Global Sales Contact List

Contact   A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

RSA Laboratories

Appendix C References

Bibliography


[ACG84]
W. Alexi, B. Chor, O. Goldreich, and C.P. Schnorr, RSA and Rabin functions: Certain parts are as hard as the whole, SIAM Journal of Computing (2) 17 (1988), 194-209.

[AD97]
M. Ajtai and C. Dwork, A public-key cryptosystem with worst-case/average-case equivalence, Proc. 29th ACM STOC (1997), 284-297.

[Adl95]
L.M. Adleman, On constructing a molecular computer, draft, University of Southern California, January 1995.

[Adl96]
L.M. Adleman, Statement, Cryptographer's Expert Panel, RSA Data Security Conference, San Francisco, CA, January 17, 1996.

[AGL95]
D. Atkins, M. Graff, A.K. Lenstra and P.C. Leyland, The magic words are squeamish ossifrage, Advances in Cryptology - Asiacrypt '94, Springer-Verlag (1995), 263-277.

[AHU74]
Aho, Hopcroft, and Ullman, The Design and Analysis of Computer Algorithms, Addison-Wesley, 1974.

[ANS83]
American National Standards Institute, American National Standard X3.106-1983 (R1996): Data Encryption Algorithm, Modes of Operations for the, 1983.

[ANS86a]
American National Standards Institute, ANSI X9.9: Financial Institution Message Authentication (Wholesale), 1986.

[ANS94a]
American National Standards Institute, Accredited Standards Committee X9 Working Draft: ANSI X9.42-1993: Public Key Cryptography for the Financial Services Industry: Management of Symmetric Algorithm Keys Using Diffie-Hellman, American Bankers Association, 1994.

[ANS94b]
American National Standards Institute, Accredited Standards Committee X9 Working Draft: ANSI X9.44: Public Key Cryptography Using Reversible Algorithms for the Financial Services Industry: Transport of Symmetric Algorithm Keys Using RSA, American Bankers Association, 1994.

[ANS95]
American National Standards Institute, ANSI X9.17: Financial Institution Key Management (Wholesale), 1995.

[ANS96]
American National Standards Institute, ANSI X9.19: Financial Institution Retail Message Authentication, 1986.

[ANS97]
American National Standards Institute, ANSI X9.30.1-1997: Public-Key Cryptography for the Financial Services Industry - Part 1: The Digital Signature Algorithm (DSA), American Bankers Association, 1997.

[ANS98]
American National Standards Institute, ANSI X9.31-1998: Public Key Cryptography Using Reversible Algorithms for the Financial Services Industry (rDSA), 1998.

[ARV95]
W. Aiello, S. Rajagopalan, and R. Venkatesan, Design of practical and provably good random number generators (extended abstract), Proceedings of the Sixth Annual ACM-SIAM Symposium on Discrete Algorithms (1995), 1-9.

[Bam82]
J. Bamford, The Puzzle Palace, Houghton Mifflin, Boston, 1982.

[Bar92]
J.P. Barlow, Decrypting the puzzle palace, Communications of the ACM (7) 35 (1992) 25-31.

[BBB92]
C. Bennett, F. Bessette, G. Brassard, L. Savail, and J. Smolin, Experimental quantum cryptography, Journal of Cryptology (1) 5 (1992), 3-28.

[BBC88]
P. Beauchemin, G. Brassard, C. Crepeau, C. Goutier, and C. Pomerance, The generation of random numbers that are probably prime, Journal of Cryptology 1 (1988), 53-64.

[BBL95]
D. Bleichenbacher, W. Bosma, and A. Lenstra, Some remarks on Lucas-based cryptosystems, Advances in Cryptology - Crypto '95, Springer-Verlag (1995). 386-396,

[BBS86]
L. Blum, M. Blum, and M. Shub, A simple unpredictable random number generator, SIAM Journal on Computing 15 (1986), 364-383.

[BD93b]
J. Brandt and I. Damgard, On generation of probable primes by incremental search, Advances in Cryptology - Crypto '92, Springer-Verlag (1993), 358-370.

[BDK93]
E.F. Brickell, D.E. Denning, S.T. Kent, D.P. Maher, and W. Tuchman, Skipjack Review, Interim Report: The Skipjack Algorithm, 1993.

