Lectures on Data Security

The objective of this paper is to give an elementary introduction to fundamental concepts, techniques and results of Secure

[1]  Ueli Maurer,et al.  The intrinsic conditional mutual information and perfect secrecy , 1997, Proceedings of IEEE International Symposium on Information Theory.

[2]  Ivan Damgård,et al.  Zero-Knowledge Authentication Scheme with Secret Key Exchange , 1988, Journal of Cryptology.

[3]  Ueli Maurer,et al.  Protocols for Secret Key Agreement by Public Discussion Based on Common Information , 1992, CRYPTO.

[4]  Martin E. Hellman,et al.  A cryptanalytic time-memory trade-off , 1980, IEEE Trans. Inf. Theory.

[5]  Jean-Jacques Quisquater,et al.  How Easy is Collision Search? Application to DES (Extended Summary) , 1990, EUROCRYPT.

[6]  László Lovász,et al.  Factoring polynomials with rational coefficients , 1982 .

[7]  Gilles Brassard,et al.  Defeating classical bit commitments with a quantum computer , 1998 .

[8]  Jean-Jacques Quisquater,et al.  A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing Both Transmission and Memory , 1988, EUROCRYPT.

[9]  Christian Cachin,et al.  Entropy measures and unconditional security in cryptography , 1997 .

[10]  Bart Preneel,et al.  Cryptographic Primitives for Information Authentication - State of the Art , 1997, State of the Art in Applied Cryptography.

[11]  Paul G. Comba,et al.  Exponentiation Cryptosystems on the IBM PC , 1990, IBM Syst. J..

[12]  Ivan Damgård,et al.  Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols , 1994, CRYPTO.

[13]  F. MacWilliams,et al.  Codes which detect deception , 1974 .

[14]  Gilles Brassard,et al.  Experimental Quantum Cryptography , 1990, EUROCRYPT.

[15]  G. R. Blakley,et al.  Safeguarding cryptographic keys , 1899, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[16]  Miklós Ajtai,et al.  Generating Hard Instances of Lattice Problems , 1996, Electron. Colloquium Comput. Complex..

[17]  Baruch Awerbuch,et al.  Verifiable secret sharing and achieving simultaneity in the presence of faults , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[18]  Bart Preneel,et al.  Attacks on Fast Double Block Length Hash Functions , 1998, Journal of Cryptology.

[19]  Mihir Bellare,et al.  A concrete security treatment of symmetric encryption , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[20]  Victor Shoup,et al.  Lower Bounds for Discrete Logarithms and Related Problems , 1997, EUROCRYPT.

[21]  Michael J. Fischer,et al.  Bounds on secret key exchange using a random deal of cards , 2004, Journal of Cryptology.

[22]  Marc Girault,et al.  Hash-Functions Using Modulo-N Operations , 1987, EUROCRYPT.

[23]  Rafail Ostrovsky,et al.  Minimum resource zero knowledge proofs , 1989, 30th Annual Symposium on Foundations of Computer Science.

[24]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[25]  Lars R. Knudsen,et al.  Truncated Differentials of SAFER , 1996, FSE.

[26]  Hugh C. Williams,et al.  A modification of the RSA public-key encryption procedure (Corresp.) , 1980, IEEE Trans. Inf. Theory.

[27]  Vincent Rijmen,et al.  On Weaknesses of Non–surjective Round Functions , 1997, Des. Codes Cryptogr..

[28]  Ronald Cramer,et al.  The ESPRIT Project CAFE - High Security Digital Payment Systems , 1994, ESORICS.

[29]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[30]  R. Jozsa,et al.  A Complete Classification of Quantum Ensembles Having a Given Density Matrix , 1993 .

[31]  Charalampos Manifavas,et al.  NetCard - A Practical Electronic-Cash System , 1996, Security Protocols Workshop.

[32]  Carlo Harpes,et al.  Partitioning Cryptanalysis , 1997, FSE.

[33]  Gilles Brassard,et al.  Secret-Key Reconciliation by Public Discussion , 1994, EUROCRYPT.

[34]  Rainer A. Rueppel,et al.  A new signature scheme based on the DSA giving message recovery , 1993, CCS '93.

[35]  Joan Daemen,et al.  Fast Hashing and Stream Encryption with PANAMA , 1998, FSE.

[36]  Ernest F. Brickell,et al.  Some Ideal Secret Sharing Schemes , 1990, EUROCRYPT.

