Lecture Notes on Cryptography

[1]  Jacques Stern,et al.  RSA-OAEP Is Secure under the RSA Assumption , 2001, Journal of Cryptology.

[2]  Vincent Rijmen,et al.  The Design of Rijndael , 2002, Information Security and Cryptography.

[3]  Victor Shoup,et al.  OAEP Reconsidered , 2001, CRYPTO.

[4]  Mihir Bellare,et al.  The Security of the Cipher Block Chaining Message Authentication Code , 2000, J. Comput. Syst. Sci..

[5]  Ronald Cramer,et al.  Signature schemes based on the strong RSA assumption , 2000, TSEC.

[6]  John Erik Mathiassen,et al.  A Chosen-Plaintext Linear Attack on DES , 2000, FSE.

[7]  Claus-Peter Schnorr,et al.  Stronger Security Proofs for RSA and Rabin Bits , 1997, Journal of Cryptology.

[8]  Hugo Krawczyk,et al.  Robust and Efficient Sharing of RSA Functions , 2000, Journal of Cryptology.

[9]  Hugo Krawczyk,et al.  UMAC: Fast and Secure Message Authentication , 1999, CRYPTO.

[10]  Daniel J. Bernstein,et al.  How to Stretch Random Functions: The Security of Protected Counter Sums , 1999, Journal of Cryptology.

[11]  Shai Halevi,et al.  Secure Hash-and-Sign Signatures Without the Random Oracle , 1999, EUROCRYPT.

[12]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[13]  Phillip Rogaway,et al.  Bucket Hashing and Its Application to Fast Message Authentication , 1995, Journal of Cryptology.

[14]  Mihir Bellare,et al.  Relations among Notions of Security for Public-Key Encryption Schemes , 1998, IACR Cryptol. ePrint Arch..

[15]  Daniel Bleichenbacher,et al.  Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1 , 1998, CRYPTO.

[16]  Moni Naor,et al.  An Efficient Existentially Unforgeable Signature Scheme and Its Applications , 1994, Journal of Cryptology.

[17]  Kenneth J. Giuliani Factoring Polynomials with Rational Coeecients , 1998 .

[18]  Moni Naor,et al.  Number-theoretic constructions of efficient pseudo-random functions , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[19]  Mihir Bellare,et al.  Collision-Resistant Hashing: Towards Making UOWHFs Practical , 1997, CRYPTO.

[20]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[21]  Mihir Bellare,et al.  A concrete security treatment of symmet-ric encryption: Analysis of the DES modes of operation , 1997, FOCS 1997.

[22]  Rafail Ostrovsky,et al.  Deniable Encryption , 1997, IACR Cryptol. ePrint Arch..

[23]  Ran Canetti,et al.  Incoercible multiparty computation , 1996, Proceedings of 37th Conference on Foundations of Computer Science.

[24]  Hugo Krawczyk,et al.  Pseudorandom functions revisited: the cascade construction and its concrete security , 1996, Proceedings of 37th Conference on Foundations of Computer Science.

[25]  Dan Boneh,et al.  Hardness of Computing the Most Significant Bits of Secret Keys in Diffie-Hellman and Related Schemes , 1996, CRYPTO.

[26]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[27]  Moti Yung,et al.  Witness-based cryptographic program checking and robust function sharing , 1996, STOC '96.

[28]  Bart Preneel,et al.  On the Security of Two MAC Algorithms , 1996, EUROCRYPT.

[29]  Matthew K. Franklin,et al.  Low-Exponent RSA with Related Messages , 1996, EUROCRYPT.

[30]  Matthew K. Franklin,et al.  Multi-Autority Secret-Ballot Elections with Linear Work , 1996, EUROCRYPT.

[31]  Mihir Bellare,et al.  The Exact Security of Digital Signatures - HOw to Sign with RSA and Rabin , 1996, EUROCRYPT.

[32]  Hugo Krawczyk,et al.  Robust Threshold DSS Signatures , 1996, Inf. Comput..