[BDN97]
W. Burr, D. Dodson, N. Nazario, and W. T. Polk, MISPC, Minimum Interoperability Specification for PKI Components, Version 1, NIST, 1997.

[Bea95]
D. Beaver, Factoring: The DNA solution, Advances in Cryptology - Asiacrypt '94, Springer-Verlag (1995), 419-423.

[Ben82]
P. Benioff, Quantum mechanical Hamiltonian models of Turing machines, Journal of Statistical Physics (3) 29 (1982), 515-546.

[BG85]
M. Blum and S. Goldwasser, An efficient probabilistic public-key encryption scheme which hides all partial information, Advances in Cryptology - Crypto '84, Springer-Verlag (1985), 289-299,.

[BGH95]
M. Bellare, J.A. Garay, R. Hauser, A. Herzberg, H. Krawczyk, M. Steiner, G. Tsudik, and M. Waidner, iKP - A Family of Secure Electronic Payment Protocols, Usenix Electronic Commerce Workshop, July 1995.

[BHS93]
D. Bayer, S. Haber, and W.S. Stornetta, Improving the efficiency and reliability of digital timestamping, Proceedings Sequences II: Methods in Communication, Security, and Computer Science, Springer-Verlag (1993), 329-334.

[Bih95]
E. Biham, Cryptanalysis of Multiple Modes of Operation, Advances in Cryptology - Asiacrypt '94, Springer-Verlag (1995), 278-292.

[BK98]
A. Biryukov and E. Kushilevitz, Improved cryptanalysis of RC5, Advances in Cryptology - Eurocrypt '98, Springer Verlag (1998).

[BKR94]
M. Bellare, J. Killian and P. Rogaway, The security of cipher block chaining, Advances in Cryptology - Crypto '94, Springer-Verlag (1994), 341-358.

[Bla79]
G.R. Blakley, Safeguarding cryptographic keys, AFIPS Conference Proceedings 48 (1979), 313-317.

[Bla94]
Matt Blaze, Protocol Failure in the Escrowed Encryption Standard, Proceedings of the 2nd ACM Conference on Computer and Communications Security (1994), 59-67.

[BLP94]
J.P. Buhler, H.W. Lenstra, and C. Pomerance, The development of the number field sieve, Volume 1554 of Lecture Notes in Computer Science, Springer-Verlag, 1994.

[BLS88]
J. Brillhart, D.H. Lehmer, J.L. Selfridge, B. Tuckerman, and S.S. Wagstaff Jr, Factorizations of bn ±1, b = 2,3,5,6,7,10,11,12 up to High Powers, Volume 22 of Contemporary Mathematics, 2nd edition, American Mathematical Society, 1988.

[BLZ94]
J. Buchmann, J. Loho, and J. Zayer, An implementation of the general number field sieve, Advances in Cryptology - Crypto '93, Springer-Verlag (1994), 159-166.

[BM84]
M. Blum and S. Micali, How to generate cryptographically strong sequences of pseudo-random bits, SIAM Journal on Computing (4) 13 (1984), 850-863.

[BR93]
M. Bellare and P. Rogaway, Random Oracles are Practical: A Paradigm for Designing Efficient Protocols, Proceedings of the first Annual Conference on Computer and Communications Security (1993), 62-73.

[BR94]
M. Bellare and P. Rogaway, Optimal asymmetric encryption, Advances in Cryptology - Eurocrypt '94, Springer-Verlag (1994), 92-111.

[BR96]
M. Bellare and P. Rogaway, The exact security of digital signatures how to sign with RSA and Rabin, Advances in Cryptology - Eurocrypt '96, Springer-Verlag (1996), 399-414.

[Bra88]
G. Brassard, Modern Cryptology, Springer-Verlag, 1988.

[Bra93]
G. Brassard, Cryptography column - Quantum cryptography: A bibliography, Sigact News (3) 24 (1993), 16-20.

[Bra95a]
G. Brassard, The computer in the 21st Century, Scientific American (March 1995).

[Bra95b]
G. Brassard, The impending demise of RSA? CryptoBytes (1) 1 (Spring 1995).

