A.2 Crypto Proceedings

ADVANCES IN CRYPTOGRAPHY - A Report on CRYPTO 81. ECE Rept No 82-04, Dept, of Electrical & Computer Engineering, University of California, Santa Barbara, CA, U.S.A., 1982. Editor: A. Gersho.

L. M. Adleman, Prhuahty testing (abstract only), 10.

H.R. Amirazizi, M.E. Heilman, Time-memory-processor tradeoffs (abstract only), 7-9.

H.R. Amirazizi, E.D. Kamin, J.M. Reyneri, Compact knapsacks are polynomially solvable (abstract only), 17-19.

H.J. Beker, Stream ciphers: Applications and techniques, 121-123.

T.A. Berson, R.K. Bauer, Local network cryptosystem architecture, 73-78.

G.R. Blakley, Key management from a security viewpoint (abstract only), 82.

M. Blum, Coin Hipping by telephone: A protocol for solving impossible problems, 11-15.

G. Brassard, An optimally secure relativized cryptosystem, 54-58.

D.L. Chaum, Silo watching, 138-139.

D. W. Davies, Some regular properties of the DES (abstract only), 41.

R. A. DeMillo, N.A. Lynch, M.J. Merritt, The design and analysis of cryptographic protocols (abstract

only), 71.

W. Diffie, Cryptographic teclmology: Fifteen year forecast, 84-108.

S. Even, A protocol for signing contracts, 148-153.

M. Gasser, Limitations of encryption to enforce mandatory security, 130-134.

J.A. Gordon, Towards a design procedure for cryptosecure substitution boxes (abstract only), 53.

M E. Heilman, E.D. Kamin, J. Reyneri, On the necessity of cryptanalytic exhaustive search, 2-6.

RS. Henry, R.D. Nash, Fast decryption algorithm for the knapsack cipher (abstract only), 16.

E. Henze, The solution of the general equation for public key distribution systems, 140-141.

T. Herlestam, On the feasibility of computing discrete losarithms using Adleman’s subexponential algo

rithm, 142-147.

I. Ingemarsson, Are all injective knapsacks partly solvable after multiplication modulo q?, 20-24.

J. P. Jordan, A variant of a pubhc key cryptosystem based on Goppa codes, 25-30.

S.C. Как, Scrambling and randomization, 59-63.

S.T. Kent, Cryptographic techniques for protecting storage (abstract only), 80.

A.G. Konheim, A one-way sequence for transaction verification (abstract only), 38.

A. L. Lang Jr., J. Vasak, A methodology for evaluating the relative security of connnercial COMSEC de

vices, 124-129.

Y. A. Lau, T.R. McPherson, Implementation of a hybrid RSA/DES key management system (abstract only), 83.

L. -S. Lee, G.-C. Chou, New results on sampling-based scrambling techniques for secure speech commu

nications, 115-119.

H. Meijer, S. Akl, Digital signature schemes, 65-70.

D.R. Morrison, Subtractive encryptors - alternatives to the DES, 42-52.

J.M. Nye, Current market: Products, costs, trends, 110-114.

J.M. Nye, The import/export dilennna (abstract only), 135-137.

S. Porter, A password extension for improved human factors (abstract only), 81.

G. Purdy, G. Simmons, J. Studier, Software protection using "conununal-key-cryptosystems” (abstract only), 79.

B. P Schaiming, MEMO: A hybrid approach to encrypted electronic mail (abstract only), 64.

A. Shamir, The generation of cryptographically strong pseudo-random sequences (abstract only), 1.

G. J. Simmons, A system for point-of-sale or access user authentication and identification, 31-37.

M. E. Sruid, DES 81: An update, 39-40.

S.B. Weinstein, Security mechanism in electronic cards (abstract only), 109.

A.D. Wyner, Some thoughts on speech encryption (abstract only), 120.

Advances in Cryptology - Proceedings of CRYPTO 82. Plenum Press (1983). Editors: D. Chaum, R.L. Rivest, and A.T. Sherman.

L.M. Adleman, Implementing an electronic notary public, 259-265.

L.M. Adleman, On breaking the iterated Merkle-Helhnan public-key cryptosystem, 303-308.

S. G. Akl, P.D. Taylor, Cryptographic solution to a multilevel security problem, 237-249.

G.M. Avis, S.E. Tavares, Using data uncertainty to increase the crypto-complexity of simple private key enciphering schemes, 139-143.

C.H. Bennett, G. Brassard, S. Breidbart, S. Wiesner, Quantum cryptography, or unforgeable subway tokens, 267-275.

T. A. Berson, Local network cryptosystem architecture: Access control, 251-258.

T.A. Berson, Long key variants of DES, 311-313.

G.R. Blakley, L. Swanson, Infinite structures in information theory, 39-50.

R. Blom, Non-public key distribution, 231-236.

L. Blum, M. Blum, M. Shub, Comparison of two pseudo-random number generators, 61-78.

G. Brassard, On computationally secure authentication tags requiring short secret shared keys, 79-86.

E.F. Brickell, A fast modular multiplication algorithm with applications to two key cryptography, 51-60.

E.F. Brickell, J.A. Davis, G.J. Simmons, A preliminary report on the cryptanalysis of Merkle-Helhnan knapsack cryptosystems, 289-301.

E.F. Brickell, J.H. Moore, Some remarks on the Herlestam-Johaimesson algorithm for computing logarithms over GF(2P), 15-19.

D. Chaum, Bhnd signatures for untraceable payments, 199-203.

D.W. Davies, Some regular properties of the ‘Data Encryption Standard' algorithm, 89-96.

D.W. Davies, G.I.P. Parkin, The average cycle size of the key stream in output feedback encipherment. 97- 98.

D. Dolev, S. Even, R.M. Karp, On the security of ping-pong protocols, 177-186.

D. Dolev, A. Wigderson, On the security of multi-party protocols in distributed systems, 167-175.

S. Even, O. Goldreich, On the security of multi-party ping-pong protocols, 315.

S. Even, O. Goldreich, A. Lempel, A randomized protocol for signing contracts, 205-210.

S. Goldwasser, S. Micali, A. Yao, On signatures and authentication, 211-215.

M E. Heilman, J.M. Reyneri, Drainage and the DES, 129-131.

M.E. Heilman, J.M. Reyneri, Fast computation of discrete logaritlnns in GF(q), 3-13.

R. Janardan, K.B. Lakshmanan, A public-key cryptosystem based on the matrix cover NP-complete problem, 21-37.

R.R. Jueneman, Analysis of certam aspects of output feedback mode, 99-127.

L. Longpre, The use of public-key cryptography for signing checks, 187-197.

M. Merritt, Key reconstruction, 321-322.

C. Mueller-Schloer, N.R. Wagner, Ctyptographic protection of personal data cards, 219-229.

C. Nicolai, Nondetenninistic cryptography, 323-326.

J.B. Plumstead, Inferring a sequence produced by a linear congruence, 317-319.

R.L. Rivest, A short report on the RSA chip, 327.

R.L. Rivest, A.T. Sherman, Randomized encryption techniques, 145-163.

A. Shamir, A polynomial time algoritlun for breaking the basic Merkle-Hellman cryptosystem, 279-288.

R.S. Wintemitz, Security of a keystrem cipher with secret initial value, 133-137.

Advances in Cryptology - Proceedings of CRYPTO 83. Plenum Press (1984). Editor: D. Chaum.

S. G. Akl, On the security of compressed encodings, 209-230.

M. Blum, U.V. Vazirani, V.V. Vazirani, Reducibility among protocols, 137-146.

E.F. Brickell, Solving low density knapsacks, 25-37.

E.F. Brickell, J.C. Lagarias, A M. Odlyzko, Evaluation of the Adleman attack on multiply iterated knapsack cryptosystems, 39-42.

D. Chaum, Bhnd signature system, 153.

D. Chaum, Design concepts for tamper responding systems, 387-392.

D.W. Davies, Use of the ‘signature token ’ to create a negotiable document, 377-382.

M. Davio, Y. Desmedt, M. Fosseprez, R. Govaerts, J. Hulsbosch, P. Neutjens, P. Piret, J.-J. Quisquater,

J. Vandewalle, P. Wouters, Analytical characteristics of the DES, 171-202.

J.A. Davis, D.B. Holdridge, Factorization using the quadratic sieve algoritlun, 103-113.