[37]  Lars R. Knudsen,et al.  Provable security against a differential attack , 1994, Journal of Cryptology.

[38]  Carlo Harpes,et al.  A Generalization of Linear Cryptanalysis and the Applicability of Matsui's Piling-Up Lemma , 1995, EUROCRYPT.

[39]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[40]  Mitsuru Matsui,et al.  A New Method for Known Plaintext Attack of FEAL Cipher , 1992, EUROCRYPT.

[41]  Mihir Bellare,et al.  The Exact Security of Digital Signatures - HOw to Sign with RSA and Rabin , 1996, EUROCRYPT.

[42]  G. S. Vernam,et al.  Cipher Printing Telegraph Systems For Secret Wire and Radio Telegraphic Communications , 1926, Transactions of the American Institute of Electrical Engineers.

[43]  Ivan Damgård,et al.  A Design Principle for Hash Functions , 1989, CRYPTO.

[44]  Mihir Bellare,et al.  A New Paradigm for Collision-Free Hashing: Incrementality at Reduced Cost , 1997, EUROCRYPT.

[45]  Philippe A. Janson,et al.  The State of the Art in Electronic Payment Systems , 1997, Computer.

[46]  Antoon Bosselaers,et al.  Collisions for the Compressin Function of MD5 , 1994, EUROCRYPT.

[47]  Crépeau Claude,et al.  Correct and private reductions among oblivious transfers , 1990 .

[48]  Hans Dobbertin,et al.  The First Two Rounds of MD4 are Not One-Way , 1998, FSE.

[49]  Lance Fortnow,et al.  The Complexity of Perfect Zero-Knowledge , 1987, Proceeding Structure in Complexity Theory.

[50]  Donald Beaver,et al.  How to Break a "Secure" Oblivious Transfer Protocol , 1992, EUROCRYPT.

[51]  Ueli Maurer,et al.  Towards Characterizing When Information-Theoretic Secret Key Agreement Is Possible , 1996, ASIACRYPT.

[52]  Robert D. Silverman,et al.  A STATISTICAL LIMITED-KNOWLEDGE PROOF FOR SECURE RSA KEYS , 1998 .

[53]  H. Lenstra,et al.  Factoring integers with the number field sieve , 1993 .

[54]  Chae Hoon Lim,et al.  A Key Recovery Attack on Discrete Log-based Schemes Using a Prime Order Subgroupp , 1997, CRYPTO.

[55]  Joos Vandewalle,et al.  Integrity primitives for secure information systems : final report of RACE Integrity Primitives Evaluation RIPE-RACE 1040 , 1995 .

[56]  Jeroen van de Graaf,et al.  Committed Oblivious Transfer and Private Multi-Party Computation , 1995, CRYPTO.

[57]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[58]  Ueli Maurer Conditionally-perfect secrecy and a provably-secure randomized cipher , 2004, Journal of Cryptology.

[59]  Amos Fiat,et al.  Zero-knowledge proofs of identity , 1988, Journal of Cryptology.

[60]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[61]  Dominic Mayers Unconditionally secure quantum bit commitment is impossible , 1997 .

[62]  Xuejia Lai,et al.  On the design and security of block ciphers , 1992 .

[63]  M. Rabin Probabilistic algorithm for testing primality , 1980 .

[64]  Gustavus J. Simmons,et al.  A survey of information authentication , 1988, Proc. IEEE.

[65]  Stephen M. Matyas,et al.  Triple DES Cipher Block Chaining with Output Feedback Masking , 1996 .

[66]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[67]  Mihir Bellare,et al.  Optimal Asymmetric Encryption-How to Encrypt with RSA , 1995 .

[68]  Stefan Wolf,et al.  Strong Security Against Active Attacks in Information-Theoretic Secret-Key Agreement , 1998, ASIACRYPT.

[69]  A. D. Wyner,et al.  The wire-tap channel , 1975, The Bell System Technical Journal.

[70]  Marc Girault,et al.  A Generalized Birthday Attack , 1988, EUROCRYPT.

[71]  David Chaum,et al.  Achieving Electronic Privacy , 1992 .

[72]  Moti Yung,et al.  Robust efficient distributed RSA-key generation , 1998, STOC '98.

[73]  Russell Impagliazzo,et al.  Limits on the provable consequences of one-way permutations , 1988, STOC '89.