[Bra95c]
G. Brassard, A quantum jump in computer science, Current Trends in Computer Science, Springer-Verlag (1995), 1-14.

[Bre89]
D.M. Bressoud, Factorization and Primality Testing, Springer-Verlag, 1989.

[Bri85]
E.F. Brickell, Breaking iterated knapsacks, Advances in Cryptology - Crypto '84, Springer-Verlag (1985), 342-358.

[BS91a]
E. Biham and A. Shamir, Differential cryptanalysis of DES-like cryptosystems, Advances in Cryptology - Crypto '90, Springer-Verlag (1991), 2-21.

[BS91b]
E. Biham and A. Shamir, Differential cryptanalysis of FEAL and N-Hash, Advances in Cryptology - Eurocrypt '91, Springer-Verlag (1991), 156-171.

[BS93a]
E. Biham and A. Shamir, Differential cryptanalysis of the full 16-round DES, Advances in Cryptology - Crypto '92, Springer-Verlag (1993), 487-496.

[BS93b]
E. Biham and A. Shamir, Differential Cryptanalysis of the Data Encryption Standard, Springer-Verlag, 1993.

[BV98]
D. Boneh and R. Venkatesan, Breaking RSA may not be equivalent to factoring, Advances in Cryptology - Eurocrypt '98, Springer-Verlag (1998), 59-71.

[CCI88a]
CCITT, Recommendation X.400: Message Handling System and Service Overview, 1988.

[CCI88b]
CCITT, Recommendation X.500: The Directory Overview of Concepts, Models and Services, 1988.

[CCI88c]
CCITT, Recommendation X.509: The Directory Authentication Framework, 1988.

[CCI91]
CCITT, Recommendation X.435: Message Handling Systems: EDI Messaging System, 1991.

[CFG95]
S. Crocker, N. Freed, J. Galvin, and S. Murphy, RFC 1848: MIME Object Security Services. CyberCash, Inc., Innosoft International, Inc., and Trusted Information Systems, 1995.

[CFN88]
D. Chaum, A. Fiat and M. Naor, Untraceable electronic cash, Advances in Cryptology - Crypto '88, Springer-Verlag (1988), 319-327.

[CGH97]
Canetti, R. Gennaro, A. Herzberg and D. Naor, Proactive Security: Long-term Protection Against Break-ins, CryptoBytes (1) 3 (Spring 1997).

[Cha83]
D. Chaum, Blind signatures for untraceable payments, Advances in Cryptology - Crypto '82, Springer-Verlag (1983), 199-203.

[Cha85]
D. Chaum, Security without identification: transaction systems to make big brother obsolete, Communications of the ACM 28 (10) (1985), 1030-1044.

[Cha94]
D. Chaum, Designated confirmer signatures, Advances in Cryptology - Eurocrypt '94, Springer-Verlag (1994), 86-91.

[CJ98]
F. Chabaud and A. Joux, Differential Collisions in SHA-0, Advances in Cryptology - Crypto '98 Springer-Verlag (1998), 56-71.

[CKM94]
D. Coppersmith, H. Krawczyz and Y. Mansour, The shrinking generator, Advances in Cryptology - Crypto '93, Springer-Verlag (1994), 22-38.

[CLR90]
T.H. Cormen, C.E. Leiserson, and R.L. Rivest, Introduction to Algorithms, MIT Press, Cambridge, Massachusetts, 1990.

[Cop92]
D. Coppersmith, The data encryption standard and its strength against attacks, IBM Research Report RC 18613 (81421), T. J. Watson research center, 1992.

[COS86]
D. Coppersmith, A.M. Odlyzko, and R. Schroeppel, Discrete logarithms in GF(p), Algorithmica 1 (1986), 1-15.

[CP94]
L. Chen and T.P. Pederson, New group signature schemes, Advances in Cryptology - Eurocrypt '94, Springer-Verlag (1994), 171-181.

[CP95]
L. Chen and T.P. Pedersen, On the efficiency of group signatures: providing information-theoretic anonymity, Advances in Cryptology - Eurocrypt '95, Springer-Verlag (1995), 39-49.

[CR88]
B. Chor and R.L. Rivest, A knapsack-type public-key cryptosystem based on arithmetic in finite fields, IEEE Transactions on Information Theory (5) 34 (1988), 901-909.