[33]  Hugo Krawczyk,et al.  SKEME: a versatile secure key exchange mechanism for Internet , 1996, Proceedings of Internet Society Symposium on Network and Distributed Systems Security.

[34]  Stanislav,et al.  Robust and E cient Sharing of RSA FunctionsRosario , 1996 .

[35]  Moni Naor,et al.  Synthesizers and their application to the parallel construction of pseudo-random functions , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[36]  Joseph D. Touch,et al.  Performance analysis of MD5 , 1995, SIGCOMM '95.

[37]  Bart Preneel,et al.  MDx-MAC and Building Fast MACs from Hash Functions , 1995, CRYPTO.

[38]  Mihir Bellare,et al.  XOR MACs: New Methods for Message Authentication Using Finite Pseudorandom Functions , 1995, CRYPTO.

[39]  Mihir Bellare,et al.  Provably secure session key distribution: the three party case , 1995, STOC '95.

[40]  Kazue Sako,et al.  Receipt-Free Mix-Type Voting Scheme - A Practical Solution to the Implementation of a Voting Booth , 1995, EUROCRYPT.

[41]  Paul C. van Oorschot,et al.  Parallel collision search with application to hash functions and discrete logarithms , 1994, CCS '94.

[42]  William Stallings Network and Internetwork Security: Principles and Practice , 1994 .

[43]  L. Harn Group-oriented (t, n) threshold digital signature scheme and digital multisignature , 1994 .

[44]  Mihir Bellare,et al.  Incremental Cryptography: The Case of Hashing and Signing , 1994, CRYPTO.

[45]  Mihir Bellare,et al.  The Security of Cipher Block Chaining , 1994, CRYPTO.

[46]  Ueli Maurer,et al.  Towards the Equivalence of Breaking the Diffie-Hellman Protocol and Computing Discrete Logarithms , 1994, CRYPTO.

[47]  Moti Yung,et al.  How to share a function securely , 1994, STOC '94.

[48]  Mihir Bellare,et al.  Optimal Asymmetric Encryption , 1994, EUROCRYPT.

[49]  Josh Benaloh,et al.  Receipt-Free Secret-Ballot Elections , 1994, STOC 1994.

[50]  Yvo Desmedt,et al.  Threshold cryptography , 1994, Eur. Trans. Telecommun..

[51]  Matthew J. Weiner,et al.  Efficient DES Key Search , 1994 .

[52]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[53]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[54]  Adi Shamir,et al.  The Discrete Logarithm Modulo a Composite Hides O(n) Bits , 1993, J. Comput. Syst. Sci..

[55]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[56]  H. Imai,et al.  Efficient and secure multiparty generation of digital signatures based on discrete logarithms , 1993 .

[57]  David M. Balenson,et al.  Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers , 1993, RFC.

[58]  Paul C. van Oorschot,et al.  Authentication and authenticated key exchanges , 1992, Des. Codes Cryptogr..

[59]  Gene Tsudik,et al.  Message authentication with one-way hash functions , 1992, [Proceedings] IEEE INFOCOM '92: The Conference on Computer Communications.

[60]  Silvio Micali,et al.  How to sign given any trapdoor permutation , 1992, JACM.

[61]  Manuel Blum,et al.  Noninteractive Zero-Knowledge , 1991, SIAM J. Comput..

[62]  Bruce Schneier One-way hash functions , 1991 .

[63]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[64]  Donald Beaver,et al.  Efficient Multiparty Protocols Using Circuit Randomization , 1991, CRYPTO.

[65]  Yvo Desmedt,et al.  Shared Generation of Authenticators and Signatures (Extended Abstract) , 1991, CRYPTO.

[66]  Moti Yung,et al.  Systematic Design of Two-Party Authentication Protocols , 1991, CRYPTO.

[67]  Torben P. Pedersen Distributed Provers with Applications to Undeniable Signatures , 1991, EUROCRYPT.

[68]  Leonard M. Adleman,et al.  Factoring numbers using singular integers , 1991, STOC '91.