D.E. Denning, Field encryption and authentication, 231-247.

T. ElGamal, A subexponential-time algoritlun for computing discrete logaritlnns overGF(p2), 275-292.

S. Even, O. Goldreich, Electronic wallet, 383-386.

S. Even, O. Goldreich, On the power of cascade ciphers, 43-50.

B.W. Fam, Improving the security of exponential key exchange, 359-368.

O. Goldreich, A simple protocol for signing contracts, 133-136.

H. Jiirgensen, D.E. Matthews, Some results on the information theoretic analysis of cryptosystems, 303- 356.

J.C. Lagarias, Knapsack pubhc key cryptosystems and diophantine approximation, 3-23.

R. Lidl, W.B. Muller, Permutation polynomials in RSA-cryptosystems, 293-301.

H. Ong, C.P. Schnorr, Signatures through approximate respresentations by quadratic forms, 117-131.

C. Pornerance, J.W. Smith, S.S. Wagstaff Jr., New ideas for factoring large integers, 81-85.

J.A. Reeds, N.J.A. Sloane, Sluft-register synthesis (modulo m), 249.

J.E. Sachs, S. Berkovits, Probabilistic analysis and performance modelling of the 'Swedish' algoritlnn and modifications, 253-273.

G. J. Simmons, The prisoners’ problem and the subliminal channel, 51-67.

M.E. Spencer, S.E. Tavares, A layered broadcaset cryptographic system, 157-170.

T. Tedrick, How to exchange half a bit, 147-151.

U. V. Vazirani, V.V. Vazirani, RSA bits are .732 + e secure, 369-375.

H. C. Williams, An overview of factonng, 71-80.

R.S. Wintemitz, Producing a one-way hash function from DES, 203-207.

M.C. Wunderlich, Factonng numbers on the massively parallel computer, 87-102.

Advances in Cryptology - Proceedings of CRYPTO 84. Springer-Verlag LNCS 196 (1985). Editors: G.R. Blakley and D. Chaum.

S.G. Akl, H. Meijer, A fast pseudo random permutation senerator with applications to cryptology, 269- 275.

H. Beker, M. Walker, Key management for secure electronic funds transfer in a retail environment, 401-


C. H. Bennett, G. Brassard, An update on quantum cryptography, 475-480.

I. F. Blake, R.C. Mullin, S.A. Vanstone, Computing logarithms in GF(2"), 73-82.

G.R. Blakley, Infonnation theorу without the finiteness assumption, I: Cryptosystems as group-theoretic objects, 314-338.

G. R. Blakley, C. Meadows, Security of ramp schemes, 242-268.

M. Blum, S. Goldwasser, An efficient probabihstic pubhc-key encryption scheme which hides all partial information, 289-299.

E. F. Brickell, Brealdng iterated knapsacks, 342-358.

D. Chaum, How to keep a secret alive: Extensible partial key, key safesuardins, and threshold systems,


D. Chaum, New secret codes can prevent a computerized big brother, 432-433.

S. -S. Chen, On rotation group and encryption of analog signals, 95-100.

B. Chor, O. Goldreich, RSA/Rabin least significant bits are 1/2 + l/poly(og n) secure, 303-313.

В. Chor, R.L. Rivest, A knapsack type pubhc key cryptosystem based on ahtlunetic in finite fields, 54-65. D.W. Davies, A message authenticator algoritlnn suitable for a mainframe computer, 393-400.

M. Davio, Y. Desmedt, J. Goubert, F. Hoomaert, J.-J. Quisquater, Efficient hardware and software imple

mentations for the DES, 144-146.

J. A. Davis, D.B. Holdridge, An update on factorization at Sandia National Laboratories, 114.

Y. Desmedt, J.-J. Quisquater, M. Davio, Dependence of output on input in DES: Small avalanche characteristics, 359-376.

T. ElGamal, A public key cryptosystem and a signature scheme based on discrete logaritluns, 10-18. R.C. Fairfield, A. Matusevich, J. Plany, An LSI digital encryption processor (DEP), 115-143.

R. C. Fairfield, R.L. Mortenson, K.B. Coulthart, An LSI random number generator (RNG), 203-230.

S. Fortune, M. Merritt, Poker protocols, 454-464.

O. Goldreich, S. Goldwasser, S. Micali, On the cryptographic applications of random functions, 276-288. S. Goldwasser, S. Micali, R.L. Rivest, A 'paradoxical" solution to the signature problem, 467.

F. Hoomaert, J. Goubert, Y. Desmedt, Efficient hardware implementation of the DES, 147-173.

B.S. Kaliski, Wyner’s analog encryption scheme: Results of a simulation, 83-94.

A.G. Konheim, Cryptanalysis of ADFGVX encipherment systems, 339-341.

S.C. Kothari, Generalized linear threshold scheme, 231-241.

A.C. Leighton, S.M. Matyas, The history of book ciphers, 101-113.

A.K. Leung, S.E. Tavares, Sequence complexity as a test for cryptographic systems, 468-474.

H. Ong, C.P. Schnorr, A. Shamir, Efficient signamre schemes based on polynomial equations, 37-46.

N. Proctor, A self-synchronizing cascaded cipher system with dynamic control of error propasation. 174—


J.A. Reeds, J.L. Manferdelli, DES has no per round linear factors, 377-389.

S. C. Serpell, C.B. Brookson, B.L. Clark, A prototype encryption system using public key, 3-9.

A. Shamir, Identity-based cryptosystems and signature schemes, 47-53.

G. J. Simmons, Authentication theory/coding theory, 411-431.

T. Tedrick, Fair exchange of secrets, 434-438.

U. V. Vazirani, V.V. Vazirani, Efficient and secure pseudo-random number generation, 193-202.

N.R. Wagner, M R. Magyarik, A public key cryptosystem based on the word problem, 19-36.

H. C. Williams, Some public key crypto-functions as intractable as factorization, 66-70.

M. Yung, Cryptoprotocols: Subscription to a public key, the secret blocking and the multi-player mental poker game, 439-453.

Advances in Cryptology - CRYPTO ’85. Springer-Verlag LNCS 218 (1986). Editor: H.C. Williams.

C. H. Bennett, G. Brassard, J.-M. Robert, How to reduce your enemy’s information, 468-476.

R. Berger, S. Kannan, R. Peralta, A framework for the study of cryptographic protocols, 87-103.

G.R. Blakley, Information theory' without the finiteness assumption, П. Unfolding the DES, 282-337.

G. R. Blakley, C. Meadows, G.B. Purdy, Fingerprinting long forgiving messages, 180-189.

E.F. Brickell, J.M. DeLaurentis, An attack on a signature scheme proposed by Okamoto and Shiraishi. 28- 32.

D. Chaum, J.-H. Evertse, Cryptanalysis of DES with a reduced number of rounds - sequences of linear fac

tors in block ciphers, 192-211.

B. Chor, O. Goldreich, S. Goldwasser, The bit security of modular squaring given partial factorization of

the modules, 448-457.

D. Coppersmith, Another birthday attack, 14-17.

D. Coppersmith, Cheating at mental poker, 104-107.

D. Coppersmith, The real reason for Rivest’s phenomenon, 535-536.

C. Crepeau, A secure poker protocol that minimizes the effect of player coalitions, 73-86.

W. de Jonge, D. Chaum, Attacks on some RSA signatures, 18-27.

Y. Desmedt, Unconditionally secure authentication schemes and practical and theoretical consequences, 42-55.

Y. Desmedt, A M. Odlyzko, A chosen text attack on the RSA cryptosystem and some discrete logaritlun

schemes, 516-522.

W. Diffie, Security for the DoD transmission control protocol, 108-127.

T. ElGamal, On computing logarithms over finite fields, 396-402.

D. Estes, L.M. Adleman, K. Kompella, K.S. McCurley, G.L. Miller, Breaking the Ong-Sclmorr-Shamir

signature scheme for quadratic number fields, 3-13.

S. Even, O. Goldreich, A. Shamir. On the security of pins-pons protocols when implemented using the

RSA, 58-72.

J. Feigenbaum, Encrypting problem instances: Or... , can you take advantage of someone without having to trust him?, 477-488.

H. Fell, W. Diffie, Analysis of a public key approach based on polynomial substitution, 340-349.

Z. Galil, S. Haber, M. Yung, Symmetric public-key encryption, 128-137.

P. Godlewski, G.D. Cohen, Some cryptographic aspects of Womcodes, 458-467.

J.R. Gosler, Software protection: Myth or reality?, 140-157.