[74]  Donald Beaver,et al.  Cryptographic Protocols Provably Secure Against Dynamic Adversaries , 1992, EUROCRYPT.

[75]  D. K. Branstad,et al.  Data Encryption Standard: past and future , 1988, Proc. IEEE.

[76]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[77]  Richard E. Blahut,et al.  Principles and practice of information theory , 1987 .

[78]  Donald Beaver,et al.  Secure multiparty protocols and zero-knowledge proof systems tolerating a faulty minority , 2004, Journal of Cryptology.

[79]  Feller William,et al.  An Introduction To Probability Theory And Its Applications , 1950 .

[80]  Ralph C. Merkle,et al.  Secrecy, authentication, and public key systems , 1979 .

[81]  Ivan Damgård,et al.  Collision Free Hash Functions and Public Key Signature Schemes , 1987, EUROCRYPT.

[82]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[83]  Mitsuru Matsui,et al.  The First Experimental Cryptanalysis of the Data Encryption Standard , 1994, CRYPTO.

[84]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[85]  Silvio Micali,et al.  A fair protocol for signing contracts , 1990, IEEE Trans. Inf. Theory.

[86]  Gilles Brassard,et al.  Quantum Bit Commitment and Coin Tossing Protocols , 1990, CRYPTO.

[87]  Jean-Jacques Quisquater,et al.  How Easy is Collision Search. New Results and Applications to DES , 1989, CRYPTO.

[88]  Xuejia Lai,et al.  Markov Ciphers and Differential Cryptanalysis , 1991, EUROCRYPT.

[89]  Josh Benaloh,et al.  Generalized Secret Sharing and Monotone Functions , 1990, CRYPTO.

[90]  Richard J. Hughes,et al.  FREE-SPACE QUANTUM-KEY DISTRIBUTION , 1998, quant-ph/9801006.

[91]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[92]  Jeroen van de Graaf,et al.  Security of Quantum Key Distribution against All Collective Attacks , 2002, Algorithmica.

[93]  Ralf Hauser,et al.  Micro-Payments based on iKP , 1996 .

[94]  John Rompel,et al.  One-way functions are necessary and sufficient for secure signatures , 1990, STOC '90.

[95]  Ramarathnam Venkatesan,et al.  Foiling Birthday Attacks in Length-Doubling Transformations - Benes: A Non-Reversible Alternative to Feistel , 1996, EUROCRYPT.

[96]  I. Damgård,et al.  Average case error estimates for the strong probable prime test , 1993 .

[97]  Dominic Mayers,et al.  On the Security of the Quantum Oblivious Transfer and Key Distribution Protocols , 1995, CRYPTO.

[98]  Marc Girault,et al.  Selective Forgery of RSA Signatures Using Redundancy , 1997, EUROCRYPT.

[99]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[100]  Silvio Micali,et al.  Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems , 1991, JACM.

[101]  Larry Carter,et al.  New Hash Functions and Their Use in Authentication and Set Equality , 1981, J. Comput. Syst. Sci..

[102]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[103]  Ramarathnam Venkatesan,et al.  New Constructions for Secure Hash Functions , 1998, FSE.

[104]  N. Asokan,et al.  Optimistic fair exchange of digital signatures , 1998, IEEE Journal on Selected Areas in Communications.

[105]  Matthew J. B. Robshaw,et al.  Linear Cryptanalysis Using Multiple Approximations , 1994, CRYPTO.

[106]  Ueli Maurer,et al.  Fast Generation of Secure RSA-Moduli with Almost Maximal Diversity , 1990, EUROCRYPT.

[107]  Rafail Ostrovsky,et al.  How To Withstand Mobile Virus Attacks , 1991, PODC 1991.

[108]  Mihir Bellare,et al.  XOR MACs: New Methods for Message Authentication Using Finite Pseudorandom Functions , 1995, CRYPTO.

[109]  J. Rarity,et al.  Single photon interference in 10 km long optical fibre interferometer , 1993 .

[110]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[111]  Mihir Bellare,et al.  Incremental Cryptography: The Case of Hashing and Signing , 1994, CRYPTO.

[112]  Larry Carter,et al.  Universal Classes of Hash Functions , 1979, J. Comput. Syst. Sci..

[113]  Mihir Bellare,et al.  The Security of Cipher Block Chaining , 1994, CRYPTO.

