A}rithmeticae},

year = 1965,

publisher = {Yale University Press},

note = {Translated from the 1801 Latin original by A. Clarke.}

}

@inproceedings{Gehrmann94,

author = {Christian Gehrmann},

title = {Cryptanalysis of the {Gemmell and Naor} multiround

authentication protocol},

pages = {121-128},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@INPROCEEDINGS{GeiselmannGo90,

author = {W. Geiselmann and D. Gollmann},

title = {{VLSI} Design for Exponentiation in {$GF(2^{n})$}},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {398--405}

}

@inproceedings{GemmellNa94,

author = {Pete Gemmell and Moni Naor},

title = {Codes for interactive authentication},

pages = {355--367},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@inproceedings{Gennaro95,

author = {Gennaro, Rosario},

title = {Achieving Independence Efficiently and Securely},

booktitle = PODC95,

pages = {130--136},

publisher = ACM,

year = 1995

}

@unpublished{Gennaro95a,

author = {Gennaro, Rosario},

title = {A receipt-free election scheme tolerating a dynamic

coercer (with applications to key escrow},

note = {Unpublished Manuscript},

month = Nov,

year = 1995

}

@book{GerhardtDi77,

editor = {L. A. Gerhardt and R. C. Dixon},

title = {Spread Spectrum Communications},

publisher = IEEE,

note = {Special issue of IEEE Trans. Comm.},

volume = {COM25},

month = Aug,

year = 1977

}

@unpublished{Gertner95,

author = {Yael Gertner},

title = {Analysis of the Pollard-Rho Factoring Algorithm},

note = {6.915 course paper},

month = Dec,

year = 1995

}

@unpublished{GertnerMa96,

author = {Yael Gertner and Tal Malkin},

title = {Private Information Retrieval Protecting the

User and the Database},

note = {TR to come},

month = Dec,

year = 1996

}

@unpublished{Gibson87,

author = {Gibson, J. K.},

title = {A Generalization of {Brickell's} Algorithm for Fast

Modular Multiplication},

note = {Submitted to BIT},

month = Sep,

year = 1987

}

@article{Gibson91,

author = {J.K. Gibson},

title = {Discrete logarithm hash function that is collision

free and one way},

pages = {407--410},

journal = {IEE Proceedings-E},

note = {No. 138},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{GilbertCh91,

author = {H. Gilbert and G. Chass{\'e}},

title = {A Statistical Attack of the {FEAL}-8 Cryptosystem},

pages = {22--33},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{GilbertCh94,

author = {Henri Gilbert and Pascal Chauvaud},

title = {A chosen plaintext attack of the 16-round {Khufu} cryptosystem},

pages = {359--368},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@article{GilbertMaSl74,

author = {E. N. Gilbert and F. J. MacWilliams and N. J. A. Sloane},

title = {Codes which detect deception},

journal = {Bell System Tech.\ J.},

volume = 53,

year = 1974,

pages = {405--424}

}

@article{Gill77,

author = {J. Gill},

title = {Computational complexity of probabilistic {T}uring

machines},

journal = SIAM,

volume = 6,

month = Dec,

year = 1977,

pages = {675--695}

}

@article{GillmanMoRi96,

author = {Gillman, David W. and Mojdeh Mohtashemi and Ronald L. Rivest},

title = {On Breaking a Huffman Code},

journal = {IEEE Trans. Info. Theory},

volume = {42},

number = {3},

month = {May},

year = {1996},

pages = {972--976}

}

@inproceedings{Giradot85,

author = {Yves Giradot},

title = {Bull {CP8} Smart Card Uses in Cryptology},

page = {464--469},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@INPROCEEDINGS{Girault90,

author = {M. Girault},

title = {A (Non-Practical) Three-Pass Identification Protocol

Using Coding Theory},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {265--272}

}

@inproceedings{GiraultSt94,

author = {Marc Girault and Jacquess Stern},

title = {On the length of cryptographic hash-values used in

identification schemes},

pages = {202--215},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@inproceedings{GiraultToVa88,

oldtag = {GiraultToVa90},

author = {M. Girault and P. Toffin and B. Vall\'ee},

title = {Computation of Approximate $L-th$ Roots Modulo $n$

and Application to Cryptography},

pages = {100--118},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@article{Gligor79,

author = {V.D. Gligor},

year = 1979,

title = {Review and Revocation of Access Privileges Distributed

Through Capabilities},

journal = {IEEE Transactions on Software Engineering},

volume = {SE-5/6},

pages = {575--586}

}

@inproceedings{Gligor83,

author = {V. Gligor},

title = {A Note on the Denial of Service Problem},

booktitle = {IEEE Security and Privacy},

year = 1983

}

@inproceedings{GodlewskiCo86,

author = {Philippe Godlewski and Gerard D. Cohen},

title = {Some Cryptographic Aspects of {Womcodes}},

pages = {458--467},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@inproceedings{GoguenMe82,

author = {J. Goguen and J. Meseguer},

title = {Security Policies and Security Models},

booktitle = {IEEESecPriv},

year = 1982

}

@book{GoldiePi91,

editor = {C.M. ~Goldie and R.G.E. ~Pinch},

title = {Communication Theory},

publisher = {Cambridge University Press},

year = 1991

}

@mastersthesis{Goldreich82,

author = {Oded Goldreich},

title = {On the Complexity of Some Edge Testing Problems},

school = {Computer Science Dept, Technion, Haifa, Israel},

year = 1982

}

@phdthesis{Goldreich83a,

author = {Oded Goldreich},

title = {On the Security of Cryptographic Protocols and Cyptosystems},

school = {Computer Science Dept, Technion, Haifa, Israel},

year = 1983

}

@techreport{Goldreich83b,

author = {Oded Goldreich},

title = {On Concurrent Identification Protocols},

institution = {MIT Laboratory for Computer Science},

number = {MIT/LCS/TM-250},

month = Dec,

year = 1983,

note = {Some more content than Eurocrypt '84 version.}

}

@inproceedings{Goldreich84,

author = {Oded Goldreich},

title = {A Simple Protocol for Signing Contracts},

pages = {133--136},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@inproceedings{Goldreich85,

author = {Oded Goldreich},

title = {On the Number of Close-and-equal Pairs of Bits in a

String},

pages = {127--141},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@inproceedings{Goldreich85a,

author = {Oded Goldreich},

title = {On Concurrent Identification Protocols},

pages = {387--396},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@techreport{Goldreich86,

author = {O. Goldreich},

title = {Two remarks concerning the {Goldwasser-Micali-Rivest}

signature scheme},

institution = {MIT Laboratory for Computer Science},

number = {MIT/LCS/TM-315},

month = Sep,

year = 1986

}

@inproceedings{Goldreich87,

author = {Oded Goldreich},

title = {Two Remarks Concerning the {Goldwasser-Micali-Rivest}

Signature Scheme},

pages = {104--110},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@inproceedings{Goldreich87a,

author = {Oded Goldreich},

title = {Towards a Theory of Software Protection},

pages = {426--439},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@inbook{Goldreich88,

author = {Oded Goldreich},

title = {Randomness, Interaction, Proofs and Zero-Knowledge},

publisher = {Oxford University Press},

note = {booktitle: The Universal Turing Machine: A Half-Century

Survey},

year = 1988,

pages = {377--406}

}

@article{Goldreich90,

author = {Oded Goldreich},

title = {A Note on Computational Indistinguishability},

journal = {Information Processing Letters},

volume = 34,

month = May,

year = 1990,

pages = {277--281}

}

@article{Goldreich93,

author = {Oded Goldreich},

title = {A Uniform Complexity Treatment of Encryption and Zero-Knowledge},

journal = {Journal of Cryptology},

year = 1993,

volume = 6,

number = 1,

pages = {21--53}

}

@article{Goldreich93a,

author = {Oded Goldreich},

title = {A Taxonomy of Proof Systems (Part 1)},

journal = {ACM SIGACT News},

volume = 24,

number = 4,

year = 1993,

month = Dec,

pages = {2--13}

}

@article{Goldreich94,

author = {Oded Goldreich},

title = {A Taxonomy of Proof Systems (Part 2)},

journal = {ACM SIGACT News},

volume = 25,

number = 1,

year = 1994,

month = Mar,

pages = {22--30}

}

@inproceedings{GoldreichGoLi91,

author = {O. Goldreich and S. Goldwasser and N. Linial},

title = {Fault Tolerant Computation in the Full Information

Model},

booktitle = FOCS91,

publisher = IEEE,

year = 1991,

pages = {447-457}

}

@inproceedings{GoldreichGoMi84,

author = {O. Goldreich and S. Goldwasser and S. Micali},

title = {How to Construct Random Functions},

pages = {464--479},

booktitle = FOCS84,

publisher = IEEE,

address = {Singer Island},

year = 1984

}

@article{GoldreichGoMi84a,

author = {O. Goldreich and S. Goldwasser and S. Micali},

title = {How to Construct Random Functions},

journal = {Journal of the ACM},

volume = 33,

number = 4,

year = 1984,

month = Oct,

pages = {792--807}

}

@inproceedings{GoldreichGoMi85,

author = {Oded Goldreich and Shafi Goldwasser and Silvio Micali},

title = {On the Cryptographic Applications of Random Functions},

pages = {276--288},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@inproceedings{GoldreichKr86,

author = {Oded Goldreich and Hugo Krawczyk},

title = {On the Composition of Zero-Knowledge Proof Systems},

booktitle = {ICALP},

year = 1986,

pages = {174--187}

}

@inproceedings{GoldreichKr90,

author = {Oded Goldreich and Hugo Krawczyk},

title = {Sparse pseudorandom distributions},

pages = {113--127},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@article{GoldreichKr92,

author = {Oded Goldreich and Hugo Krawczyk},

title = {On Sparse Pseudorandom Ensembles},

journal = {Random Structures and Algorithms},

volume = 3,

number = 2,

year = 1992,

pages = {163--174}

}

@article{GoldreichKr93,

author = {Oded Goldreich and Hugo Krawczyk},

title = {On the Existence of Pseudorandom Generators},

journal = {SIAM J. Computing},

year = 1993,

month = Dec,

volume = 22,

number = 6,

pages = {1163--1175}

}

@inproceedings{GoldreichKrLu88,

oldtag = {GoldreichKrLu90},

author = {O. Goldreich and H. Krawczyk and M. Luby},

title = {On the Existence of Pseudorandom Generators},

pages = {146--162},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{GoldreichKu88,

author = {O. Goldreich and E. Kushilevitz},

title = {A Perfect Zero-Knowledge Proof for a Problem Equivalent

to Discrete Logarithm},

pages = {57--70},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@article{GoldreichKu93,

author = {O. Goldreich and E. Kushilevitz},

title = {A Perfect Zero-Knowledge Proof for a Problem Equivalent

to Discrete Logarithm},

journal = {Journal of Cryptology},

year = 1993,

volume = 6,

number = 2,

pages = {97--116}

}

@unpublished{GoldreichLe89,

author = {O. Goldreich and L. Levin},

title = {A Hard-core predicate for all one-way functions},

year = 1989,

note = {To appear in STOC '89}

}

@inproceedings{GoldreichMi87,

author = {O. Goldreich and S. Micali},

title = {Zero Knowledge and the Design of Secure Protocols},

pages = {??--??},

booktitle = {Proceedings IEEE Globecom '87},

publisher = IEEE,

year = 1987

}

@inproceedings{GoldreichMiWi86,

author = {O. Goldreich and S. Micali and A. Wigderson},

title = {Proofs that yield nothing but their validity and a

methodology of cryptographic protocol design},

pages = {174--187},

booktitle = FOCS86,

publisher = IEEE,

address = {Toronto},

year = 1986

}

@inproceedings{GoldreichMiWi87,

author = {Oded Goldreich and Silvio Micali and Avi Wigderson},

title = {rea a methodology of cryptographic protocol design},

pages = {171--185},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@article{GoldreichMiWi91,

author = {Oded Goldreich and Silvio Micali and Avi Wigderson},

title = {Proofs that Yield Nothing but their Validity or All

Languages in {NP} Have Zero-Knowledge Proof Systems},

journal = {Journal of the ACM},

volume = 38,

number = 1,

year = 1991,

pages = {691--729}

}

@article{GoldreichOr94,

author = {O. Goldreich and Y. Oren},

title = {Definitions and Properties of Zero-Knowledge Proof

Systems},

journal = {Journal of Cryptology},

year = 1994,

volume = 7,

number = 1,

pages = {1--32}

}

@inproceedings{GoldreichVa88,

author = {Oded Goldreich and Ronen Vainish},

title = {How to solve any protocol problem - an efficiency improvement},

pages = {73--86},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Goldwasser89,

author = {Shafi Goldwasser},

title = {Interactive Proof Systems Computational Complexity

Theory},

booktitle = {Proceedings of Symposia in Applied Mathematics},

note = {volume 38},

year = 1989,

pages = {108-128}

}

@incollection{Goldwasser90,

author = {Shafi Goldwasser},

title = {The Search for Provably Secure Cryptosystems},

booktitle = {Proc.\ AMS Symposia in Applied Mathematics: Computational

Number Theory and Cryptography},

publisher = {American Mathematical Society},

year = {1990},

pages = {89--113}

}

@inproceedings{Goldwasser90a,

author = {Shafi Goldwasser},

title = {Interactive Proofs and Applications},

pages = {??--??},

booktitle = {Proceedings of the International Congress of Mathematicians},

volume = 2,

note = {Lecture Notes in Computer Science No.\ 740},

year = 1990

}

@inproceedings{GoldwasserLe91,

author = {S. Goldwasser and L. Levin},

title = {Fair Computation of General Functions in Presence of

Immoral Majority},

pages = {77--93},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{GoldwasserKi86,

author = {S. Goldwasser and J. Kilian},

title = {Almost all primes can be quickly certified},

pages = {316--329},

booktitle = STOC86,

publisher = ACM,

address = {Berkeley},

year = 1986

}

@inproceedings{GoldwasserMi82,

author = {S. Goldwasser and S. Micali},

title = {Probabilistic Encryption and How to Play Mental Poker

Keeping Secret All Partial Information},

pages = {365--377},

booktitle = STOC82,

publisher = ACM,

address = {San Francisco},

year = 1982

}

@article{GoldwasserMi84,

author = {S. Goldwasser and S. Micali},

title = {Probabilistic Encryption},

journal = JCSS,

volume = 28,

number = 2,

month = Apr,

year = 1984,

pages = {270--299}

}

@inproceedings{GoldwasserMiRa85,

author = {S. Goldwasser and S. Micali and C. Rackoff},

title = {The knowledge complexity of interactive proof-systems},

booktitle = STOC85,

publisher = ACM,

address = {Providence},

year = 1985,

pages = {291--304}

}

@article{GoldwasserMiRa89,

author = {S. Goldwasser and S. Micali and C. Rackoff},

title = {The knowledge complexity of interactive proof-systems},

journal = {SIAM. J. Computing},

year = 1989,

volume = 18,

number = 1,

month = Feb,

pages = {186--208}

}

@inproceedings{GoldwasserMiRi84,

author = {S. Goldwasser and S. Micali and R. Rivest},

title = {A Paradoxical Solution to the Signature Problem},

pages = {441-448},

booktitle = FOCS84,

publisher = IEEE,

address = {Singer Island},

year = 1984

}

@inproceedings{GoldwasserMiRi85,

author = {Shafi Goldwasser and Silvio Micali and Ronald L. Rivest},

title = {A `Paradoxical' Solution to the Signature Problem},

pages = {467--467},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@article{GoldwasserMiRi88,

author = {Goldwasser, Shafi and Silvio Micali and Ronald L. Rivest},

title = {A Digital Signature Scheme Secure Against Adaptive

Chosen-Message Attacks},

journal = SIAM,

volume = 17,

number = 2,

year = 1988,

month = Apr,

pages = {281--308}

}

@inproceedings{GoldwasserMiTo82,

author = {S. Goldwasser and S. Micali and P. Tong},

title = {Why and How to Establish a Private Code on a Public

Network},

pages = {134--144},

booktitle = FOCS82,

publisher = IEEE,

address = {Chicago},

year = 1982

}

@inproceedings{GoldwasserMiYa83,

author = {S. Goldwasser and S. Micali and A. Yao},

title = {Strong Signature Schemes},

pages = {431--439},

booktitle = STOC83,

publisher = ACM,

address = {Boston},

year = 1983

}

@inproceedings{GoldwasserMiYa83a,

author = {Shafi Goldwasser and Silvio Micali and Andy Yao},

title = {On Signatures and Authentication},

pages = {211--215},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{GoldwasserOs92,

author = {S. Goldwasser and Rafail Ostrovsky},

title = {Invariant Signatures and Non-Interactive Zero-Knowledge

Proofs are Equivalent},

pages = {228--244},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@misc{GoldwasserRa84,

newtag = {GoldwasserRa84},

author = {S. Goldwasser and C. Rackoff},

title = {On Using the {XOR} operator as a Security Amplifier:

Applications to Factoring Based Encryption},

year = 1984,

note = {Presented at Eurocrypt '84, April, Paris}

}

@inproceedings{GoldwasserSi86,

author = {S. Goldwasser and M. Sipser},

title = {Private Coins versus Public Coins in Interactive Proof

Systems},

pages = {59--68},

booktitle = STOC86,

publisher = ACM,

address = {Berkeley},

year = 1986

}

@inproceedings{Gollmann85,

author = {Dieter Gollmann},

title = {Pseudo Random Properties of Cascade Connections of

Clock Controlled Shift Registers},

pages = {93--98},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@book{Golomb82,

author = {S. W. Golomb},

title = {Shift Register Sequences},

publisher = {Aegean Park Press},

address = {Laguna Hills},

year = 1982,

note = {Revised edition}

}

@inproceedings{GoodmanMc85,

author = {R.M.F. Goodman and A.J. McAuley},

title = {A New Trapdoor Knapsack Public-Key Cryptosystem},

pages = {150--158},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@book{GoosHa83,

editor = {G. Goos and J. Hartmanis},

title = {Cryptography: Proc.\ of the Workshop on Cryptography},

year = 1983,

address = {Burg Feuerstein},

note = {Lecture Notes in Computer Science No.\ 149},

publisher = {Springer}

}

@inproceedings{Gordon82,

author = {J.A. Gordon},

title = {Towards a Design Procedure for Cryptosecure Substitution

Boxes},

pages = {53--53},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@article{Gordon84,

author = {J. Gordon},

title = {Strong {RSA} Keys},

journal = {Electronics Letters},

volume = 20,

number = 12,

year = 1984,

month = Jun,

pages = {514--516}

}

@inproceedings{Gordon85,

author = {John Gordon},

title = {Strong Primes are Easy to Find},

pages = {216--223},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer},

address = {Paris},

year = 1985

}

@article{Gordon93,

author = {Gordon, Daniel M.},

title = {Discrete Logarithms in {GF(p)} Using the Number Field

Sieve},

journal = {SIAM J. Disc. Math.},

year = 1993,

month = Feb,

volume = 6,

number = 1,

pages = {124--138}

}

@inproceedings{Gordon92,

author = {Daniel M. Gordon},

title = {Designing and Detecting Trapdoors for Discrete Log

Cryptosystems},

pages = {66--75},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{GordonMc92,

author = {Daniel M. Gordon and Kevin S. McCurley},

title = {Massively Parallel Computation of Discrete Logarithms},

pages = {312--323},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{GordonRe83,

author = {J.A. Gordon and H. Retkin},

title = {Are Big {S-B}oxes Best?},

pages = {257--262},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{Gosler86,

author = {James R. Gosler},

title = {Software Protection: Myth or Reality?},

pages = {140--157},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@inproceedings{Goutay85,

author = {Jean Goutay},

title = {Smart Card Applications in Security and Data Protection},

page = {459--463},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@article{GramppMo84,

author = {F. Grampp and R. Morris},

title = {UNIX Operating System Security},

journal = {Bell System Technical Journal},

volume = 62,

number = 8,

year = 1984

}

@inproceedings{GrollmanSe84,

author = {J. Grollman and A. L. Selman},

title = {Complexity Measures for Public-Key Cryptosystems},

pages = {495--515},

booktitle = FOCS84,

publisher = IEEE,

address = {Singer Island},

year = 1984

}

@article{GrollmanSe88,

author = {J. Grollman and A. L. Selman},

title = {Complexity Measures for Public-Key Cryptosystems},

journal = {SIAM J. Computing},

year = 1988,

month = Apr,

volume = 17,

number = 2,

pages = {309--335}

}

@inproceedings{Groscot85,

author = {H. Groscot},

title = {Estimation of Some Encryption Functions Implemented

into Smart Cards},

page = {470--479},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@techreport{GrossmanCo74,

author = {Edna Grossman and Don Coppersmith},

title = {Generators for Certain Alternating Groups with Applications

to Cryptography},

institution = {IBM T.J. Watson Research},

number = {RC 4741},

month = Feb,

year = 1974

}

@techreport{GrossmanTu77,

author = {Edna K. Grossman and Bryant Tuckerman},

title = {Analysis of a Feistel-Like Cipher Weakened by having

no Rotating Key},

institution = {IBM T.J. Watson Research},

number = {RC 6375},

month = Jan,

year = 1977

}

@INPROCEEDINGS{Guang90,

author = {G. Guang},

title = {Nonlinear Generators of Binary Sequences with Controllable

Complexity and Double Key},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {32--36}

}

@inproceedings{Guillou85,

author = {Louis C. Guillou},

title = {Smart Cards and Conditional Access},

page = {480--489},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@inproceedings{GuillouQu88,

author = {Louis Guillou and Jean-Jacques Quisquater},

title = {Efficient digital public-key signature with shadow},

pages = {223--223},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{GuillouQu88a,

oldtag = {GuillouQu90},

author = {L.C. Guillou and J.-J. Quisquater},

title = {A ``Paradoxical'' Indentity-Based Signature Scheme

Resulting from Zero-Knowledge},

pages = {216--231},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{GuillouUg87,

author = {Louiss C. Guillou and Michel Ugon},

title = {Smart Card, a highly reliable and portable security

device},

pages = {464--479},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@INPROCEEDINGS{GustafsonDaCa90,

author = {H. Gustafson and E. Dawson and B. Caelli},

title = {Comparison of Block Ciphers},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {208--220}

}

@inproceedings{Guy75,

author = {Richard K. Guy},

title = {How to Factor a Number},

year = 1975,

booktitle = {Proc.\ Fifth Manitoba Conference on Numerical Mathematics},

pages = {49--89}

}

@inproceedings{GyoerySe87,

author = {Ralph Gyoery and Jennifer Seberry},

title = {Electronic Funds Transfer Point of Sale in {Australia}},

pages = {347--377},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@inproceedings{GyorfiKe83,

author = {Laszlo Gyorfi and Istvan Kerekes},

title = {Analysis of Multiple Access Channel Using Multiple

Level {FSK}},

pages = {165--172},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{HaberSt91,

author = {S. Haber and W.S. Stornetta},

title = {How to Time-Stamp a Digital Document},

pages = {437--455},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@article{HaberSt91a,

author = {S. Haber and W.S. Stornetta},

title = {How to Time-Stamp a Digital Document},

journal = {Journal of Cryptology},

year = 1991,

volume = 3,

pages = {99--111}

}

@inproceedings{Haemers86,

author = {Willem Haemers},

title = {Access Control at the {Netherlands} Postal and Telecommunications

Services},

pages = {543--544},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@misc{Hallam-Baker95,

author = {Phillip Hallam-Baker},

title = {{W3C} Payments Resources},

note = {{\tt http://www.w3.org/hypertext/WWW/Payments/overview.html}},

year = 1995,

}

@inproceedings{Haller94,

author = {Neil M. Haller},

title = {The {S/KEY} One-Time Password System},

booktitle = {ISOC},

year = 1994

}

@inproceedings{Harari85,

author = {S. Harari},

title = {Non-Linear, Non-Commutative Functions for Data Integrity},

pages = {25--32},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@book{HardyWr75,

author = {G. H. Hardy and E. M. Wright},

title = {An Introduction to the Theory of Numbers},

publisher = {Oxford Clarendon Press},

year = 1975,

edition = {Fourth}

}

@INPROCEEDINGS{Hardjono90,

author = {T. Hardjono},

title = {Record Encryption in Distributed Databases},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {386--395}

}

@inproceedings{HarnLi92,

author = {Lein Harn and Hung-Yu Lin},

title = {An $l$-Span Generalized Secret Sharing Scheme},

pages = {558--565},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@article{HarrisonRuUl76,

author = {M. Harrison and W. Ruzzo and J. Ullman},

title = {Protection in Operating Systems},

journal = {Communications of the ACM},

volume = 19,

number = 8,

year = 1976

}

@article{Hart94,

author = {George W. Hart},

title = {To Decode Short Cryptograms},

journal = {Communications of the ACM},

month = Sep,

year = 1994,

volume = 37,

number = 9,

pages = {102--108}

}

@inproceedings{Hastad86,

oldtag = {Hastad85},

author = {J. Hastad},

title = {On using {RSA} with low exponent in a public key network},

pages = {403--408},

booktitle = CRYPTO85,

editor = {H. C. Williams},

publisher = {Springer},

year = 1986,

note = {Lecture Notes in Computer Science No.\ 218}

}

@article{Hastad88,

author = {J. Hastad},

title = {Solving Simultaneous Modular Equations of Low Degree},

journal = {SIAM J. Computing},

year = 1988,

month = Apr,

volume = 17,

number = 2,

pages = {336--341}

}

@article{HastadScSh93,

author = {J. Hastad and A.W. Schrift and A. Shamir},

title = {The discrete logarithm modulo a composite hides $O(n)$

bits},

journal = {Journal of Computer and Systems Sciences},

volume = 47,

year = 1993,

pages = {376--404}

}

@inproceedings{HastadSh85,

author = {J. Hastad and A. Shamir},

title = {The Cryptographic Security of Truncated Linearly Related

Variables},

pages = {356--362},

booktitle = STOC85,

publisher = ACM,

address = {Providence},

year = 1985

}

@article{Hauser94,

author = {Ralf C. Hauser},

title = {Does Licensing Require New Access Control Techniques},

journal = {Communications of the ACM},

month = Nov,

year = 1994,

volume = 37,

number = 11,

pages = {48--55}

}

@misc{HauserStWa95,

author = {Ralf Hauser and Michael Steiner and Michael Waidner},

title = {Micro-{P}ayments based on {iKP}},

year = 1995,

month = {December 17,},

note = {Available from authors. {\tt sti@zurich.ibm.com}}

}

@INPROCEEDINGS{Hayes90,

author = {B. Hayes},

title = {Anonymous One-Time Signatures and Flexible Untraceable

Electronic Cash},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {294--305}

}

@inproceedings{VanHeijstPePf92,

oldtag = {HeijstPePf92},

author = {Eug\'ene van Heijst and Torben P. Pedersen and Birgit

Pfitzmann},

title = {New Constructions of Fail-Stop Signatures and Lower

Bounds},

pages = {15--30},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@article{Hellman77,

author = {M. E. Hellman},

title = {An extension of the {Shannon} theory approach to cryptography},

journal = {IEEE Trans.\ Inform.\ Theory},

volume = {IT-23},

year = 1977,

pages = {289--294}

}

@article{Hellman79,

author = {M. E. Hellman},

title = {The Mathematics of Public Key Cryptography},

journal = {Scientific American},

volume = 241,

month = Feb,

year = 1979,

pages = {146--157}

}

@article{Hellman80,

author = {M. E. Hellman},

title = {A cryptanalytic time-memory trade off},

journal = {IEEE Trans. Inform. Theory},

volume = {IT-26},

year = 1980,

pages = {401--406}

}

@misc{HellmanBa86,

author = {Martin E. Hellman and Carl E[ric] Bach},

title = {Method and Apparatus for Use in Public-Key Data Encryption

System},

howpublished = {U.S. Patent 4,633,036},

month = Dec,

year = 1986,

note = {(Filed May 31, 1984)}

}

@inproceedings{HellmanKaRe82,

author = {Martin E. Hellman and Ehud Karnin and Justin Reyneri},

title = {On the Necessity of Exhaustive Search for System-Invariant

Cryptanalysis},

pages = {2-6},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@techreport{HellmanMeScWaDiPo76a,

oldtag = {HellmanMeScWaDiPoSc76},

author = {M. E. Hellman and R. Merkle and R. Schroeppel and

L. Washington and W. Diffie and S. Pohlig and P. Schweitzer},

title = {Results of an initial attempt to cryptanalyze the {NBS}

Data Encryption Standard},

institution = {Stanford University},

number = {SEL 76--042},

year = 1976

}

@inproceedings{HellmanRe83a,

oldtag = {HellmanRe83},

author = {Martin E. Hellman and Justin M. Reyneri},

title = {Fast Computation of Discrete Logarithms in {GF}($q$)},

pages = {3--13},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{HellmanRe83aa,

oldtag = {HellmanRe83a},

author = {Martin E. Hellman and Justin M. Reyneri},

title = {Drainage and the {DES}},

pages = {129--131},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{HendessiAr93,