J. Hastad, On using RSA with low exponent in a public key network, 403-408.

W. Haemers, Access control at the Netherlands Postal and Telecommunications Sendees, 543-544.

A. Herzberg, S. Pinter, Pubhc protection of software, 158-179.

B. S. Kaliski Jr., R.L. Rivest, A.T. Sherman, Is DES a pure cipher? (Results of more cyclins experiments

on DES), 212-226.

M. Kochanski, Developing an RSA chip, 350-357.

M. Luby, C. Rackoff, How to construct pseudo-random permutations from pseudo-random functions, 447.

V.S. Miller, Use of elliptic cun'es in cryptography, 417-426.

T. E. Moore, S.E. Tavares, A layered approach to the design of private key cryptosystems, 227-245.

E. Okamoto, K. Nakamura, Lifetimes of keys in cryptographic key management systems, 246-259.

J.-J. Quisquater, Y. Desmedt, M. Davio, The importance of “good” key scheduling schemes (how to make a secure DES scheme with < 48 bit keys?), 537-542.

J.H. Reif, J.D. Tygar, Efficient parallel pseudo-random number generation, 433-446.

R. A. Rueppel, Correlation immunity and the summation generator, 260-272.

A. Shamir, On the security of DES, 280-281.

T. Siegenthaler, Design of combiners to prevent divide and conquer attacks, 273-279.

G. J. Simmons, A secure subliminal channel (?), 33-41.

N.M. Stephens, Lenstra’s factorisation method based on elliptic curves, 409-416.

J. van Tilburg, D.E. Boekee, Divergence bounds on key equivocation and error probability in cryptanalysis, 489-513.

V. Varadharajan, Trapdoor rings and their use in cryptography, 369-395.

A.F. Webster, S.E. Tavares, On the design of S-boxes, 523-534.

H. C. Williams, An M3 public-key encryption scheme, 358-368.

S. Wolfram, Cryptography with cellular automata, 429-432.

Advances in Cryptology - CRYPTO ’86. Springer-Verlag LNCS 263 (1987). Editor: A.M. Odlyzko.

P. Barrett, Implementing the Rivest Shamir and Adleman public key encryption algorithm on a standard digital signal processor, 311-323.

P. Beauchemin, G. Brassard, C. Crepeau, C. Goutier, Two observations on probabilistic primality testms, 443-450.

J.C. Benaloh, Cryptographic capsules: A disjunctive primitive for interactive protocols, 213-222.

J.C. Benaloh, Secret sharuig homomorphisms: Keeping shares of a secret secret, 251-260.

T. Beth, B.M. Cook, D. Gollmann, Architectures for exponentiation in GF(2n), 302-310.

G.R. Blakley, R.D. Dixon, Smallest possible message expansion hi threshold schemes, 266-274.

G. Brassard, C. Crepeau, Zero-knowledge simulation of Boolean circuits, 223-233.

G. Brassard, C. Crepeau, J.-M. Robert, All-or-nothing disclosure of secrets, 234-238.

E.F. Brickell, J.H. Moore, M.R. Purtill, Structure in the S-boxes of the DES, 3-8.

J.J. Cade, A modification of a broken public-key cipher, 64-83.

A.H. Chan, R.A. Games, On the lmear span of binary sequences obtained from finite geometries, 405^117.

D. Chaum, Demonstrating that a pubhc predicate can be satisfied without revealing any mformation about how, 195-199.

D. Chaum, J.-H. Evertse, A secure and privacy-protecting protocol for transmitting personal information between organizations, 118-167.

D. Chaum, J.-H. Evertse, J. van de Graaf, R. Peralta, Demonstrating possession of a discrete logaritlun without revealing it, 200-212.

C. Crepeau, A zero-knowledge poker protocol that achieves confidentiality of the players ’ strategy or how to achieve an electronic poker face, 239-247.

W. de Jonge, D. Chaum, Some variations on RSA signatures and their security, 49-59.

Y. Desmedt, Is there an ultimate use of cryptography ?, 459-463.

Y. Desmedt, J.-J. Quisquater, Public-key systems based on the difficulty of tampering (Is there a difference between DES and RSA?), 111-117.

A. Fiat, A. Shamir, How to prove yourself: Practical solutions to identification and signature problems,


O. Goldreich, Towards a theory of software protection, 426-439.

O. Goldreich, Two remarks concerning the Goldwasser-Micali-Rivest signature scheme, 104-110.

O. Goldreich, S. Micali, A. Wigderson, How to prove all NP statements in zero-knowledge, and a methodology of cryptographic protocol design, 171-185.

L.C. Guillou, M. Ugon, Smart card - a highly reliable and portable security device, 464-479.

R. Gyoery, J. Seberry, Electronic funds transfer point of sale in Australia, 347-377.

N.S. James, R. Lidl, H. Niederreiter, Breaking the Cade cipher, 60-63.

R. R. Jueneman, A high speed manipulation detection code, 327-346.

B. S. Kaliski Jr., A pseudo-random bit generator based on elliptic logaritlmis, 84-103.

S. M. Matyas, Pubhc-key registration, 451-458.

S. Micali, C. Rackoff, B. Sloan, The notion of security for probabilistic cryptosystems, 381-392.

J.H. Moore, G. J. Simmons, Cycle structure of the DES with weak and semi-weak keys, 9-32.

G.A. Orton, M.R Roy, RA. Scott, L.E. Peppard, S.E. Tavares, VLSI implementation of public-key encryption algorithms, 277-301.

G. Rankine, THOMAS - a complete single chip RSA device, 480-487.

T. R.N. Rao, K.-H. Nam, Private-key algebraic-coded cryptosystems, 35-48.

D.R. Stinson, Some constructions and bounds for authentication codes, 418-425.

M. Tompa, H. Woll, How to share a secret with cheaters, 261-265.

N. R. Wagner, P.S. Putter, M.R. Cain, Large-scale randomization techniques, 393-404.

Advances in Cryptology - CRYPTO ’87. Springer-Verlag LNCS 293 (1988). Editor: C. Pomerance.

C. M. Adams, H. Meijer, Security-related comments regarding McEliece's public-key ciyptosystem, 224-


P. Beauchemin, G. Brassard, A generalization of Heilman's extension of Shannon’s approach to cryptography, 461.

G.R. Blakley, W. Rundell, Cryptosystems based on an analog of heat flow, 306-329.

E.F. Brickell. D. Chaum, I.B. Damgard, J. van de Graaf, Gradual and verifiable release of a secret, 156— 166.

E. F. Brickell, PJ. Lee, Y. Yacobi, Secure audio teleconference, 418-426.

D. Chaum, C. Crepeau, I. Damgard, Multiparty unconditionally secure protocols, 462.

D. Chaum, I.B. Damgard, J. van de Graaf, Multipart}' computations ensuring privacy of each party’s input

and correctness of the result, 87-119.

C. Crepeau, Equivalence between two flavours of oblivious transfers, 350-354.

G.I. Davida, F.B. Danes, A crypto-engine, 257-268.

G.I. Davida, B.J. Matt, Arbitration in tamper proof systems (If DES « RSA then what’s the difference between true signature and arbitrated signature schemes?), 216-222.

A. De Santis, S. Micali, G. Persiano, Non-interactive zero-knowledge proof systems, 52-72.

J. M. DeLaurentis, Components and cycles of a random function, 231-242.

Y. Desmedt, Society and group oriented cryptography: A new concept, 120-127.

Y. Desmedt, C. Goutier, S. Bengio, Special uses and abuses of the Fiat-Shamir passport protocol, 21-39.

F. A. Feldman, Fast spectral tests for measuring nonrandomness and the DES, 243-254.

W. Fumy, On the F-function of FEAL, 434-437.

Z. Galil, S. Haber, M. Yung, Cryptographic computation: Secure fault-tolerant protocols and the pubhe-

key model, 135-155.

O. Goldreich, R. Vainish, How to solve any protocol problem - an efficient improvement, 73-86.

L. Guillou, J.-J. Quisquater, Efficient digital public-key signatures with shadow, 223.

M. P Herlihy, J.D. Tygar, How to make replicated data secure, 379-391.

R. Impagliazzo, M. Yung, Direct minimum-knowledge computations, 40-51.

R.A. Kennnerer, Analyzing encryption protocols using formal verification techniques, 289-305.