[69]  Moni Naor,et al.  Non-malleable cryptography , 1991, STOC '91.

[70]  Xuejia Lai,et al.  A Proposal for a New Block Encryption Standard , 1991, EUROCRYPT.

[71]  Arjen K. Lenstra,et al.  Algorithms in Number Theory , 1991, Handbook of Theoretical Computer Science, Volume A: Algorithms and Complexity.

[72]  Ronald L. Rivest,et al.  The MD4 Message-Digest Algorithm , 1990, RFC.

[73]  Jean-Jacques Quisquater,et al.  Precautions Taken Against Various Potential Attacks in ISO/IEC DIS 9796 "Digital Signature Scheme Giving Message Recovery" , 1990, EUROCRYPT.

[74]  John Rompel,et al.  One-way functions are necessary and sufficient for secure signatures , 1990, STOC '90.

[75]  Johan Håstad,et al.  Pseudo-random generators under uniform assumptions , 1990, STOC '90.

[76]  Moni Naor,et al.  Public-key cryptosystems provably secure against chosen ciphertext attacks , 1990, STOC '90.

[77]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[78]  Russell Impagliazzo,et al.  One-way functions are essential for complexity based cryptography , 1989, 30th Annual Symposium on Foundations of Computer Science.

[79]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[80]  John Linn,et al.  Privacy enhancement for Internet electronic mail: Part III - algorithms, modes, and identifiers , 1989, RFC.

[81]  Ralph C. Merkle,et al.  One Way Hash Functions and DES , 1989, CRYPTO.

[82]  Ivan Damgård,et al.  A Design Principle for Hash Functions , 1989, CRYPTO.

[83]  Leonid A. Levin,et al.  A hard-core predicate for all one-way functions , 1989, STOC '89.

[84]  Moni Naor,et al.  Universal one-way hash functions and their cryptographic applications , 1989, STOC '89.

[85]  Leonid A. Levin,et al.  Pseudo-random generation from one-way functions , 1989, STOC '89.

[86]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[87]  Amos Fiat,et al.  Untraceable Electronic Cash , 1990, CRYPTO.

[88]  Silvio Micali,et al.  How to sign given any trapdoor function , 1988, STOC '88.

[89]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[90]  Alan M. Frieze,et al.  Reconstructing Truncated Integer Variables Satisfying Linear Congruences , 1988, SIAM J. Comput..

[91]  Oded Goldreich,et al.  RSA and Rabin Functions: Certain Parts are as Hard as the Whole , 1988, SIAM J. Comput..

[92]  Michael Luby,et al.  How to Construct Pseudo-Random Permutations from Pseudo-Random Functions (Abstract) , 1986, CRYPTO.

[93]  Eric Bach,et al.  How to Generate Factored Random Numbers , 1988, SIAM J. Comput..

[94]  Avi Wigderson,et al.  The Discrete Logarithm Hides O(log n) Bits , 1988, SIAM J. Comput..

[95]  Johan Håstad,et al.  Solving Simultaneous Modular Equations of Low Degree , 1988, SIAM J. Comput..

[96]  Burton S. Kaliski,et al.  Elliptic curves and cryptography: a pseudorandom bit generator and other tools , 1988 .

[97]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[98]  B. Clifford Neuman,et al.  Kerberos: An Authentication Service for Open Network Systems , 1988, USENIX Winter.

[99]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[100]  Joe Kilian,et al.  Founding crytpography on oblivious transfer , 1988, STOC '88.

[101]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[102]  Leonard M. Adleman,et al.  Recognizing primes in random polynomial time , 1987, STOC.

[103]  Josh Benaloh Verifiable secret-ballot elections , 1987 .

[104]  Josh Benaloh,et al.  Secret Sharing Homomorphisms: Keeping Shares of A Secret Sharing , 1986, CRYPTO.

[105]  Roger M. Needham,et al.  Authentication revisited , 1987, OPSR.

[106]  Robert D. Silverman The multiple polynomial quadratic sieve , 1987 .