author = {Faramarz Hendessi and Mohammad R. Aref},

title = {A Successful Attack Against the {DES}},

pages = {78--90},

booktitle = {Information Theory and Applications Proceedings, Third

Canadian Workshop},

editor = {T. Aaron Gulliver and Norman P. Secord},

note = {Lecture Notes in Computer Science No.\ 793 },

publisher = {Springer-Verlag},

month = May,

year = 1993

}

@inproceedings{HenryNa82,

author = {Paul S. henry and R.D. Nash},

title = {High-Speed Hardware Implementation of the Knapsack

Cipher},

pages = {16--16},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{Henze82,

author = {Ernst Henze},

title = {A General Public Key System},

pages = {140--141},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{Herbison88,

oldtag = {Herbison90},

author = {B.J. Herbison},

title = {Developing Ethernet Enhanced-Security System},

pages = {507--519},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@article{Herlestam78,

author = {Tore Herlestam},

title = {Some critical remarks on public-key cryptosystems},

journal = {BIT},

volume = 18,

year = 1978,

pages = {493--496},

comment = {Generalization of repeated encryption attack of SimmonsNo77}

}

@inproceedings{Herlestam82,

author = {Tore Herlestam},

title = {Discussion of Adleman's Subexponential Algorithm for

Computing Discrete Logarithms},

pages = {142--147},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{Herlestam83,

author = {Tore Herlestam},

title = {On Using Prime Polynomials in Crypto Generators},

pages = {207--216},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{HerlihyTy88,

author = {Maurice P. Herlihy and J.D. Tygar},

title = {How to make replicated data secure},

pages = {379--391},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@unpublished{HerzbergJaKrYu95,

author = {Amir Herzberg and Stanislaw Jarecki and Hugo Krawczyk

and Moti Yung},

title = {Proactive Secret Sharing, or: How to Cope with Perpetual

Leakage},

month = Feb,

year = 1995,

note = {IBM T.J. Watson Research Center}

}

@inproceedings{HerzbergLu92,

author = {Amir Herzberg and Michael Luby},

title = {Pubic Randomness in Cryptography},

pages = {421--432},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{HerzbergPi86,

author = {Amir Herzberg and Shlomit S. Pinter},

title = {Public Protection of Software},

pages = {158--179},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@inproceedings{HessWi83,

author = {Peter Hess and Klaus Wirl},

title = {A Voice Scrambling System for Testing and Demonstration},

pages = {147--156},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@unpublished{HeysTa94,

author = {H.M. Heys and S.E. Tavares},

title = {On the Security of the {CAST} Encryption Algorithm},

month = Sep,

year = 1994,

note = {preprint of the Canadian Conf. on Elect. \& Computer

Eng}

}

@article{Hill29,

author = {L.S. Hill},

title = {Cryptography in an algebraic alphabet},

journal = {The American Mathematical Monthly},

year = 1929,

volume = 36,

pages = {306--312}

}

@article{Hiramatsu93,

author = {Tsuyoshi Hiramatsu},

title = {Protecting Telecommunications Privacy in Japan},

journal = {Communications of the ACM},

month = Aug,

year = 1993,

volume = 36,

number = 8,

pages = {74--77}

}

@inproceedings{Hirschfeld92,

author = {Rafael Hirschfeld},

title = {Making Electronic Refunds Safer},

pages = {106--112},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{Hoffman86,

author = {L. Hoffman},

title = {Risk Analysis and Computer Security: Bridging

the Cultural Gaps},

booktitle = {Proceedings of the 9th National Computer

Security Conference},

pages = {unknown},

year = 1986

}

@inproceedings{Hoffman86a,

author = {Lance J. Hoffman},

title = {A general purpose computer shell for risk analysis},

pages = {unknown},

booktitle = {Proceedings of the 1986 Conference of the Society for Risk Analysis},

note = {SRA},

month = {Nov},

year = 1986

}

@techreport{Hoffman87,

author = {Lance J. Hoffman},

institution = {The George Washington University},

year = 1987,

month = {Nov},

title = {Smoking out the bad actors: Risk analysis in the

age of the microcomputer},

number = {GWU TR 87-16}

}

@techreport{Hoffman95,

author = {Lance J. Hoffman},

institution = {The George Washington University},

year = 1995,

month = {Aug},

title = {Balanced Key Escrow},

number = {GWU-ICTSP-95-04}

}

@book{Hoffman95a,

editor = {Lance J. Hoffman},

title = {Building in Big Brother: The Cryptographic Policy Debate},

publisher = {Springer-Verlag},

year = 1995

}

@article{HoffmanAlHeHu94,

author = {Lance J. Hoffman and Faraz A. Ali and Steven L. Heckler

and Ann Huybrechts},

title = {Cryptography Policy},

journal = {Communications of the ACM},

month = Sep,

year = 1994,

volume = 37,

number = 9,

pages = {109--117}

}

@book{HoffmanLeLiRoWa91,

oldtag = {HoffmanLeLiPhRoWa91},

author = {D.G. Hoffman and D.A. Leonard and C.C. Lindner, K.T.

Phelps and C.A. Rodger and J.R. Wall},

title = {Coding Theory, The Essentials},

publisher = {Marcel Dekker},

year = 1991

}

@inproceedings{HohlLaMeWa94,

author = {Walter Hohl and Xuejia Lai and Thomas Meier and Christian

Waldvogel},

title = {Security of iterated hash functions based on block

ciphers},

pages = {379--390},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@techreport{HolmesMaWr90,

author = {J.P. Holmes and R.L. Maxwell and L.J. Wright},

title = {A performance evaluation of biometric

identification devices},

institution = {Sandia National Laboratories},

month = {July},

year = 1990

}

@techreport{Honeywell88,

author = {Honeywell Secure Computing Technology Center},

title = {LOCK: Selected Papers},

institution = {Honeywell},

year = {1985--1988}

}

@incollection{Hoogendoorn82a,

oldtag = {Hoogendoorn82},

author = {P. J. Hoogendoorn},

title = {On a Secure Public-Key Cryptosystem},

booktitle = {Computational Methods in Number Theory},

publisher = {Mathematical Centre Tracs 154},

address = {Amsterdam},

editor = {Lenstra, Jr., H. W. and R. Tijdeman},

year = 1982,

pages = {159--168}

}

@inproceedings{HoornaertGoDe85,

author = {Frank Hoornaert and Jo Goubert and Yvo Desmedt},

title = {Efficient Hardware Implementation of the {DES}},

pages = {147--173},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@inproceedings{Horbach83,

author = {Lothar Horbach},

title = {Privacy and Data Protection in Medicine},

pages = {228--232},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{HorvathMaVa94,

oldtag = {HorvathMaTr94},

author = {Tam\'as Horv\'ath and Spyros S. Magliveras and Tran

van Trung},

title = {A parallel permutation multiplier for a {PGM} crypto-chip},

pages = {108-113},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@book{HsiaoKeMa79,

author = {David K. Hsiao and Douglas S. Kerr and Stuart E. Madnick},

title = {Computer Security},

publisher = {Academic Press},

year = 1979

}

@inproceedings{HuangTe88,

oldtag = {HuangTe90},

author = {M.-D.A. Huang and S.-H. Teng},

title = {A Universal Problem in Secure and Verifiable Distributed

Computation},

pages = {336--353},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@article{HuleMu88,

author = {Harald Hule and Winfried B. M\"{u}ller},

title = {On the {RSA}-Cryptosystem with Wrong Keys},

journal = {Contributions to General Algebra},

year = 1988,

volume = 6,

pages = {103--109}

}

@inproceedings{HwangRa88,

oldtag = {HwangRa90},

author = {T. Hwang and T.R.N. Rao},

title = {Secret Error-Correcing Codes},

pages = {540--563},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@manual{IEEE92,

author = {{IEEE}},

year = {1992},

title = {{IEEE} Standard for Interoperable Local Area Network

({LAN}) Security: Part C --- Key Management Proposal},

month = {April 10},

note = {Draft}

}

@book{ImaiRiEd93,

oldtag = {ImaiRiMa93},

author = {H. Imai and R.L. Rivest and T. Matsumoto (Eds)},

title = {Advances in Cryptology -- ASIACRYPT '91 Proceedings},

series = {International Conference on the Theory and Application

of Cryptology},

publisher = {Springer-Verlag},

year = {1993},

note = {Lecture Notes in Computer Science, vol. 739}

}

@inproceedings{ImpagliazzoLeLu89,

author = {Impagliazzo, Russell and Leonid A. Levin and Michael

Luby},

title = {Pseudo-random generation from one-way functions},

booktitle = STOC89,

publisher = {ACM},

address = {Seattle},

year = {1989},

pages = {12--24}

}

@inproceedings{ImpagliazzoRu88,

oldtag = {ImpagliazzoRu90},

author = {R. Impagliazzo and S. Rudich},

title = {Limits on the Provable consequences of One-Way Permutations},

pages = {8--26},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{ImmpagliazzoYu88,

oldtag = {ImpagliazzoYu88},

author = {Russell Immpagliazzo and Moti Yung},

title = {Direct minimum-knowledge computations},

pages = {40--51},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Ingemarsson82,

author = {Ingemar Ingemarsson},

title = {Some Comments on the Kanpsack Problem},

pages = {20--24},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{Ingemarsson83,

author = {I. Ingemarsson},

title = {A New Algorithm for the Solution of the Knapsack Problem},

pages = {309--315},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@manual{ISOIEC88,

oldtag = {ISO-IEC88},

author = {{{ISO}/{IEC}}},

year = {1988},

title = {International Standard $9594-8$: Information Processing

Systems \_ Open Systems Interconnection \_ The Directory

\_ Authentication Framework}

}

@manual{ISOIEC88a,

oldtag = {ISO-IEC88a},

author = {{{ISO}/{IEC}}},

year = {1988},

title = {International Standard 10021-1: Information Processing

Systems, Text Communcation, {MOTIS}, Message Handling:

System and Service Overview}

}

@manual{SC90,

oldtag = {ISO-IEC90},

author = {ISO/IEC JTC1/SC6},

year = {1990},

title = {$N6285$: Draft Transport Layer Security Protocol},

month = {November}

}

@manual{SC90a,

oldtag = {ISO-IEC90a},

author = {ISO/IEC JTC1/SC6},

year = {1990},

title = {N2559: Draft Network Layer Security Protocol},

month = {September}

}

@manual{ISOIEC91,

oldtag = {ISO-IEC91},

author = {{{ISO}/{IEC}}},

year = {1991},

title = {International Standard 9796: Information Technology,

Security Techniques: Digital Signature Scheme Giving

Message Recovery}

}

@manual{ISOIEC91a,

oldtag = {ISO-IEC91a},

author = {{{ISO}/{IEC}}},

year = {1991},

title = {International Standard 9797: Data integrity mechanism

using a cryptographic check function employing a block

cipher algorithm},

address = {Geneva, Switzerland}

}

@manual{IEC92,

oldtag = {ISO-IEC92},

author = {ISO/IEC},

year = {1992},

title = {{ISO DIS 10118}: Information technology - Security

techniques - Hash-functions, Part 1: General and Part

2: Hash-functions using an n-bit block cipher algorithm}

}

@manual{ISO92,

oldtag = {ISO-IEC92a},

author = {ISO},

year = {1992},

title = {{ISO CD 11166-1}, Banking --- Key Management by Means

of Asymmetric Algorithms --- Part 1: Principles, Procedures

and Formats},

note = {TC68/SC2/N346}

}

@manual{ISO92a,

oldtag = {ISO-IEC92b},

author = {ISO},

year = {1992},

title = {{ISO CD 11166-2}, Banking --- Key Management by Means

of Asymmetric Algorithms --- Part 2: Approved Algorithms

using the {RSA} Cryptosystem},

note = {TC68/SC2/N304}

}

@manual{IEC93,

oldtag = {ISO-IEC93},

author = {ISO/IEC},

year = {1993},

title = {{ISO DIS 11586}: Generic Upper Layers Security}

}

@inproceedings{ItohOhSh94,

author = {Toshiya Itoh and Yuji Ohta and Hiroki Shizuya},

title = {Language dependent secure bit commitment},

pages = {188--201},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@inproceedings{ItohHoTs94,

author = {Toshiya Itoh and Masafumi Hoshi and Shigeo Tsujii},

title = {A low communication competitive interactive proof system

for promised quadratic residuosity},

pages = {61--72},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@inproceedings{ItoSaNi87,

oldtag = {ItohSaNi87},

author = {M. Ito and A. Saito and T. Nishizeki},

title = {Secret sharing scheme realizing general access structure},

pages = {99--102},

booktitle = {Proceedings IEEE Globecom '87},

publisher = IEEE,

year = 1987

}

@article{Jablon96,

author = {David P. Jablon},

title = {Strong Password-Only Authenticated Key Exchange},

journal = {Computer Communication Review, ACM},

year = 1996,

month = Oct,

volume = 26,

number = 5,

month = oct,

pages = {5--26}

}

@inproceedings{JacksonMaOK94b,

oldtag = {JacksonMaOK94},

author = {Wen-Ai Jackson and Keith M. Martin and Christine M.

O'Keefe},

title = {Multisecret threshold schemes},

pages = {126--135},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@inproceedings{JamesLiNi87,

author = {N.S. James and R. Lidl and H. Niederreiter},

title = {Breaking the {Cade} cipher},

pages = {60--63},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@article{Jamnig88,

author = {Jamnig, Peter},

title = {Securing the {RSA}-Cryptosystem Against Cycling Attacks},

journal = {Cryptologia},

month = jul,

year = 1988,

volume = {XII},

number = 3,

pages = {159--164}

}

@inproceedings{JanardanLa83,

author = {Ravi Janardan and K.B. Lakshmanan},

title = {A Public-Key Cryptosystem Based on the Matrix Cover

{NP}-Complete Problem},

pages = {21--37},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{JansenBo90,

author = {Cees J.A. Jansen and Dick E. Boekee},

title = {The shortest feedback shift register that can generate

a given sequence},

pages = {90--99},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@INPROCEEDINGS{JansenBo90a,

author = {C.J. Jansen and D.E. Boekee},

title = {A Binary Sequence Generator Based on {Ziv-Lempel} Source

Coding},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {156--164}

}

@INPROCEEDINGS{JansenBo90b,

author = {C.J. Jansen and D.E. Boekee},

title = {On the Significance of the Directed Acyclic Word Graph

in Cryptology},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {318--326}

}

@inproceedings{Jennings83,

author = {S.M. Jennings},

title = {Multiplexed Sequences: Some Properties of the Minimum

Polynomial},

pages = {189--206},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{Johansson94,

author = {Thomas Johansson},

title = {On the construction of perfect authentication codes

that permit arbitration},

pages = {343--354},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@article{Johansson94a,

author = {Thomas Johansson},

year = 1994,

title = {A Shift Register Construction of Unconditionally

Secure Authentication Codes},

journal = {Designs, Codes and Cryptography},

volume = {4},

pages = {69--81}

}

@article{Johnson88,

author = {D.S. Johnson},

title = {The NP-completeness column: an ongoing guide},

journal = {Journal of Algorithms},

year = 1988,

volume = 9,

pages = {426--444}

}

@article{JohnsonDoKeLeMa91,

author = {D.B. Johnson and G.M. Dolan and M.J. Kelly and A.V.

Le and S.M. Matyas},

title = {Common Cryptographic Architecture Cryptographic Application

Programming Interface},

journal = {IBM Systems Journal},

year = 1991,

volume = 30,

number = 2,

pages = {130--150}

}

@inproceedings{JohnsonMaLeWi94,

author = {D. B. Johnson and S. M. Matyas and A. V. Le and J. D.

Wilkins},

title = {Design of the Commercial Data Masking Facility Data Privacy

Algorithm},

pages = {93--96},

booktitle = {First ACM Conference on Computer and Communications

Security},

publisher = ACM,

address = {Fairfax},

year = 1994

}

@inproceedings{Jones85,

author = {R.W. Jones},

title = {User Functions for the Generation and Distribution

of Encipherment Keys},

pages = {317--334},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@inproceedings{Jordan82,

author = {John P. Jordan},

title = {Variant of a Public Key Cryptosystem based on {Goppa}

codes},

pages = {25--30},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{Jueneman83,

author = {Robert R. Jueneman},

title = {Analysis of Certain Aspects of Output Feedback Mode},

pages = {99--127},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{Jueneman87a,

oldtag = {Jueneman87},

author = {Robert R. Jueneman},

title = {A high speed manipulation detection code},

pages = {327--346},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@inproceedings{JurgensenMa84,

author = {H. J\"{u}rgensen and D.E. Matthew},

title = {Some Results on the Information Theoretic Analysis

of Cryptosystems},

pages = {303--356},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@book{Kahn67,

author = {D. Kahn},

title = {The Codebreakers},

publisher = {Macmillian},

address = {New York},

year = 1967

}

@inproceedings{Kahn90,

author = {D. Kahn},

title = {Keying the {German Navy's} Enigma},

pages = {2--5},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{Kak82,

author = {Subhash C. Kak},

title = {Scrambling and Randomization},

pages = {59--63},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{Kaliski85,

author = {Kaliski, Jr., Burton S.},

title = {Wyner's Analog Encryption Scheme: Results of a Simulation},

pages = {83--94},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@inproceedings{Kaliski87,

author = {Kaliski, Jr., Burton S.},

title = {A Pseudo-Random Bit Generator Based on Elliptic Logarithms},

pages = {84--103},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@phdthesis{Kaliski88,

author = {Kaliski, Jr., Burton S.},

title = {Elliptic Curves and Cryptography: A Pseudorandom Bit

Generator and Other Tools},

school = {MIT EECS Dept.},

year = 1988,

month = Jan,

note = {Published as MIT LCS Technical Report MIT/LCS/TR-411

(Jan. 1988)}

}

@techreport{Kaliski91,

author = {Kaliski, Jr., Burton S.},

title = {An Overview of the {PKCS} Standards},

institution = {RSA Data Security, Inc.},

year = 1991,

month = Jun

}

@article{Kaliski91a,

author = {Kaliski, Jr., Burton S.},

year = 1991,

title = {One-Way Permutations on Elliptic Curves},

journal = {Journal of Cryptology},

volume = 3,

pages = {187--199}

}

@manual{Kaliski92,

author = {Kaliski, Jr., B.S.},

year = 1992,

month = {April},

title = {{RFC} 1319: The {MD2 Message-Digest Algorithm}},

organization = {Internet Activities Board}

}

@book{Kaliski93,

author = {Kaliski, Jr., B.S.},

year = 1993,

title = {A survey of encryption standards},

month = {September 2,},

publisher = {RSA Data Security, Inc.}

}

@article{Kaliski93a,

author = {Kaliski, Jr., B.S.},

year = 1993,

month = {September},

title = {The {Z80180} and big-number arithmetic},

journal = {Dr. Dobb's Journal},

volume = 18,

number = 9,

pages = {50--58}

}

@manual{Kaliski94,

author = {Kaliski, Jr., B.S.},

month = {January},

year = 1994,

title = {{On the Security and Performance of Several Triple-{DES}

Modes}},

organization = {{RSA Laboratories}}

}

@manual{Kaliski94a,

author = {Kaliski, Jr., B.S.},

month = {July},

year = 1994,

note = {Technical note},

title = {{Performance Estimates for {RSA} Operations}},

organization = {{RSA Laboratories}}

}

@article{KaliskiRo95,

author = {Burt Kaliski and Matt Robshaw},

title = {Message Authentication with {MD5}},

journal = {{CryptoBytes}},

volume = {1},

number = {1},

month = {Spring},

year = {1995},

pages = {5--8}

}

@inproceedings{KaliskiRiSh86,

oldtag = {KaliskiRiSh85},

author = {Kaliski, Jr., Burton S. and Ronald L. Rivest and Alan

Sherman},

title = {Is {DES} a pure cipher? (Results of more cycling experiments

on {DES})},

pages = {212--226},

booktitle = CRYPTO85,

editor = {H. C. Williams},

publisher = {Springer},

year = 1986,

note = {Lecture Notes in Computer Science No.\ 218}

}

@article{KaliksiRiSh88,

oldtag = {KaliskiRiSh88},

author = {Kaliksi, Jr., Burton S. and Ronald L. Rivest and Alan

T. Sherman},

title = {Is the {D}ata {E}ncryption {S}tandard a Group?},

journal = {Journal of Cryptology},

volume = 1,

number = 1,

year = 1988,

pages = {3--36}

}

@inproceedings{KaliskiRo94,

author = {Kaliski, Jr., Burton S. and M. J. B. Robshaw},

title = {Linear cryptanalysis using multiple approximations},

pages = {26--39},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@inproceedings{KannanLeLo84,

author = {R. Kannan and A. Lenstra and L. {Lov\'asz}},

title = {Polynomial Factorization and Non-Randomness of Bits

of Algebraic and Some Transcendental Numbers},

pages = {191--200},

booktitle = STOC84,

publisher = ACM,

address = {Washington, D.C.},

year = 1984

}

@inproceedings{Kemmerer88,

author = {Richard A. Kemmerer},

title = {Analyzing encryption protocols using formal verification

authentication schemes},

pages = {289--305},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@article{Kemmerer89,

author = {R.A. Kemmerer},

title = {Analyzing Encryption Protocols using Formal

Verification Techniques},

journal = {IEEE Transactions onSoftware Engineering},

volume = 7,

number = 4,

pages = {448--457},

year = 1989

}

@techreport{Kent76,

author = {Stephen Kent},

title = {Encryption-based protection protocols for interactive

user-computer communication},

institution = {MIT Laboratory for Computer Science},

number = {TR--162},

month = {May},

year = 1976

}

@techreport{Kent81,

author = {Stephen Kent},

title = {Protecting Externally Supplied Software in Small Computers},

institution = {MIT Laboratory for Computer Science},

number = {TR--255},

year = 1981

}

@inproceedings{Kent82,

author = {Stephen T. Kent},

title = {Some Cryptographic Techniques for File Protection},

pages = {80--80},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@manual{KentLi89,

oldtag = {Kent89},

author = {Kent, S. and J. Linn},

year = 1989,

month = {August},

title = {RFC 1114: Privacy Enhancement for Internet Electronic

Mail: Part {II} -- Certificate-Based Key Management},

organization = {Internet Activities Board}

}

% The following has been checked with original for pages and accuracy

@article{Kent93,

author = {Stephen T. Kent},

title = {Internet Privacy Enhanced Mail},

journal = {Communications of the ACM},

month = Aug,

year = 1993,

volume = 36,

number = 8,

pages = {48--60}

}

@manual{Kent93a,

author = {Kent, S.},

year = 1993,

month = {February},

title = {{RFC} 1422: Privacy Enhancement for Internet Electronic

Mail, Part {II}: Certificate-Based Key Management},

organization = {Internet Activities Board}

}

@article{Key76,

author = {Key, E.L.},

year = 1976,

title = {An Analysis of the Structure and Complexity of Nonlinear

Binary Sequence Generators},

journal = {IEEE Transactions on Information Theory},

volume = {IT-22},

number = 6,

pages = {732--736}

}

@article{Khachaturian93,

author = {Khachaturian, L.H.},

year = 1993,

title = {The Lower Bound of the Quadratic Spans of de {B}ruijn

Sequences},

journal = {Designs, Codes and Cryptography},

volume = {3},

pages = {29--32}

}

@inproceedings{Kilian88,

author = {J. Kilian},

title = {Founding cryptography on oblivious transfer},

pages = {20--31},

booktitle = STOC88,

publisher = ACM,

address = {Chicago},

year = 1988

}

@inproceedings{Kilian91,

author = {J. Kilian},

title = {Achieving Zero-Knowledge Robustly},

pages = {313--325},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{Kilian91a,

author = {J. Kilian},

title = {Interactive Proofs with Provable Security Against

Honest Verifiers},

pages = {378--393},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{Kilian94,

author = {Joe Kilian},

title = {On the Complexity of Bounded-Interaction and Noninteractive

Zero-Knowledge Proofs},

booktitle = STOC94,

address = {Montreal, Canada},

publisher = ACM,

year = 1994,

pages = {466--477}

}

@inproceedings{KilianMiOs90,

author = {Joe Kilian and Silvio Micali and Rafail Ostrovsky},

title = {Minimum resource zero-knowledge proofs},

pages = {545--546},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@misc{KilianRogaway96,

author = {Joe Kilian and Phillip Rogaway},

title = {How to Protect {DES} against exhaustive key search},

year = 1996,

note = {(manuscript from authors)}

}

@inproceedings{Kim93,

author = {K. Kim},

title = {Construction of {DES}-like {S}-boxes Based on

Boolean Functions Satisfying the {SAC}},

booktitle = ASIACRYPT91,

year = 1993,

editor = {H. Imai and R.L. Rivest and T. Matsumoto},

series = {Lecture Notes in Computer Science},

volume = 739,

publisher = {Springer-Verlag},

pages = {59-72}

}

@inproceedings{KimMaIm91,

author = {K. Kim and T. Matsumoto and H. Imai},

title = {A Recursive Construction Method of S-boxes Satisfying

Strict Avalanche Criterion},

pages = {564--575},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@article{KimPo89,

author = {Su Hee Kim and Carl Pomerance},

title = {The Probability that a Random Probable Prime is Composite},

journal = {Mathematics of Computation},

volume = 53,

number = 188,

year = 1989,

month = Oct,

pages = {721--741}

}

@inproceedings{KimSp94,

author = {G.H. Kim and E.H. Spafford},

title = {The Design and Implementation of TripWire:

A File System Integrity Checker},

booktitle = {2ACMConfSec},

year = 1994

}

@article{Klapper94,

author = {Klapper, A.},

year = 1994,

title = {The Vulnerability of Geometric Sequences Based on Fields

of Odd Characteristic},

journal = {Journal of Cryptology},

volume = {7},

number = {1},

pages = {33--52}

}

@inproceedings{KlapperGo94,

oldtag = {Klapper94a},

author = {Klapper, A. and Goresky, M.},

year = {1994},

title = {2-adic Shift Registers},

booktitle = {Fast Software Encryption},

editor = {R. Anderson},

series = {Lecture Notes in Computer Science},

volume = 809,

publisher = {Springer-Verlag},

address = {Berlin},

pages = {174--178}

}

@article{Kluepfel94,

author = {Henry M. Kluepfel},

title = {Securing a Global Village and its Resources},

journal = {IEEE Communications Magazine},

month = Sep,

year = 1994,

volume = 32,

number = 9,

pages = {82--89}

}

@INPROCEEDINGS{Knapskog90,

author = {S.J. Knapskog},

title = {Formal Specification and Verification of Secure Communication

Protocols},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {58--73}

}

@inproceedings{Knudsen92,

author = {Lars R. Knudsen},

title = {Iterative Characteristics of {DES} and $S^2$DES},

pages = {497--511},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{Knudsen93,

author = {Knudsen, L.R.},

year = {1993},

title = {Cryptanalysis of {LOKI}91},

booktitle = {Advances in Cryptology --- Auscrypt '92},

editor = {J. Seberry and Y. Zheng},

publisher = {Springer-Verlag},

address = {Berlin},

pages = {196--208}

}

@inproceedings{Knudsen94,

author = {Knudsen, L.R.},

year = {1994},

title = {Practically secure {F}eistel Ciphers},

booktitle = {Fast Software Encryption},

editor = {R. Anderson},

series = {Lecture Notes in Computer Science},

volume = 809,

publisher = {Springer-Verlag},

pages = {211--222},

address = {Berlin}

}

@misc{Knudsen94a,

author = {Knudsen, L.R.},

year = {1994},

month = {May},

title = {New potentially `weak' keys for {DES} and {LOKI}},

note = {Presented at rump session, Eurocrypt '94}

}

@misc{KnudsenLa94,

oldtag = {Knudsen94b},

author = {Knudsen, L.R. and Lai, X.},

year = {1994},

month = {May},

title = {New attacks on all double block length hash functions

of hash rate 1, including the {Parallel-DM}},

note = {Presented at rump session, Eurocrypt '94}

}

@book{Knuth69,

author = {Donald E. Knuth},

title = {Seminumerical Algorithms},

series = {The Art of Computer Programming},

publisher = {Addison-Wesley},

year = 1969,

volume = 2,

note = {Second edition, 1981.}

}

@article{Knuth85,

author = {Donald E. Knuth},

title = {Deciphering a Linear Congruential Encryption},

journal = {IEEE Transactions on Information Theory},

year = 1985,

month = Jan,

volume = {IT-31},

number = 1,

pages = {49--52}

}

@book{Knuth81,

oldtag = {Knuth89},

author = {Knuth, D.E.},

year = 1981,

title = {The Art of Computer Programming},

edition = {2nd},

volume = 2,

publisher = {Addison-Wesley},

address = {Reading, Mass.}

}

@article{KnuthPa76,

author = {Knuth, Donald E. and Luis Trabb Pardo},

title = {Analysis of a Simple Factorization Algorithm},

journal = {Theoretical Computer Science},

year = 1976,

month = Dec,

volume = 3,

number = 3,

pages = {321--348},

comment = {Previously appeared as Stanford CS tech report STAN-CS-76-538

(Jan 1976).}

}

@book{Koblitz87,

author = {Koblitz, N.},

year = 1987,

title = {A Course in Number Theory and Cryptography},

publisher = {Springer-Verlag},

address = {New York}

}

@article{Koblitz87a,

author = {N. Koblitz},

title = {Elliptic Curve Cryptosytems},

journal = {Mathematics of Computation},

year = 1987,

volume = 48,

number = 177,

pages = {203--209}

}

@inproceedings{Koblitz88,

oldtag = {Koblitz90},

author = {N. Koblitz},

title = {A Family of {Jacobians} Suitable for Discrete Log Cryptosystems},

pages = {94--99},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Koblitz91,

author = {N. Koblitz},

title = {Constructing Elliptic Curve Cryptosystems in Characteristic

2},

pages = {156--168},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{Koblitz92,

author = {N. Koblitz},

title = {{CM}-Curves with Good Cryptographic Properties},

pages = {279--287},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@article{Koc87,

author = {Ko\c{c}, \c{C}. K.},

year = 1987,

title = {High-radix and bit recoding techniques for modular

exponentiation},

journal = {International Journal of Computer Mathematics},

volume = 40,

number = {3+4},

pages = {139--156}

}

@inproceedings{Kochanski86,

author = {Martin Kochanski},

title = {Developing an {RSA} Chip},

pages = {350--357},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@unpublished{Kocher95,

author = {Kocher, Paul C.},

title = {Cryptanalysis of Diffie-Hellman, {RSA, DSS,} and other

Systems Using Timing Attacks},

note = {Unpublished Manuscript},

month = Dec,

year = 1995

}

@inproceedings{Kohl90,

author = {John T. Kohl},

title = {The use of encryption in {Kerberos} for network authentication},

pages = {35--43},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@misc{KohlNe93,

author = {J. Kohl and C. Neuman},

title = {The Kerboros Network Authentication Service},

note = {Network Working Group Request for Comments: 1510},

month = {Sept},

year = 1993

}

@unpublished{Kohnfelder78,

author = {Kohnfelder, Loren M.},

title = {Towards a Practical Public-Key Cryptosystem},

year = 1978,

month = May,

note = {B.S. Thesis, supervised by L. Adleman}

}

@unpublished{KollerPf95,

oldtag = {KollerPfe95},

author = {Koller, D. and Pfeffer, A.},

title = {Generating and Solving General Information Games},

year = 1995,

note = {In Preparation}

}

@article{Kolmogorov65,

author = {Kolmogorov, A.N.},

year = 1965,

title = {Three approaches to the definition of the concept `quantity

of information'},

journal = {Problemy Peredachi Informatsii},

volume = 1,

pages = {3--11},

note = {In Russian}

}

@inproceedings{KompellaAd91,

author = {K. Kompella and L. Adleman},

title = {Fast Checkers for Cryptography},

pages = {515--529},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@book{Konheim81a,

author = {A. G. Konheim},

title = {Cryptography: A Primer},

publisher = {Wiley},

year = 1981

}

@techreport{Konheim81b,

author = {A. G. Konheim},

title = {A One-Way Sequence for Transaction Verification},

institution = {IBM T.J. Watson Research Center},

year = 1981,

month = Nov,

number = {RC 9147(40034)}

}

@inproceedings{Konheim82,

author = {Alan Konheim},

title = {One-way Sequence for Transaction Verification},

pages = {38--38},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{Konheim83,

author = {Alan G. Konheim},

title = {Cryptanalysis of a Kryha Machine},

pages = {49--64},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{Konheim85,

author = {Alan G. Konheim},

title = {Cryptanalysis of {ADFGVX} Encipherment Systems},

pages = {339--341},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@article{KornerupMa83,

oldtag = {Kornerup83},

author = {P. Kornerup and D.W. Matula},

year = 1983,

title = {Finite Precision Rational Arithmetic: An Arithmetic

Unit},

journal = {IEEE Transactions on Computers},

volume = {C-32},

number = {4},

pages = {378--388},

month = {April}

}

@inproceedings{Kothari85,

author = {S.C. Kothari},

title = {Generalized Linear Threshold Scheme},

pages = {231--241},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@inproceedings{Koyama90,

author = {K. Koyama},

title = {Direct Demonstration of the Power To Break Public-Key

Cryptosystems},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {14--21}

}

@inproceedings{KoyamaMaOkVa92,

author = {K. Koyama and U.M. Maurer and T. Okamoto and S.A. Vanstone},

title = {New public-key schemes based on elliptic curves over

the Ring $Z_n$},

pages = {252--266},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@inproceedings{KoyamaOh88,

author = {Kenji Koyama and Kazuo Ohta},

title = {Identity-based conference key distribution systems},

pages = {175--184},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{KoyamaTe91,

author = {K. Koyama and R. Terada},

title = {Nonlinear Parity Circuits and their Cryptographic

Applications},

pages = {582--600},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{KoyamaTs92,

author = {Kenji Koyama and Yukio Tsuruoka},

title = {Speeding up Elliptic Cryptosystems by Using a Signed

Binary Window Method},

pages = {345--357},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@book{Kranakis86,

author = {Kranakis, E.},

title = {Primality and Cryptography},

year = 1986,

publisher = {Wiley-Teubner Series in Computer Science}

}

@inproceedings{Krawczyk90,

author = {Hugo Krawczyk},

title = {How to predict congruential generators},

pages = {138--153},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@article{Krawczyk92,

author = {Hugo Krawczyk},

title = {How to predict congruential generators},

journal = {Journal of Algorithms},

year = 1992,

volume = 13,

pages = {527--545}

}

@inproceedings{Krawczyk93,

author = {Hugo Krawczyk},

title = {Secret sharing made short},

pages = {136-146},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

publisher = {Spring-Verlag},

year = 1993

}

@inproceedings{Krawczyk94,

author = {Hugo Krawczyk},

title = {{LFSR}-based hashing and authentication},

pages = {129--139},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@inproceedings{Krawczyk94a,

author = {Hugo Krawczyk},

title = {Secret sharing made short},

pages = {136--146},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@misc{Krawczyk95,

author = {Hugo Krawczyk},

title = {Keyed-{MD5} for Message authentication},

note = {Internet Draft

{\tt draft-krawczyk-keyed-md5-01.txt}},

month = {Nov. 28,},

year = 1995

}

@book{Krol92,

author = {Ed Krol},

title = {The Whole Internet User's Guide and Catalog},

year = 1992,

publisher = {O'Reilly \& Associates, Inc.}

}

@article{KruskalGr91,

author = {J.B. Kruskal and A.G. Greenberg},

title = {A flexible way of counting large numbers

approximately in small registers},

journal = {Algorithmica},

volume = 6,

number = 4,

year = 1991,

pages = {590--596}

}

@article{Kukihara85,

author = {Kenmei Kukihara},

title = {An algorithm of {Euclidean} type for Multiplication

Modulo $P$},

journal = {Journal of Information Processing},

volume = 9,

number = 1,

year = 1985,

pages = {14--16}

}

@book{Kullback76,

author = {Kullback, Solomon},

title = {Statistical Methods in Cryptanalysis},

year = 1976,

publisher = {Aegean Park Press}

}

@inproceedings{Kurosawa94,

author = {Kaoru Kurosawa},

title = {New bound on authentication code with arbitration},

pages = {140--149},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@article{KurosawaItTa88,

author = {Kaoru Kurosawa and Toshiya Ito and Masashi Takeuchi},

title = {Public Key Cryptosystem Using a Reciprocal Number with the

Same Intractability as Factoring a Large Number},

journal = {Cryptologia},

month = Oct,

year = 1988,

volume = {XII},

number = 4,

pages = {225--233}

}

@inproceedings{KurosawaTs91,

author = {Kaoru Kurosawa and S. Tsujii},

title = {Multi-Language Zero-Knowledge Interactive Proof Systems},

pages = {339--352},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{KurtzMaRo88,

oldtag = {KurtzMaRo90},

author = {S.A. Kurtz and S.R. Mahaney and J.S. Royer},

title = {On the Power of 1-way Functions},

pages = {578--579},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{KushilevitzMiOs94,

author = {Eyal Kushilevitz and Silvio Micali and Rafail Ostrovsky},

title = {Reducibility and Completeness in Multi-Party Private

Computations},

booktitle = STOC94,

publisher = ACM,

address = {Montreal, Canada},

year = 1994,

pages = {478--489}

}

@inproceedings{KushilevitzRo94,

author = {Eyal Kushilevitz and Adi Ros\'en },

title = {A randomnesss-rounds tradeoff in private computation},

pages = {397--410},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@inproceedings{KwanPi93,

author = {M. Kwan and J. Pieprzyk},

title = {A General Purpose Technique for Locating Key

Scheduling Weakness in {DES}-like Cryptosystems},

booktitle = ASIACRYPT91,

year = 1993,

editor = {H. Imai and R.L. Rivest and T. Matsumoto},

series = {Lecture Notes in Computer Science},

volume = 739,

publisher = {Springer-Verlag},

pages = {237-246}

}

@inproceedings{KwokBe88,

oldtag = {KwokBe90},

author = {R.T.C. Kwok and M. Beale},

title = {Aperiodic Linear Complexities of de {Bruijn} Sequences},

pages = {479--483},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Lagarias84,

author = {J.C. Lagarias},

year = 1984,

title = {Knapsack public key cryptosystems and diophantine approximation},

booktitle = {Advances in Cryptology: Proc.\ of CRYPTO '83},

editor = {D. Chaum},

pages = {3--23},

publisher = {Plenum Press},

address = {New York}

}

@incollection{Lagarias90,

author = {J. C. Lagarias},

title = {Pseudorandom Number Generators in Cryptography and

Number Theory},

booktitle = {Proc.\ of the AMS Symposia in Applied Mathematics:

Computational Number Theory and Cryptography},

publisher = {American Mathematical Society},

year = {1990},

pages = {115--143}

}

@inproceedings{LagariasOd83,

author = {J. C. Lagarias and A. M. Odlyzko},

title = {Solving Low-Density Subset Sum Problems},

pages = {1--10},

booktitle = FOCS83,

publisher = IEEE,

address = {Tucson},

year = 1983

}

@article{LagariasRe88,

author = {J. C. Lagarias and J. A. Reeds},

title = {Unique Extrapolation of Polynomial Recurrences},

journal = {SIAM J. Computing},

volume = 17,

number = 2,

year = 1988,

month = Apr,

pages = {342--362}

}

@book{Lai92,

author = {X. Lai},

title = {On the Design and Security of Block Ciphers},

publisher = {Konstanz},

address = {Hartung-Gorre, Germany},

year = 1992

}

@inproceedings{LaihHaLeHw90,

author = {Chi-Sung Laih and Lein Harn and Jau-Yien Lee and Tzonelih

Hwang},

title = {Dynamic threshold scheme based on the definition of

cross-product in an N-dimentional linear space},

pages = {286--298},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{LaiMa90,

author = {X. Lai and J. Massey},

title = {A Proposal for a New Block Encryption Standard},

booktitle = EUROCRYPT90,

note = {Lecture Notes in Computer Science No.\ 473},

editor = {I.B. Damg{\aa}rd},

publisher = {Springer-Verlag},

year = 1990,

pages = {389--404},

comment = {Original version of IDEA block cipher.}

}

@inproceedings{LaiMa91,

author = {X. Lai and J. Massey},

title = {Markov Ciphers and Differential Cryptanalysis},

booktitle = EUROCRYPT91,

note = {Lecture Notes in Computer Science No.\ ???},

editor = {??},

publisher = {Springer},

year = 1991,

pages = {17--38},

comment = {Revised version of IDEA block cipher.}

}

@inproceedings{LaiMa93,

oldtag = {LaiMaHa93},

author = {Lai, X. and Massey, J.L.},

year = 1993,

title = {Hash Functions based on Block Ciphers},

booktitle = {Advances in Cryptology --- Eurocrypt '92},

editor = {R.A. Rueppel},

pages = {55--70},

publisher = {Springer-Verlag},

address = {Berlin}

}

@misc{LaiMa93a,

oldtag = {LaiMaHa93a},

author = {Lai, X. and Massey, J.},

title = {Device for the conversion of a digital block and use

of same},

howpublished = {U.S. Patent No. 5,214,703},

year = {1993}

}

@inproceedings{LaiRuWo93,

author = {Lai, X. and Rueppel, R.A. and Woollven, J.},

year = {1993},

title = {A Fast Cryptographic Checksum Algorithm Based on Stream

Ciphers},

booktitle = {Advances in Cryptology --- Auscrypt '92},

editor = {J. Seberry and Y. Zheng},

publisher = {Springer-Verlag},

address = {Berlin},

pages = {339--348}

}

@inproceedings{LaMacchiaOd91,

author = {B.A. LaMacchia and A.M. Odlyzko},

title = {Solving Large Sparse Linear Systems over Finite Fields},

pages = {109--133},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{LaMacchiaOd91a,

author = {B.A. LaMacchia and A.M. Odlyzko},

title = {Computation of Discrete Logarithms in Prime Fields},

pages = {616--618},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@article{LaMacchiaOd91b,

author = {B. A. LaMacchia and A. M. Odlyzko},

title = {Computation of Discrete Logarithms in Prime Fields},

journal = {Designs, Codes, and Cryptography},

volume = 1,

year = 1991,

pages = {47--62}

}

@techreport{Lamport79,

author = {L. Lamport},

title = {Constructing Digital Signatures from a One-Way Function},

institution = {SRI International},

month = Oct,

year = 1979,

number = {CSL-98}

}

@article{Lamport81,

author = {Lamport, Leslie},

title = {Password Authentication with Insecure Communication},

journal = {Communications of the ACM},

month = Nov,

year = 1981,

volume = 24,

number = 11,

pages = {770--771}

}

@article{Lampson73,

author = {B. Lampson},

title = {A note on the Confinement Problem},

journal = {Communications of the ACM},

volume = 16,

number = 10,

year = 1973

}

@article{LampsonAbBuWo92,

author = {Butler Lampson and Mart\'in Abadi and Michael Burrows

and and Edward Wobber},

title = {Authentication in Distributed Systems: Theory and Practice},

journal = {TOCS},

month = Nov,

year = 1992,

volume = 10,

number = 4,

pages = {265-310}

}

@article{LampsonSt76,

author = {B. Lampson and H. Sturgis},

title = {Reflections on an Operating System Design},

journal = {

Communications of the ACM},

volume = 19,

number = 5,

pages = {251--265},

year = 1976

}

@article{Landau88,

author = {Landau, S.},

year = 1988,

title = {Zero knowledge and the {Department of Defense}},

journal = {Notices of the American Mathematical Society},

volume = 35,

pages = {5--12}

}

@article{LandauKeBrChDeDiLaMiNeSo94,

author = {Susan Landau and Stephen Kent Clint Brooks and

Scott Charney and Dorothey Denning and Whitfield

Diffie and Anthony Lauk and Douglas Miller and

Peter Neumann and David Sobel},

title = {Crypto Policy Perspectives},

journal = {Communications of the ACM},

volume = 37,

number = 8,

month = Aug,

year = 1994,

pages = {115--121}

}

@book{LandauKeBrChDeDiLaMiNeSo94,

author = {S. Landau and S. Kent and C. Brooks and S. Charney and

D. Denning and W. Diffie and A. Lauck and D. Miller and

P. Neumann and D. Sobel},

title = {Codes, Keys and Conflicts: Issues in U.S. Crypto Policy},

publisher = {ACM Press},

year = 1994

}

%The following is a summary of the full report.

@article{LandauKeBrChDeDiLaMiNeSo94a,

author = {S. Landau and S. Kent and C. Brooks and S. Charney and

D. Denning and W. Diffie and A. Lauck and D. Miller and

P. Neumann and D. Sobel},

title = {Codes, Keys and Conflicts: Issues in U.S. Crypto Policy},

journal = {Communications of the ACM},

month = Aug,

year = 1994,

volume = 37,

pages = {115--121}

}

@article{Landwehr81,

author = {C. Landwehr},

title = {Formal Models for Computer Security},

journal = {ACM Computing Surveys},

volume = 13,

number = 3,

year = 1981

}

@inproceedings{LangfordHe94,

author = {Susan K. Langford and Martin E. Hellman},

title = {Differential-linear cryptanalysis},

pages = {17--25},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@inproceedings{LangVa82,

author = {Albert L. Lang and Janet T. Vasek},

title = {Evaluating Relative Security of Commercial {ComSec}

Devices},

pages = {124--129},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{LapidotSh91,

author = {D. Lapidot and A. Shamir},

title = {Publicly Veribiable Non-Interactive Zero-Knowledge

Proofs},

pages = {353--365},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{LauMc82,

author = {Y. Alfred Lau and Tom McPherson},

title = {Implementation of a Hybrid {RSA/DES} Key Management

System},

pages = {83--83},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@article{LaurichesseBl91,

author = {D. Laurichesse and L. Blain},

year = 1991,

title = {Optimized implementation of {RSA} cryptosystem},

journal = {Computers \& Security},

volume = 10,

number = 3,

month = {May},

pages = {263--267}

}

@unpublished{LawSaSo96,

author = {Laurie Law and Susan Sabett and Jerry Solinas},

title = {How to Make a Mint: the Cryptography of Anonymous

Electronic Cash},

note = {National Security Agency, Office of Information Security

Research and Technology, Cryptology Division},

month = {June},

year = 1996

}

@INPROCEEDINGS{Lee90,

author = {P.J. Lee},

title = {Secure User Access Control for Public Networks},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {46--57}

}

@inproceedings{LeeCh82,

author = {L. Lee and G. Chow},

title = {Results on Sampling-based Scrambling for Secure Speech

Communication},

pages = {115--119},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{LeightonMa85,

author = {Tom Leighton and Stephen M. Matyas},

title = {The History of Book Ciphers},

pages = {101-113},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@inproceedings{LeightonMi94,

author = {Tom Leighton and Silvio Micali},

title = {Secret-key agreement without public-key cryptography},

pages = {456--479},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@article{Lempel79a,

oldtag = {Lempel79},

author = {A. Lempel},

title = {Cryptology in transition: a survey},

journal = {Computing Surveys},

volume = 11,

month = Dec,

year = 1979,

pages = {285--304}

}

@article{Lenstra87,

author = {Lenstra, Jr., H. W.},

title = {Factoring Integers with Elliptic Curves},

journal = {Annals of Mathematics},

volume = 126,

year = 1987,

pages = {649--673}

}

@incollection{Lenstra90,

author = {Arjen K. Lenstra},

title = {Primality Testing},

booktitle = {Proc.\ of the AMS Symposia in Applied Mathematics:

Computational Number Theory and Cryptography},

publisher = {American Mathematical Society},

year = {1990},

pages = {13--25}

}

@misc{Lenstra92,

author = {Lenstra, A.K.},

year = 1992,

title = {Massively parallel computing and factoring}

}

@incollection{LenstraLe90,

author = {A. K. Lenstra and Lenstra, Jr., H. W.},

title = {Algorithms in Number Theory},

booktitle = {Handbook of Theoretical Computer Science (Volume A:

Algorithms and Complexity)},

publisher = {Elsevier and MIT Press},

year = 1990,

editor = {Jan van Leeuwen},

pages = {673--715},

chapter = {12}

}

@article{LenstraLeLo82b,

oldtag = {LenstraLeLo82},

author = {A. K. Lenstra and Lenstra, Jr., H. W. and L. {Lov\'asz}},

title = {Factoring polynomials with rational coefficients},

journal = {Mathematische Ann.},

volume = 261,

year = 1982,

pages = {513--534}

}

@inproceedings{LenstraLeMaPo90,

author = {Lenstra, A. K. and Lenstra, Jr., H. W. and M. S. Manasse

and J. M. Pollard},

title = {The number field sieve},

pages = {564--572},

booktitle = STOC90,

publisher = ACM,

address = {Baltimore, Maryland},

year = 1990

}

@article{LenstraLeMaPo93,

author = {Lenstra, A.K. and Lenstra Jr., H.W. and Manasse, M.S.

and Pollard, J.M.},

year = 1993,

title = {The factorization of the ninth {Fermat} number},

journal = {Mathematics of {C}omputation},

volume = 61,

number = 203,

pages = {319--349}

}

@inproceedings{LenstraMa91,

oldtag = {LenstraMA91},

author = {Lenstra, A.K. and Manasse, M.S.},

year = 1991,

title = {Factoring with two large primes},

booktitle = {Advances in Cryptology --- Eurocrypt '90},

editor = {I.B. Damg{\aa}rd},

pages = {72--82},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{LeungTa85,

author = {A.K. Leung and S.E. Tavares},

title = {Sequence Complexity as a Test for Cryptographic Systems},

pages = {468--474},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@book{LeVeque77,

author = {W. J. LeVeque},

title = {Fundamentals of Number Theory},

publisher = {Addison-Wesley},

year = 1977

}

@inproceedings{Levin84,

author = {L. A. Levin},

title = {Problems, complete in `average' instance},

pages = {465},

booktitle = STOC84,

publisher = ACM,

address = {Washington, D.C.},

year = 1984

}

@inproceedings{Levin85,

author = {L. A. Levin},

title = {One-Way Functions and Pseudorandom Generators},

pages = {363--365},

booktitle = STOC85,

publisher = ACM,

address = {Providence},

year = 1985

}

@techreport{LexarCorpora76,

oldtag = {Lexar76},

author = {{Lexar {C}orporation}},

title = {An Evaluation of the {NBS} {D}ata {E}ncryption {S}tandard},

year = {1976},

institution = {Lexar {C}orporation, 11611 {S}an {V}icente {B}lvd.,

Los Angeles}

}

@inproceedings{Lidl85,

author = {R. Lidl},

title = {On Cryptosystems Based on Polynomials and Finite Fields},

pages = {10--15},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@inproceedings{LidlMu84a,

oldtag = {LidlMu84},

author = {Rudolf Lidl and Winfried B. M\"{u}ller},

title = {Permutation Polynomials in {RSA}-Cryptosystems},

pages = {293--301},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@INPROCEEDINGS{LidlMu90,

author = {R. Lidl and W.B. {M\"{u}ller}},

title = {A Note on Strong {Fibonacci} Pseudoprimes},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {311--317}

}

@book{LidlNi83,

author = {R. Lidl and H. Niederreiter},

title = {Finite Fields},

publisher = {Addison-Wesley},

year = 1983

}

@article{Lieberherr81,

author = {K. Lieberherr},

title = {Uniform Complexity and Digital Signatures},

journal = {Theoretical Computer Science},

volume = 16,

number = 1,

month = Oct,

year = 1981,

pages = {99-110}

}

@inproceedings{LiHwLe94,

author = {Chuan-Ming Li and Tzonelih Hwang and Narn-Yih Lee},

title = {Remark on the threshold {RSA} signature scheme},

pages = {413--420},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@inproceedings{LimLe94,

author = {Chae Hoon Lim and Pil Joong Lee},

title = {Another method for attaining security against adaptively

chosen ciphertext attacks},

pages = {420--434},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@inproceedings{LimLe94a,

author = {Chae Hoon Lim and Pil Joong Lee},

title = {More flexible exponentiation with precomputation},

pages = {95--107},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@manual{Linn89,

author = {J. Linn},

year = 1989,

month = {August},

title = {{RFC} 1115: Privacy Enhancement for Internet Electronic

Mail: Part {III} -- Algorithms, Modes, and Identifiers},

organization = {Internet Activities Board}

}

@manual{Linn89a,

author = {Linn, J.},

year = 1989,

month = {August},

title = {{RFC} 1113: Privacy Enhancement for Internet Electronic

Mail: Part {I} -- Message Encipherment and Authentication

Procedures},

organization = {Internet Activities Board}

}

@manual{Linn93a,

oldtag = {Linn93},

author = {Linn, J.},

year = 1993,

month = {February},

title = {{RFC} 1421: Privacy Enhancement for Internet Electronic

Mail: Part {I} -- Message Encipherment and Authentication

Procedures},

organization = {Internet Activities Board}

}

@inproceedings{Lipton81,

author = {R. Lipton},

title = {How to cheat at Mental Poker},

booktitle = {Proc.\ AMS Short Course on Cryptography},

year = 1981

}

@article{Lloyd92b,

oldtag = {Lloyd92},

author = {Lloyd, S.},

year = 1992,

title = {Counting binary functions with certain cryptographic

properties},

journal = {Journal of Cryptology},

volume = {5},

number = {2},

pages = {107--131}

}

@unpublished{Lo96,

author = {Lo, Hoi-Kwong},

title = {Insecurity of Quantum Secure Computations},

note = {Inst. for Theoret. Physics, UCSB},

month = Nov,

year = 1996

}

@book{Lobel86,

author = {J. Lobel},

year = 1986,

title = {Foiling the System Breakers: Computer Security \& Access

Control},

publisher = {McGraw-Hill}

}

@book{Longo83,

editor = {G. Longo},

title = {Secure Digital Communications},

publisher = {Springer},

year = 1983,

note = {CISM Courses and Lectures No. 279}

}

@inproceedings{Longpre83,

author = {Luc Longpr\`e},

title = {The Use of Public-Key Cryptography for Signing Checks},

pages = {187--197},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{LongWi83,

author = {D. L. Long and A. Wigderson},

title = {How discreet is the the discrete log?},

pages = {413--420},

booktitle = STOC83,

publisher = ACM,

address = {Boston},

year = 1983

}

@article{LongWi88,

author = {D. L. Long and A. Wigderson},

title = {The Discrete Logarithm Problem Hides {$O(\log n)$}

bits},

journal = {SIAM J. Computing},

year = 1988,

month = Apr,

volume = 17,

number = 2,

pages = {363--372}

}

@inproceedings{Luby92,

author = {M. Luby},

title = {Pseudo-random generators from one-way functions},

pages = {300},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@book{Luby96,

author = {Michael Luby},

title = {Pseudorandomness and Cryptographic Applications},

publisher = {Princeton University Press},

year = {1996}

}

@inproceedings{LubyMiRa83,

author = {M. Luby and S. Micali and C. Rackoff},

title = {How to Simultaneously Exchange a Secret Bit by Flipping

a Symmetrically Biased Coin},

pages = {11-22},

booktitle = FOCS83,

publisher = IEEE,

address = {Tucson},

year = 1983

}

@inproceedings{LubyRa86,

author = {M. Luby and C. Rackoff},

title = {Pseudo-Random Permutation Generators and Cryptographic

Composition},

pages = {356--363},

booktitle = STOC86,

publisher = ACM,

address = {Berkeley},

year = 1986

}

@inproceedings{LubyRa86a,

author = {M. Luby and C. Rackoff},

title = {How to Construct Pseudo-random Permutations from Pseudo-random

Functions},

pages = {447--447},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@inproceedings{LubyRa88,

author = {Maurice P. Luby and C. Rackoff},

title = {A study of password security},

pages = {392--397},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@article{LubyRa88aa,

oldtag = {LubyRa88a},

author = {M. Luby and C. Rackoff},

title = {How to Construct Pseudorandom Permutations and Pseudorandom

Functions},

journal = {SIAM J. Computing},

volume = 17,

number = 2,

year = 1988,

month = Apr,

pages = {373--386}

}

@inproceedings{Lucks88,

oldtag = {Lucks90},

author = {M. Lucks},

title = {A Constraint Satisfaction Algorithm for the Automated

Decryption of Simple Substitution Ciphers},

pages = {132-145},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Lunt88,

author = {T.F. Lunt},

title = {Automated Audit Trail Analysis and Intrusion Detection:

A Survey},

booktitle = {11NatSecConf},

year = 1988

}

@article{Lunt93,

author = {T.F. Lunt},

title = {A survey of intrusion detection techniques},

journal = {Computers and Security},

year = 1993,

volume = 12,

pages = {405--418}

}

@book{MacWilliamsSl77,

editor = {F.J. MacWilliams and N.J.A. Sloane},

title = {The Theory of Error-Correcting Codes},

publisher = {North-Holland},

year = 1977,

note = {CISM Courses and Lectures No. 279}

}

@inproceedings{Madryga84,

author = {W. E. Madryga},

title = {A High Performance Encryption Algorithm},

booktitle = {Computer Security: A Global Challenge},

publisher = {North Holland: Elsevier Science Publishers},

year = 1984,

pages = {557--570}

}

@inproceedings{MagliverasMe90,

author = {Spyros S. Magliveras and Nasir D. Memon},

title = {Properties of cryptosystem PGM},

pages = {447--460},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@misc{Manasse95,

author = {Mark S. Manasse},

title = {Millicent (electronic microcommerce)},

note = {{\tt http://www.research.digital.com/SRC/personal/Mark\_Manasse/uncommon/ucom.html}},

year = 1995

}

@inproceedings{MaoBo94,

author = {Wenbo Mao and Colin Boyd},

title = {Classification of Cryptographic Techniques in

Authentication Protocols},

booktitle = {Proceedings 1994 Workshop on Selected Areas in Cryptography},

publisher = {},

month = May,

year = 1994,

note = {(Kingston, Ontario, Canada)},

}

@book{MarcusMi64,

oldtag = {Marcus64},

author = {Marcus, M. and Minc, H.},

year = 1964,

title = {A Survey of Matrix Theory and Matrix Inequalities},

publisher = {Allyn and Bacon, Inc.},

address = {Boston}

}

@article{Marsaglia68,

author = {Marsaglia, G.},

year = 1968,

title = {Random numbers fall mainly in the planes},

journal = {Proc. N.A.S.},

volume = {61},

pages = {25--28}

}

@article{Martin-Lof66,

oldtag = {Martin66},

author = {Martin-{L\"{o}f}, P.},

year = 1966,

title = {The definition of random sequences},

journal = {Inform. Contr.},

volume = {9},

pages = {602--619}

}

@article{Massey69,

author = {Massey, J.L.},

year = 1969,

title = {Shift-register synthesis and {BCH} decoding},

journal = {IEEE Transactions on Information Theory},

volume = {IT-15},

pages = {122--127}

}

@inproceedings{MasseyRu84,

oldtag = {Massey84},

author = {Massey, J. and Rueppel, R.A.},

year = 1984,

title = {Linear ciphers and random sequence generators with

multiple clocks},

booktitle = {Advances in Cryptology --- Eurocrypt '84},

editor = {T. Beth and N. Cot and I. Ingemarsson},

pages = {74--87},

publisher = {Springer-Verlag},

address = {Berlin}

}

@book{Massey86,

author = {J.L. Massey},

title = {Cryptography -- a selective survey},

publisher = {North-Holland},

year = 1986,

pages = {3--21}

}

@inproceedings{Massey94,

author = {Massey, J.},

year = {1994},

title = {{SAFER K-64: A Byte-Oriented Block-Ciphering Algorithm}},

booktitle = {Fast Software Encryption},

editor = {R. Anderson},

series = {Lecture Notes in Computer Science},

volume = 809,

publisher = {Springer Verlag},

pages = {1--17},

address = {Berlin}

}

@inproceedings{MasseyIn85,

author = {Massey, J.L. and Ingemarsson, I.},

title = {The {R}ip van {W}inkle cipher - a simple and provably

computationally secure cipher with a finite key},

booktitle = {Abstracts of papers, {IEEE} {I}nt. {S}ymp. {I}nform.