K. Koyama, K. Ohta, Identity-based conference key distribution systems, 175-184.

M. Luby, C. Rackoff, A study of password security, 392-397.

Y. Matias, A. Shamir, A video scrambling technique based on space filling curves. 398-417.

T. Matsumoto. H. Imai, On the key predistribution system: A practical solution to the key distribution problem, 185-193.

R.C. Merkle, A digital signature based on a conventional encryption function, 369-378.

J. H. Moore, Strong practical protocols, 167-172.

E. Okamoto, Key distribution systems based on identification information, 194-202.

K. Presttun, Integratmg cryptography m ISDN, 9-18.

W.L. Price, Standards for data security - a change of direction, 3-8.

J.-J. Quisquater, Secret distribution of keys for public-key systems, 203-208.

J.-J. Quisquater, J.-P. Delescaille, Other cychng tests for DES, 255-256.

T.R.N. Rao, On Struik-Tilburg cryptanalysis of Rao-Nam scheme, 458-460.

G.J. Simmons, An impersonation-proof identity verification scheme, 211-215.

G. J. Simmons, A natural taxonomy for digital information authentication schemes, 269-288.

D.R. Stinson, A construction for authentication/secrecy codes from certain combinatorial desisns, 355— 366.

D.R. Stinson, S.A. Vanstone, A combinatorial approach to threshold schemes, 330-339.

R. Struik, J. van Tilburg, The Rao-Nam scheme is insecure against a chosen-plamtext attack, 445-457.

H. Tanaka, A realization scheme for the identity-based cryptosystem, 340-349.

J. van de Graaf, R. Peralta, A simple and secure way to show the validity of your public key, 128-134.

Y. Yacobi, Attack on the Koyama-Ohta identity based key distribution scheme, 429-433.

K. C. Zeng, J.H. Yang, Z.T. Dai, Patterns of entropy drop of the key in an S-box of the DES, 438-444.

Advances in Cryptology - CRYPTO ’88. Springer-Verlag LNCS 403 (1990). Editor: S. Goldwasser.

M. Abadi, E. Allender, A. Broder, J. Feigenbaum, L.A Hemachandra, On generatmg solved distances of computational problems, 297-310.

L. M. Adleman, An abstract theorу of computer viruses, 354-374.

E. Bach, Intractable problems in number theory, 77-93.

M. Bellare, S. Micali, How to sign given any trapdoor function, 200-215.

M. Ben-Or, O. Goldreich, S. Goldwasser, J. Hastad, J. Kilian, S. Micali, P. Rogaway, Everything provable is provable in zero-knowledge, 37-56.

J. Benaloh, J. Leichter, Generalized secret sharing and monotone functions, 27-35.

M. Blum, P. Feldman, S. Micali, Proving security against chosen ciphertext attacks, 256-268.

J. Brandt, I.B. Damgard, P. Landrock, T. Pedersen, Zero-knowledge authentication scheme with secret key exchange, 583-588.

G. Brassard, I.B. Damgard, “Practical IP’’ С MA, 580-582.

E.F. Brickell, D.R. Stinson, The detection of cheaters in threshold schemes, 564-577.

D. Chaum, A. Fiat, M. Naor, Untraceable electronic cash, 319-327.

C. Crepeau, J. Kilian, Weakening security assumptions and oblivious transfer, 2-7.

I.B. Damgard, On the randonmess of Legendre and Jacobi sequences, 163-172.

I.B. Damgard, Payment systems and credential mechanisms with provable securiry against abuse by individuals, 328-335.

A. De Santis, S. Micali, G. Persiano, Non-interactive zero-knowledge with preprocessing, 269-282.

M. De Soete, Bounds and constructions for authentication-secrecy codes with splitting, 311-317.

B. den Boer, Difhe-Hellman is as strong as discrete log for certain primes, 530-539.

Y. Desmedt, Abuses in cryptography and how to light them, 375-389.

C. Dwork, L. Stockmeyer, Zero-knowledge with finite state verifiers, 71-75.

U. Feige, A. Shamir, M. Tennenholtz, The noisy oracle problem, 284-296.

R. Forre, The strict avalanche criterion: Spectral properties of Boolean functions and an extended definition, 450-468.

M. Girault, P. Toffin, B. Yallee, Computation of approximate L-th roots modulo n and application to cryptography, 100-117.

O. Goldreich, H. Krawczyk, M. Luby, On the existence of pseudorandom generators, 146-162.

O. Goldreich, E. Kushilevitz, A perfect zero-knowledge proof for a problem equivalent to discrete logarithm, 57-70.

L. C. Guillou, J.-J. Quisquater, A "paradoxical” identity-based signamre scheme resulting from zero-

knowledge, 216-231.

B.J. Herbison, Developing Ethernet enhanced-security system, 507-519.

M. -D.A. Huang, S.-H. Tens, A universal problem in secure and verifiable distributed computation, 336-


T. Hwang, T.R.N. Rao, Secret error-correcting codes (SECC), 540-563.

R. Impagliazzo, S. Rudich, Limits on the provable consequences of one-way permutations, 8-26.

N. Koblitz, A family of Jacobians suitable for discrete log cryptosystems, 94-99.

S. A. Kurtz, S.R. Mahaney, J.S. Royer, On the power of 1-way functions, 578-579.

R.T.C. Kwok, M. Beale, Aperiodic linear complexities of de Bruijn sequences, 479-482.

M. Lucks, A constraint satisfaction algorithm for the automated decryption of simple substitution ciphers, 132-144.

T. Matsumoto, K. Kato, H. Imai. Speedins up secret computations with insecure auxiliary devices, 497- 506.

S. Micali, C.P. Sclmorr, Efficient, perfect random number generators, 173-198.

S. Micali, A. Shamir, An improvement of the Fiat-Shanur identification and signature scheme, 244-247.

K. Ohta, T. Okamoto, A modification of the Fiat-Shanur scheme, 232-243.

C. Rackoff, A basic theory' of public and private cryptosystems, 249-255.

J.R. Sherwood, V.A. Gallo, The application of smart cards for RSA digital signatures in a network comprising both interactive and store-and-forwared facilities, 484-496.

G.J. Simmons, How to (really) share a secret, 390-448.

D. G. Steer, L. Strawczynski, W. Diffie, M. Wiener, A secure audio teleconference system, 520-528.

J. van Tilburg, On the McEliece public-key cryptosystem, 119-131.

K. Zeng, M. Huang, On the Unear syndrome method in cryptanalysis, 469-478.

Advances in Cryptology - CRYPTO ’89. Springer-Verlag LNCS 435 (1990). Editor: G. Brassard.

C. Adams, S. Tavares, Good S-boxes are easy to find, 612-615.

P. Barrett, R. Eisele, The smart diskette - a universal user token and personal crypto-engine, 74-79.

D. Beaver, Multiparty protocols tolerating half faulty processors, 560-572.

D. Beaver, S. Goldwasser, Multiparty computation with faulty majority, 589-590.

M. Bellare, L. Cowen, S. Goldwasser, On the structure of secret key exchange protocols, 604-605.

M. Bellare, S. Goldwasser, New paradigms for digital signatures and message authentication based on non- interactive zero knowledge proofs, 194-211.

M. Bellare, S. Micali, Non-mteractive oblivious transfer and apphcations, 547-557.

M. Ben-Or, S. Goldwasser, J. Kilian, A. Wigderson, Efficient identification schemes using two prover interactive proofs, 498-506.

A. Bender, G. Castagnoli, On the implementation of elliptic curve cryptosystems, 186-192.

J. Bos, M. Coster, Addition chain heuristics, 400-407.

J. Boyar, R. Peralta, On the concrete complexity of zero-knowledge proofs, 507-525.

R.L. Brand, Problems with the normal use of cryptography for providing security on unclassified networks. 30-34.

E. F. Brickell, A sur'ey of hardware implementations of RSA, 368-370.

E.F. Brickell, D.M. Davenport, On the classification of ideal secret sharing schemes, 278-285.

J.A. Buchmann, H.C. Williams, A key exchange system based on real quadratic fields, 335-343.

A. H. Chan, R.A. Games, On the quadratic spans of periodic sequences, 82-89.

D. Chaum, The Spymasters double-agent problem: Multiparty computations secure unconditionally from minorities and cryptographically from majorities, 591-602.