[114]  Ivan Damgård,et al.  Statistical Secrecy and Multi-Bit Commitments , 1996 .

[115]  Moni Naor,et al.  Universal one-way hash functions and their cryptographic applications , 1989, STOC '89.

[116]  Adi Shamir,et al.  PayWord and MicroMint: Two Simple Micropayment Schemes , 1996, Security Protocols Workshop.

[117]  Joos Vandewalle,et al.  Hash Functions Based on Block Ciphers: A Synthetic Approach , 1993, CRYPTO.

[118]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[119]  Moni Naor,et al.  Visual Cryptography , 1994, Encyclopedia of Multimedia.

[120]  Don Coppersmith,et al.  Another Birthday Attack , 1986, CRYPTO.

[121]  Matthew K. Franklin,et al.  Efficient generation of shared RSA keys , 2001, JACM.

[122]  Matthew J. B. Robshaw,et al.  Non-Linear Approximations in Linear Cryptanalysis , 1996, EUROCRYPT.

[123]  Eli Biham,et al.  New types of cryptanalytic attacks using related keys , 1994, Journal of Cryptology.

[124]  Ronald L. Rivest,et al.  The MD4 Message-Digest Algorithm , 1990, RFC.

[125]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.

[126]  Claude Crépeau,et al.  Equivalence Between Two Flavours of Oblivious Transfers , 1987, CRYPTO.

[127]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[128]  Alfred Menezes,et al.  Key Agreement Protocols and Their Security Analysis , 1997, IMACC.

[129]  P. Jones A Diary on Information Theory , 1989 .

[130]  Ueli Maurer,et al.  Information-Theoretically Secure Secret-Key Agreement by NOT Authenticated Public Discussion , 1997, EUROCRYPT.

[131]  J. Franson,et al.  Quantum cryptography in free space. , 1996, Optics letters.

[132]  Andrew Chi-Chih Yao,et al.  Security of quantum protocols against coherent measurements , 1995, STOC '95.

[133]  Ivan Damgård,et al.  Interactive Hashing can Simplify Zero-Knowledge Protocol Design Without Computational Assumptions (Extended Abstract) , 1993, CRYPTO.

[134]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[135]  N. Gisin,et al.  “Plug and play” systems for quantum cryptography , 1996, quant-ph/9611042.

[136]  Michael O. Rabin,et al.  How To Exchange Secrets with Oblivious Transfer , 2005, IACR Cryptol. ePrint Arch..

[137]  Bart Preneel,et al.  RIPEMD-160: A Strengthened Version of RIPEMD , 1996, FSE.

[138]  Manuel Blum,et al.  Coin flipping by telephone a protocol for solving impossible problems , 1983, SIGA.

[139]  Amos Fiat,et al.  Untraceable Electronic Cash , 1990, CRYPTO.

[140]  H. W. Lenstra,et al.  Factoring integers with elliptic curves , 1987 .

[141]  Sean Murphy,et al.  Pairs and triplets of DES S-boxes , 2004, Journal of Cryptology.

[142]  Andrew Odlyzko,et al.  The Rise and Fall of Knapsack Cryptosystems , 1998 .

[143]  Ivan Damgård,et al.  Practical and provably secure release of a secret and exchange of signatures , 1994, Journal of Cryptology.

[144]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[145]  Donald Beaver,et al.  Multiparty Computation with Faulty Majority (Extended Announcement) , 1989, FOCS 1989.

[146]  Joe Kilian,et al.  Achieving oblivious transfer using weakened security assumptions , 1988, [Proceedings 1988] 29th Annual Symposium on Foundations of Computer Science.

[147]  David Chaum,et al.  Cryptographically Strong Undeniable Signatures, Unconditionally Secure for the Signer , 1991, CRYPTO.

[148]  Lars R. Knudsen,et al.  A Key-schedule Weakness in SAFER K-64 , 1995, CRYPTO.

[149]  J. K. Gibson Discrete logarithm hash function that is collision free and one way , 1991 .

[150]  Eli Biham,et al.  Differential Cryptanalysis of the Data Encryption Standard , 1993, Springer New York.

[151]  H. F. Chau,et al.  Why quantum bit commitment and ideal quantum coin tossing are impossible , 1997 .

[152]  U. Maurer,et al.  Secret key agreement by public discussion from common information , 1993, IEEE Trans. Inf. Theory.