{T}heory},

year = {1985},

month = {June},

address = {Brighton, UK.}

}

@inproceedings{MasseyRu85,

author = {James L. Massey and Rainer A. Rueppel},

title = {Linear Ciphers and Random Sequence Generators with

Multiple Clocks},

pages = {74--87},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@inproceedings{MasseySe94,

author = {James L. Massey and Shirlei Serconek},

title = {A {Fourier} transform approach to the linear complexity

of nonlinearly filtered sequences},

pages = {332--340},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@inproceedings{MatiasSh88,

author = {Yossi Matias and Adi Shamir},

title = {A Video scrambling technique based on space filling

curves},

pages = {398--417},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Matsui94,

author = {Mitsuru Matsui},

title = {The first experimental cryptanalysis of the Data Encryption

Standard},

pages = {1--11},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@inproceedings{Matsui94a,

author = {Matsui, M.},

year = 1994,

title = {Linear cryptanalysis method for {DES} cipher},

booktitle = {Advances in Cryptology --- Eurocrypt '93},

editor = {T. Helleseth},

publisher = {Springer-Verlag},

series = {Lecture Notes in Computer Science},

volume = {765},

address = {Berlin},

pages = {386--397}

}

@inproceedings{MatsuiYa92,

author = {Matsui, M. and Yamagishi, A.},

year = 1992,

title = {A New Method for Known Plaintext Attack of {FEAL} Cipher},

booktitle = {Advances in Cryptology --- Eurocrypt '92},

editor = {R.A. Rueppel},

publisher = {Springer-Verlag},

volume = {658},

address = {Berlin},

pages = {81--91}

}

@inproceedings{MatsumotoIm88,

author = {Tsutomu Matsumoto and Hideki Imai},

title = {On the key predistribution system: A practical solution

to the key distribution problem},

pages = {185--193},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{MatsumotoKaIm88,

oldtag = {MatsumotoKaIm90},

author = {T. Matsumoto and K. Kato and H. Imai},

title = {Speeding Up Secret Computations with Insecure Auxiliary

Devices},

pages = {497--506},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@article{MatsumotoTaIm86,

author = {T. Matsumoto and Y. Takashima and H. Imai},

title = {On seeking smart public-key distribution systems},

journal = {Transactions of the IECE (Japan)},

volume = 69,

year = 1986,

pages = {99--106}

}

@inproceedings{Matyas87,

author = {Stephen M. Matyas},

title = {Public-key registration},

pages = {451--458},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@article{Matyas91,

author = {S.M. Matyas},

year = 1991,

title = {Key handling with control vectors},

journal = {IBM Systems Journal},

volume = {30},

number = {2},

pages = {151--174}

}

@inproceedings{Maurer89,

author = {Maurer, Ueli M.},

title = {Fast Generation of Secure {RSA-Moduli} with almost

Maximal Diversity},

pages = {636--647},

booktitle = {Advances in Cryptology - EUROCRYPT '89},

publisher = {Springer-Verlag},

address = {New York},

month = Apr,

year = 1989

}

@techreport{MaurerMa90,

oldtag = {Maurer90a},

author = {Ueli M. Maurer and James L. Massey},

title = {Cascade Ciphers: The Importance of Being First},

institution = {Institute for Signal and Information Processing},

address = {Z\"urich, Switzerland},

year = 1990,

month = May

}

@unpublished{Maurer90b,

author = {Maurer, Ueli M.},

title = {Provably-secure Key Distribution Based on Independent

Channels},

month = Jun,

year = 1990,

note = {presented at 90 IEEE Workshop in Info Theory}

}

@inproceedings{Maurer90c,

author = {Maurer, Ueli M.},

title = {A provably-secure strongly-randomized cipher},

pages = {361--373},

booktitle = {Advances in Cryptology - EUROCRYPT '90},

publisher = {Springer-Verlag},

address = {Berlin, Germany},

month = Aug,

year = 1990

}

@inproceedings{Maurer91,

author = {Maurer, Ueli M.},

title = {A Universal Statistical Test for Random Bit Generators},

pages = {409--420},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{Maurer91a,

author = {Maurer, U.M.},

year = 1991,

title = {New approaches to the design of self-synchronizing

stream ciphers},

booktitle = {Advances in Cryptology --- Eurocrypt '91},

editor = {D.W. Davies},

pages = {458--471},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{Maurer92,

author = {Ueli M. Maurer},

title = {Protocols for Secret Key Agreement by Public Discussion

Based on Common Information},

pages = {461--470},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@inbook{Maurer92a,

author = {Ueli M. Maurer},

title = {Some number-theoretic conjectures and their relation

to the generation of cryptographic primes},

publisher = {Oxford University Press},

note = {Cryptography and Coding, II},

year = 1992,

pages = {173--191}

}

@misc{Maurer92b,

author = {U. Maurer},

title = {Cryptographic system allowing encrypted communications

between users with a secure mutual cipher key determined

without user interaction},

howpublished = {U.S. Patent 5,150,411},

month = Sep,

year = 1992,

note = {European patent application pending}

}

@misc{Maurer92ca,

oldtag = {Maurer92c},

author = {U. Maurer},

title = {Public-key cryptographic systems using elliptic curves

over rings},

howpublished = {U.S. Patent 5,146,500},

month = Sep,

year = 1992,

note = {European patent application pending}

}

@misc{Maurer92d,

author = {U. Maurer},

title = {A cryptographic system based on information difference},

howpublished = {U.S. Patent 5,161,244},

year = 1992,

note = {European patent application pending}

}

@article{Maurer93,

author = {U.M. Maurer},

title = {Secret Key Agreement by Public Discussion From Common

Information},

journal = {IEEE Transactions on Information Theory},

year = 1993,

volume = {39},

pages = {733--742}

}

@article{Maurer93a,

author = {U.M. Maurer},

title = {Practical perfect cryptographic security},

journal = {Advances in Computational Complexity Theory},

year = 1993,

volume = {13},

pages = {135--153}

}

@inproceedings{Maurer94,

author = {Maurer, Ueli M.},

title = {Towards the equivalence of breaking the {Diffie-Hellman}

protocol and computing discrete algorithms},

pages = {271--281},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@inproceedings{MaurerMa90a,

oldtag = {MaurerMa90},

author = {Ueli M. Maurer and James L. Massey},

title = {Perfect local randomness in pseudo-random sequences},

pages = {100--112},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{MaurerMa90aa,

oldtag = {MaurerMa90a},

author = {U.M. Maurer and J. L. Massey},

title = {On the secret-key rate of binary random variables},

booktitle = {Proc. 1990 IEEE Internation Symp. of Information Theory},

year = 1990,

pages = {118--118},

note = {San Diego, CA, Jan 14-19, '90}

}

@misc{MaurerVi87,

author = {U.M. Maurer and R. Viscardi},

title = {On the linear complexity and correlation immunity

of the summation cipher},

note = {IEEE Student Papers},

publisher = {IEEE Publication Service},

year = 1987,

pages = {160--168}

}

@misc{May93,

author = {Timothy C. May},

title = {Timed-release crypto},

year = {1993},

month = Feb,

note = {{\tt http://www.hks.net/cpunks/cpunks-0/1460.html}}

}

@inproceedings{McCullough87,

author = {D. McCullough},

title = {Specifications for Multi-Level Security and a

Hook-up Property},

booktitle = {IEEESecPriv},

year = 1987

}

@incollection{McCurley90,

author = {Kevin S. McCurley},

title = {The Discrete Logarithm Problem},

booktitle = {Proc.\ of the AMS Symposia in Applied Mathematics:

Computational Number Theory and Cryptography},

publisher = {American Mathematical Society},

year = {1990},

pages = {49--74}

}

@incollection{McCurley90a,

author = {Kevin S. McCurley},

title = {Odds and Ends from Cryptology and Computational Number

Theory},

booktitle = {Proc.\ of the AMS Symposia in Applied Mathematics:

Computational Number Theory and Cryptography},

publisher = {American Mathematical Society},

year = {1990},

pages = {145--166}

}

@inbook{McEliece78,

author = {R. J. McEliece},

title = {A Public-Key System Based on Algebraic Coding Theory},

publisher = {Jet Propulsion Lab},

note = {DSN Progress Report 44},

year = 1978,

pages = {114-116}

}

@book{McEliece87,

editor = {R. McEliece},

title = {Finite Fields for Computer Scientists and Engineers},

publisher = {Kluwer Academic Publishers},

year = 1987

}

@article{McIlroy89,

author = {M. McIlroy},

title = {Virology 101},

journal = {Computing Systems},

volume = 2,

number = 2,

pages = {173--181},

year = 1989

}

@inproceedings{McInnesPi91,

author = {J.L. McInnes and B. Pinkas},

title = {On the Impossibility of Private Key Cryptography with

Weakly Random Keys},

pages = {421--436},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@article{McLean90,

author = {J. McLean},

title = {The Specifications and Modeling of Computer Security},

journal = {IEEE Computer},

pages = {missing},

volume = 23,

number = 1,

year = 1990

}

@inproceedings{Meier94,

author = {Meier, W.},

year = 1994,

title = {On the security of the {IDEA} block cipher},

booktitle = {Advances in Cryptology --- Eurocrypt '93},

editor = {T. Helleseth},

publisher = {Springer-Verlag},

series = {Lecture Notes in Computer Science},

volume = {765},

address = {Berlin},

pages = {371--385}

}

@article{MeierSt89,

author = {Meier, W. and Staffelbach, O.},

year = 1989,

title = {Fast Correlation Attacks on Certain Stream Ciphers},

journal = {Journal of Cryptology},

volume = 1,

number = 3,

pages = {159--176}

}

@inproceedings{MeierSt91,

author = {Meier, W. and Staffelbach, O.},

year = 1991,

title = {Correlation properties of combiners with memory in

stream ciphers},

booktitle = {Advances in Cryptology --- Eurocrypt '90},

editor = {I.B. Damg{\aa}rd},

pages = {549--562},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{MeierSt92,

author = {Willi Meier and Othmar Staffelbach},

title = {Efficient Multiplication on Certain Nonsupersingular

Elliptic Curves},

pages = {333-344},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{MeierSt92a,

author = {Meier, W. and Staffelbach, O.},

year = 1992,

title = {Analysis of Pseudo Random Sequences Generated by Cellular

Automata},

booktitle = {Advances in Cryptology --- Eurocrypt '91},

editor = {D.W. Davies},

pages = {186--199},

publisher = {Springer-Verlag},

address = {Berlin}

}

@article{MeierSt92b,

author = {Meier, W. and Staffelbach, O.},

year = 1992,

title = {Correlation properties of combiners with memory in

stream ciphers},

journal = {Journal of Cryptology},

volume = 5,

number = 1,

pages = {67--86}

}

@inproceedings{MeijerAk82,

oldtag = {MeijerAkl82},

author = {H. Meijer and Selim Akl},

title = {Digital Signature Scheme for Computer Communication

Networks},

pages = {65--70},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@book{Menezes93,

editor = {A.J. Menezes},

title = {Elliptic Curve Public Key Cryptosystems},

publisher = {Kluwer Academic Publishers},

year = 1993

}

@book{MenezesBlGaMuVaYa93,

editor = {A.J. Menezes and I.F. Blake and X. Gao and R.C. Mullin

and S.A. Vanstone and T. Yaghoobian},

title = {Applications of Finite Fields},

publisher = {Kluwer Academic Publishers},

year = 1993

}

@article{MenezesOkVa94,

author = {A.J. Menezes and T. Okamoto and S.A. Vanstone},

title = {Reducing elliptic curve logarithms to logarithms in

a finite field},

journal = {IEEE Transactions on Information Theory},

year = 1994,

volume = {39},

pages = {1639--1646}

}

@book{MenezesVaVa97,

author = {Alfred J. Menezes and Paul C. van Oorschot and

Scott A. Vanstone},

title = {Handbook of Applied Cryptography},

publisher = {CRC Press},

year = {1997}

}

@INPROCEEDINGS{MenezesVa90,

author = {A. Menezes and S.A. Vanstone},

title = {The Implementation of Elliptic Curve Cryptosystems},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {2--13}

}

@article{MenezesVa93,

author = {A.J. Menezes and S.A. Vanstone},

title = {Elliptic curve cryptosystems and their implementation},

journal = {Journal of Cryptology},

volume = 6,

year = 1993,

pages = {209--224}

}

@article{Merkle78,

author = {R. C. Merkle},

title = {Secure Communications Over Insecure Channels},

journal = CACM,

volume = 21,

month = Apr,

year = 1978,

pages = {294--299}

}

@techreport{Merkle79,

author = {Ralph Charles Merkle},

title = {Secrecy, Authentication, and Public Key Systems},

year = 1979,

month = {Jun},

institution = {Stanford University}

}

@inproceedings{Merkle88,

author = {Merkle, Ralph C.},

title = {A digital signature based on a conventional encryption

function},

pages = {369--378},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Merkle90,

oldtag = {Merkle89},

author = {Merkle, Ralph C.},

title = {One way hash functions and {DES}},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer},

year = 1990,

pages = {428--446}

}

@article{Merkle89a,

author = {Merkle, R.C.},

year = {1989},

title = {A Fast Software One-Way Hash Function},

journal = {Journal of Cryptology},

volume = 3,

number = 1,

pages = {43--58}

}

@inproceedings{Merkle90a,

oldtag = {Merkle90},

author = {Merkle, Ralph C.},

title = {A certified digital signature},

pages = {218--238},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990,

comment = {References Winternitz's one-time signature scheme.}

}

@inproceedings{Merkle90aa,

oldtag = {Merkle90a},

author = {Merkle, Ralph C.},

title = {One way hash functions and {DES}},

pages = {428--446},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{Merkle91,

author = {Merkle, Ralph C.},

title = {Fast Software Encryption Functions},

pages = {476--501},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@article{MerkleHe78,

author = {R. Merkle and M. Hellman},

title = {Hiding Information and Signatures in Trapdoor Knapsacks},

journal = {IEEE Trans. Inform. Theory},

volume = {IT-24},

month = Sep,

year = 1978,

pages = {525--530}

}

@article{MerkleHe81,

author = {Merkle, R.C. and Hellman, M.E.},

year = 1981,

title = {On the security of multiple encryption},

journal = {Communications of the ACM},

volume = 24,

pages = {465--467},

month = {July}

}

@inproceedings{Merritt83,

author = {Michael Merritt},

title = {Key Reconstruction},

pages = {321--322},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@article{Messmer92,

author = {Messmer, E.},

year = 1992,

title = {{NIST} stumbles on proposal for public-key encryption},

journal = {Network World},

volume = 9,

number = 30,

month = {July 27,}

}

@inproceedings{Meyer89,

author = {Meyer, C.H.},

year = {1989},

title = {Cryptography - A state of the art review},

booktitle = {COMPEURO'89, Proc.\ VLSI and Computer Peripherals},

publisher = {3rd Annual Computer Conference},

address = {Hamburg, Germany},

pages = {150--154}

}

@book{MeyerMa82,

author = {C. H. Meyer and S. M. Matyas},

title = {Cryptography: A New Dimension in Computer Data Security},

publisher = {John Wiley and Sons},

address = {New York},

year = 1982

}

@inproceedings{MeyerSc88,

author = {Meyer, C.H. and Schilling, M.},

year = {1988},

title = {Secure program load with manipulation detection code},

booktitle = {SECURICOM'88},

publisher = {Paris},

address = {France},

pages = {111--130}

}

@inproceedings{Micali92,

author = {Silvio Micali},

title = {Fair Public-Key Cryptosystems},

pages = {113--138},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{Micali94,

author = {Silvio Micali},

title = {{CS (Computationally-Sound)} Proofs},

booktitle = {STOC94},

publisher = {ACM},

address = {Montreal, Canada},

pages = {436--453},

year = 1994

}

@techreport{Micali94a,

author = {Silvio Micali},

title = {A secure and efficient digital signature algorithm},

institution = {MIT Laboratory for Computer Science},

number = {MIT/LCS/TM-501},

month = {Mar},

year = 1994

}

@techreport{Micali95,

author = {Silvio Micali},

title = {Guaranteed partial key escrow},

institution = {MIT Laboratory for Computer Science},

number = {MIT/LCS/TM-537},

month = {Sep},

year = 1995

}

@techreport{Micali96,

author = {Silvio Micali},

title = {Efficient Certificate Revocation},

institution = {MIT Laboratory for Computer Science},

number = {TM-542b},

month = {March 22,},

year = 1996

}

@inproceedings{MicaliRa91,

author = {S. Micali and T. Rabin},

title = {Collective Coin Tossing Without Assumptions Nor Broadcasting},

pages = {253--267},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

%MicaliRaSl88 is the final journal version of this paper

@inproceedings{MicaliRaSl87,

author = {Silvio Micali and Charles Rackoff and Bob Sloan},

title = {The Notion of Security for Probabilistic Cryptosystems},

pages = {381--392},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@article{MicaliRaSl88,

author = {S. Micali and C. Rackoff and R. H. Sloan},

title = {The Notion of Security for Probabilistic Cryptosystems},

journal = SIAM,

year = 1988,

volume = 17,

number = 2,

pages = {412--426},

month = Apr

}

@inproceedings{MicaliRo92,

author = {S. Micali and P. Rogaway},

title = {Secure computation},

pages = {392--404},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@inproceedings{MicaliSc88,

oldtag = {MicaliSc90},

author = {S. Micali and C.P. Schnorr},

title = {Efficient, Perfect Random Number Generators},

pages = {173--199},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{MicaliSh88,

oldtag = {MicaliSh90},

author = {S. Micali and A. Shamir},

title = {An Improvement of the {Fiat-Shamir} Identification

and Signature Scheme},

pages = {244-248},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Mignotte83,

author = {Maurice Mignotte},

title = {How to Share A Secret},

pages = {371--375},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{Mihailescu94,

author = {Preda Mihailescu},

title = {Fast Generation of provable primes using search in

arithmetic progressions},

pages = {282--293},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@inproceedings{MihaljevicGo90a,

oldtag = {MihaljevicGo90},

author = {Mihaljevi{\'c}, M.J. and Goli{\'c}, J.},

title = {A Fast Iterative Algorithm for a Shift Register Initial

State Reconstruction Given the Noisy Output Sequence},

year = {1990},

editor = {Seberry, J. and Pieprzyk, J.},

booktitle = {Advances in Cryptology --- Auscrypt '90},

publisher = {Springer Verlag},

address = {Berlin},

pages = {165--175}

}

@article{Millen76,

author = {J.K. Millen},

title = {Security Kernel Validation in Practice},

journal = {Communications of the ACM},

volume = 19,

number = 5,

pages = {243-250},

year = 1976

}

@article{Miller76,

author = {Gary L. Miller},

title = {Riemann's Hypothesis and Tests for Primality},

journal = jcss,

year = 1976,

volume = 13,

number = 3,

mon = dec,

pages = {300--317}

}

@inproceedings{Miller86,

author = {Miller, Victor S.},

title = {Use of Elliptic Curves in Cryptography},

pages = {417--426},

booktitle = CRYPTO85,

editor = {H. C. Williams},

publisher = {Springer},

year = 1986,

note = {Lecture Notes in Computer Science No.\ 218}

}

@incollection{MitchellPiWi92,

oldtag = {Mitchell92},

author = {Mitchell, C.J. and Piper, F. and Wild, P.},

year = 1992,

title = {Digital Signatures},

booktitle = {Contemporary Cryptology, The Science of Information

Integrity},

editor = {G.J. Simmons},

publisher = {{IEEE Press}},

pages = {325--378}

}

@techreport{Mitzenmacher81,

oldtag = {Mitzenmacher91},

author = {Michael Mitzenmacher},

title = {Elliptic Curves in Computer Science: Primality Testing,

Factoring, and Cryptography},

institution = {Harvard University, Center for Research in Computing

Technology},

number = {TR-15-91},

year = 1981

}

@inproceedings{Miyaguchi90,

author = {Shoji Miyaguchi},

title = {The {FEAL}-8 cryptosystem and a call for attack},

pages = {624--627},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{Miyaguchi91,

author = {S. Miyaguchi},

title = {The {FEAL} Cipher Family},

pages = {627--638},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{MiyaguchiOhIw90,

author = {Miyaguchi, S. and Ohta, K. and Iwata, M.},

year = {1990},

title = {128-bit hash function ({N}-{H}ash)},

booktitle = {{SECURICOM} '90},

pages = {123--137}

}

@article{MohanAd85,

author = {S. Mohan and B. Adiga},

year = 1985,

month = {August},

title = {Fast algorithms for implementing {RSA} public key cryptosystems},

journal = {Electronics Letters},

volume = 21,

number = 17,

pages = {761}

}

@phdthesis{Monier80,

author = {Louis Monier},

title = {Algorithmes de Factorisation D'Entiers},

school = {L'U\-ni\-ver\-sit\'e Paris-Sud},

address = {Centre D'Orsay},

year = 1980,

mon = may

}

@article{Monier80b,

author = {Louis Monier},

title = {Evaluation and Comparison of Two Efficient Probabilistic

Primality Testing Algorithms},

journal = tcs,

mon = sep,

year = 1980,

volume = 12,

number = 1,

pages = {97--108}

}

@article{Montgomery85,

author = {P. Montgomery},

title = {Modular multiplication without trial division},

journal = {Mathematics of Computation},

year = 1985,

volume = 44,

pages = {519--521}

}

@article{Montgomery87,

author = {Peter L. Montgomery},

title = {Speeding the {P}ollard and elliptic curve methods of

factorization},

journal = {Mathematics of Computation},

year = 1987,

month = Jan,

volume = 48,

number = 177,

pages = {243--264}

}

@article{MontgomerySi90,

author = {Peter L. Montgomery and Robert D. Silverman},

title = {An {FFT} extension to the {$p-1$} algorithm},

journal = {Mathematics of Computation},

year = 1990,

month = Apr,

volume = 54,

number = 190,

pages = {839--854}

}

@book{MoodGrBo74,

author = {Mood, A.M. and Graybill, F.A. and Boes, D.C.},

year = 1974,

title = {Introduction to the Theory of Statistics},

edition = {3rd},

publisher = {McGraw-Hill}

}

@inproceedings{Moore88,

author = {Judy H. Moore},

title = {Strong practical protocols},

pages = {167--172},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@incollection{Moore92,

author = {J.H. Moore},

title = {Protocol failures in cryptosystems},

booktitle = {Contemporary Cryptology, The Science of Information

Integrity},

publisher = {IEEE Press},

year = 1992,

pages = {541--558}

}

@inproceedings{MooreSi87,

author = {Judy H. Moore and Gustavus J. Simmons},

title = {Cycle Structures of the {DES} with Weak and Semi-Weak

Keys},

pages = {9--32},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@inproceedings{MooreTa86,

author = {T.E. Moore and S.E. Tavares},

title = {A Layered Approach to the Design of Private Key Cryptosystems},

pages = {227--245},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@inproceedings{Morita90,

author = {Hikaru Morita},

title = {A fast modular-multiplication algorithm based on a

higher radix},

pages = {387--399},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@INPROCEEDINGS{Morita90a,

author = {H. Morita},

title = {A Fast Modular-Mulitplication Module for Smart Cards},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {406--409}

}

@inproceedings{MoritaOhMi92,

author = {H. Morita and K. Ohta and S. Miyaguchi},

title = {A switching closure test to analyze cryptosystems},

pages = {183--193},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@article{MorrisTh79,

author = {R. Morris and K. Thompson},

year = 1979,

title = {Password Security: A Case History},

journal = {Communications of the ACM},

volume = 22,

number = 11,

pages = {to add},

month = {Nov}

}

@inproceedings{Morrison82,

author = {Don R. Morrison},

title = {Subtractive Encryptors -- Alternatives to the {DES}},

pages = {42--52},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@article{MorrisonBr75,

author = {M. A. Morrison and J. Brillhart},

title = {A Method of Factoring and the Factorization of $F_7$},

journal = {Mathematics of Computation},

volume = 29,

year = 1975,

pages = {183--205}

}

@book{MotwaniRa95,

author = {Rajeev Motwani and Prabhakar Raghavan},

title = {Randomized Algorithms},

publisher = {Cambridge University Press},

year = {1995}

}

@inproceedings{Mueller-SchlWa83,

oldtag = {Mueller-SchloerWa83},

author = {Christian Mueller-Schloer and Neal R. Wagner},

title = {Cryptographic Protection of Personal Data Cards},

pages = {219--229},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inbook{Mullen93,

author = {Gary L. Mullen},

title = {Permutation Polynomials over Finite Fields},

publisher = {Shiue, Peter Jau-Shyong},

note = {booktitle: Lecture Notes in Pure and Applied Mathematics,

vol. 141},

year = 1993,

pages = {131--151}

}

@inproceedings{Mund92,

author = {Mund, S.},

year = 1992,

title = {Ziv-{L}empel Complexity for Periodic Sequences and

its Cryptographic Application},

booktitle = {Advances in Cryptology --- Eurocrypt '91},

editor = {D.W. Davies},

pages = {114--126},

publisher = {Springer-Verlag},

address = {Berlin}

}

@article{Murphy90,

author = {S. Murphy},

title = {The Cryptoanalysis of {FEAL}-4 with 20 Chosen Plaintexts},

journal = {Journal of Cryptology},

year = 1990,

volume = 2,

pages = {145--154}

}

@inproceedings{Naor90,

author = {Moni Naor},

title = {Bit commitment using pseudo-randomness},

pages = {128--137},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{NaorNi98,

author = {Moni Naor and Kobbi Nissim},

title = {Certificate Revocation and Certificate Update},

booktitle = {Proceedings 7th {USENIX} Security Symposium

(San Antonio, Texas)},

month = {Jan},

year = {1998}

}

@inproceedings{NaorOsVeYu92,

author = {M. Naor and R. Ostrovsky and R. Venkatesan and M. Yung},

title = {Perfect Zero-Knowledge Arguments for {\em NP} Can Be

Based on General Complexity Assumptions},

booktitle = {CRYPTO92 Preliminary Proceedings},

year = 1992,

address = {Santa Barbara, CA},

pages = {51--58}

}

@inproceedings{NaorOsVeYu92a,

author = {M. Naor and R. Ostrovsky and R. Venkatesan and M. Yung},

title = {Perfect Zero-Knowledge Arguments for {\em NP} Can Be

Based on General Complexity Assumptions},

pages = {196--214},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{NaorYu89,

author = {M. Naor and M. Yung},

title = {Universal one-way hash functions and their cryptographic

applications},

booktitle = STOC89,

publisher = ACM,

address = {Seattle},

year = 1989,

pages = {33--43}

}

@inproceedings{NaorYu90,

author = {Moni Naor and Moti Yung},

title = {Public-key Cryptosystems Provably Secure Against Chosen

Ciphertext Attack},

booktitle = {Proc.\ of the Twenty-Second Annual ACM Symposium on

Theory of Computing},

year = 1990,

address = {Baltimore, Maryland},

publisher = {ACM},

pages = {427--437}

}

@techreport{NationalBure76,

oldtag = {NBS76},

author = {{National Bureau of Standards}},

institution = {{National Bureau of Standards}},

year = 1976,

title = {Report of the workshop on estimation of significant

advances in computer technology},

number = {{NBSIR 76-1189}}

}

@techreport{Standards77,

oldtag = {NBS77},

author = {National Bureau of Standards},

title = {Announcing the Data Encryption Standard},

institution = {National Bureau of Standards},

number = {FIPS Publication 46},

month = Jan,

year = 1977

}

@techreport{Standards80,

oldtag = {NBS80},

author = {National Bureau of Standards},

title = {{DES} modes of operation},

institution = {National Bureau of Standards},

number = {FIPS Publication 81},

year = 1980

}

@techreport{Standards81,

oldtag = {NBS81},

author = {National Bureau of Standards},

title = {Guidelines for implementing and using the {NBS} data

encryption standard},

institution = {National Bureau of Standards},

number = {FIPS Publication 74},

year = 1981

}

@techreport{Standards85b,

oldtag = {NBS85},

author = {National Bureau of Standards},

title = {Computer data authentication},

institution = {National Bureau of Standards},

number = {FIPS Publication 113},

year = 1985

}

@techreport{Standards93,

oldtag = {NBS93},

author = {National Bureau of Standards},

title = {Secure hash standard},

institution = {National Bureau of Standards},

number = {FIPS Publication 180},

year = 1993

}

@techreport{Standards94,

oldtag = {NBS94},

author = {National Bureau of Standards},

title = {Digital Signature Standard},

institution = {National Bureau of Standards},

number = {FIPS Publication 186},

year = 1994

}

@article{Needham94,

author = {Roger M. Needham},

title = {Denial of Service: An Example},

journal = {Communications of the ACM},

month = Nov,

year = 1994,

volume = 37,

number = 11,

pages = {42--47}

}

@article{NeedhamSc78,

author = {R. M. Needham and M. D. Schroeder},

title = {Using encryption for authentication in large networks

of computers},

journal = CACM,

volume = 21,

number = 12,

year = 1978,

month = Dec,

pages = {993--999}

}

@article{Nelson94,

author = {Ruth Nelson},

title = {What is a secret and what does it have

to do with computer security},

journal = {New Security Paradigms Workshop},

year = 1994,

pages = {74--79}

}

@inproceedings{NelsonHe90,

author = {Ruth Nelson and John Heimann},

title = {{SDNS} architecture and end-to-end encryption},

pages = {356--367},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@misc{NetBill95,

title = {{The NetBill Electronic Commerce Project}},

year = 1995,

note = {{\tt http://www.ini.cmu/NETBILL/home.html}}

}

@article{NeumanTs94,

author = {B. Clifford Neuman and Theodore Ts'o},

title = {Kerberos: An Authentication Service for Computer Networks},

journal = {IEEE Communications Magazine},

month = Sep,

year = 1994,

volume = 32,

number = 9,

pages = {33--38}

}

@book{Neumann95,

author = {Peter G. Neumann},

title = {Computer-Related Risks},

publisher = {Addison-Wesley},

year = 1995

}

@INPROCEEDINGS{Newberry90,

author = {M. Newberry},

title = {{Min\`{o}s}: Extended User Authentication},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {410--423}