D. Chaum, H. van Antwerpen, Undemable signatures, 212-216.

G.C. Chick, S.E. Tavares, Flexible access control with master keys, 316-322.

B. Chor, E. Kushilevitz, Secret sharing over infinite domains, 299-306.

R. Cleve, Controlled gradual disclosure schemes for random bits and their applications, 573-588.

I.B. Damgard, A design principle for hash functions, 416-427.

I.B. Damgard, On the existence of bit commitment schemes and zero-knowledge proofs, 17-27.

M. De Soete, J.-J. Quisquater, K. Vedder, A signature with shared verification scheme, 253-262.

Y.G. Desmedt, Making conditionally secure cryptosystems unconditionally abuse-free in a general context, 6-16.

Y.G. Desmedt, Y. Frankel, Threshold cryptosystems, 307-315.

S. Even, O. Goldreich, S. Micali, On-lme/off-lme digital signatures, 263-275.

U. Feige, A. Shamir, Zero knowledge proofs of knowledge in two rounds, 526-544.

D.C. Feldmeier, PR. Kam, UNIX password security - ten years later, 44-63.

A. Fiat, Batch RSA, 175-185.

PA. Findlay, B.A. Johnson, Modular exponentiation using recursive sums of residues, 371-386.

O. Goldreich, H. Krawczyk, Sparse pseudorandom distributions, 113-127.

C. J.A. Jansen, D.E. Boekee, The shortest feedback shift resister that can senerate a siven sequence, 90-


D. Kahn, Keymg the German navy’s Enigma, 2-5.

J. Kilian, S. Micali, R. Ostrovsky, Minimum resource zero-knowledge proofs, 545-546.

J.T. Kohl, The use of encryption in Kerberos for network authentication, 35-43.

H. Krawczyk, How to predict congruential generators, 138-153.

C.-S. Laih, L. Ham, J.-Y. Lee, T. Hwang, Dynamic threshold scheme based on the definition of cross- product in an n-dimensional linear space, 286-298.

S.S. Magliveras, N.D. Memon, Properties of cryptosystem PGM, 447-460.

U.M. Maurer, J.L. Massey, Perfect local randomness in pseudo-random sequences, 100-112.

R.C. Merkle, A certified digital signature, 218-238.

R. C. Merkle, One way hash functions and DES, 428-446.

S. Miyaguchi, The FEAL - 8 cryptosystem and a call for attack, 624-627.

H. Morita, A fast modular-multiplication algoritlun based on a lugher radix, 387-399.

M. Naor, Bit commitment using pseudo-randomness, 128-136.

R. Nelson, J. Hermann, SDNS architecture and end-to-end encryption, 356-366.

T. Okamoto, K. Ohta, Disposable zero-knowledge authentications and their apphcations to untraceable

electronic cash, 481-496.

R. Ostrovsky, An efficient software protection scheme, 610-611.

B. Preneel, A. Bosselaers, R. Govaerts, J. Vandewalle, A chosen text attack on the modified cryptographic

checksum algoritlun of Cohen and Huang, 154-163.

W.L. Price, Progress in data security standardisation, 620-623.

J.-J. Quisquater, J.-P. Delescaille, How easy is colhsion search. New results and applications to DES, 408- 413.

J.-J. Quisquater, L. Guillou, T. Berson, How to explam zero-knowledge protocols to your children. 628- 631.

C. P. Schnorr, Efficient identification and signatures for smart cards, 239-252.

A. Shamir, An efficient identification scheme based on permuted kernels, 606-609.

J. M. Smith, Practical problems with a cryptographic protection scheme, 64-73.

M. Tatebayashi, N. Matsuzaki, D.B. Newman Jr., Key distribution protocol for digital mobile communication systems, 324-334.

S. R. White, Covert distributed processing with computer viruses, 616-619.

Y. Yacobi, Z. Shmuely, On key distribution systems, 344-355.

K. Zena, C.H. Yang, T.R.N. Rao, On the linear consistency test (LCT) in cryptanalysis with applications,


Y. Zheng, T. Matsumoto, H. Imai, On the construction of block ciphers provably secure and not relying on any unproved hypotheses, 461-480.

Advances in Cryptology - CRYPTO ’90. Springer-Verlag LNCS 537 (1991). Editors: A.J. Menezes and S.A. Vanstone.

D. Beaver, J. Feigenbaum, J. Kilian, P. Rogaway, Security with low communication overhead, 62-76.

D. Beaver, J. Feigenbaum, V. Shoup, Hiding instances in zero-knowledge proof systems, 326-338.

T. Beth, Y. Desmedt, Identification tokens - or: Solving the chess grandmaster problem, 169-176.

E. Biham, A. Shamir, Differential cryptanalysis of DES-like cryptosystems, 2-21.

J. Boyar, D. Chaum, I B. Damgard, T. Pedersen, Convertible undeniable signatures, 189-205.

G. Brassard, C. Crepeau, Quantum bit commitment and coin tossing protocols, 49-61.

G. Brassard, M. Yung, One-way group actions, 94-107.

E.F. Brickell, D.R. Stinson, Some improved bounds on the information rate of perfect secret sharing schemes, 242-252.

J. Buchmann, S. Diillmann, On the computation of discrete logaritluns m class groups, 134-139.

D. Chaum, S. Roijakkers, Unconditionally-secure digital signatures, 206-214.

C.-C. Chuang, J.G. Dunham, Matrix extensions of the RSA algoritlun, 140-155.

R. Cleve, Complexity theoretic issues concerning block ciphers related to D.E.S., 530-544.

T. W. Cusick, M.C. Wood, The REDOC П cryptosystem, 545-563.

A. De Santis, M. Yung, Cryptographic apphcations of the non-mteractive metaproof and many-prover sys

tems, 366-377.

D. de Waleffe, J.-J. Quisquater, CORSAIR: A smart card for pubhc key cryptosystems, 502-513.

Y. Desmedt, M. Yung, Arbitrated unconditionally secure authentication can be unconditionally protected agamst arbiter’s attacks, 177-188.

S. Even, Systolic modular multiplication, 619-624.

W. Fumy, M. Munzert, A modular approach to key distribution, 274-283.

H. Gilbert, G. Chasse, A statistical attack of the Feal-8 cryptosystem, 22-33.

S. Goldwasser, L. Levin, Fair computation of general functions in presence of umnoral majority, 77-93.

S. Haber, W.S. Stometta, How to time-stamp a digital document, 437-455.

J. Kilian, Achieving zero-knowledge robustly, 313-325.

J. Kilian, Interactive proofs with provable security against honest verifiers, 378-392.

K. Kim, T. Matsumoto, H. Imai, A recursive construction method of S-boxes satisfying strict avalanche

criterion, 564-574.

N. Koblitz, Constructing elliptic cunre cryptosystems in characteristic 2, 156-167.

K. Kompella, L. Adleman, Fast checkers for cryptography, 515-529.

K. Koyama, R. Terada, Nonlinear parity circuits and their cryptographic applications, 582-600.

K. Kurosawa, S. Tsujii, Multi-language zero knowledge interactive proof systems, 339-352.

B. A. LaMacchia, AM. Odlyzko, Computation of discrete logaritlmis in prime Gelds, 616-618.

B.A. LaMacchia, A M. Odlyzko, Solving large sparse linear systems over Gnite Gelds, 109-133.

D. Lapidot, A. Shamir, Publicly veriGable non-interactive zero-knowledge proofs, 353-365.

U. M. Maurer, A universal statistical test for random bit generators, 409-420.

J. L. Mclimes, B. Pinkas. On the impossibility of private key cryptography witii weakly random keys, 421—


R. C. Merkle, Fast software encryption functions, 476-501.

S. Micali, T. Rabin, Collective coin tossmg without assumptions nor broadcasting, 253-266.

S. Miyaguchi, The FEAL cipher family, 627-638.

T. Okamoto, K. Ohta, How to utilize the randonmess of zero-knowledge proofs, 456-475.

R.L. Rivest, Finding four million large random primes, 625-626.

R.L. Rivest, The MD4 message digest algorithm, 303-311.

A.W. Scluift, A. Shamir, On the universality of the next bit test, 394-408.

G.J. Simmons, Geometric shared secret and/or shared control schemes, 216-241.