[107]  H. W. Lenstra,et al.  Factoring integers with elliptic curves , 1987 .

[108]  Joe Kilian,et al.  Almost all primes can be quickly certified , 1986, STOC '86.

[109]  Silvio Micali,et al.  Proofs that yield nothing but their validity and a methodology of cryptographic protocol design , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[110]  Josh Benaloh,et al.  Secret Sharing Homomorphisms: Keeping Shares of A Secret Sharing , 1986, CRYPTO.

[111]  Silvio Micali,et al.  The Notion of Security for Probabilistic Cryptosystems , 1986, CRYPTO.

[112]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[113]  Manuel Blum,et al.  A Simple Unpredictable Pseudo-Random Number Generator , 1986, SIAM J. Comput..

[114]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[115]  Oded Goldreich,et al.  Two Remarks Concerning the Goldwasser-Micali-Rivest Signature Scheme , 1986, CRYPTO.

[116]  Burton S. Kaliski,et al.  A Pseudo-Random Bit Generator Based on Elliptic Logarithms , 1986, CRYPTO.

[117]  Gilles Brassard,et al.  Zero-Knowledge Simulation of Boolean Circuits , 1986, CRYPTO.

[118]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[119]  Umesh V. Vazirani Towards a strong communication complexity theory or generating quasi-random sequences from two communicating slightly-random sources , 1985, STOC '85.

[120]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[121]  Oded Goldreich,et al.  Unbiased bits from sources of weak randomness and probabilistic communication complexity , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[122]  Baruch Awerbuch,et al.  Verifiable secret sharing and achieving simultaneity in the presence of faults , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[123]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[124]  R. Schoof Elliptic Curves Over Finite Fields and the Computation of Square Roots mod p , 1985 .

[125]  Shafi Goldmer An Eflcient Probabilistic Public-Key Encryption Scheme Which Hides All Partial Information , 1985 .

[126]  Andrew M. Odlyzko,et al.  Discrete Logarithms in Finite Fields and Their Cryptographic Significance , 1985, EUROCRYPT.

[127]  Richard Berger,et al.  A Provably Secure Oblivious Transfer Protocol , 1985, EUROCRYPT.

[128]  Manuel Blum,et al.  An Efficient Probabilistic Public-Key Encryption Scheme Which Hides All Partial Information , 1985, CRYPTO.

[129]  Don Coppersmith Evaluating logarithms in GF(2n) , 1984, STOC '84.

[130]  László Lovász,et al.  Polynomial factorization and nonrandomness of bits of algebraic and some transcendental numbers , 1984, STOC '84.

[131]  Miklos Santha,et al.  Generating Quasi-Random Sequences from Slightly-Random Sources (Extended Abstract) , 1984, FOCS.

[132]  Manuel Blum,et al.  Independent unbiased coin flips from a correlated biased source—A finite state markov chain , 1984, Comb..

[133]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[134]  Silvio Micali,et al.  On the Cryptographic Applications of Random Functions , 1984, CRYPTO.

[135]  Ronald L. Rivest,et al.  A Knapsack Type Public Key Cryptosystem Based On Arithmetic in Finite Fields , 1984, CRYPTO.

[136]  Andrew M. Odlyzko,et al.  Cryptanalytic attacks on the multiplicative knapsack cryptosystem and on Shamir's fast signature scheme , 1984, IEEE Trans. Inf. Theory.

[137]  Adi Shamir,et al.  How to expose an eavesdropper , 1984, CACM.

[138]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[139]  Umesh Vazirani,et al.  RSA bits are .732 + ε secure , 1984 .

[140]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[141]  Leonard M. Adleman,et al.  On breaking generalized knapsack public key cryptosystems , 1983, STOC.

[142]  Silvio Micali,et al.  Strong signature schemes , 1983, STOC '83.

[143]  Oded Goldreich,et al.  On the security of multi-party ping-pong protocols , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[144]  Silvio Micali,et al.  How to simultaneously exchange a secret bit by flipping a symmetrically-biased coin , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[145]  Vijay V. Vazirani,et al.  Trapdoor pseudo-random number generators, with applications to protocol design , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[146]  P. Erdös,et al.  On a problem of Oppenheim concerning “factorisatio numerorum” , 1983 .