[153]  Gilles Brassard,et al.  The generation of random numbers that are probably prime , 1988, Journal of Cryptology.

[154]  Gideon Yuval,et al.  How to Swindle Rabin , 1979, Cryptologia.

[155]  Donald Beaver,et al.  Adaptively Secure Oblivious Transfer , 1998, ASIACRYPT.

[156]  Antoine Joux,et al.  A Practical Attack against Knapsack based Hash Functions (Extended Abstract) , 1994, EUROCRYPT.

[157]  Imre Csiszár,et al.  Broadcast channels with confidential messages , 1978, IEEE Trans. Inf. Theory.

[158]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[159]  Ronald Cramer,et al.  Modular Design of Secure yet Practical Cryptographic Protocols , 1997 .

[160]  Stephen Wiesner,et al.  Conjugate coding , 1983, SIGA.

[161]  Lars R. Knudsen,et al.  The Interpolation Attack on Block Ciphers , 1997, FSE.

[162]  Ivan Damgård,et al.  Two-Key Triple Encryption , 1998, Journal of Cryptology.

[163]  Donald Beaver,et al.  Equivocable Oblivious Transfer , 1996, EUROCRYPT.

[164]  Mitsuru Matsui,et al.  New Structure of Block Ciphers with Provable Security against Differential and Linear Cryptanalysis , 1996, FSE.

[165]  Ralph Howard,et al.  Data Encryption Standard , 1987, Definitions.

[166]  Ivan Damgård,et al.  Speeding up Prime Number Generation , 1991, ASIACRYPT.

[167]  Jacques Patarin,et al.  Collisions and Inversions for Damgård's Whole Hash Function , 1994, ASIACRYPT.

[168]  Bart Preneel,et al.  MDx-MAC and Building Fast MACs from Hash Functions , 1995, CRYPTO.

[169]  Martin E. Hellman,et al.  Hiding information and signatures in trapdoor knapsacks , 1978, IEEE Trans. Inf. Theory.

[170]  L. Salvail,et al.  Quantum oblivious transfer is secure against all individual measurements , 1994, Proceedings Workshop on Physics and Computation. PhysComp '94.

[171]  Ivan Damgård,et al.  Zero-Knowledge Proofs for Finite Field Arithmetic or: Can Zero-Knowledge be for Free? , 1997 .

[172]  E. T. An Introduction to the Theory of Numbers , 1946, Nature.

[173]  Gary L. Miller,et al.  Riemann's Hypothesis and tests for primality , 1975, STOC.

[174]  Torben P. Pedersen Electronic Payments of Small Amounts , 1995, Security Protocols Workshop.

[175]  Oded Goldreich,et al.  How to Solve any Protocol Problem - An Efficiency Improvement , 1987, CRYPTO.

[176]  Willi Geiselmann A Note on the Hash Function of Tillich and Zémor , 1995, IMACC.

[177]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[178]  Ralph C. Merkle,et al.  A fast software one-way hash function , 1990, Journal of Cryptology.

[179]  Ueli Maurer,et al.  Secret key agreement by public discussion , 1993 .

[180]  Michael O. Rabin,et al.  In Foundations of secure computation , 1978 .

[181]  Antoon Bosselaers,et al.  An Attack on the Last Two Rounds of MD4 , 1991, CRYPTO.

[182]  Gilles Zémor Hash functions and Cayley graphs , 1994, Des. Codes Cryptogr..

[183]  C. Pomerance,et al.  The probability that a random probable prime is composite , 1989 .

[184]  Chris Charnes,et al.  Attacking the SL2 Hashing Scheme , 1994, ASIACRYPT.

[185]  Peter W. Shor,et al.  Algorithms for quantum computation: discrete logarithms and factoring , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[186]  Ralph C. Merkle,et al.  One Way Hash Functions and DES , 1989, CRYPTO.

[187]  Stuart Haber,et al.  How to time-stamp a digital document , 1990, Journal of Cryptology.

[188]  Rudolf Ahlswede,et al.  Common randomness in information theory and cryptography - I: Secret sharing , 1993, IEEE Trans. Inf. Theory.

[189]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[190]  Claude Crépeau,et al.  Quantum Oblivious Transfer , 1994 .

[191]  Thomas Jakobson,et al.  Cryptanalysis of Block Ciphers with Probabilistic Non-linear Relations of Low Degree , 1998, CRYPTO.