O. Staffelbach, W. Meier, Cryptographic signiGcance of the carry for ciphers based on mteger addition,


P. van Oorschot, A comparison of practical pubhc-key cryptosystems based on integer factorization and

discrete logaritlmis, 576-581.

Y. Yacobi, Discrete-log with compressible exponents, 639-643.

Y. Yacobi, A key distribution'paradox’’, 268-273.

K. Zeng, C.H. Yang, T.R.N. Rao, An improved linear syndrome algoritlnn in cryptanalysis with apphca

tions, 34-47.

Y. Zheng, T. Matsumoto, H. Imai, SrnicruraJ properties of one-way hash functions, 285-302.

Advances in Cryptology - CRYPTO ’91. Springer-Verlag LNCS 576 (1992). Editor: J. Feigenbaum.

M. Abadi, M. Burrows, B. Lampson, G. Plotkin, A calculus for access control in distributed systems, 1- 23.

D. Beaver, EfGcient multiparty protocols using circuit randomization, 420-432.

D. Beaver, Foundations of secure interactive computing, 377-391.

C.H. Bennett, G. Brassard, C. Crepeau, M.-H. Skubiszewska, Practical quantum oblivious transfer, 351- 366.

E. Biham, A. Shamir. Differential cryptanalysis of Snefru. Khafre. REDOC-II. LOKI. and Lucifer, 156—


R. Bird, I. Gopal, A. Herzberg, P. Janson, S. Kutten, R. Molva, M. Yung, Systematic design of two-party authentication protocols, 44-61.

A. G. Broscius, J.M. Smith, Exploitmg parallelism in hardware implementation of the DES, 367-376.

P. Camion, C. Carlet, P. Charpin, N. Sendrier, On correlation-innnune functions, 86-100.

R. M. Capocelli, A. De Santis, L. Gargano, U. Vaccaro. On the size of shares for secret shanng schemes,


D. Chaum, E. van Heijst, B. Pfitzmann, Cryptographically strong undeniable signatures, unconditionally secure for the signer, 470-484.

Y.M. Chee. A. Joux, J. Stem, The cryptanalysis of a new public-key cryptosystem based on modular knapsacks, 204-212.

I. B. Damgard, Towards practical public key systems secure agamst chosen ciphertext attacks, 445-456.

B. den Boer, A. Bosselaers, An attack on the last two rounds of MD4, 194-203.

Y. Desmedt, Y. Frankel, Shared generation of authenticators and signatures, 457-469.

C. Dwork, On verification hi secret sharing, 114-128.

M J. Fischer, R.N. Wright, Multiparty secret key exchange using a random deal of cards, 141-155.

K.R. Iversen, A cryptographic scheme for computerized general elections, 405-419.

J. Kilian, R. Rubinfeld, Interactive proofs with space bounded pro vers, 225-231.

N. Koblitz, CM-Curves with good cryptographic properties, 279-287.

K. Koyama, U.M. Maurer, T. Okamoto, S.A. Vanstone, New pubhc-key schemes based on elhptic curves

over the ring Zn, 252-266.

D. Lapidot, A. Shamir, A one-round, two-prover, zero-knowledge protocol forNP, 213-224.

M. Luby, Pseudo-random generators from one-way functions, 300.

S. Micali, P. Rogaway, Secure computation, 392-404.

H. Morita, K. Ohta, S. Miyaguchi, A switching closure test to analyze cryptosystems, 183-193.

T. Okamoto, K. Ohta, Universal electronic cash, 324-337.

T. Okamoto, K. Sakurai, Efficient algorithms for the construction of hyperelhptic cryptosystems, 267-278. J. Patarin, New results on pseudorandom permutation generators based on the DES scheme, 301-312.

T.P. Pedersen, Non-mteractive and information-theoretic secure verifiable secret sharing, 129-140.

B. Pfitzmann, M. Waidner, How to break and repair a “provably secure” untraceable payment system, 338—


C. Rackoff, D.R. Simon, Non-interactive zero-knowledge proof of knowledge and chosen ciphertext at

tack, 433-444.

S. Rudich, The use of mteraction in public cryptosystems, 242-251.

D. R. Stinson, Combinatorial characterizations of authentication codes, 62-73.

D.R. Stinson, Universal hashing and authentication codes, 74-85.

A. Tardy-Corfdir, H. Gilbert, A known plamtext attack of FEAL-4 and FEAL-6, 172-182.

S.-H. Teng, Functional inversion and connnunication complexity, 232-241.

M.-J. Toussaint, Deriving the complete knowledge of participants in cryptographic protocols, 24-43.

S. Tsujii, J. Chao, A new Ю-based key sharhig system, 288-299.

C D. Walter, Faster modular multiplication by operand scahng, 313-323.

Advances in Cryptology - CRYPTO ’92. Springer-Verlag LNCS 740 (1993). Editor: E.F. Brickell.

T. Baritaud, M. Сатрапа, P. Chauvaud, H. Gilbert, On the security of the permuted kernel identification scheme, 305-311.

A. Beimel, B. Chor, Universally ideal secret sharing schemes, 183-195.

M. Bellare, O. Goldreich, On defining proofs of knowledge, 390-420.

M. Bellare, M. Yung, Certifying cryptographic tools: The case of trapdoor permutations, 442-460.

E. Biham, A. Shamir, Differential cryptanalysis of the full 16-round DES, 487-496.

B. Blakley, G.R. Blakley, A.H. Chan, J.L. Massey, Threshold schemes with disemollment, 540-548.

C. Blundo, A. De Santis, L. Gar°ano, U. Vaccaro, On the information rate of secret sharing schemes, 148—


C. Blundo, A. De Santis, A. Herzberg, S. Kutten, U. Vaccaro, M. Yung, Perfectly-secure key distribution for dynamic conferences, 471-486.

J.N.E. Bos, D. Chaum, Provably unforgeable signatures, 1-14.

J. Brandt, I. Damgard, On generation of probable primes by incremental search, 358-370.

K. W. Campbell, M.J. Wiener, DES is not a group, 512-520.

C. Carlet, Partially-bent functions, 280-291.

D. Chaum, T.P. Pedersen, Wallet databases with observers, 89-105.

C. Dwork, U. Feige, J. Kilian, M. Naor, M. Safra, Low communication 2-prover zero-knowledse proofs for NP, 215-227.

C. Dwork, M. Naor, Pricing via processing or combatting junk mail, 139-147.

H. Eberle, A high-speed DES implementation for network applications, 521-539.

M. Fellows, N. Koblitz, Kidkrypto, 371-389.

Y. Frankel, Y. Desmedt, M. Bunnester, Non-existence of homomorpluc general sharing schemes for some key spaces, 549-557.

S. Goldwasser. R. Ostrovsky, Invariant sisnatures and non-interactive zero-knowledse proofs are equivalent, 228-245.

D. M. Gordon, Designing and detecting trapdoors for discrete log cryptosystems, 66-75.

D.M. Gordon, K.S. McCurley, Massively parallel computations of discrete logaritluns, 312-323.

L. Ham, H.-Y. Lin, An/-span generalized secret sharing scheme, 558-565.

A. Herzberg, M. Luby, Public randomness in cryptography, 421-432.

R. Hirschfeld, Making electronic refunds safer, 106-112.

L. R. Knudsen, Iterative characteristics of DES and s2-DES, 497-511.

K. Koyama, Y. Tsuruoka, Speedins up elliptic cryptosystems by usins a sisned binary' window method. 345-357.

U.M. Maurer, Protocols for secret key agreement by public discussion based on common information. 461—470.

W. Meier, O. Staffelbach, Efficient multiplication on certain nonsupersingular elliptic curves, 333-344.

S. Micali, Fair public-key cryptosystems, 113-138.

M. Naor, R. Ostrovsky, R. Venkatesan, M. Yung, Perfect zero-knowledge arguments for NP can be based

on general complexity assumptions, 196-214.

K. Nyberg, L.R. Knudsen, Provable security against differential cryptanalysis, 566-574.

T. Okamoto, Provably secure and practical identification schemes and correspondhis signature schemes,


T. Okamoto, A. Fujioka, E. Fujisaki, An efficient digital signature scheme based on an elliptic cunre over the ring Zn, 54-65.