[147]  Manuel Blum,et al.  How to exchange (secret) keys , 1983, TOCS.

[148]  Ernest F. Brickell,et al.  Solving Low Density Knapsacks , 1983, CRYPTO.

[149]  Jeffrey C. Lagarias,et al.  Solving low density subset sum problems , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[150]  László Lovász,et al.  Factoring polynomials with rational coefficients , 1982 .

[151]  Andrew Chi-Chih Yao,et al.  Theory and application of trapdoor functions , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[152]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[153]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[154]  Silvio Micali,et al.  Why and how to establish a private code on a public network , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[155]  Adi Shamir,et al.  A polynomial time algorithm for breaking the basic Merkle-Hellman cryptosystem , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[156]  Richard M. Karp,et al.  On the Security of Ping-Pong Protocols , 1982, Inf. Control..

[157]  Nancy A. Lynch,et al.  Cryptographic protocols , 1982, STOC '82.

[158]  Silvio Micali,et al.  Probabilistic encryption & how to play mental poker keeping secret all partial information , 1982, STOC '82.

[159]  J. Boyar Inferring a Sequence Generated by a Linear Congruence , 1982, FOCS.

[160]  Justin M. Reyneri,et al.  Coin flipping by telephone , 1984, IEEE Trans. Inf. Theory.

[161]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[162]  Giovanni Maria Sacco,et al.  Timestamps in key distribution protocols , 1981, CACM.

[163]  Adi Shamir,et al.  On the Generation of Cryptographically Strong Pseudo-Random Sequences , 1981, ICALP.

[164]  Larry Carter,et al.  New Hash Functions and Their Use in Authentication and Set Equality , 1981, J. Comput. Syst. Sci..

[165]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[166]  David Chaum,et al.  Verification by Anonymous Monitors , 1981, CRYPTO.

[167]  M. Rabin Probabilistic algorithm for testing primality , 1980 .

[168]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[169]  G. R. Blakley,et al.  Safeguarding cryptographic keys , 1899, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[170]  M. Garey Johnson: computers and intractability: a guide to the theory of np- completeness (freeman , 1979 .

[171]  Ralph C. Merkle,et al.  Secrecy, authentication, and public key systems , 1979 .

[172]  Stephen C. Pohlig,et al.  An Improved Algorithm for Computing Logarithms over GF(p) and Its Cryptographic Significance , 2022, IEEE Trans. Inf. Theory.

[173]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[174]  Martin E. Hellman,et al.  Hiding information and signatures in trapdoor knapsacks , 1978, IEEE Trans. Inf. Theory.

[175]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[176]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[177]  Volker Strassen,et al.  A Fast Monte-Carlo Test for Primality , 1977, SIAM J. Comput..

[178]  D. Chaum,et al.  Di(cid:11)erential Cryptanalysis of the full 16-round DES , 1977 .

[179]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[180]  Whitfield Diffie,et al.  Multiuser cryptographic techniques , 1976, AFIPS '76.

[181]  Vaughan R. Pratt,et al.  Every Prime has a Succinct Certificate , 1975, SIAM J. Comput..

[182]  Gary L. Miller,et al.  Riemann's Hypothesis and tests for primality , 1975, STOC.

[183]  J. M. Pollard,et al.  Theorems on factorization and primality testing , 1974, Mathematical Proceedings of the Cambridge Philosophical Society.

[184]  P. Elias The Efficient Construction of an Unbiased Random Sequence , 1972 .

[185]  J. Rosser,et al.  Approximate formulas for some functions of prime numbers , 1962 .

[186]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[187]  E. T. An Introduction to the Theory of Numbers , 1946, Nature.

[188]  D. Bernstein DISTINGUISHING PRIME NUMBERS FROM COMPOSITE NUMBERS , 2022 .