}

@inproceedings{Nicolai83,

author = {Carl Nicolai},

title = {Nondeterministic Cryptography},

pages = {323--326},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{Niederreiter91,

author = {Niederreiter, H.},

year = 1991,

title = {The linear complexity profile and the jump complexity

of keystream sequences},

booktitle = {Advances in Cryptology --- Eurocrypt '90},

editor = {I.B. Damg{\aa}rd},

pages = {174--188},

publisher = {Springer-Verlag},

address = {Berlin}

}

@manual{NationalInst77,

oldtag = {NIST77},

author = {{National Institute of Standards and Technology (NIST)}},

year = 1977,

month = {January},

title = {{FIPS} Publication 46: Announcing the {Data Encryption

Standard}},

note = {Originally issued by National Bureau of Standards}

}

@manual{NationalInst79,

oldtag = {NIST79},

author = {{National Institute of Standards and Technology (NIST)}},

year = 1979,

month = {August},

title = {{FIPS} Publication 65: Guideline for Automatic Data Processing

Risk Analysis}

}

@manual{NationalInst80,

oldtag = {NIST80},

author = {{National Institute of Standards and Technology (NIST)}},

year = 1980,

title = {{FIPS Publication} 81: {DES} Modes of Operation},

month = {December 2,},

note = {Originally issued by National Bureau of Standards}

}

@manual{NationalInst85a,

oldtag = {NIST85},

author = {{National Institute of Standards and Technology (NIST)}},

year = 1985,

title = {{FIPS Publication 113: Computer Data Authentication}},

month = {May 30,},

note = {Originally issued by National Bureau of Standards}

}

@manual{NationalInst88,

oldtag = {NIST88},

author = {{National Institute of Standards and Technology (NIST)}},

year = 1988,

month = {January 22,},

title = {{FIPS Publication 46-1: Data Encryption Standard}},

note = {Originally issued by National Bureau of Standards}

}

@article{StandardsTe91,

oldtag = {NIST91},

author = {National Institute for Standards and Technology},

title = {{Digital Signature Standard (DSS)}},

journal = {Federal Register},

volume = 56,

number = 169,

month = {August 30},

year = 1991

}

@techreport{StandardsTe91a,

oldtag = {NIST91a},

author = {National Institute for Standards and Technology},

title = {A Proposed Federal Information Processing Standard

for Digital Signature Standard {(DSS)}},

institution = {National Institute for Standards and Technology},

number = {FIPS PUB XX},

month = Aug,

year = 1991,

note = {DRAFT}

}

@manual{NationalInst92,

oldtag = {NIST92},

author = {{National Institute of Standards and Technology (NIST)}},

year = 1992,

title = {Special Publication 500-183: Stable Implementation

Agreements for Open Systems Interconnection Protocols:

Part 12 --- {OS}] Security},

month = {June}

}

@article{NationalInst92a,

oldtag = {NIST92a},

author = {{National Institute of Standards and Technology (NIST)}},

year = 1992,

title = {The {Digital Signature Standard}, proposal and discussion},

journal = {Communications of the ACM},

volume = 35,

number = 7,

pages = {36--54},

month = {July}

}

@manual{NationalInst93,

oldtag = {NIST93},

author = {{National Institute of Standards and Technology (NIST)}},

year = 1993,

month = {December 30,},

title = {{FIPS} Publication 46-2: Data Encryption Standard}

}

@article{NationalInst93a,

oldtag = {NIST93a},

author = {{National Institute of Standards and Technology (NIST)}},

year = 1993,

title = {Notice of Proposal for Grant of Exclusive Patent License},

journal = {Federal Register},

volume = 58,

number = 108,

month = {June 8,}

}

@manual{NationalInst93b,

oldtag = {NIST93b},

author = {{National Institute of Standards and Technology (NIST)}},

year = 1993,

month = {May 11,},

title = {{FIPS} Publication 180: Secure Hash Standard {(SHS)}}

}

@article{NationalInst93c,

oldtag = {NIST93c},

author = {{National Institute of Standards and Technology (NIST)}},

year = 1993,

title = {A Proposed {Federal Information Processing Standard}

for an {Escrowed Encryption Standard {(EES)}}},

journal = {Federal Register},

volume = 58,

number = 145,

month = {July 30,}

}

@article{NationalInst93d,

oldtag = {NIST93d},

author = {{National Institute of Standards and Technology (NIST)}},

year = 1993,

title = {Opportunity To Join a Cooperative Research and Development

Consortium To Develop Secure Software Encryption With

Integrated Cryptographic Key Escrowing Techniques},

journal = {Federal Register},

volume = 58,

number = 162,

month = {August 24,}

}

@manual{NationalInst94,

oldtag = {NIST94},

author = {{National Institute of Standards and Technology (NIST)}},

year = 1994,

month = {May 19,},

title = {{FIPS} Publication 186: Digital Signature Standard}

}

@manual{NationalInst94a,

oldtag = {NIST94a},

author = {{National Institute of Standards and Technology (NIST)}},

year = 1994,

month = {May},

title = {Announcement of Weakness in the {Secure Hash Standard}

(SHS)}

}

@manual{NationalInst94c,

author = {{National Institute of Standards and Technology (NIST)}},

year = 1994,

month = {February 9,},

title = {{FIPS} Publication 185: Escrowed Encryption Standard}

}

@book{NivenZu72,

author = {I. Niven and H. S. Zuckerman},

title = {An Introduction to the Theory of Numbers},

publisher = {Wiley},

year = 1972

}

@book{NivenZu80,

author = {Ivan Niven and Herbert S. Zuckerman},

title = {An Introduction to the Theory of Numbers},

publisher = {John Wiley \& Sons},

edition = {Fourth},

year = 1980

}

@book{NationalRese91,

oldtag = {NRC91},

author = {{National Research Council, System Security Study Committee

and others}},

year = 1991,

title = {Computers at Risk: {Safe} Computing in the Electronic

Age},

publisher = {National Academy Press},

address = {Washington, DC},

note = {David D. Clark, Chairman}

}

@inproceedings{Nyberg91,

author = {Nyberg, K.},

year = 1991,

title = {Perfect nonlinear {S}-boxes},

booktitle = {Advances in Cryptology --- Eurocrypt '91},

editor = {D.W. Davies},

publisher = {Springer-Verlag},

address = {Berlin},

pages = {378--386}

}

@inproceedings{NybergKn92,

author = {Kaisa Nyberg and Lars R. Knudsen},

title = {Provable Security Against Differential Cryptanalysis},

pages = {566--574},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{Nyberg93,

author = {Nyberg, K.},

year = 1993,

title = {On the construction of highly nonlinear permutations},

booktitle = {Advances in Cryptology --- Eurocrypt '92},

editor = {R.A. Rueppel},

publisher = {Springer-Verlag},

address = {Berlin},

pages = {92--98}

}

@inproceedings{Nyberg94,

author = {Nyberg, K.},

year = {1994},

title = {Differentially uniform mappings for cryptography},

booktitle = {Advances in Cryptology --- Eurocrypt '93},

editor = {T. Helleseth},

publisher = {Springer-Verlag},

series = {Lecture Notes in Computer Science},

volume = {765},

address = {Berlin},

pages = {55--64}

}

@misc{Nyberg94a,

author = {Nyberg, K.},

year = {1994},

month = {May},

title = {Linear approximation of block ciphers},

note = {Presented at rump session, Eurocrypt '94}

}

@inproceedings{Nye82,

author = {J. Michael Nye},

title = {Current Market: Products, Costs, Trends},

pages = {110-114},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{Nye82a,

author = {J. Michael Nye},

title = {The Import/Export Dilemma},

pages = {135-137},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{Oberman83,

author = {M.R. Oberman},

title = {Communications Security in Remote Controlled Computer

Systems},

pages = {219--227},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{OConnerSn93,

oldtag = {Oconner93},

author = {O'Conner, L. and Snider, T.},

year = 1993,

title = {Suffix trees and string complexity},

booktitle = {Advances in Cryptology --- Eurocrypt '92},

editor = {R.A. Rueppel},

pages = {138--152},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{OConnor94,

oldtag = {O'Connor94},

author = {Luke O'Connor},

title = {On the distribution of characteristics in composite

permutations},

pages = {403--412},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@inproceedings{OConner94,

oldtag = {Oconner94a},

author = {O'Conner, L.},

year = 1994,

title = {On the distribution of characteristics in bijective

mappings},

booktitle = {Advances in Cryptology --- Eurocrypt '93},

editor = {T. Helleseth},

publisher = {Springer-Verlag},

series = {Lecture Notes in Computer Science},

volume = {765},

address = {Berlin},

pages = {360--370}

}

@article{Odlyzko84a,

author = {A. M. Odlyzko},

title = {Cryptanalytic attacks on the multiplicative knapsack

scheme and on {Shamir's} fast signature scheme},

journal = {IEEE Trans.\ Inform.\ Theory},

volume = {IT-30},

month = Jul,

year = 1984,

pages = {594--601}

}

@inproceedings{Odlyzko85,

oldtag = {Odlyzko84b},

author = {A. M. Odlyzko},

title = {Discrete logarithms in finite fields and their cryptographic

significance},

pages = {224--314},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer},

address = {Paris},

year = 1985

}

@incollection{Odlyzko90,

author = {A. M. Odlyzko},

title = {The Rise and Fall of the Knapsack Problem},

booktitle = {Proc.\ of the AMS Symposia in Applied Mathematics:

Computational Number Theory and Cryptography},

publisher = {American Mathematical Society},

year = {1990},

pages = {75--88}

}

@article{Ogiwara90,

author = {M. Ogiwara},

title = {A Method for Generating Cryptographically strong primes},

journal = {Transactions of the IEICE (Japan)},

volume = {E73},

year = 1990,

pages = {985--994}

}

@inproceedings{OhtaAo94,

author = {Kazuo Ohta and Kazumaro Aoki},

title = {Linear cryptanalysis of the Data Encryption Standard},

pages = {12--16},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@INPROCEEDINGS{OhtaKo90,

author = {K. Ohta and K. Koyama},

title = {Meet-in-the-middle Attack on Digital Signature Schemes},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {140--154}

}

@inproceedings{OhtaMa94,

author = {Kazuo Ohta and Mitsuru Matsui},

title = {Differential attack on message authentication codes},

pages = {200--211},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@inproceedings{OhtaOk88,

oldtag = {OhtaOk90},

author = {K. Ohta and T. Okamoto},

title = {A modification of the {Fiat-Shamir} Scheme},

pages = {232-243},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Okamoto94,

author = {Tatsuaki Okamoto},

title = {Designated confirmer signatures and public-key encryption

are equivalent},

pages = {61--74},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@inproceedings{Okamoto92,

author = {Tatsuaki Okamoto},

title = {Provably Secure and Practical Identification Schemes

and Corresponding Signature Schemes},

pages = {31--53},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{Okamoto88b,

oldtag = {Okamoto88},

author = {Eiji Okamoto},

title = {Key distribution systems based on identification information},

pages = {194--202},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{OkamotoFuFu92,

author = {Tatsuaki Okamoto and Atsushi Fujioka and Eiichiro Fujisaki},

title = {An Efficient Digital Signature Scheme Based on an Elliptic

Curve Over the Ring $Z_n$},

pages = {54--65},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{OkamotoNa86,

author = {E. Okamoto and K. Nakamura},

title = {Lifetimes of Keys in Cryptographic Key Management Systems},

pages = {246--259},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@inproceedings{OkamotoOh90,

author = {Tatsuaki Okamoto and Kazuo Ohta},

title = {Disposable zero-knowledge authentications and their

applications to untraceable electronic cash},

pages = {481--497},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{OkamotoOh91,

author = {T. Okamoto and K. Ohta},

title = {How to Utilize the Randomness of Zero-Knowledge Proofs},

pages = {456--475},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{OkamotoOh92,

author = {T. Okamoto and K. Ohta},

title = {Universal Electronic Cash},

pages = {324--337},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@inproceedings{OkamotoSa92,

author = {Tatsuaki Okamoto and K. Sakurai},

title = {Efficient algorithms for the construction of hyperelliptic

cryptosystems},

pages = {267--278},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@inproceedings{OngSc84,

author = {H. Ong and C.P. Schnorr},

title = {Signatures through Approximate Representation by Quadratic

Forms},

pages = {117-131},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@inproceedings{OngScSh84,

author = {H. Ong and C.P. Schnorr and A. Shamir},

title = {An Efficient Signature Scheme Based on Quadratic Equations},

pages = {208--216},

booktitle = STOC84,

publisher = ACM,

address = {Washington, D.C.},

year = 1984

}

@inproceedings{Ondrusch94,

author = {Ondrusch, S.},

year = 1994,

title = {Smallest and fastest implementations of various asymmetric

cryptographic algorithms on chip cards},

booktitle = {{CardTech/SecurTech 1994}},

pages = {61--68}

}

@inproceedings{OngScSh85,

author = {H. Ong and C.P. Schnorr and Adi Shamir},

title = {Efficient Signature Schemes},

pages = {37--46},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@incollection{Oorschot92,

author = {Oorschot, P.C. van},

year = {1992},

title = {A Comparison of Practical Public Key Cryptosystems

Based on Integer Factorization and Discrete Logarithms},

booktitle = {Contemporary Cryptology, The Science of Information

Integrity},

editor = {G.J. Simmons},

publisher = {{IEEE Press}},

pages = {289--322}

}

@inproceedings{OorschotWi91,

author = {Oorschot, P.C. van and Wiener, M.J.},

year = 1991,

title = {A Known-plaintext attack on two-key triple encryption},

booktitle = {Advances in Cryptology --- Eurocrypt '90},

editor = {I.B. Damg{\aa}rd},

pages = {318--325},

publisher = {Springer-Verlag},

address = {Berlin}

}

@article{Oppliger97,

author = {Oppliger, Rolf},

year = 1997,

month = {May},

title = {Internet Security: Firewalls and Bey},

journal = {Communications of the ACM},

volume = 40,

number = 5,

pages = {92--101}

}

@book{OppenheimSc75,

author = {Oppenheim, A.V. and Schafer, R.W.},

year = 1975,

title = {Digital Signal Processing },

address = {New {J}ersey},

publisher = {Prentice-{H}all, {I}nc.}

}

@inproceedings{OrlitskyEl84,

author = {A. Orlitsky and A. El Gamal},

title = {Communication with Secrecy Constraints},

pages = {217--229},

booktitle = STOC84,

publisher = ACM,

address = {Washington, D.C.},

year = 1984

}

@inproceedings{OrtonRoScPeTa87,

author = {G.A. Orton and M.P. Roy and P.A. Scott and L.E. Peppard

and S.E. Tavares},

title = {{VLSI} implementation of public-key encryption algorithms},

pages = {277--301},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@manual{OSISOpenShop85,

oldtag = {Osis85},

author = {{OSIS (Open Shops for Information Services) European

Working Group}},

year = 1985,

title = {{OSIS Security Aspects}},

publisher = {{OSIS}},

address = {},

month = {Oct.}

}

@inproceedings{Ostrovsky90,

author = {Rafail Ostrovsky},

title = {An efficient software protection scheme},

pages = {610--611},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{OzarowWy85,

author = {L.H. Ozarow and A.D. Wyner},

title = {Wire-Tap Channel {II}},

pages = {33--50},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@inproceedings{ParikhMa91,

author = {Shrikant N. Parikh and David W. Matula},

year = 1991,

title = {A Redundant Binary {Euclidean GCD} Algorithm},

booktitle = {Proc.\ of the 10th IEEE Symp.\ on Computer Arithmetic},

pages = {220--225}

}

@inproceedings{Patarin92,

author = {Jacques Patarin},

title = {New results on pseudorandom permutation generators

based on the {DES} scheme},

pages = {301--312},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@inproceedings{PatarinCh94,

author = {Jacques Patarin and Pascal Chauvaud },

title = {Improved algorithms for the permuted kernel problem},

pages = {391--402},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@article{Patel8990,

oldtag = {Patel90},

author = {Patel, Ahmed},

year = {1989/90},

title = {Emerging network security standards in an {OSI} environment},

journal = {Computer Standards \& Interfaces},

volume = {9},

pages = {239--247}

}

@book{Patterson87a,

oldtag = {Patterson87},

author = {W. Patterson},

title = {Mathematical Cryptology for Computer Scientists and

Mathematicians},

publisher = {Rowman and Littlefield},

year = 1987

}

@inproceedings{Pedersen92,

author = {T.P. Pedersen},

title = {Non-interactive and information-theoretic secure verifiable

secret sharing},

pages = {129--140},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@techreport{Pedersen95,

author = {Torben P. Pedersen},

year = 1995,

month = Aug,

title = {Electronic Payments of Small Amounts},

number = {DAIMI PB-495},

institution = {Aarhus University},

address = {Computer Science Department, \AA{}rhus, Denmark}

}

@inproceedings{Peralta92,

author = {Ren\'e Peralta},

title = {A Quadratic Sieve on the $n$-Dimensional Cube},

pages = {324--332},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@article{Peralta92a,

author = {Ren\'e Peralta},

title = {On the distribution of quadratic residues and nonresidues

modulo a prime number},

journal = {Mathematics of Computation},

volume = 58,

number = 197,

year = 1992,

pages = {433--440}

}

@inproceedings{PfitzmannWa92,

author = {B. Pfitzmann and M. Waidner},

title = {How To Break And Repair A ``Provably Secure'' Untraceable

Payment System},

pages = {338--350},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@inproceedings{Pichler83,

author = {Franz Pichler},

title = {Analog Scrambling by the General Fast Fourier Transform},

pages = {173--178},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{Pieprzyk85,

author = {J.P. Pieprzyk},

title = {Algebraical Structures of Cryptographic Transformations},

pages = {16--24},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@INPROCEEDINGS{PieprzykZh90,

author = {J. Pieprzyk and X.M. Zhang},

title = {Permutation Generators of Alternating Groups},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {237--244}

}

@inproceedings{Piper83,

author = {Fred Piper},

title = {Stream Ciphers},

pages = {181--188},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@article{PlackettBu45,

author = {R.L. Plackett and J.P. Burman},

title = {The design of optimum multi-factorial experiments},

journal = {Biometrika},

year = 1945,

volume = 33,

pages = {305--325}

}

@article{Pless77,

author = {Pless, V.S.},

year = {1977},

title = {Encryption schemes for computer confidentiality},

journal = {IEEE Transactions on Computers},

volume = {C-26},

pages = {1133--1136},

month = {Nov.}

}

@inproceedings{Plumstead82,

author = {J. Plumstead},

title = {Inferring a sequence generated by a linear congruence},

pages = {153--159},

booktitle = FOCS82,

publisher = IEEE,

address = {Chicago},

year = 1982

}

@inproceedings{Plumstead83b,

oldtag = {Plumstead83},

author = {Joan B. Plumstead},

title = {Inferring a Sequence Produced by a Linear Congruence},

pages = {317--319},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983,

comment = {Abstract of the FOCS '82 paper}

}

@article{PohligHe78,

author = {S. C. Pohlig and M. E. Hellman},

title = {An improved algorithm for computing logarithms over

{$GF(p)$} and its cryptographic significance},

journal = {IEEE Trans.\ Inform.\ Theory},

volume = {IT-24},

month = Jan,

year = 1978,

pages = {106--110}

}

% Following was previously miskeyed as Pollard71

@article{Pollard74,

author = {J. M. Pollard},

title = {Theorems on factorization and primality testing},

journal = {Proc.\ Cambridge Philosophical Society},

volume = 76,

year = 1974,

pages = {521--528},

comment = {Contains $p-1$ method of factoring.}

}

@article{Pollard75,

author = {J. M. Pollard},

title = {A {Monte Carlo} Method for Factorization},

journal = {BIT},

year = 1975,

volume = 15,

pages = {331--334},

comment = {Introduces ``rho'' heuristic for factorization.}

}

@article{Pomerance81,

author = {Carl Pomerance},

title = {On the Distribution of Pseudoprimes},

journal = {Mathematics of Computation},

year = 1981,

volume = 37,

number = 156,

pages = {587--593}

}

@incollection{Pomerance82,

author = {C. Pomerance},

title = {Analysis and comparison of some integer factoring

algorithms},

booktitle = {Computational Methods in Number Theory},

editor = {Lenstra, Jr., H. W. and R. Tijdeman},

publisher = {Math.\ Centrum Tract 154},

address = {Amsterdam},

year = 1982,

pages = {89--139}

}

@article{Pomerance82b,

author = {Carl Pomerance},

title = {A New Lower Bound for the Pseudoprime Counting Function},

journal = {Illinois Journal of Mathematics},

volume = 26,

number = 1,

year = 1982,

month = {Spring},

pages = {4--9}

}

@inproceedings{Pomerance84b,

oldtag = {Pomerance84},

author = {Carl Pomerance},

title = {The Quadratic Sieve Factoring Algorithm},

booktitle = {Advances in Cryptology},

series = {Lecture Notes in Computer Science},

publisher = {Springer-Verlag},

volume = 209,

year = 1984,

editor = {T. Beth and N. Cot and I. Ingemarrson},

pages = {169--182}

}

@inproceedings{Pomerance85,

author = {Carl Pomerance},

title = {The Quadratic Sieve Factoring Algorithm},

pages = {169--182},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@article{Pomerance86a,

oldtag = {Pomerance86},

author = {Carl Pomerance},

title = {On the Number of False Witnesses for a Composite Number},

journal = {Mathematics of Computation},

volume = 46,

number = 173,

year = 1986,

month = Jan,

pages = {259--279}

}

@incollection{Pomerance87,

author = {Pomerance, C.},

year = 1987,

title = {Fast, rigorous factorization and discrete logarithm

algorithms},

booktitle = {Discrete Algorithms and Complexity},

publisher = {Academic Press},

editor = {Johnson, D.S. and Nishizeki, T. and Nozaki, A. and

Wilf, H.S.},

pages = {119--143},

address = {Orlando, FL}

}

@incollection{Pomerance89,

author = {Carl Pomerance},

title = {Two Methods in Elementary Analytic Number Theory},

booktitle = {Number Theory and Applications},

publisher = {Kluwer Academic Publishers},

year = 1989,

editor = {R. A. Mollin},

pages = {135--161}

}

@book{Pomerance90a,

oldtag = {Pomerance90},

editor = {Carl Pomerance},

title = {Proc.\ of the {AMS} Symposia in Applied Mathematics:

Computational Number Theory and Cryptography},

publisher = {American Mathematical Society},

year = {1990}

}

@incollection{Pomerance90aa,

oldtag = {Pomerance90a},

author = {Carl Pomerance},

title = {Cryptology and Computational Number Theory--An Introduction},

booktitle = {Proc.\ of the AMS Symposia in Applied Mathematics:

Computational Number Theory and Cryptography},

publisher = {American Mathematical Society},

year = {1990},

pages = {1--12}

}

@incollection{Pomerance90b,

author = {Carl Pomerance},

title = {Factoring},

booktitle = {Proc.\ of the AMS Symposia in Applied Mathematics:

Computational Number Theory and Cryptography},

publisher = {American Mathematical Society},

year = {1990},

pages = {27--47}

}

@article{CSeWa80,

oldtag = {PomeranceSeWa80},

author = {Pomerance C. and J. L. Selfridge and Wagstaff, Jr.,

S.},

title = {The pseudoprimes to $25\cdot 10^{9}$},

journal = {Mathematics of Computation},

year = 1980,

month = Jul,

volume = 35,

number = 151,

pages = {1003--1026}

}

@article{PomeranceSmTu88,

author = {C. Pomerance and J. W. Smith and R. Tuler},

title = {A Pipeline Architecture for Factoring Large Integers

with the Quadratic Sieve Algorithm},

journal = {SIAM J. Computing},

volume = 17,

number = 2,

year = 1988,

month = Apr,

pages = {387--403}

}

@inproceedings{PomeranceSmWa84,

author = {Carl Pomerance and J.W. Smith and S.S. Wagstaff, Jr.},

title = {New Ideas for Factoring Large Integers},

pages = {81--85},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@inproceedings{Porter82,

author = {Sig Porter},

title = {A Pasword Extension for Improved Human Factors},

pages = {81--81},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@phdthesis{Preneel93,

author = {Preneel, B.},

title = {Analysis and design of cryptographic hash functions},

school = {Katholieke Universiteit Leuven},

year = {1993}

}

@inproceedings{PreneelBoGoVa90,

author = {Bart Preneel and Antoon Bosselaers and Ren\'e Govaerts

and Joos Vandewalle},

title = {A chosen text attack on the modified cryptographic

checksum algorithm of {Cohen and Huang}},

pages = {154--163},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{PreneelGoVa93,

author = {Preneel, B. and Govaerts, R. and Vandewalle, J.},

year = {1993},

title = {On the power of memory in the design of collision

resistant hash functions},

booktitle = {Advances in Cryptology --- Auscrypt '92},

editor = {J. Seberry and Y. Zheng},

publisher = {Springer-Verlag},

address = {Berlin},

pages = {105--121}

}

@inbook{PreneelGoVa91,

oldtag = {PreneelGoVa93a},

author = {B. Preneel and R. Govaerts and J. Vandewalle},

title = {Information authentication: hash functions and digital

signatures},

publisher = {Lecture Notes in Computer Science, 1993, No.\ 741},

note = {Computer Security and Industrial Cryptography, State

of the Art and Evolution, ESAT Course},

month = May,

year = 1991,

pages = {87--131}

}

@inproceedings{PreneelGoVa94,

author = {Bart Preneel and Ren\'e Govaerts and Joos Vandewalle},

title = {Hash functions based on block ciphers: a synthetic

approach},

pages = {368--378},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@inproceedings{PreneelLeLiGoVa91,

author = {Preneel, B. and Leekwijck, W. Van and Linden, L. Van

and Govaerts, R. and Vandewalle, J.},

year = {1991},

title = {Propagation characteristics of {B}oolean functions},

booktitle = {Advances in Cryptology --- Eurocrypt '90},

editor = {I.B. Damg{\aa}rd},

pages = {161--173},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{PreneelNuRiBu94,

author = {Bart Preneel and Marnix Nuttin and Vincent Rijmen

and Johan Buelens},

title = {Cryptanalysis of the CFB mode of the DES with a reduced

number of rounds},

pages = {212--223},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@inproceedings{PreneelOo95,

author = {Bart Preneel and Paul C. van Oorschot},

title = {{MDx-MAC} and Building Fast {MAC}s from Hash Functions},

pages = {1--14},

booktitle = CRYPTO94,

editor = {Don Coppersmith},

note = {Lecture Notes in Computer Science No.\ 963},

publisher = {Springer},

year = 1995

}

@misc{PreneelRi94,

author = {Preneel, B. and Rijmen, V.},

year = {1994},

month = {May},

title = {On using maximum likelihood to optimize recent cryptanalytic

techniques},

note = {Presented at rump session, Eurocrypt '94}

}

@article{PreparataVu90,

author = {Franco P. Preparata and Jean E. Vuillemin},

title = {Practical Cellular Dividers},

journal = {IEEE Transactions on Computers},

volume = 39,

number = 5,

year = 1990,

month = May,

pages = {605--614}

}

@inproceedings{Presttun88,

author = {K\'are Presttun},

title = {Integrating cryptography in {ISDN}},

pages = {9--18},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@misc{Price87,

author = {W. L. Price},

title = {Annontated bibliographies of cryptography},

note = {Published as National Physical Laboratories technical

reports since 1978},

address = {Teddington, England}

}

@inproceedings{Price88,

author = {Wyn L. Price},

title = {Standards for data security - a change of direction},

pages = {3--8},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Price90,

author = {Wyn L. Price},

title = {Progress in data security standardization},

pages = {620--623},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{Proctor85,

author = {Proctor, N.},

title = {A self-synchronizing cascaded cipher system with dynamic

control of error-propagation},

pages = {174--190},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@article{Purdy74,

author = {Purdy, George B.},

title = {A High Security Log-in Procedure},

journal = CACM,

year = 1974,

month = Aug,

volume = 17,

number = 8,

pages = {442--445}

}

@inproceedings{PurdySiSt82,

author = {George G. Purdy and Gus Simmons and James Studier},

title = {Software Protection Using ``Communal Key Cryptosystems''},

pages = {79--79},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@article{Qinn94,

author = {Kathleen A.S. Quinn},

year = 1994,

title = {Some Constructions for Key Distribution Patterns},

journal = {Designs, Codes and Cryptography},

volume = {4},

pages = {177--191}

}

@article{QuisquaterDe91,

oldtag = {Quisquater91},

author = {Jean-Jacques Quisquater and Yvo G. Desmedt},

title = {Chinese Lotto as an Exhaustive Code-Breaking Machine},

journal = {Computer},

volume = 24,

number = 11,

year = 1991,

month = Nov,

pages = {14--22}

}

@inproceedings{Quisquater88,

author = {Jean-Jacques Quisquater},

title = {Secret distribution of keys for public-key systems},

pages = {203--208},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@article{QuisquaterCo82,

author = {Quisquater, J.-J. and Couvreur, C.},

title = {Fast decipherment algorithm for {RSA} public-key cryptosystem},

journal = {Electronics Letters},

volume = 18,

number = 21,

pages = {905-907},

year = 1982

}

@inproceedings{QuisquaterDe88,

author = {Jean-Jacques Quisquater and Jean-Paul Delescaille},

title = {Other cycling tests for {DES}},

pages = {255--256},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{QuisquaterDe90,

author = {Jean-Jacques Quisquater and Jean-Paul Delescaille},

title = {How easy is collision search. New results and applications

to {DES}},

pages = {408--415},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{QuisquaterDeDa86,

author = {J.-J. Quisquater and Yvo Desmedt and Marc Davio},

title = {The Importance of ``Good'' Key Scheduling Schemes

(How to Make a Secure {DES} Scheme with $\leq$ 48 Bit

Keys)},

pages = {537--542},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@inproceedings{QuisquaterGi90,

author = {Quisquater, J.-J. and Girault, M.},

year = {1990},

title = {$2n-bit$ hash-functions using $n-bit$ symmetric block

cipher algorithms},

booktitle = {Advances in Cryptology --- Eurocrypt '89},

editor = {Quisquater, J.J. and Vandewalle, J.},

pages = {102--109},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{QuisquaterQuQuQuGuGu90,

oldtag = {QuisquaterQuQuQuGuGuGuGuGuGuBe90},

author = {Jean-Jacques Quisquater and Myriam Quisquater and Muriel

Quisquater and Michael Quisquater and Louis Guillou

and Marie Annick Guillou and Gaiid Guillou and Anna

Guillou and Gwenol/'e Guillou and Soazig Guillou and

Tom Berson},

title = {How to explain zero-knowledge protocols to your children},

pages = {628--631},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{Rabin78a,

oldtag = {Rabin78},

author = {M. O. Rabin},

title = {Digitalized Signatures},

booktitle = {Foundations of Secure Computation},

year = 1978,

publisher = {Academic Press},

editor = {Richard A. DeMillo and David P. Dobkin and Anita K.

Jones and Richard J. Lipton},

pages = {155--168}

}

@techreport{Rabin79,

author = {M. Rabin},

title = {Digitalized Signatures as Intractable as Factorization},

institution = {MIT Laboratory for Computer Science},

number = {MIT/LCS/TR-212},

month = Jan,

year = 1979

}

@TechReport{Rabin79a,

author = {Michael Rabin},

institution = {Laboratory for Computer Science, Massachusetts Institute

of Technology},

title = {Digitalized Signatures and Public-Key Functions as

Intractable as Factorization},

year = 1979,

month = {January},

number = {MIT/LCS/TR-212}

}

@article{Rabin80a,

author = {M. Rabin},

title = {Probabilistic Algorithms for Testing Primality},

journal = {J. Number Theory},

volume = 12,

year = 1980,

pages = {128--138}

}

@article{Rabin80b,

author = {M. Rabin},

title = {Probabilistic Algorithms in Finite Fields},

journal = {SIAM J.\ Computing},

volume = 9,

month = May,

year = 1980,

pages = {273--280}

}

@techreport{Rabin81,

author = {M. Rabin},

title = {How to exchange secrets by oblivious transfer},

institution = {Harvard Aiken Computation Laboratory},

number = {TR-81},

year = 1981

}

@techreport{Rabin81b,

author = {Michael O. Rabin},

title = {Fingerprinting by Random Polynomials},

institution = {Harvard Aiken Computation Laboratory},

number = {TR-15-81},

year = 1981

}

@inproceedings{RabinTy89,

author = {M. Rabin and J.D. Tygar},

title = {An Integrated Toolkit for Operating System Security},

booktitle = {Third International Conference on Foundations of Data

Organization and Algorithms},

editor = {W. Litwin and H. J. Schek},

publisher = {Springer-Verlag},

pages = {2--15},

month = {June},

year = 1989

}

% note: not in file cabinet yet

@inproceedings{Rackoff88,

oldtag = {Rackoff90},

author = {C. Rackoff},

title = {A Basic Theory of Public and Private Cryptosystems},

pages = {249--255},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{RackoffSi92,

author = {C. Rackoff and D.R. Simon},

title = {Non-interactive zero-knowledge proof of knowledge

and chosen ciphertext attack},

pages = {433--444},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@inproceedings{Rankine87,

author = {Gordon Rankine},

title = {{THOMAS} - A complete single chip {RSA} device},

pages = {480--487},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@inproceedings{Rao88,

author = {T.R.N. Rao},

title = {On {Struik-Tilburg} cryptanalysis of {Rao-Nam} scheme},

pages = {458--460},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{RaoNa87,

author = {T.R.N. Rao and Kil-Hyun Nam},

title = {Private-Key Algebraic-Coded Cryptosystems},

pages = {35--48},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@article{Reeds77,

author = {Reeds, J.A.},

year = 1977,

title = {{`Cracking'} a Random Number Generator},

journal = {Cryptologia},

volume = 1,

month = {January}

}

@inproceedings{ReedsMa85,

author = {J.A. Reeds and J.L. Manferdelli},

title = {{DES} Has No Per Round Linear Factors},

pages = {377--389},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@inproceedings{ReedsSl84a,

oldtag = {ReedsSl84},

author = {J.A. Reeds and N.J.A. Sloane},

title = {Shift-Register Synthesis (Modula $m$)},

pages = {249--249},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@article{ReedsSl85,

author = {Reeds, J.A. and Sloane, N.J.A. },

year = 1985,

title = {Shift Register Synthesis (Modulo {\it m})},

journal = {SIAM Journal on Computing},

volume = 14,

number = 3,

pages = {505--513}

}

@inproceedings{ReifTy86,

author = {J.H. Reif and J.D. Tygar},

title = {Efficient Parallel Pseudo-Random Number Generation},

pages = {433--446},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@article{ReifTy88,

author = {J.H. Reif and J.D. Tygar},

title = {Efficient Parallel Pseudorandom Number Generation},

journal = {SIAM J. Computing},

year = 1988,

month = Apr,

volume = 17,

number = 2,

pages = {404--411}

}

@book{Riesel85,

author = {Riesel, Hans},

title = {Prime Numbers and Computer Methods for Factorization},

publisher = {Birkh{\"{a}}user},

series = {Progress in Mathematics},

year = 1985

}

@manual{RIPEConsorti93,

oldtag = {RIPE93},

author = {{RIPE Consortium}},

year = {1993},

title = {Final report of {RACE} 1040},

month = {April},

organization = {Centrum voor Wiskunde en Informatica},

note = {Report {CS}-{R}9324}

}

@article{Rivest78,

author = {Rivest, Ronald L.},

title = {Remarks on a Proposed Cryptanalytic Attack of the {M.I.T.}

Public-Key Cryptosystem},

journal = {Cryptologia},

volume = 2,

number = 1,

year = 1978,

month = Jan,

pages = {62-65}

}

@article{Rivest79,

author = {Ronald L. Rivest},

title = {Critical Remarks on `{S}ome Critical Remarks on Public-Key

Cryptosystems' by {Herlestam}},

journal = {BIT},

volume = 19,

year = 1979,

pages = {274--275}

}

@inproceedings{Rivest83,

author = {Ronald L. Rivest},

title = {A Short Report on the {RSA} Chip},

pages = {327--327},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{Rivest85a,

oldtag = {Rivest85},

author = {Ronald L. Rivest},

title = {{RSA} Chips (Past/Present/Future)},

pages = {159--165},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@incollection{Rivest90,

author = {Ronald L. Rivest},

title = {Cryptography},

booktitle = {Handbook of Theoretical Computer Science (Volume A:

Algorithms and Complexity)},

publisher = {Elsevier and MIT Press},

year = 1990,

editor = {Jan van Leeuwen},

pages = {717--755},

chapter = {13}

}

@techreport{Rivest90b,

author = {Ronald L. Rivest},

title = {The {MD4} Message Digest Algorithm},

institution = {MIT Laboratory for Computer Science},

number = {MIT/LCS/TM-434},

month = Oct,

year = 1990

}

@misc{Rivest90c,

title = {The {MD4} Message-Digest Algorithm},

author = {Ronald L. Rivest},

howpublished = {Internet Request for Comments},

month = Oct,

year = 1990,

note = {RFC 1186; obsoleted by RFC 1320}

}

@inproceedings{Rivest91-4,

author = {Ronald L. Rivest},

title = {Finding Four Million Large Random Primes},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer},

year = 1991,

pages = {625--626}

}

@inproceedings{Rivest91a,

author = {Ronald L. Rivest},

title = {The {MD4} Message Digest Algorithm},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer},

year = 1991,

pages = {303--311}

}

@misc{Rivest91b,

author = {Rivest, R.L.},

year = {1991},

month = {March},

title = {The {RSA} Factoring Challenge},

note = {Presented at {DIMACS}}

}

@inproceedings{Rivest93,

oldtag = {Rivest91c},

author = {R.L. Rivest},

title = {Cryptography and machine learning},

booktitle = ASIACRYPT91,

year = 1993,

editor = {H. Imai and R.L. Rivest and T. Matsumoto},

series = {Lecture Notes in Computer Science},

volume = 739,

publisher = {Springer-Verlag},

pages = {427--439}

}

@article{Rivest92a,

title = {Responses to {NIST}'s Proposal},

author = {Ronald L. Rivest},

journal = {Communications of the ACM},

month = Jul,

year = 1992,

volume = 35,

number = 7,

pages = {41--47}

}

@misc{Rivest92b,

title = {The {MD4} Message-Digest Algorithm},

author = {Ronald L. Rivest},

howpublished = {Internet Request for Comments},

month = Apr,

year = 1992,

note = {RFC 1320; obsoletes RFC 1186}

}

@misc{Rivest92c,

title = {The {MD5} Message-Digest Algorithm},

author = {Ronald L. Rivest},

howpublished = {Internet Request for Comments},

month = Apr,

year = 1992,

note = {RFC 1321}

}

@manual{Rivest92d,

author = {Rivest, R.L.},

year = {1992},

title = {The {RC2} Encryption Algorithm},

month = {March 12,},

organization = {RSA Data Security, Inc.},

note = {(Proprietary)}

}

@manual{Rivest92e,

author = {Rivest, R.L.},

year = {1992},

title = {The {RC4} Encryption Algorithm},

month = {March 12,},

organization = {RSA Data Security, Inc.},

note = {(Proprietary)}

}

@manual{Rivest92f,

author = {Rivest, R.L.},

year = 1992,

title = {{RFC} 1320: The {MD4 Message-Digest Algorithm}},

month = {April},

organization = {Internet Activities Board}

}

@unpublished{Rivest92g,

author = {Rivest, R.L.},

year = 1992,

title = {The difficulty of factoring},

month = {January 9,},

note = {RSA Data Security, Inc}

}

@inproceedings{Rivest95a,

author = {Ronald L. Rivest},

title = {The {RC5} Encryption algorithm},

pages = {86--96},

booktitle = {Fast Software Encryption},

editor = {Bart Preneel},

publisher = {Springer},

year = 1995,

note = {(Proceedings Second International Workshop,

Dec.\ 1994, Leuven, Belgium)}

}

@unpublished{Rivest96a,

author = {Ronald L. Rivest},

title = {All-Or-Nothing Encryption},

year = 1996,

note = {(Preliminary version posted on the Web by Rivest.)}

}

@unpublished{Rivest96b,

author = {Ronald L. Rivest},

title = {Multi-Grade Cryptography},

year = 1996,

note = {(Preliminary version posted on the Web by Rivest.)}

}

@unpublished{Rivest97,

author = {Ronald L. Rivest},

title = {Electronic Lottery Tickets as Micropayments},

year = 1997,

note = {(to appear in 1997 Financial Cryptography Proceedings.)}

}

@unpublished{RivestLa96,

author = {Ronald L. Rivest and Butler Lampson},

title = {{SDSI}--A Simple Distributed Security Infrastructure},

note = {(see {SDSI} web page at

{\tt http://theory.lcs.mit.edu/~cis/sdsi.html})}

}

@inproceedings{RivestSh83,

author = {Ronald L. Rivest and Alan T. Sherman},

title = {Randomized Encryption Techniques},

pages = {145--163},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@article{RivestSh84,

author = {R. L. Rivest and A. Shamir},

title = {How to Expose an Eavesdropper},

journal = CACM,

volume = 27,

month = Apr,

year = 1984,

pages = {393--395}

}

@unpublished{RivestSh95,

author = {Ronald L. Rivest and Adi Shamir},

title = {PayWord and MicroMint: Two simple micropayment schemes},

year = 1995,

note = {(A preliminary version has appeared in CryptoBytes 3,1

(Spring 1996), pages 7--11. The full version is posted

by Rivest on the Web.)}

}

@unpublished{RivestSh96,

author = {Ronald L. Rivest and Adi Shamir and David A. Wagner},

title = {Time-lock Puzzles and Timed-Release Cryptography},

note = {(Preliminary version posted on the web by Rivest.)}

}

@article{RivestShAd78,

author = {Ronald L. Rivest and Adi Shamir and Leonard M. Adleman},

title = {A Method for Obtaining Digital Signatures and Public-Key

Cryptosystems},

journal = CACM,

year = 1978,

mon = feb,

volume = 21,

number = 2,

pages = {120--126}

}

@techreport{Robshaw93,

author = {Robshaw, M.J.B.},

institution = {RSA Laboratories},

year = 1993,

month = {June},

version = {2.0},

title = {Implementation of the Search for Pseudo-Collisions

in {MD5}},

number = {TR - 103}

}

@techreport{Robshaw93a,

author = {Robshaw, M.J.B.},

institution = {RSA Laboratories},

year = 1993,

month = {July},

title = {The Final Report of {RACE} 1040: A Technical Summary},

number = {TR - 9001}

}

@techreport{Robshaw93b,

author = {Robshaw, M.J.B.},

institution = {RSA Laboratories},

year = 1993,

month = {October},

title = {Recent proposals to implement {Fair Cryptography}},

number = {TR - 301}

}

@techreport{Robshaw94,

author = {Robshaw, M.J.B.},

institution = {RSA Laboratories},

year = 1994,

version = {3.0},

month = {July},

title = {{MD2, MD4, MD5, SHA} and other Hash Functions},

number = {TR 101}

}

@techreport{Robshaw94a,

author = {Robshaw, M.J.B.},

institution = {RSA Laboratories},

year = 1994,

month = {July},

version = {1.1},

title = {On Pseudo-Collisions in {MD5}},

number = {TR - 102}

}

@techreport{Robshaw94b,

author = {Robshaw, M.J.B.},

institution = {RSA Laboratories},

year = 1994,

month = {July},

title = {Block Ciphers},

number = {TR - 601}

}

@techreport{Robshaw94c,

author = {Robshaw, M.J.B.},

institution = {RSA Laboratories},

year = 1994,

month = {July},

title = {Stream Ciphers},

number = {TR - 701}

}

@article{Robshaw94d,

author = {Robshaw, M.J.B.},

year = 1994,

title = {On Evaluating the Linear Complexity of a Sequence of

Least Period $2^n$},

journal = {Designs, Codes and Cryptography},

volume = 4,

pages = {263--269}

}

@manual{Roe93,

author = {Roe, Michael},

institution = {Cambridge University},

year = 1993,

month = {July},

title = {New Modes of Operation for a $k$-bit Block Cipher},

note = {Version 0.2}

}

@inproceedings{Roe94,

author = {Roe, M.},

year = {1994},

title = {Performance of Symmetric Ciphers and One-Way Hash Functions},

booktitle = {Fast Software Encryption},

editor = {Ross Anderson},

series = {Lecture Notes in Computer Science},

volume = 809,

publisher = {Springer-Verlag},

address = {Berlin},

pages = {83--89}

}

@inproceedings{RogawayCo94,

author = {Phillip Rogaway and Don Coppersmith},

title = {A Software-Optimized Encryption Algorithm},

booktitle = {Fast Software Encryption},

editor = {Ross Anderson},

note = {Lecture Notes in Computer Science 809},

comment = {Proc.\ of the Cambridge Security Workshop, December

9--11, 1993},

publisher = {Springer-Verlag},

year = 1994,

pages = {56--63}

}

@inproceedings{Rompel90,

author = {Rompel, John},

title = {One-Way Functions are Necessary and Sufficient for

Secure Signatures},

booktitle = STOC90,

publisher = ACM,

address = {Baltimore, Maryland},

year = 1990,

pages = {387--394}

}

@book{Ronce84,

author = {Ronce, C.A.},

year = 1984,

title = {Feedback Shift Registers},

series = {Lecture Notes in Computer Science},

volume = 169,

publisher = {Springer-Verlag},

address = {Berlin}

}

@book{Rosen93,

author = {K.H. Rosen},

title = {Elementary Number Theory and its Applications, (Third

Edition)},

publisher = {Addison Wesley},

year = 1993

}

@article{Rotenberg93,

author = {Marc Rotenberg},

title = {Communications Privacy: Implications for Network Design},

journal = {Communications of the ACM},

month = Aug,

year = 1993,

volume = 36,

number = 8,

pages = {61--68}

}

@article{Rothaus76,

author = {Rothaus, O.S.},

year = 1976,

title = {On bent functions},

journal = {Journal of Combinatorial Theory},

volume = {Series A, 20},

pages = {300--305}

}

@manual{RSADataSecur91,

oldtag = {RSADSI91},

author = {{RSA Data Security, Inc.}},

year = 1991,

month = {June},

title = {{PKCS} \#1: {RSA} Encryption Standard},

note = {Version 1.4}

}

@manual{RSADataSecur91a,

oldtag = {RSADSI91a},

author = {{RSA Data Security, Inc.}},

year = 1991,

month = {June},

title = {{PKCS} \#3: {Diffie-Hellman} Key Agreement Standard},

note = {Version 1.3}

}

@manual{RSADataSecur91b,

oldtag = {RSADSI91b},

author = {{RSA Data Security, Inc.}},

year = 1991,

month = {June},

title = {{PKCS} \#5: Password-Based Encryption Standard},

note = {Version 1.4}

}

@manual{RSADataSecur91c,

oldtag = {RSADSI91c},

author = {{RSA Data Security, Inc.}},

year = 1991,

month = {June},

title = {{PKCS} \#7: Cryptographic Message Syntax Standard},

note = {Version 1.4}

}

@article{Rubin87,

author = {Rubin, F.},

year = 1987,

title = {Foiling an Exhaustive Key-Search Attack},

journal = {Cryptologia},

volume = 11,

number = 2,

month = {April},

pages = {102--107}

}

@phdthesis{Rueppel84,

author = {Rueppel, R.A.},

title = {New Approaches to Stream Ciphers},

school = {Swiss Federal Institute of Technology, Zurich},

year = {1984}

}

@book{Rueppel86,

author = {Rueppel, R.A.},

year = 1986,

title = {Analysis and Design of Stream Ciphers},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{Rueppel86a,

author = {Rainer A. Rueppel},

year = {1986},

title = {Correlation immunity and the summation generator},

booktitle = {Advances in Cryptology --- Crypto '85},

editor = {H.C. Williams},

pages = {260--272},

publisher = {Springer-Verlag},

address = {New York}

}

@inproceedings{Rueppel88,

author = {Rueppel, R.A.},

year = 1988,

title = {When shift registers clock themselves},

booktitle = {Advances in Cryptology --- Eurocrypt '87},

editor = {Chaum, D. and Price, W.L.},

publisher = {Springer-Verlag},

address = {Berlin},

pages = {53--64}

}

@article{RueppelSt87,

oldtag = {Rueppelst87},

author = {Rueppel, R.A. and Staffelbach, O.J.},

year = 1987,

title = {Products of Linear Recurring Sequences with Maximum

Complexity},

journal = {IEEE Transactions on Information Theory},

volume = {IT-33},

number = {1},

pages = {124--131}

}

@unpublished{RueppelVa94,

author = {R.A. Rueppel and P.C. Van Oorschot},

title = {Modern key agreement techniques},

year = 1994,

note = {To appear in Computer Communications}

}

@inproceedings{Ruggiu85,

author = {G. Ruggiu},

title = {Cryptology and Complexity Theories},

pages = {3--10},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@article{RushbyRa83,

author = {J. Rushby and B. Randall},

title = {A Distributed Secure System},

journal = {IEEE Computer},

volume = 16,

number = 7,

year = 1983

}

@inproceedings{Russell92,

author = {Alexander C. Russell},

title = {Necessary and Sufficient Conditions For Collision-Free

Hashing},

pages = {433-441},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@book{RussellSr91,

oldtag = {RussellGa91},

author = {Russell, Deborah and G.T. Gangemi Sr.},

year = 1991,

title = {Computer Security Basics},

publisher = {O'Reilly and Associates},

address = {Sebastopol, CA}

}

@inproceedings{SachsBe84,

author = {Joel E. Sachs and Shimshon Berkovits},

title = {Probabilistic Analysis and Performance Modelling of

the `Swedish' Algorithm and Modifications},

pages = {253--273},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@INPROCEEDINGS{Safavi-Naini90,

oldtag = {Safavi90},

author = {R. Safavi-Naini},

title = {Parallel Generation of Pseudo-Random Sequences},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {176--193}

}

@inproceedings{SakoKi94,

author = {Kazue Sako and Joe Kilian},

title = {Secure voting using partially compatible homomorphisms},

pages = {411--424},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@inproceedings{SakuraiIt92,

author = {Kouichi Sakurai and Toshiya Itoh},

title = {On the Discrepancy between Serial and Parallel of Zero-Knowledge

Protocols},

pages = {246--259},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@book{Salomaa90,

author = {Arto Salomaa},

title = {Public-Key Cryptography},

publisher = {Springer-Verlag},

year = 1990

}

@article{Saltzer74,

author = {J.H. Saltzer},

title = {Protection and the Control of Information

Sharing in Multics},

journal = {Communications of the ACM},

volume = 17,

number = 7,

pages = {388--402},

year = 1974

}

@article{SaltzerSc75,

author = {J.H. Saltzer and M.D. Schroeder},

title = {The Protection of Iformation in Computer System},

journal = {Proceedings of the IEEE},

volume = 63,

number = 9,

pages = {1278--1308},

year = 1975

}

@article{Sanders81,

author = {S. Sanders},

title = {Data privacy: what {Washington} doesn't want you to

know},

journal = {Reason},

month = Jan,

year = 1981,

pages = {24--37}

}

@article{SandhuSa94,

author = {Ravi S. Sandhu and Pierrangela Samarati},

title = {Access Control: Principles and Practice},

journal = {IEEE Communications Magazine},

month = Sep,

year = 1994,

volume = 32,

number = 9,

pages = {40--48}

}

@article{SandhuCoFeYo96,

author = {Ravi S. Sandhu and Edward J. Coyne and

Hal L. Feinstein and Charles E. Youman},

title = {Role-Based Access Control Models},

journal = {IEEE Computer},

month = Feb,

year = 1996,

volume = 29,

number = 2,

pages = {38--47}

}

@inproceedings{SanthaVa84,

author = {M. Santha and U. V. Vazirani},

title = {Generating Quasi-Random Sequences from Slightly-Random

Sources},

pages = {434--440},

booktitle = FOCS84,

publisher = IEEE,

address = {Singer Island},

year = 1984

}

@article{SanthaVa86,

author = {M. Santha and U. V. Vazirani},

title = {Generating quasi-random sequences from semi-random

sources},

journal = {Journal of Computer and Systems Sciences},

volume = 33,

year = 1986,

pages = {75--87}

}

@inproceedings{SattlerSc83,

author = {J. Sattler and C.P. Schnorr},

title = {Ein Effizienzvergleich der Faktorisierungsverfahren

von Morrison-Brillhart und Schroeppel},

pages = {331--351},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{Sauerbrey93,

author = {{J\"{o}rg} Sauerbrey},

title = {A modular exponentation unit based on systolic arrays},

year = 1993,

booktitle = {Advances in Cryptology --- Auscrypt '92},

editor = {J. Seberry and Y. Zheng},

publisher = {Springer-Verlag},

address = {Berlin},

pages = {505--516}

}

@inproceedings{SchanningKo82a,

oldtag = {SchanningKo82},

author = {Brian P. Schanning and J. Kowalchuk},

title = {Memo: A Hybrid Approach to Encrypted Electronic Mail},

pages = {64--64},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{Schaumuller-83,

oldtag = {Schaumuller-bichl83},

author = {Schaumuller-Bichl, I.},

year = 1983,

title = {Cryptanalysis of the {D}ata {E}ncryption {S}tandard

by a method of formal coding},

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

pages = {235--255},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@techreport{Schaumuller-83a,

oldtag = {Schaumuller-bichl83a},

author = {Schaumuller-Bichl, I.},

year = 1983,

title = {On the design and analysis of new cipher systems related

to the {DES}},

institution = {Linz {U}niversity}

}

@inproceedings{Schaumuller-Pi85,

oldtag = {Schaumuller-bichlPi85},

author = {Ingrid Schaumuller-bichl and Ernst Piller},

title = {A Method of Software Protection Based on the Use of

Smart Cards and Cryptographic Techniques},

pages = {446--454},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@article{Schiller94,

author = {J.I. Schiller},

title = {Secure distributed computing},

journal = {Scientific American},

volume = 271,

number = 5,

year = 1994,

pages = {72--76}

}

@book{Schmucker84,

author = {K.J. Schmucker},

title = {Fuzzy Sets, Natural Language Computations,

and Risk Analysis},

publisher = {Computer Science Press},

year = 1984

}

@article{Schneier91,

author = {Bruce Schneier},

title = {One-Way Hash Functions, Using cryptographic algorithms

for hashing},

journal = {Dr. Dobb's Journal},

year = 1991,

month = Sep,

pages = {148--151}

}

@article{Schneier92,

author = {Bruce Schneier},

title = {Untangling Public-Key Cryptography},

journal = {Dr. Dobb's Journal},

year = 1992,

month = May,

pages = {16--28}

}

@book{Schneier93,

author = {Schneier, B.},

year = 1993,

title = {Applied Cryptography: Protocols, Algorithms, and Source

Code in {C}},

publisher = {John Wiley \& Sons},

address = {New York}

}

@book{Schneier94,

author = {Bruce Schneier},

title = {Applied Cryptography},

publisher = {John Wiley \& Sons},

year = {1994}

}

@article{Schneier94a,

author = {Bruce Schneier},

title = {The Blowfish Encryption Algorithm},

journal = {Dr. Dobb's Journal},

year = 1994,

month = Apr,

pages = {38--40}

}

@article{Schneier94b,

author = {Bruce Schneier},

title = {The Cambridge Algorithms Workshop},

journal = {Dr. Dobb's Journal},

year = 1994,

month = Apr,

pages = {18--24}

}

@article{Schneier95,

author = {Bruce Schneier},

title = {The {GOST} Encryption Algorithm},

journal = {Dr. Dobb's Journal},

year = 1995,

month = Jan,

pages = {123--124}

}

@book{Schneier96,

author = {Bruce Schneier},

title = {Applied Cryptography (Second Edition)},

publisher = {John Wiley \& Sons},

year = {1996}

}

@inproceedings{Schnorr83,

author = {C.P. Schnorr},

title = {Is the {RSA}-Scheme Safe?},

pages = {325--329},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{Schnorr90,

author = {C. P. Schnorr},

title = {Efficient Identification and Signatures for Smart Cards},

pages = {239--252},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer},

year = 1990

}

@article{Schnorr91,

author = {C. P. Schnorr},

title = {Efficient signature generation by smart cards},

journal = {Journal of Cryptology},

year = 1991,

volume = 4,

pages = {161--174}

}

@inproceedings{Schnorr92,

author = {Schnorr, C.P.},

year = 1992,

title = {{FFT}-Hashing, An Efficient Cryptographic Hash Function},

booktitle = {Advances in Cryptology --- Crypto '91},

editor = {J. Feigenbaum},

pages = {Presented at Rump Session},

publisher = {Springer-Verlag},

address = {New York}

}

@inproceedings{Schnorr93,

author = {Schnorr, C.P.},

year = 1993,

title = {{FFT}-Hash {II}, Efficient Cryptographic Hashing},

booktitle = {Advances in Cryptology --- Eurocrypt '92},

editor = {R.A. Rueppel},

pages = {45--54},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{SchnoorAl85,

oldtag = {SchnorrAl85},

author = {C.P. Schnoor and W. Alexi},

title = {{RSA}-Bits are $0.5 + \epsilon$ Secure},

pages = {113-126},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@article{SchnorrLe84,

author = {Schnorr, C. P. and Lenstra, Jr., H. W.},

title = {A {M}onte {C}arlo factoring algorithm with linear storage},

journal = {Mathematics of Computation},

year = 1984,

volume = 43,

pages = {289--312}

}

@inproceedings{SchnorrVa94,

author = {C. P. Schnorr and S. Vaudenay},

title = {Black Box Cryptanalysis of Hash Networks based on

Multipermutations},

booktitle = {EUROCRYPT94},

year = 1994

}

@inproceedings{SchnobiMa83,

oldtag = {SchobiMa89},

author = {P. Schnobi and J.L. Massey},

title = {Fast Authentication in a Trapdoor-Knapsack Public Key

Cryptosystem},

pages = {289--306},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{SchriftSh91,

author = {A.W. Schrift and A. Shamir},

title = {On the Universality of the Next Bit Test},

pages = {394--408},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{SchroeppelSh79,

author = {R. Schroeppel and A. Shamir},

title = {A {$T S^2 = O(2^n)$} time/space tradeoff for certain

{NP}-complete problems},

pages = {328--336},

booktitle = FOCS79,

publisher = IEEE,

address = {San Juan, Puerto Rico},

year = 1979

}

@inproceedings{Schuchmann83,

author = {H.-R. Schuchmann},

title = {Enigma Variations},

pages = {65--68},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@book{Schweitzer83,

author = {Schweitzer, James A.},

year = 1983,

title = {Protection Information in the Electronic Workplace:

A Guide for Managers},

publisher = {Prentice-Hall},

address = {Reston, VA}

}

@book{SeberryPi89,

author = {J. Seberry and J. Pieprzyk},

title = {Cryptography: An Introduction to Computer Security},

publisher = {Prentice-Hall},

year = {1989}

}

@book{SeberryPi90,

author = {J. Seberry and J. Pieprzyk},

title = {Advances in Cryptology -- AUSCRYPT '90 Proceedings},

publisher = {Springer-Verlag},

year = 1990,

note = {Lecture Notes in Computer Science, vol. 453}

}

@book{SeberryZh93,

author = {J. Seberry and Y. Zheng},

title = {Advances in Cryptology -- AUSCRYPT '92 Proceedings},

publisher = {Springer-Verlag},

year = 1993,

note = {Lecture Notes in Computer Science, vol. 718}

}

@inproceedings{SeberryZhZh94,

author = {Jennifer Seberry and Xian-Mo Zhang and Yuliang Zheng},

title = {Pitfalls in designing substitution boxes},

pages = {383--396},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@inproceedings{SeberryZhZh94a,

author = {Jennifer Seberry and Xian-Mo Zhang and Yuliang Zheng},

title = {Nonlinearly balanced boolean functions and their propagation

characteristics},

pages = {49--60},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@article{SedgewickSzYa82,

oldtag = {SedgewickSzYa79},

author = {R. Sedgewick and T. G. Szymanski and A. C. Yao},

title = {The complexity of finding cycles in periodic functions},

journal = SIAM,

volume = 11,

year = 1982,

pages = {376--390}

}

@book{Selmer66,

author = {Selmer, E.S.},

year = 1966,

title = {Linear Recurrence Relations over Finite Fields},

publisher = {University of Bergen},

address = {Norway}

}

@inproceedings{SerpellBr85,

author = {S.C. Serpell and C.B. Brookson},

title = {Encryption and Key Manaagement for the {ECS} Satellite

Service},

pages = {426--436},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@inproceedings{SerpellBrCl85,

author = {S.C. Serpell and C.B. Brookson and B.L. Clark},

title = {A Prototype Encryption System Using Public Key},

pages = {3--9},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@techreport{SerpetteVuHe89,

author = {Bernard Serpette and Jean Vuillemin and Jean-Claude

Herv\`{e}},

title = {{BigNum}: A Portable and Efficient Package for Arbitrary-Precision

Arithmetic},

year = 1989,

month = May,

institution = {DEC Paris Research Laboratory}

}

@inproceedings{Sgarro85,

author = {Andrea Sgarro},

title = {Equivolcations for Homophonic Ciphers},

pages = {51--61},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@techreport{Shamir78,

author = {Adi Shamir},

title = {On the security of the {Merkle-Hellman} cryptographic

scheme},

institution = {MIT Laboratory for Computer Science},

number = {MIT/LCS/TM-119},

month = Dec,

year = 1978

}

@article{Shamir79a,

author = {A. Shamir},

title = {How to Share a Secret},

journal = CACM,

volume = 22,

month = Nov,

year = 1979,

pages = {612--613}

}

@inproceedings{Shamir79b,

author = {A. Shamir},

title = {On the Cryptocomplexity of Knapsack Schemes},

pages = {118--129},

booktitle = STOC79,

publisher = ACM,

address = {Atlanta},

year = 1979

}

@inproceedings{Shamir81,

author = {A. Shamir},

title = {On the generation of cryptographically strong pseudo-random

sequences},

booktitle = {Proc.\ ICALP},

publisher = {Springer},

year = 1981,

pages = {544--550}

}

@inproceedings{Shamir82,

author = {A. Shamir},

title = {A polynomial-time algorithm for breaking the basic

{Merkle-Hellman} cryptosystem},

pages = {145--152},

booktitle = FOCS82,

publisher = IEEE,

address = {Chicago},

year = 1982

}

@inproceedings{Shamir82a,

author = {Adi Shamir},

title = {The Generation of Cryptographically Strong Pseudo-Random

Sequences},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982,

pages = {1--1}

}

@inproceedings{Shamir83,

author = {Adi Shamir},

title = {A Polynomial Time Algorithm for Breaking the Basic

{Merkle-Hellman} Cryptosystem},

pages = {279--288},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@article{Shamir84,

author = {Shamir, A.},

year = 1984,

title = {A polynomial time algorithm for breaking the basic

{Merkle-Hellman} cryptosystem},

journal = {IEEE Transactions on Information Theory},

volume = {IT-30},

number = {5},

month = {Sept.},

pages = {699--704}

}

@inproceedings{Shamir85,

author = {Adi Shamir},

title = {Identity-Based Cryptosystems and Signature Schemes},

pages = {47--53},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@inproceedings{Shamir86,

author = {Shamir, A.},

year = 1986,

title = {On the Security of {DES}},

booktitle = {Advances in Cryptology --- Crypto '85},

editor = {H.C. Williams},

publisher = {Springer-Verlag},

address = {New York},

note = {280--281}

}

@InProceedings{Shamir90,

author = {Adi Shamir},

title = {{IP=PSPACE}},

year = {1990},

pages = {11--15},

booktitle = {Proccedings of the Twenty Second Annual ACM Symposium

on Theory of Computing},

month = {May}

}

@inproceedings{Shamir94,

author = {Adi Shamir},

title = {Efficient signature schemes based on birational permutations},

pages = {1--12},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@misc{Shamir95,

author = {Adi Shamir},

title = {Fast signature screening},

note = {CRYPTO '95 rump session talk; to appear in RSA Laboratories'

{\em CryptoBytes}.}

}

@misc{Shamir95a,

author = {Adi Shamir},

title = {Partial key escrow},

year = 1995,

note = {Unpublished.}

}

@incollection{ShamirRiAd81,

author = {A. Shamir and R. L. Rivest and L. M. Adleman},

title = {Mental Poker},

pages = {37--43},

booktitle = {The Mathematical Gardner},

editor = {D. Klarner},

publisher = {Wadsworth},

address = {Belmont, California},

year = 1981

}

@inproceedings{ShandVu93,

oldtag = {Shand93},

author = {M. Shand and J. Vuillemin},

year = 1993,

title = {Fast implementations of {RSA} cryptography},

booktitle = {Proc.\ of the 11th IEEE Symp.\ on Computer Arithmetic},

pages = {252--259},

publisher = {IEEE Computer Society Press},

address = {Los Alamitos, CA}

}

@article{Shannon48,

author = {C. E. Shannon},

title = {A mathematical theory of communication},

journal = {Bell Sys.\ Tech.\ J.},

volume = 27,

year = 1948,

pages = {623--656}

}

@article{Shannon49,

author = {C. E. Shannon},

title = {Communication theory of secrecy systems},

journal = {Bell Sys.\ Tech.\ J.},

volume = 28,

year = 1949,

pages = {657--715}

}

@article{SheppLl66a,

oldtag = {SheppLl66},

author = {Shepp, L.A. and Lloyd, S.P.},

year = 1966,

title = {Ordered cycle lengths in a random permutation},

journal = {Transactions of the American Mathematical Society},

volume = 121,

pages = {340--357}

}

@phdthesis{Sherman86,

author = {A. Sherman},

title = {Cryptology and {VLSI} (a two-part dissertation)},

month = Oct,

year = 1986,

school = {MIT EECS Dept},

note = {Published as MIT Laboratory for Computer Science Technical

Report MIT/LCS/TR-381 (Oct. 1986)}

}

@inproceedings{SherwoodGa88,

oldtag = {SherwoodGa90},

author = {J.R. Sherwood and V.A. Gallo},

title = {The Application of Smart Cards for {RSA} Digital Signatures

in a Network Comprising both Interactive and Store-and-Foreward

Facilities},

pages = {484--496},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@article{ShizuyaItSa91,

author = {Hiroki Shizuya and Toshiya Itoh and Kouichi Sakurai},

title = {On the Complexity of Hyperelliptic Discrete Logarithm

Problem},

journal = {IEEE Transactions on Computers},

volume = {E 74},

number = 8,

year = 1991,

month = Aug,

pages = {2129--2135}

}

@inproceedings{ShimizuMi88,

author = {Shimizu,A. and Miyaguchi, S.},

year = 1988,

title = {Fast Data Encipherment Algorithm {FEAL}},

booktitle = {Advances in Cryptology --- Eurocrypt '87},

editor = {Chaum, D. and Price, W.L.},

publisher = {Springer-Verlag},

address = {Berlin},

pages = {267--280}

}

@INPROCEEDINGS{ShizuyaKoIt90,

author = {H. Shizuya and K. Koyama and T. Itoh},

title = {Demonstrating Possession Without Revealing Factors

and Its Application},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {273--293}

}

@inproceedings{Shor94,

author = {Peter W. Shor},

title = {Algorithms for Quantum Conputation: Discrete Logarithms

and Factoring},

booktitle = STOC94,

publisher = {ACM},

address = {Montreal, Canada},

year = 1994,

pages = {124--134}

}

@article{Seigenthaler84,

oldtag = {Siegenthaler84},

author = {Seigenthaler, T.},

year = {1984},

title = {Correlation-immunity of nonlinear combining functions

for cryptographic applications},

journal = {IEEE Transactions on Information Theory},

volume = {IT-30},

number = {5},

month = {Sept.},

pages = {776--779}

}

@article{Seigenthaler85,

oldtag = {Siegenthaler85},

author = {Seigenthaler, T.},

year = {1985},

title = {Decrypting a class of stream ciphers using ciphertext

only},

journal = {IEEE Transactions on Computers},

volume = {C-34},

number = {1},

month = {Jan.},

pages = {81--85}

}

@inproceedings{Seigenthaler86,

oldtag = {Siegenthaler86},

author = {Seigenthaler, T.},

year = {1986},

title = {Cryptanalyst's representation of nonlinearity filtered

{\it ml}-sequences},

booktitle = {Advances in Cryptology --- Eurocrypt '85},

editor = {Pichler, F.},

publisher = {Springer-Verlag},

address = {Berlin},

pages = {103--110}

}

@inproceedings{Siegenthaler86a,

author = {T. Siegenthaler},

title = {Design of Combiners to Prevent Divide and Conquer

Attacks},

pages = {273--279},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@article{Silverman87,

author = {Silverman, R.D.},

year = 1987,

title = {The multiple polynomial quadratic sieve},

journal = {Mathematics of {C}omputation},

volume = 48,

pages = {329--339}

}

@article{Silverman91,

author = {Silverman, R.D.},

year = 1991,

title = {Massively distributed computing and factoring large

integers},

journal = {Communications of the ACM},

volume = 34,

number = 11,

pages = {95--103}

}

@article{SilvermanWa93,

oldtag = {Silverman93},

author = {Silverman, R.D. and Wagstaff, S.S.},

year = 1993,

title = {A practical analysis of the elliptic curve factoring

algorithm},

journal = {Mathematics of {C}omputation},

volume = 61,

number = 203,

pages = {445--462}

}

@book{SilvermanTa92,

author = {J.H. Silverman and J. Tate},

title = {Rational Points on Elliptic Curves},

publisher = {Springer-Verlag},

year = 1992

}

@article{Simmons79,

author = {G. J. Simmons},

title = {Symmetric and asymmetric encryption},

journal = {ACM Computing Surveys},

volume = 11,

year = 1979,

pages = {305--330}

}

@book{Simmons82,

editor = {G.J. Simmons},

title = {Secure Communications and Asymmetric Cryptosystems},

publisher = {AAAS},

series = {Selected Symposia},

volume = 69,

year = 1982

}

@inproceedings{Simmons82a,

author = {Gus Simmons},

title = {A System for Point-of-Sale or Access User Authentication

and Identification},

pages = {31--37},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@inproceedings{Simmons84,

author = {Gustavus J. Simmons},

title = {The Prisoners' Problem and the Subliminal Channel},

pages = {51--67},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@inproceedings{Simmons85,

author = {Gustavus J. Simmons},

title = {Authentication Theory/Coding Theory},

pages = {411--431},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@inproceedings{Simmons85a,

author = {Gustavus J. Simmons},

title = {The Subliminal Channel and Digital Signature},

pages = {364--378},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@inproceedings{Simmons86,

author = {Gustavus J. Simmons},

title = {A Secure Subliminal Channel (?)},

pages = {33--41},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@inproceedings{Simmons88,

author = {Gustavus J. Simmons},

title = {An impersonation-proof identity verfication scheme},

pages = {211--215},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Simmons88a,

author = {Gustavus J. Simmons},

title = {A natural taxonomy for digital information authentication

schemes},

pages = {269--288},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Simmons88b,

oldtag = {Simmons90},

author = {G.J. Simmons},

title = {How to (Really) Share a Secret},

pages = {390--449},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@incollection{Simmons89,

author = {G. J. Simmons},

title = {Cryptology},

booktitle = {The New Encyclop{\ae}dia Brittanica},

publisher = {Encyclop{\ae}dia Brittanica},

year = 1989,

pages = {860--873},

note = {(Volume 16)}

}

@inproceedings{Simmons91,

author = {G.J. Simmons},

title = {Geometric Shared Secret and/or Shared Control Schemes},

pages = {216--241},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@incollection{Simmons92,

author = {G.J. Simmons},

title = {A survey of information authentication},

booktitle = {Contemporary Cryptology, The Science of Information

Integrity},

publisher = {IEEE Press},

year = 1992,

pages = {379--419}

}

@incollection{Simmons92a,

author = {G.J. Simmons},

title = {An introduction to shared secret and/or shared control

schemes and their application},

booktitle = {Contemporary Cryptology, The Science of Information

Integrity},

publisher = {IEEE Press},

year = 1992,

pages = {441--497}

}

@book{Simmons92b,

editor = {G.J. Simmons},

title = {Contemporary Cryptology, The Science of Information

Integrity},

publisher = {IEEE Press},

year = 1992

}

@article{Simmons94,

author = {Gustav J. Simmons},

title = {Cryptanalysis and Protocol Failures},

journal = {Communications of the ACM},

month = Nov,

year = 1994,

volume = 37,

number = 11,

pages = {56--65}

}

@article{SimmonsNo77,

author = {Gustavus J. Simmons and Michael J. Norris},

title = {Preliminary Comments on the {MIT} Public-Key Cryptosystem},

journal = {Cryptologia},

year = 1977,

month = Oct,

volume = 1,

number = 4,

pages = {406--414}

}

@inproceedings{Simon94,

author = {Daniel R. Simon},

title = {On the Power of Quantum Computation},

booktitle = STOC94,

publisher = {ACM},

address = {Montreal, Canada},

year = 1994,

pages = {116--123}

}

@inproceedings{SivabalanTaPe92,

author = {M. Sivabalan and Stafford Tavares and L.E. Peppard},

title = {On the Design of {SP} Networks From an Information

Theoretic Point of View},

pages = {260--279},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@techreport{Sloan89,

author = {Robert Sloan},

title = {All Zero-Knowledge Proofs are Proofs of Language Membership},

institution = {MIT Laboratory for Computer Science},

number = {MIT/LCS/TM-385},

month = Feb,

year = 1989

}

@incollection{Sloane81,

author = {N. J. A. Sloane},

title = {Error-Correcting Codes and Cryptography},

booktitle = {The Mathematical Gardner},

editor = {D. Klarner},

publisher = {Wadsworth},

address = {Belmont, California},

year = 1981,

pages = {346--382}

}

@inproceedings{Sloane83,

author = {N.J.A. Sloane},

title = {Encrypting by Random Rotations},

pages = {71--128},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{Smeets85,

author = {B.J.M. Smeets},

title = {On the Use of the Binary Multiplying Channel in a Private

Communication System},

pages = {339--348},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209},

publisher = {Springer-Verlag},

year = 1985

}

@inproceedings{Smeets86,

author = {Smeets, B.},

year = {1986},

title = {A note on sequences generated by clock-controlled shift

registers},

booktitle = {Advances in Cryptology --- Eurocrypt '85},

editor = {Pichler, F.},

publisher = {Springer-Verlag},

address = {Berlin},

pages = {40--42}

}

@inproceedings{Smid82,

author = {Miles Smid},

title = {{DES} '81: An Update},

pages = {39--40},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@article{SmidBr88,

author = {Smid, M.E. and Branstad, D.K.},

year = 1988,

title = {The {Data Encryption Standard}: {Past} and future},

journal = {Proc.\ of the IEEE},

volume = 76,

pages = {550--559}

}

@incollection{SmidBr92,

author = {M.E. Smid and D.K. Branstad},

title = {The data encryption standard: past and future},

booktitle = {Contemporary Cryptology, The Science of Information

Integrity},

publisher = {IEEE Press},

year = 1992,

pages = {43--64}

}

@inproceedings{SmidBr92a,

author = {Miles E. Smid and Dennis K. Branstad},

title = {Response to Comments of the {NIST} Proposed Digital

Signature Standard},

pages = {76--88},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{Smith90,

author = {Jonathan M. Smith},

title = {Practical problems with a cryptographic protection

scheme},

pages = {64--73},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@article{SolmsNa92,

author = {Sebastiaan von Solms and David Naccache},

title = {On Bline Signatures and Perfect Crimes},

journal = {Computers and Security},

year = 1992,

month = Oct,

volume = 11,

number = 6,

pages = {581--583}

}

@article{SolovaySt77,

author = {R. Solovay and V. Strassen},

title = {A Fast {Monte-Carlo} Test for Primality},

journal = SIAM,

volume = 6,

year = 1977,

pages = {84-85}

}

@article{Sorenson94,

author = {Jonathan Sorenson},

title = {Polylog Depth Circuits for Integer Factoring and Discrete

Logarithms},

journal = {Information and Computation},

volume = 110,

year = 1994,

number = 1,

month = Apr,

pages = {1--18}

}

@techreport{Sorenson90,

author = {Jonathan Sorenson},

title = {The $k$-ary {GCD} algorithm},

institution = {Computer Science Department, University of Wisconsin

at Madison},

year = 1990,

month = Nov,

number = {Number 979}

}

@article{Sorkin84,

author = {Sorkin, A.},

year = 1984,

title = {Lucifer, a Cryptographic Algorithm},

journal = {Cryptologia},

volume = 8,

number = 1,

pages = {22--41},

note = {Erratum: {\it ibid.} 7, p. 118, 1978.}

}

@techreport{Spafford88,

author = {Eugene H. Spafford},

title = {The Internet Worm Program: An Analysis},

institution = {Purdue University Department of Computer Science},

year = 1988,

number = {CSD-TR-823}

}

@article{Spafford89,

author = {Eugene H. Spafford},

year = 1989,

title = {The Internet Worm: Crisis and Aftermath},

journal = {Communications of the ACM},

volume = 32,

number = 6,

pages = {678--687}

}

@inproceedings{SpencerrTr84,

oldtag = {SpencerTa84},

author = {M.E. Spencerr and S.E. Travares},

title = {A Layered Broadcast Cryptographic System},

pages = {157--170},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@inproceedings{StaffelbachMe91,

author = {O. Staffelbach and W. Meier},

title = {Cryptographic Significance of the Carry for Ciphers

Based on Integer Addition},

pages = {601--615},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@book{Stallings95,

author = {William Stallings},

title = {Network and Internetwork Security Principles and Practice},

year = 1995,

publisher = {Prentice Hall}

}

@manual{StandardsAss85,

oldtag = {StandardsAA85},

author = {{Standards Association of Australia}},

year = {1985},

title = {Australian Standard 2805.4-1985: Electronics Funds

Transfer --- Requirements for Interfaces: Part 4 ---

Message Authentication}

}

@manual{StandardsAss85a,

oldtag = {StandardsAA85a},

author = {{Standards Association of Australia}},

year = {1985},

title = {Australian Standard 2805.5-1985: Electronics Funds

Transfer --- Requirements for Interfaces: Part 5 ---

Data Encryption Algorithm}

}

@manual{StandardsAss90,

oldtag = {StandardsAA90},

author = {{Standards Association of Australia}},

year = {1990},

title = {Draft Australian Standard: Electronics Funds Transfer

--- Requirements for Interfaces: Part 6.5.3 --- Key

Management --- Terminal Initialisation --- Asymmetrical},

month = {May}

}

@inproceedings{SteerStDiWi88,

oldtag = {SteerStDiWi90},

author = {D.G. Steer and L. Strawczynski and W. Diffie and M.

Wiener},

title = {A Secure Audio Teleconference System},

pages = {520--529},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@article{Stein67,

author = {J. Stein},

title = {Computational problems associated with {Racah} algebra},

journal = {J. Comp. Phys.},

volume = 1,

pages = {397--405},

year = 1967

}

@inproceedings{SteinerNeSc88,

author = {Steiner, J.G. and Neuman, B.C. and Schiller, J.I.},

year = 1988,

title = {{Kerberos}: an authentication service for open network

systems},

booktitle = {Usenix Conference Proceedings},

address = {Dallas, Texas},

month = {February},

pages = {191--202}

}

@inproceedings{Stephens86,

oldtag = {Stephens85},

author = {N. M. Stephens},

title = {{Lenstra's} Factorization Method Based on Elliptic

Curves},

pages = {409--416},

booktitle = CRYPTO85,

editor = {H. C. Williams},

publisher = {Springer},

year = 1986,

note = {Lecture Notes in Computer Science No.\ 218}

}

@inproceedings{Stern94,

author = {Jacques Stern},

title = {Designing identification schemes with keys of short

size},

pages = {164--173},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@inproceedings{Stern94a,

author = {Jacques Stern},

title = {A new identification scheme based on syndrome decoding},

pages = {13--21},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@article{StevensonHiBy95,

author = {Daniel Stevenson and Nathan Hillery and Greg Byrd},

title = {Secure Communications in ATM Networks},

journal = CACM,

volume = 38,

number = 2,

month = Feb,

year = 1995,

pages = {45--52}

}

@inproceedings{Stinson87,

author = {D.R. Stinson},

title = {Some constructions and bounds for authentication codes},

pages = {418--425},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@inproceedings{Stinson88,

author = {D.R. Stinson},

title = {A construction for authentication/secrecy codes from

certain combinatorial designs},

pages = {355--366},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@article{Stinson88a,

author = {D.R. Stinson},

title = {Some constructions and bounds for authentication codes},

journal = {Journal of Cryptology},

year = 1988,

volume = 1,

pages = {84--85}

}

@article{Stinson90,

author = {D.R. Stinson},

title = {The combinatorics of authentication and secrecy codes},

journal = {Journal of Cryptology},

year = 1990,

volume = 2,

pages = {37--51}

}

@inproceedings{Stinson92,

author = {D.R. Stinson},

title = {Combinatorial Characterizations of Authentication Codes},

pages = {62--73},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@inproceedings{Stinson92a,

author = {D.R. Stinson},

title = {Universal Hashing and Authentication Codes},

pages = {74--85},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@inproceedings{Stinson92b,

author = {Doug R. Stinson},

title = {New General Lower Bounds on the Information Rate of

Secret Sharing Schemes},

pages = {168--182},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@article{Stinson92c,

author = {D.R. Stinson},

title = {An explication of secret sharing schemes},

journal = {Designs, Codes, and Cryptography},

volume = 2,

year = 1992,

pages = {357--390}

}

@article{Stinson94,

author = {D.R. Stinson},

title = {Universal Hashing and Authentication Codes},

journal = {Designs, Codes, and Cryptography},

volume = 4,

year = 1994,

pages = {369--380}

}

@book{Stinson95,

author = {Douglas R. Stinson},

title = {Cryptography: Theory and Practice},

publisher = {CRC Press},

year = 1995

}

@inproceedings{StinsonVa88,

author = {D.R. Stinson and S.A. Vanstone},

title = {A combinatorial approach to threshold schemes},

pages = {330--339},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@article{Stoll88,

author = {C. Stoll},

title = {Stalking the Wily Hacker},

journal = {Communications of the ACM},

volume = 31,

number = 5,

year = 1988

}

@book{Stoll89,

author = {Stoll, Cliff},

year = 1989,

title = {The Cuckoo's Egg: Tracing a Spy Through the Maze of

Computer Espionage},

publisher = {Doubleday},

address = {New York}

}

@inproceedings{Struik88,

oldtag = {StruikVa88},

author = {Ren\'e Struik},

title = {The Rao-Nam scheme is insecure against a chosen-plaintext

attack},

pages = {445--457},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Stubblebine95,

author = {Stuart Stubblebine},

title = {Recent-Secure Authentication: Enforcing Revocation in

Distributed Systems},

pages = {224--234},

booktitle = {Proceedings 1995 {IEEE} Symposium on Research in

Security and Privacy},

note = {(Oakland)},

month = {May},

year = {1995}

}

@book{Summers93,

author = {Anthony Summers},

title = {Official and Confidential: The Secret Life of {J. Edgar

Hoover}},

year = 1993,

publisher = {Simon and Schuster (Pocket Books)}

}

@inproceedings{Sutherland86,

author = {D. Sutherland},

title = {A model of Inofrmation},

booktitle = {9NatSecConf},

year = 1986

}

@inproceedings{Tanaka88,

author = {Hatsukazu Tanaka},

title = {A realization scheme for the identity-based cryptosystem},

pages = {340--349},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Tardy-CorfdiGi92,

oldtag = {Tardy-CorfdirGi92},

author = {A. Tardy-Corfdir and H. Gilbert},

title = {A known plaintext attack of {FEAL}-4 and {FEAL}-6},

pages = {172--181},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@inproceedings{TatebayashiMaNe90,

author = {Makoto Tatebayashi and Ntsume Matsuzaki and David B.