R. Peralta, A quadratic sieve on the n-dimensional cube, 324-332.

A. Russell, Necessary and sufficient conditions for collision-free hashing, 433-441.

K. Sakurai, T. Itoh, On the discrepancy between serial and parallel of zero-knowledge protocols, 246-259.

M. Sivabalan, S. Tavares, L.E. Peppard, On the design of SP networks from an information theoretic point of view, 260-279.

M E. Smid, D.K. Branstad, Response to comments on the NIST proposed disital signature standard, 76-


D. R. Stinson, New general lower bounds on the information rate of secret sharing schemes, 168-182.

E. van Heijst, T.P. Pedersen. B. Pfitzmann, New constructions of fail-stop sisnatures and lower bounds.


S. Vaudenay, FFT-Hash-II is not yet collision-free, 587-593.

PC. Wayner, Content-addressable search engines and DES-like systems, 575-586.

Y. Zheng, J. Seberry, Practical approaches to attaining security asainst adaptively chosen ciphertext attacks, 292-304.

Advances in Cryptology - CRYPTO ’93. Springer-Verlag LNCS 773 (1994).

Editor: D.R. Stinson.

L. M. Adleman, J. DeMarrais, A subexponential alsoritlun for discrete losaritlnns over all finite fields,


Y. Aumann, U. Feige, One message proof systems with known space verifiers, 85-99.

A. Beimel, B. Chor, Interaction in key distribution schemes, 444-455.

M. Bellare, P. Rogaway, Entity authentication and key distribution, 232-249.

I. Ben-Aroya, E. Biham, Differential cyptanalysis of Lucifer, 187-199.

J. Bierbrauer, T. Johansson, G. Kabatianskii, B. Smeets, On families of hash functions via geometric codes

and concatenation, 331-342.

A. Blum. M. Furst, M. Kearns, R.J. Lipton. Cryptographic primitives based on hard learning problems. 278-291.

C. Blundo, A. Cresti, A. De Santis, U. Vaccaro, Fully dynamic secret sharing schemes, 110-125.

A. Bosselaers, R. Govaerts, J. Vandewalle, Comparison of three modular reduction functions, 175-186.

S. Brands, Untraceable off-line cash in wallets with observers, 302-318.

J. Buchmann, J. Loho, J. Zayer, An implementation of the general number field sieve, 159-165.

D. Coppersmith, H. Krawczyk, Y. Mansour, The shrinking generator, 22-39.

D. Coppersmith, J. Stem, S. Vaudenay, Attacks on the birationalpermutation signature schemes, 435-443. C. Crepeau, J. Kilian, Discreet sohtary games, 319-330.

J. Daemen, R. Govaerts, J. Vandewalle, Weak keys for IDEA, 224-231.

I.B. Damgard, Interactive hashing can simplify zero-knowledge protocol design without computational assumptions, 100-109.

I. B. Damgard, T.P. Pedersen, B. Pfitzmann, On the existence of statistically hiding bit conmhtment sch

emes and fail-stop signatures, 250-265.

A. De Santis, G. Di Crescenzo, G. Persiano, Secret sharing and perfect zero knowledge, 73-84.

T. Denny, B. Dodson, A.K. Lenstra, M.S. Manasse, On the factorization ofRSA-120, 166-174.

N. Ferguson, Extensions of single-term coins, 292-301.

A. Fiat, M. Naor, Broadcast encryption, 480-491.

M. Franklin, S. Haber, Joint encryption and message-efficient secure computation, 266-277.

P. Gemmell, M. Naor, Codes for interactive authentication, 355-367.

W. Hohl, X. Lai, T. Meier, C. Waldvogel, Security of iterated hash functions based on block ciphers. 379- 390.

T. Itoh, M. Hoshi, S. Tsujii, A low communication competitive interactive proof system for promised quadratic residuosity, 61-72.

W.-A. Jackson, K.M. Martin, C.M. O'Keefe, Multisecret threshold schemes, 126-135.

T. Johansson, On the construction of perfect authentication codes that permit arbitration, 343-354.

H. Krawczyk, Secret sharing made short, 136-146.

T. Leighton, S. Micali, Secret-key agreement without public-key cryptography, 456-479.

C.-M. Li, T. Hwang, N.-Y. Lee, Remark on the threshold RSA signature scheme, 413-419.

C.H. Lint. P.J. Lee, Another method for attaining security asainst adaptively chosen ciphertext attacks, 420-434.

L. O’Connor, On the distribution of characteristics in composite permutations, 403-412.

K. Ohta, M. Matsui, Differential attack on message authentication codes, 200-211.

J. Patarin, P. Chauvaud, Improved algoritlnns for the permuted kernel problem, 391-402.

B. Preneel, R. Govaerts, J. Vandewalle, Hash functions based on block ciphers: A synthetic approach.


B. Preneel, M. Nuttin, V. Rijmen, J. Buelens, Cryptanalysis of the CFB mode of the DES with a reduced number of rounds, 212-223.

J. Seberry, X.-M. Zhang, Y. Zheng, Nonlinearly balanced Boolean functions and their propagation characteristics, 49-60.

A. Shamir, Efficient signature schemes based on birational permutations, 1-12.

J. Stem, A new identification scheme based on syndrome decoding, 13-21.

R. Taylor, An mtegrity check value algorithm for stream ciphers, 40-48.

Advances in Cryptology - CRYPTO ’94. Springer-Verlag LNCS 839 (1994).

Editor: Y.G. Desmedt.

M. Bellare. 0. Goldreich, S. Goldwasser, Incremental cryptography: The case of hashing and signing, 216-233.

M. Bellare, J. Kilian, P. Rogaway, The security of cipher block chaining, 341-358.

T. Beth, D.E. Lazic, A. Mathias, Cryptanalysis of cryptosystems based on remote chaos rephcation, 318— 331.

I. Biehl, J. Buchmann, C. Thiel, Cryptographic protocols based on discrete logarithms in real-quadratic or

ders, 56-60.

J. Bierbrauer, K. Gopalakrishnan, D.R. Stinson, Bounds for resilient functions and orthogonal arrays,


D. Bleichenbacher, U.M. Maurer, Directed acychc graphs, one-way functions and digital signatures, 75- 82.

C. Blundo, A. De Santis, G. Di Crescenzo, A.G. Gassia, U. Vaccaro, Multi-secret sharing schemes, ISO-


M. Burmester, On the risk of opening distributed keys, 308-317.

R. Canetti, A. Herzberg, Maintaining security in the presence of transient faults, 425-438.

J. Chao, K. Tanada, S. Tsujii, Design of elliptic curves with controllable lower boundary' of extension de

gree for reduction attacks, 50-55.

B. Chor, A. Fiat, M. Naor, Tracing traitors, 257-270.

D. Coppersmith, Attack on the cryptographic scheme NIKS-TAS, 294-307.

R. Cramer, I. Damgard, B. Schoemnakers, Proofs of partial knowledge and simplified design of witness

hiding protocols, 174-187.

D. Davis, R. Ihaka, P. Fenstennacher. Cryptographic randonmess from air turbulence in disk drives, 114—


O. Delos, J.-J. Quisquater, An identity-based signature scheme with bounded life-span, 83-94.

C. Dwork, M. Naor, An efficient existentially uirforgeable signamre scheme and its applications, 234-246.

C. Gehrmann, Cryptanalysis of the Gemmell and Naor multiround authentication protocol, 121-128.

H. Gilbert, P. Chauvaud, A chosen plaintext attack of the 16-round Khufu cryptosystem, 359-368.

M. Girault, J. Stem, On the length of cryptographic hash-values used in identification schemes, 202-215. T. Horvath, S.S. Masliveras, T. van Trans, A parallel permutation multiplier for a PGM crypto-chip. 108— 113.

T. Itoh, Y. Ohta, H. Shizuya, Language dependent secure bit commitment, 188-201.

B. S. Kaliski Jr., M.J.B. Robshaw, Linear cryptanalysis using multiple approximations, 26-39.

H. Krawczyk, LFSR-based hashing and authentication, 129-139.

K. Kurosawa, New bound on authentication code with arbitration, 140-149.

E. Kushilevitz, A. Rosen, A randomness-rounds tradeoff hi private computation, 397-410.

S. K. Langford, M.E. Heilman, Differential-linear cryptanalysis, 17-25.

C. H. Lim, P.J. Lee, More flexible exponentiation with precomputation, 95-107.

J. L. Massey, S. Serconek, A Fourier transform approach to the lmear complexity of nonlinearly filtered se

quences, 332-340.