[192]  I. Damgård The Application of Claw Free Functions in Cryptography: - Unconditional Protection in Cryptographic Protocols , 1988 .

[193]  Jeroen van de Graaf,et al.  Cryptographic Distinguishability Measures for Quantum-Mechanical States , 1997, IEEE Trans. Inf. Theory.

[194]  Bart Preneel,et al.  Fast and Secure Hashing Based on Codes , 1997, CRYPTO.

[195]  Ronald L. Rivest,et al.  The RC5 Encryption Algorithm , 1994, FSE.

[196]  Mihir Bellare,et al.  Collision-Resistant Hashing: Towards Making UOWHFs Practical , 1997, CRYPTO.

[197]  Jacques Stern,et al.  Security Proofs for Signature Schemes , 1996, EUROCRYPT.

[198]  Moni Naor,et al.  Adaptively secure multi-party computation , 1996, STOC '96.

[199]  David Chaum,et al.  Transferred Cash Grows in Size , 1992, EUROCRYPT.

[200]  Susan K. Langford,et al.  Differential-Linear Cryptanalysis , 1994, CRYPTO.

[201]  Gilles Brassard,et al.  Quantum Cryptography, or Unforgeable Subway Tokens , 1982, CRYPTO.

[202]  Silvio Micali,et al.  Proofs that yield nothing but their validity and a methodology of cryptographic protocol design , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[203]  Amit Sahai,et al.  Concurrent Zero-Knowledge: Reducing the Need for Timing Constraints , 1998, CRYPTO.

[204]  Ueli Maurer,et al.  Unconditional Security Against Memory-Bounded Adversaries , 1997, CRYPTO.

[205]  Ernest F. Brickell,et al.  Gradual and Verifiable Release of a Secret , 1987, CRYPTO.

[206]  Louis Salvail,et al.  Quantum Bit Commitment from a Physical Assumption , 1998, CRYPTO.

[207]  Eli Biham,et al.  On Matsui's Linear Cryptanalysis , 1994, EUROCRYPT.

[208]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[209]  Lars R. Knudsen,et al.  Truncated and Higher Order Differentials , 1994, FSE.

[210]  Oded Goldreich,et al.  Collision-Free Hashing from Lattice Problems , 1996, Electron. Colloquium Comput. Complex..

[211]  Renato Renner,et al.  Security of quantum key distribution , 2005, Ausgezeichnete Informatikdissertationen.

[212]  Johan Håstad,et al.  The security of individual RSA bits , 1998, Proceedings 39th Annual Symposium on Foundations of Computer Science (Cat. No.98CB36280).

[213]  Ueli Maurer,et al.  Generalized privacy amplification , 1994, Proceedings of 1994 IEEE International Symposium on Information Theory.

[214]  Ronald Cramer,et al.  A secure and optimally efficient multi-authority election scheme , 1997, Eur. Trans. Telecommun..

[215]  Gilles Brassard,et al.  Privacy Amplification by Public Discussion , 1988, SIAM J. Comput..

[216]  Douglas R. Stinson Universal Hashing and Authentication Codes , 1991, CRYPTO.

[217]  Bruce Schneier,et al.  Key-Schedule Cryptanalysis of DEAL , 1999, Selected Areas in Cryptography.

[218]  J. Massey,et al.  Communications and Cryptography: Two Sides of One Tapestry , 1994 .

[219]  D. Chaum,et al.  Di(cid:11)erential Cryptanalysis of the full 16-round DES , 1977 .

[220]  Joos Vandewalle,et al.  Weak Keys for IDEA , 1994, CRYPTO.

[221]  Peter W. Shor,et al.  Algorithms for Quantum Computation: Discrete Log and Factoring (Extended Abstract) , 1994, FOCS 1994.

[222]  Moni Naor,et al.  Efficient cryptographic schemes provably as secure as subset sum , 2004, Journal of Cryptology.

[223]  Tal Rabin,et al.  An efficient non-interactive statistical zero-knowledge proof system for quasi-safe prime products , 1998, CCS '98.

[224]  Oded Goldreich,et al.  RSA and Rabin Functions: Certain Parts are as Hard as the Whole , 1988, SIAM J. Comput..

[225]  Mihir Bellare,et al.  Provably secure session key distribution: the three party case , 1995, STOC '95.

[226]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[227]  Judit Bar-Ilan,et al.  Non-cryptographic fault-tolerant computing in constant number of rounds of interaction , 1989, PODC '89.