Newman, Jr.},

title = {Key distribution protocol for digital mobile communication

systems},

pages = {324--334},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{Taylor94,

author = {Richard Taylor},

title = {An integrity check value algorithm for stream ciphers},

pages = {40--48},

booktitle = CRYPTO93,

editor = {Douglas R. Stinson},

note = {Lecture Notes in Computer Science No.\ 773},

publisher = {Springer},

year = 1994

}

@inproceedings{Tedrick84,

author = {Tom Tedrick},

title = {How to Exchange Half a Bit},

pages = {147--151},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@inproceedings{Tedrick85,

author = {Tom Tedrick},

title = {Fair Exchange of Secrets},

pages = {434--438},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@article{Thompson84,

author = {K. Thompson},

title = {Reflections on Trusting Trust},

journal = {Communications of the ACM},

volume = 27,

number = 8,

year = 1984

}

@book{Tilborg88a,

oldtag = {Tilborg88},

author = {Tilborg, H.C.A. van},

year = 1988,

title = {An Introduction to Cryptology},

publisher = {Kluwer Academic Publishers},

address = {Boston}

}

@inproceedings{TillichZe94,

author = {Jean-Pierre Tillich and Gilles Z\'emor},

title = {Hashing with $SL_{2}$},

pages = {40--49},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@inproceedings{Timmann83,

author = {Klaus-P. Timmann},

title = {The Rating of Understanding in Secure Voice Communications

Systems},

pages = {157--163},

year = 1983,

booktitle = {Cryptography, Proc. Burg Feuerstein 1982},

editor = {T.Beth},

volume = {149},

publisher = {Springer-Verlag},

address = {Berlin}

}

@inproceedings{TompaWo87,

author = {Martin Tompa and Heather Woll},

title = {How to Share a Secret with Cheaters},

pages = {261--265},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@unpublished{Tool91,

author = {Ted the Tool},

title = {MIT Buide to Lock Picking},

month = Sep,

year = 1991,

note = {48 pages}

}

@inproceedings{Touch95,

author = {Joseph D. Touch},

title = {Performance Analysis of {MD5}},

booktitle = {Proceedings {SIGCOMM}},

year = {1995},

month = Oct,

volume = {25},

number = {4},

pages = {77--86},

note = {Also at {\tt ftp://ftp.isi.edu/pub/hpcc-papers/touch/sigcomm95.ps.Z}}

}

@manual{Touch95b,

author = {J. Touch},

year = 1995,

title = {{RFC} 1810: Report on {MD5} Performance},

month = {June},

organization = {Internet Activities Board}

}

@inproceedings{Toussaint92,

author = {M.-J. Toussaint},

title = {Deriving the complete knowledge of participants in

cryptographic protocols},

pages = {24--43},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@article{Tretter74a,

oldtag = {Tretter74},

author = {Tretter, S.A.},

year = {1974},

title = {Properties of {$PN^2$} Sequences},

journal = {{IEEE} Transactions on Information Theory},

volume = {IT-20},

month = {March},

pages = {295--297}

}

@article{Tsudik92,

author = {Gene Tsudik},

title = {Message Authentication with One-Way Hash Functions},

journal = {ACM SIGCOMM, Computer Communication Review},

volume = 22,

number = 5,

month = Oct,

year = 1992,

pages = {29--38}

}

@inproceedings{TsujiiCh92,

author = {S. Tsujii and J. Chao},

title = {A New {ID}-Based Key Sharing System},

pages = {288--299},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@inproceedings{TsunooOkUy94,

author = {Yukiyasu Tsunoo and Eiji Okamoto and Tomohiko Uyematsu},

title = {Ciphertext only attack for one-way function of the

{MAP} using one ciphertext},

pages = {369--382},

booktitle = CRYPTO94,

editor = {Yvo G. Desmedt},

note = {Lecture Notes in Computer Science No.\ 839},

publisher = {Springer},

year = 1994

}

@misc{Tuchman78,

author = {Tuchman, W.L.},

year = {1978},

month = {June},

note = {Talk presented at the {Nat. Computer Conf., Anaheim,

C.A.}}

}

@article{Tuerkheimer93,

author = {Frank M. Tuerkheimer},

title = {The Underpinnings of Privacy Protection},

journal = {Communications of the ACM},

month = Aug,

year = 1993,

volume = 36,

number = 8,

pages = {69--73}

}

@inproceedings{Turbat85,

author = {Alain Turbat},

title = {Introductory Remarks},

page = {457--458},

booktitle = EUROCRYPT84,

editor = {T. Beth and N. Cot and I. Ingemarsson},

note = {Lecture Notes in Computer Science No.\ 209, Session

on Smart Cards},

publisher = {Springer-Verlag},

year = 1985

}

@Inproceedings{TygarYe91,

author = {J. D. Tygar and Bennet S. Yee},

title = {Strongbox: A System for Self Securing Programs},

organization = {ACM},

booktitle = {CMU Computer Science: 25th Anniversary Commemorative},

year = 1991

}

@article{Valiant84,

author = {L. Valiant},

title = {Short Monotone Formulae for the Majority Function},

journal = {Journal of Algorithms},

year = 1984,

volume = 5,

pages = {363--366}

}

@inproceedings{VanDeGraaafPe88,

oldtag = {VandeGraafPe88},

author = {Jeroen van de Graaaf and Ren\'e Peralta},

title = {A simple and secure way to show the validity of your

public key},

pages = {128--134},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@misc{Upton93,

author = {Jimmy Upton},

note = {Unpublished comment made to Whit Diffie before Crypto 93, and

mentioned by Diffie in the Crypto '93 rump session.}

}

@INPROCEEDINGS{LubbeBo90,

oldtag = {VanderLubbeBo90},

author = {J.C.A. van der Lubbe and D.E. Boekee},

title = {{KEYMEX}: An Expert System for the Design of Key Management

Schemes},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {96--103}

}

@inproceedings{VanOorschot91,

author = {P.C. van Oorschot},

title = {A Comparison of Practical Public Key Cryptosystems

Based on Integer Factorization and Discrete Logarithms},

pages = {576--581},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@book{VanstoneVa89,

author = {S. A. Vanstone and P.C. VanOorschot},

title = {An Introduction to Error Correcting Codes with Applications},

publisher = {Kluwer Academic Publishers},

year = 1989

}

@book{VanTilborg88,

oldtag = {vanTilborg88},

author = {H.C.A. van Tilborg},

title = {An Introduction to Cryptology},

publisher = {Kluwer Academic Publishers},

year = 1988

}

@inproceedings{VanTilburg90,

oldtag = {vanTilburg90},

author = {J. van Tilburg},

title = {On the {McEliece} Public-Key Cryptosystem},

pages = {119--131},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1990

}

@inbook{VanTilburg91,

oldtag = {vanTilburg93},

author = {J. van Tilburg},

title = {Secret-key exchange with authentication},

publisher = {Lecture Notes in Computer Science, 1993, No.\ 741},

note = {Computer Security and Industrial Cryptography, State

of the Art and Evolution, ESAT Course},

month = May,

year = 1991,

pages = {71--86}

}

@book{VanTilburg94,

oldtag = {vanTilburg94},

author = {Johan van Tilburg},

title = {Security -Analysis of a Class of Cryptosystems Based

on Linear Error-Correcting Codes},

publisher = {Royal PTT Nederlands},

year = 1994

}

@inproceedings{VanTilburgBo86,

oldtag = {vanTilburgBo86},

author = {J. van Tilburg and D.E. Boekee},

title = {Divergence Bounds on Key Equivocation and Error Probability

in Cryptanalysis},

pages = {489--513},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@inproceedings{Varadharajan86,

author = {V. Varadharajan},

title = {Trapdoor Rings and Their Use in Cryptography},

pages = {369--395},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@INPROCEEDINGS{Varadharajan90a,

oldtag = {Varadharajan90},

author = {V. Varadharajan},

title = {Network Security Policy Models},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {74--95}

}

@inproceedings{Vaudenay92,

author = {Serge Vaudenay},

title = {{FFT-Hash-II} is not yet Collision-free},

pages = {587--593},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@inproceedings{Vazirani85,

author = {U. V. Vazirani},

title = {Towards a Strong Communication Complexity Theory, or

Generating Quasi-Random Sequences from Two Communicating

Slightly-Random Sources},

pages = {366-378},

booktitle = STOC85,

publisher = ACM,

address = {Providence},

year = 1985

}

@inproceedings{VaziraniVa83,

author = {U. V. Vazirani and V. V. Vazirani},

title = {Trapdoor Pseudo-Random Number Generators, with Applications

to Protocol Design},

pages = {23--30},

booktitle = FOCS83,

publisher = IEEE,

address = {Tucson},

year = 1983

}

@inproceedings{VaziraniVa84,

author = {U.V. Vazirani and V.V. Vazirani},

title = {Efficient and Secure Pseudo-Random Number Generation},

pages = {458--463},

booktitle = FOCS84,

publisher = IEEE,

address = {Singer Island},

year = 1984

}

@inproceedings{VaziraniVa84aa,

oldtag = {VaziraniVa84a},

author = {Umesh V. Vazirani and Vijay V. Vazirani},

title = {{RSA} Bits are $732 + \epsilon$ Secure},

pages = {369--375},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@inproceedings{VaziraniVa85,

author = {U.V. Vazirani and V.V. Vazirani},

title = {Efficient and Secure Pseudo-Random Number Generation},

pages = {193--202},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@article{Vernam26,

author = {Vernam, G.S.},

year = 1926,

title = {Cipher printing telegraph systems for secret wire and

radio telegraphic communications},

journal = {J. Am. Inst. Elec. Eng.},

volume = 55,

pages = {109--115}

}

@misc{VernonLaPe94,

author = {Mary K. Vernon and Edward D. Lazowska and Stewart D.

Personick},

title = {{R\&D} for the {NII}: Technical Challenges},

howpublished = {EDUCOM},

month = May,

year = 1994

}

@inproceedings{Vogel84,

author = {Vogel, R.},

year = 1984,

title = {On the linear complexity of cascaded sequences},

booktitle = {Advances in Cryptology --- Eurocrypt '84},

editor = {T. Beth and N. Cot and I. Ingemarsson},

pages = {99--109},

publisher = {Springer-Verlag},

address = {Berlin}

}

@incollection{VonNeumann63,

oldtag = {VonNeumann51},

author = {J. {von Neumann}},

title = {Various techniques for use in connection with random

digits},

booktitle = {von Neumann's Collected Works},

volume = 5,

publisher = {Pergamon},

year = {1963},

pages = {768--770}

}

@inproceedings{WagnerMa85,

author = {Neal R. Wagner and Marianne R. Magyarik},

title = {A Public Key Cryptosystem Based on the Word Problem},

pages = {19--36},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@inproceedings{WagnerPuCa87,

author = {Neal R. Wagner and Paul S. Putter and Marianne R. Cain},

title = {Large-scale randomization techniques},

pages = {393--404},

booktitle = CRYPTO86,

editor = {A.M. Odlyzko},

note = {Lecture Notes in Computer Science No.\ 263 },

publisher = {Springer-Verlag},

year = 1987

}

@article{Walker90,

author = {M. Walker},

title = {Information-theoretic bounds for authentication systems},

journal = {Journal of Cryptology},

year = 1990,

volume = 2,

pages = {131--143}

}

@article{WalkerLiElBa96,

author = {Stephen T. Walker and Steven B. Lipner and

Carl M. Ellison and David M. Balenson},

title = {Commercial Key Recovery},

journal = {Communications of the ACM},

month = Mar,

year = 1996,

volume = 39,

number = 3,

pages = {41--47}

}

@inproceedings{Walter92,

author = {C.D. Walter},

title = {Faster Modular Multiplication by Operand Scaling},

pages = {313--323},

booktitle = CRYPTO91,

editor = {J. Feigenbaum},

note = {Lecture Notes in Computer Science No.\ 576},

publisher = {Springer},

year = 1992

}

@misc{WangMa86,

author = {Wang, M.Z. and Massey, J.L.},

year = 1986,

title = {The characteristics of all binary sequences with perfect

linear complexity profiles},

note = {Presented at Eurocrypt'86},

address = {Linkoping, Sweden},

month = {May 20--22}

}

@article{Ward33,

author = {Ward, M.},

year = 1933,

title = {The Arithmetic Theory of Linear Recurring Series},

journal = {Trans. A.M.S.},

volume = 35,

pages = {600--628}

}

@inproceedings{Wayner92,

author = {Peter C. Wayner},

title = {Content-Addressable Search Engines and {DES}-like Systems},

pages = {575--586},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@book{Wayner96,

author = {Peter Wayner},

title = {Digital Cash: Commerce on the Net},

publisher = {Academic Press},

year = {1996}

}

@inproceedings{WebsterTa86,

author = {Webster, A.F. and Tavares, S.E.},

year = 1986,

title = {On the design of {S}-boxes},

booktitle = {Advances in Cryptology --- Crypto '85},

editor = {H.C. Williams},

publisher = {Springer-Verlag},

address = {New York},

pages = {523--534}

}

@misc{WechselbergeBlJeDrSi85,

oldtag = {WechselbergerBlJeDrSi85},

author = {Wechselberger, A. and Bluestein, L. and Jedynak, L.

and Drake, D. and Simpson, L.},

title = {Multi-layer Encryption System for the Broadcast of

Encrypted Information },

howpublished = {U.S. Patent No. 4,531,020},

month = { July 23,},

year = {1985}

}

@inproceedings{Weinstein82,

author = {Stephen B. Weinstein},

title = {Security Mechanisms in Electronic Cards},

pages = {109--109},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@book{Welsh88,

author = {D. Welsh},

title = {Codes and Cryptography},

publisher = {Oxford Science Publications},

year = 1988

}

@book{WesternMi68,

author = {Western, A.E. and Miller, J.C.P.},

year = 1968,

title = {Tables of Indices and Primitive Roots},

publisher = {Cambridge University Press},

address = {Cambridge},

volume = 9,

series = {Royal Society Mathematical Tables}

}

@inproceedings{White90,

author = {Steve R. White},

title = {Covert distributed processing with computer viruses},

pages = {616--619},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@manual{OfficeoftheP93,

oldtag = {WhiteHouse93},

author = {{Office of the Press Secretary}},

year = 1993,

title = {Statement},

organization = {The White House},

month = {April 16,}

}

@article{Wiedemann86,

author = {Wiedemann, D. H.},

title = {Solving sparse linear equations over finite fields},

journal = {IEEE Trans. Inform. Theory},

volume = 32,

year = 1986,

pages = {64--62}

}

@article{Wiener90,

author = {Wiener, Michael J.},

title = {Cryptanalysis of short {RSA} secret exponents},

journal = {IEEE Transactions on Information Theory},

volume = 36,

number = 3,

year = 1990,

month = May,

pages = {553--558}

}

@unpublished{Wiener93,

author = {Wiener, M.J.},

year = 1993,

title = {Efficient {DES} Key Search},

month = {August 20,},

note = {Presented at Crypto '93 rump session}

}

@book{Wilkes75,

author = {Wilkes, M. V.},

title = {Time-sharing computer systems},

year = 1975,

publisher = {Elsevier},

note = {Third edition}

}

@techreport{Williams79,

author = {H. C. Williams},

institution = {The University of Manitoba, Dept. of Computer Science},

year = 1979,

month = {Jul},

title = {A modification of the {RSA} Public-Key Encryption Procedure},

number = {Scientific Report \#92}

}

@article{Williams80,

author = {H. C. Williams},

title = {A Modification of the {RSA} Public-key Encryption Procedure},

journal = {IEEE Transactions on Information Theory},

volume = {IT-26},

number = 6,

year = 1980,

month = Nov,

pages = {726--729}

}

@article{Williams82,

author = {H. C. Williams},

title = {A $p+1$ method of factoring},

journal = {Mathematics of Computation},

year = 1982,

month = Jul,

volume = 39,

number = 159,

pages = {225--234}

}

@inproceedings{Williams84,

author = {H. C. Williams},

title = {An Overview of Factoring},

pages = {71--80},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@inproceedings{Williams85d,

oldtag = {Williams85},

author = {H. C. Williams},

title = {Some Public Key Crypto-Functions as Intractable as

Factorization},

pages = {66-70},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@inproceedings{Williams86,

author = {H.C. Williams},

title = {An $M^3$ Public-Key Encryption Scheme},

pages = {358--368},

booktitle = CRYPTO85,

editor = {H. C. Williams},

note = {Lecture Notes in Computer Science No.\ 218},

publisher = {Springer},

year = 1986

}

@article{Williams93,

author = {Williams, H.C.},

year = 1993,

title = {How was {$F_6$} factored?},

journal = {Mathematics of {C}omputation},

volume = 61,

number = 203,

pages = {463--474}

}

@article{WilliamsJu76,

author = {H. C. Williams and J. S. Judd},

title = {Determination of the Primality of $N$ by using Factors

of $N^2\pm 1$},

journal = {Mathematics of Computation},

year = 1976,

month = Jan,

volume = 30,

number = 133,

pages = {157--172}

}

@article{WilliamsSc79,

author = {H. C. Williams and B. Schmid},

title = {Some remarks concerning the {MIT} public-key cryptosystem},

journal = {BIT},

year = 1979,

volume = 19,

pages = {525--538},

comment = {Discusses breaking RSA by repeated encryption; Motivates

strong primes by $p+1$ and $p-1$ methods. Discusses

building strong primes. Appeared earlier as University

of Manitoba Computer Science Scientific Report 91}

}

@book{Winterbotham75,

author = {F. W. Winterbotham},

title = {The Ultra Secret},

publisher = {Futura},

address = {London},

year = 1975

}

@inproceedings{Winternitz83,

author = {Robert S. Winternitz},

title = {Security of a Keystream Cipher with Secret Initial

Value},

pages = {133--137},

booktitle = CRYPTO82,

editor = {R. L. Rivest and A. Sherman and D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1983

}

@inproceedings{Winternitz84,

author = {Robert S. Winternitz},

title = {Producing a One-Way Hash Function from {DES}},

pages = {203--207},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@article{WobberAbBuLa94,

author = {Edward Wobber and Mart\'in Abadi and Michael Burrows

and Butler Lampson},

title = {Authentication in Taos Operating System},

journal = {TOCS},

month = Feb,

year = 1994,

volume = 12,

number = 1,

pages = {3--32}

}

@inproceedings{Wolfram86,

author = {Wolfram, S.},

year = 1986,

title = {Cryptography with cellular automata},

booktitle = {Advances in Cryptology --- Crypto '85},

editor = {H.C. Williams},

publisher = {Springer-Verlag},

address = {New York},

pages = {429--432}

}

@techreport{Woll84,

author = {Heather Woll},

title = {Reductions among number theoretic problems},

institution = {Department of Computer Science, University of Washington, Seattle},

year = 1984,

month = Jun,

number = {\#84-05--02}

}

@article{WooLa92,

author = {Thomas Y.C. Woo and Simon S. Lam},

title = {Authentication for Distributed Systems},

journal = {Computer},

volume = 25,

number = 1,

year = 1992,

month = Jan,

pages = {39--52}

}

@article{Wright94,

author = {Benjamin Wright},

title = {Inside {RISKS}: The Verdict on Plaintext Signatures:

They're Legal},

journal = {Communications of the ACM},

month = Oct,

year = 1994,

volume = 37,

number = 10,

pages = {122--122}

}

@inproceedings{Wunderlich84,

author = {Marvin C. Wunderlich},

title = {Factoring Numbers on the Massively Parallel Computer},

pages = {87--102},

booktitle = CRYPTO83,

editor = {D. Chaum},

publisher = {Plenum Press},

address = {New York},

year = 1984

}

@article{Wyner75,

author = {A. D. Wyner},

title = {The wire-tap channel},

journal = {Bell Sys.\ Tech.\ J.},

volume = {54},

year = 1975,

pages = {1355--1387}

}

@article{Wyner79a,

author = {A. D. Wyner},

title = {An analog scrambling scheme which does not expand bandwidth,

Part~1},

journal = {IEEE Trans.\ Inform.\ Theory},

volume = {IT-25},

number = 3,

year = 1979,

pages = {261--274}

}

@article{Wyner79b,

author = {A. D. Wyner},

title = {An analog scrambling scheme which does not expand bandwidth,

Part~2},

journal = {IEEE Trans.\ Inform.\ Theory},

volume = {IT-25},

number = 4,

year = 1979,

pages = {415--425}

}

@inproceedings{Wyner82,

author = {Aaron D. Wyner},

title = {Some Thoughts on Speech Encryption},

pages = {120--120},

booktitle = CRYPTO81,

editor = {Allen Gersho},

organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},

note = {Tech Report 82-04},

year = 1982

}

@misc{ISO89,

oldtag = {X509-89(E)},

author = {ISO},

title = {Annex {C} -- The {RSA} Public Key Cryptosystem, in

{ISO/IEC} 9594-8:1989({E})},

howpublished = {Part of {ISO/IEC X.509} Draft Standard},

year = {1989},

note = {no note}

}

@INPROCEEDINGS{Xian90,

author = {Y.Y. Xian},

title = {{K-M} Sequence is Forwardly Predictable},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {37--38}

}

@INPROCEEDINGS{Xian90a,

author = {Y.Y. Xian},

title = {Dyadic Matrices and Their Potential Significance in

Cryptography},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {308--310}

}

@inproceedings{Yacobi88,

author = {Yacov Yacobi},

title = {Attack on the {Koyama-Ohta} identity basedd key distribution

scheme},

pages = {429--433},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{Yacobi91,

author = {Y. Yacobi},

title = {A Key Distribution ``Paradox''},

pages = {268--273},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{Yacobi91a,

author = {Y. Yacobi},

title = {Discrete-log wiith Compressible Exponents},

pages = {639-643},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{YacobiSh90,

author = {Yacov Yacobi and Zahava Shmuely},

title = {On key distribution systems},

pages = {344--355},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@misc{Yao??,

oldtag = {Yao},

author = {A. C. Yao},

title = {On Secret Sharing},

note = {private communication to Shafi Goldwasser}

}

@inproceedings{Yao82a,

author = {A. C. Yao},

title = {Theory and Application of Trapdoor Functions},

pages = {80--91},

booktitle = FOCS82,

publisher = IEEE,

address = {Chicago},

year = 1982

}

@inproceedings{Yao82b,

author = {A.C. Yao},

title = {Protocols for Secure Computations},

pages = {160--164},

booktitle = FOCS82,

publisher = IEEE,

address = {Chicago},

year = 1982

}

@inproceedings{Yao86,

author = {A.C. Yao},

title = {How to Generate and Exchange Secrets},

pages = {162--167},

booktitle = FOCS86,

publisher = IEEE,

address = {Toronto},

year = 1986

}

@article{YarlagaddaHe89,

author = {R. Yarlagadda and J.E. Hershey},

title = {Analysis and synthesis of bent sequences},

journal = {IEE Proceedings},

volume = {136},

year = 1989,

pages = {112--123}

}

@phdthesis{Yee94,

author = {Bennet Yee},

title = {Using secure coprocessors},

school = {Carnegie Mellon University},

month = {May},

note = {CMU-CS-94-149},

year = {1994}

}

@inproceedings{Yung85,

author = {Mordechai Yung},

title = {Cryptoprotocols: Subscription to a Public Key, the

Secret Blocking and the Multi-Player Mental Poker Game},

pages = {439--453},

booktitle = CRYPTO84,

editor = {G. R. Blakley and D. C. Chaum},

note = {Lecture Notes in Computer Science No.\ 196},

publisher = {Springer},

year = 1985

}

@article{Yuval79,

author = {G. Yuval},

title = {How to Swindle {Rabin}},

journal = {Cryptologia},

volume = 3,

month = Jul,

year = 1979,

pages = {187--189}

}

@inproceedings{ZengHu88,

oldtag = {ZengHu90},

author = {K. Zeng and M. Huang},

title = {On the Linear Syndrome Method in Cryptoanalysis},

pages = {469--478},

booktitle = CRYPTO88,

editor = {S. Goldwasser},

note = {Lecture Notes in Computer Science No.\ 403 },

publisher = {Springer-Verlag},

year = 1988

}

@INPROCEEDINGS{ZengHu90a,

author = {K. Zeng and M. Huang},

title = {Solving Equations in Sequences},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {327--332}

}

@inproceedings{ZengYaDa88,

author = {K. Zeng and J.H. Yang and Z.T. Dai},

title = {Patterns of entropy drop of the key in an S-box of

the {DES}},

pages = {438--444},

booktitle = CRYPTO87,

editor = {Carl Pomerance},

note = {Lecture Notes in Computer Science No.\ 293 },

publisher = {Springer-Verlag},

year = 1988

}

@inproceedings{ZengYaRa90,

author = {Zeng, K. and Yang, C.H. and Rao, T.R.N.},

year = {1990},

title = {On the Linear Consistency Test in Cryptanalysis with

Applications},

booktitle = {Advances in Cryptology --- Crypto '89},

editor = {G. Brassard},

pages = {167--174},

publisher = {Springer-Verlag},

address = {New York}

}

@INPROCEEDINGS{ZengYaRa90a,

author = {K. Zeng and C.H. Yang and T.R.N. Rao},

title = {Large Primes in Stream Cipher Cryptography},

booktitle = AUSCRYPT90,

year = 1990,

editor = {J. Seberry and J. Pieprzyk},

series = {Lecture Notes in Computer Science},

volume = 453,

publisher = {Springer-Verlag},

pages = {194--205}

}

@inproceedings{ZengYaRa91,

author = {K. Zeng and C.H. Yang and T.R.N. Rao},

title = {An Improved Linear Syndrome Algorithm in Cryptanalysis

with Applications},

pages = {34--48},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@article{ZengYaWeRa91,

author = {Zeng, K. and Yang, C.H. and Wei, D.Y. and Rao, T.R.N.},

year = {1991},

title = {Pseudorandom Bit Generators in Stream-Cipher Cryptography},

journal = {Computer},

volume = {24},

number = {2},

month = {February},

pages = {8--17}

}

@inproceedings{ZhengMaIm90,

author = {Y. Zheng and T. Matsumoto and H. Imai},

title = {On the construction of block ciphers provably secure

and not relying on any unproved hypotheses},

pages = {461--480},

booktitle = CRYPTO89,

editor = {G. Brassard},

note = {Lecture Notes in Computer Science No.\ 435},

publisher = {Springer-Verlag},

year = 1990

}

@inproceedings{ZhengMaIm91,

author = {Y. Zheng and T. Matsumoto and H. Imai},

title = {Structural Properties of One-way Hash Functions},

pages = {285--302},

booktitle = CRYPTO90,

editor = {A.J. Menezes and S. A. Vanstone},

note = {Lecture Notes in Computer Science No.\ 537},

publisher = {Springer-Verlag},

year = 1991

}

@inproceedings{ZhengPiSe93,

author = {Zheng, Y. and Pieprzyk, J. and Seberry, J.},

year = 1993,

title = {{HAVAL} - A One-Way Hashing Algorithm with Variable

Length of Output},

booktitle = {Advances in Cryptology --- Auscrypt '92},

editor = {J. Seberry and Y. Zheng},

publisher = {Springer-Verlag},

address = {Berlin},

pages = {83--104}

}

@inproceedings{ZhengSe92,

author = {Yulian Zheng and Jennifer Seberry},

title = {Practical Approaches to Attaining Security Against

Adaptively Chosen Ciphertext Attacks},

pages = {292--304},

booktitle = CRYPTO92,

editor = {Ernest F. Brickell},

note = {Lecture Notes in Computer Science No.\ 740},

publisher = {Springer-Verlag},

year = 1992

}

@article{Zierler59,

author = {Zierler, N.},

year = 1959,

title = {Linear Recurring Sequences},

journal = {{J}. {S}oc. {I}ndust. {A}ppl. {M}ath.},

volume = 7,

number = 1,

pages = {31--48}

}

@article{ZierlerMi73,

author = {Zierler, N. and Mills, W.H.},

year = 1973,

title = {Products of Linear Recurring Sequences},

journal = {Journal of Algebra},

volume = 27,

pages = {147--157}

}

@article{ZivLe76a,

oldtag = {ZivLe76},

author = {Ziv, J. and Lempel, A.},

year = 1976,

title = {On the complexity of finite sequences},

journal = {IEEE Trans. Information Theory},

volume = 22,

pages = {75--81}

}

@article{ZivLe77,

author = {Ziv, J. and Lempel, A.},

year = 1977,

title = {A universal algorithm for sequential data compression},

journal = {IEEE Trans. Information Theory},

volume = 23,

number = 3,

pages = {337--343}

}