M. Matsui, Die first experimental cryptanalysis of the Data Encryption Standard, 1-11.

U. M. Maurer, Towards the equivalence of breaking the Diffie-Heilman protocol and computing discrete

logarithms, 271-281.

P. Miliailescu, Fast generation of provable primes using search in aritlunetic progressions, 282-293.

K. Ohta, K. Aoki, Linear cryptanalysis of the Fast Data Encipherment Algorithm, 12-16.

T. Okamoto, Designated confirmer signatures and public-key encryption are equivalent, 61-74.

K. Sako, J. Kilian, Secure vothig ushig partially compatible homomorphisms, 411-424.

J. Seberry, X.-M. Zhang, Y. Zheng, Pitfalls in designing substitution boxes, 383-396.

J. Stem, Designing identification schemes with keys of short size, 164-173.

J.-P. Tillich, G. Zemor, Hashing with SL-г, 40-49.

Y. Tsunoo, E. Okamoto, T. Uyematsu, Ciphertext only attack for one-way function of the MAP using one ciphertext, 369-382.

Advances in Cryptology - CRYPTO ’95. Springer-Verlag LNCS 963 (1995).

Editor: D. Coppersmith.

R. Anderson, R. Needham, Robustness principles for public key protocols, 236-247.

D. Beaver, Precomputing oblivous transfer, 97-109.

P. Beguin, J.-J. Quisquater, Fast server-aided RSA signatures secure against active attacks, 57-69.

A. Beimel, B. Chor, Secret sharing with pubhc reconstruction, 353-366.

M. Bellare, R. Guerin, P. Rogaway, XOR MACs: New methods for message authentication using finite pseudorandom functions, 15-28.

G.R. Blakley, G.A. Kabatianskii, On general perfect secret sharing schemes, 367-371.

D. Bleichenbacher, W. Bosma, A.K. Lenstra, Some remarks on Lucas-based cryptosystems, 386-396.

D. Boneh, R.J. Lipton, Quantum cryptanalysis of hidden linear functions, 424-437.

D. Boneh, J. Shaw, Collusion-secure Gngerpruiting for digital data, 452-465.

R. Cramer, I. Damgard, Secure signature schemes based on interactive protocols, 297-310.

C. Crepeau, J. van de Graaf, A. Tapp, Committed oblivious transfer and private multi-party computation, 110-123.

I. Damgard, O. Goldreich, T. Okamoto, A. Wigderson, Honest verifier vs. dishonest verifier in public coin

zero-knowledge proofs, 325-338.

B. Dodson, A.K. Lenstra, NFS with four large primes: An explosive experiment, 372-385.

Y. Frankel, M. Yung, Cryptanalysis of the inunuiuzed LL public key systems, 287-296.

Y. Frankel, M. Yung, Escrow encryption systems visited: Attacks, analysis and designs, 222-235.

S. Halevi, Efficient conmntment schemes with bounded sender and unbounded receiver, 84-96.

A. Herzberg, S. Jarecki, H. Krawczyk, M. Yung, Proactive secret sharing or: How to cope with perpetual

leakage, 339-352.

B. S. Kaliski Jr., Y.L. Yin, On differential and linear cryptanalysis of the RC5 encryption alsoritlun, 171—


J. Kilian, Improved efficient arguments, 311-324.

J. Kilian, T. Leighton, Fair cryptosystems, revisited: A rigorous approach to key-escrow, 208-221.

A. Klapper, M. Goresky, Cryptanalysis based on 2-adic rational approximation, 262-273.

L.R. Knudsen, A key-schedule weakness in SAFER K-64, 274-286.

K. Kurosawa, S. Obana. W. Ogata, t-cheater identifiable (к. n) threshold secret sharuis schemes, 410-


S.K. Langford, Threshold DSS signatures without a trusted party, 397-409.

A. K. Lenstra, P. Winkler, Y. Yacobi, A key escrow system with warrant bounds, 197-207.

C. H. Lim, P. J. Lee, Security and performance of server-aided RSA computation protocols, 70-83.

D. Mayers, On the security of the quantum obhvious transfer and key distribution protocols, 124-135.

S. Micali, R. Sidney, A simple method for generating and sharing pseudo-random functions, with applica

tions to Clipper-like key escrow systems, 185-196.

K. Ohta, S. Moriai, K. Aoki, Improving the search algoritlun for the best linear expression, 157-170.

T. Okamoto, An efficient divisible electronic cash scheme, 438-451.

S. -J. Park, S.-J. Lee, S.-C. Goh, On the security of the Gollmaim cascades, 148-156.

J. Patarin, Cryptanalysis of the Matsumoto and Imai public key scheme of Eurocrypt ’88, 248-261.

B. Preneel, P. van Oorschot, MDx-MAC and building fast MACs from hash functions, 1-14.

P. Rogaway, Bucket hashing and its application to fast message authentication, 29-42.

R. Schroeppel, H. Orman, S. O’Malley, O. Spatscheck, Fast key exchanse with elliptic curve systems, 43-56.

T. Theobald, How to break Shamir’s asymmetric basis, 136-147.

Advances in Cryptology - CRYPTO ’96. Springer-Verlag LNCS 1109 (1996).

Editor: N. Koblitz.

M. Atici, D. Stinson, Universal hashing and multiple authentication, 16-30.

M. Bellare, R. Canetti, H. Krawczyk, Keying hash functions for message authenticaion, 1-15.

C. Blundo, L. Mattos, D. Stinson, Trade-offs between communication and storage in unconditionally se

cure schemes for broadcast encryption and interactive key distribution, 388-401.

D. Boneh, R. Lipton, Algoritluns for black-box fields and their application to cryptography, 283-297.

D. Boneh, R. Venkatesan, Hardness of computing the most significant bits of secret keys in Diffie-Helhnan and related schemes, 129-142.

A. Bosselaers, R. Govaerts, J. Vandewalle, Fasthaslung on the Pentium, 298-312.

P. Camion, A. Canteaut, Generahzation of Siegenthaler inequality and Schnorr-Vaudenay multipermutations, 373-387.

R. Cramer, I. Damgard, New generation of secure and practical RSA-based signatures, 173-185.

S. Droste, New results on visual cryptography, 402-416.

R. Gennaro, S. Jarecki, H. Krawczyk, T. Rabin, Robust and efficient sharing of RSA functions, 157-172.

S. Halevi, S. Micali. Practical and provably-secure commitment schemes from collision-free hashing,


T. Helleseth, T. Johansson, Universal hash functions from exponential sums over finite fields and Galois

rings, 31-44.

R. Hughes, G. Luther, G. Morgan, C. Peterson, C. Simmons, Quantum cryptography over underground

optical fibers, 329-343.

M. Jakobsson. M. Yung, Provins without knowing: On oblivious, aenostic and blindfolded provers, 186— 200.

J. Kelsey, B. Schneier, D. Wagner, Key-schedule cryptanalysis of ЮЕА, G-DES, GOST. SAFER, and Triple-DES, 237-251.

J. Kilian, P. Rogaway, How to protect DES agamst exhaustive key search, 252-267.

L. Knudsen, W. Meier, Improved differential attacks on RC5, 216-228.

P. Kocher, Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems, 104-113.

S. Langford, Weaknesses in some threshold cryptosystems, 74-82.

J. Massey, S. Serconek, Linear complexity of periodic sequences: A general theory', 359-372.

U. Maurer, S. Wolf, Diffie-Hellman oracles, 268-282.

D. Mayers, Quantum key distribution and string oblivious transfer in noisy channels, 344-358.

M. Naslund, All bits in ax + b mod p are hard, 114-128.

J. Patarin, Asymmetric cryptography with a hidden monomial, 45-60.

C. Schnorr, Security of 21 -root identification and signatures, 143-156.

V. Shoup, On fast and provably secure message authentication basedon universal hashing, 313-328.

D. Simon, Anonymous communication and anonymous cash, 61-73.

P. van Oorschot, M. Wiener, Improving implementable meet-in-the-middle attacks by orders of magnitude, 229-236.

S. Vaudenay, Hidden collisions on DSS, 83-88.

A. Young, M. Yung, The dark side of ‘black-box’ cryptography, or: Why should we trust Capstone?, 89- ЮЗ.

< Prev   CONTENTS   Source   Next >