[228]  Raymond W. Yeung,et al.  A new outlook of Shannon's information measures , 1991, IEEE Trans. Inf. Theory.

[229]  David Chaum,et al.  Demonstrating Possession of a Discrete Logarithm Without Revealing It , 1986, CRYPTO.

[230]  Hans Dobbertin,et al.  Cryptanalysis of MD4 , 1996, Journal of Cryptology.

[231]  Ivan Damgård,et al.  Multiple Encryption with Minimum Key , 1995, Cryptography: Policy and Algorithms.

[232]  R. Jozsa Fidelity for Mixed Quantum States , 1994 .

[233]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[234]  Jacques Patarin,et al.  The Knapsack Hash Function proposed at Crypto'89 can be broken , 1991, EUROCRYPT.

[235]  Serge Vaudenay,et al.  On the Weak Keys of Blowfish , 1996, FSE.

[236]  Lars R. Knudsen,et al.  Practically Secure Feistel Ciphers , 1994 .

[237]  Paul C. van Oorschot,et al.  Parallel collision search with application to hash functions and discrete logarithms , 1994, CCS '94.

[238]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[239]  Daniel R. Simon Finding Collisions on a One-Way Street: Can Secure Hash Functions Be Based on General Assumptions? , 1998, EUROCRYPT.

[240]  Hugo Krawczyk,et al.  Pseudorandom functions revisited: the cascade construction and its concrete security , 1996, Proceedings of 37th Conference on Foundations of Computer Science.

[241]  M. Rabin DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION , 1979 .

[242]  Don Coppersmith,et al.  The Real Reason for Rivest's Phenomenon , 1985, CRYPTO.

[243]  Ueli Maurer The Role of Information Theory in Cryptography , 1993 .

[244]  Bruce Schneier,et al.  Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish) , 1993, FSE.

[245]  Ivan Damgård,et al.  The Breaking of the AR Hash Function , 1993, EUROCRYPT.

[246]  J. K. Gibson Some comments on Damgard's hashing principle , 1990 .

[247]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[248]  James L. Massey,et al.  SAFER K-64: A Byte-Oriented Block-Ciphering Algorithm , 1993, FSE.

[249]  L. Knudsen Cryptanalysis of LOKI 91 , 1998 .

[250]  Burton S. Kaliski A survey of encryption standards , 1993, IEEE Micro.

[251]  Dominic Mayers,et al.  Unconditional security in quantum cryptography , 1998, JACM.

[252]  Louis Salvail,et al.  Quantum Oblivious Mutual Identification , 1995, EUROCRYPT.

[253]  N. Asokan,et al.  Optimistic protocols for fair exchange , 1997, CCS '97.

[254]  Silvio Micali,et al.  How to sign given any trapdoor permutation , 1992, JACM.

[255]  Tal Rabin,et al.  Robust sharing of secrets when the dealer is honest or cheating , 1994, JACM.

[256]  Gustavus J. Simmons,et al.  How to insure that data acquired to verify treaty compliance are trustworthy , 1988, Proc. IEEE.

[257]  Joe Kilian,et al.  How to Protect DES Against Exhaustive Key Search , 1996, CRYPTO.

[258]  James L. Massey,et al.  SAFER K-64: One Year Later , 1994, FSE.

[259]  Gilles Brassard,et al.  Practical Quantum Oblivious Transfer , 1991, CRYPTO.

[260]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[261]  Stanislaw Jarecki,et al.  An Efficient Micropayment System Based on Probabilistic Polling , 1997, Financial Cryptography.

[262]  Lars R. Knudsen,et al.  Block Ciphers: Analysis, Design and Applications , 1994 .

[263]  Ueli Maurer,et al.  Privacy Amplification Secure Against Active Adversaries , 1997, CRYPTO.

[264]  Pieter Retief Kasselman,et al.  Analysis and design of cryptographic hash functions , 1999 .

[265]  Stefan Brands Off-Line Electronic Cash Based on Secret-Key Certificates , 1995, LATIN.

[266]  J. Gordon Strong RSA keys , 1984 .

[267]  Alexander Russell Necessary and Sufficient Conditions For Collision-Free Hashing , 1992, CRYPTO.

[268]  Serge Vaudenay,et al.  An experiment on DES statistical cryptanalysis , 1996, CCS '96.