[CR97]
G. Caronni and M. Robshaw, How Exhausting is Exhaustive Search?, CryptoBytes (3) 2 (Winter 1997).

[CV90]
D. Chaum and H. van Antwerpen, Undeniable signatures, Advances in Cryptology - Crypto '89, Springer-Verlag (1990), 212-216.

[CV91]
D. Chaum and E. van Heijst, Group signatures, Advances in Cryptology - Eurocrypt '91, Springer-Verlag (1991) 257-265.

[CV92]
D. Chaum and H. van Antwerpen, Cryptographically strong undeniable signatures, unconditionally secure for the signer, Advances in Cryptology - Crypto '91, Springer-Verlag (1992), 470-484.

[CW93]
K.W. Campbell and M.J. Wiener, DES is not a group, Advances in Cryptology - Crypto '92, Springer-Verlag (1993), 512-520.

[Dam90]
I. Damgård, A design principle for hash functions, Advances in Cryptology - Crypto '89, Springer-Verlag (1990), 416-427.

[Dav82]
G. Davida, Chosen signature cryptanalysis of the RSA public key cryptosystem, Technical Report TR-CS-82-2, Department of EECS, University of Wisconsin, Milwaukee, 1982.

[DB92]
B. den Boer and A. Bosselaers, An attack on the last two rounds of MD4, Advances in Cryptology - Crypto '91, Springer-Verlag (1992), 194-203.

[DB94]
B. den Boer and A. Bosselaers, Collisions for the compression function of MD5, Advances in Cryptology - Eurocrypt '93, Springer-Verlag (1994), 293-304.

[DB95]
D.E. Denning and D.K. Branstad, A taxonomy for key escrow encryption systems, 1995.

[DB96]
D.E. Denning and D. Branstad, A Taxonomy for Key Escrow Encryption Systems, Communications of the ACM (3) 39 (1996), 34-40.

[DB96b]
H. Dobbertin, The Status of MD5 After a Recent Attack, CryptoBytes (2) 2 (Summer 1996).

[DBP96]
H. Dobbertin, A. Bosselaers, and B. Preneel, RIPEMD-160: A strengthened version of RIPEMD, Proceedings of 3rd International Workshop on Fast Software Encryption, Springer-Verlag (1996), 71-82.

[Den93]
D.E. Denning, The Clipper encryption system, American Scientist (4) 81 (1993), 319-323.

[Den95]
D.E. Denning, The Case for ``Clipper,'' Technology Review (July 1995), 48-55.

[Des95]
Y. Desmedt, Securing traceability of ciphertexts - Towards a secure software key escrow system, Advances in Cryptology - Eurocrypt '95, Springer-Verlag (1995), 147-157.

[Deu92]
D. Deutsch, Quantum theory, the Church-Turing principle and the universal quantum computer, Proceedings of the Royal Society of London, Series A 439 (1992).

[DGV94]
J. Daemen, R. Govaerts, and J. Vandewalle, Weak keys for IDEA, Advances in Cryptology - Crypto '93, Springer-Verlag (1994), 224-231.

[DH76]
W. Diffie and M.E. Hellman, New directions in cryptography, IEEE Transactions on Information Theory 22 (1976), 644-654.

[DH77]
W. Diffie and M.E. Hellman, Exhaustive cryptanalysis of the NBS Data Encryption Standard, Computer 10 (1977), 74-84.

[Dif88]
W. Diffie, The first ten years of public-key cryptography, Proceedings of the IEEE 76 (1988), 560-577.

[DIP94]
D. Davis, R. Ihaka, and P. Fenstermacher, Cryptographic randomness from air turbulence in disk drives, Advances in Cryptology - Crypto '94, Springer-Verlag (1994), 114-120.

[DL95]
B. Dodson and A.K. Lenstra, NFS with four large primes: An explosive experiment, Advances in Cryptology - Crypto '95, Springer-Verlag (1995), 372-385.

[DO86]
Y. Desmedt and A.M. Odlyzko, A chosen text attack on the RSA cryptosystem and some discrete logarithm schemes, Advances in Cryptology - Crypto '85, Springer-Verlag (1986), 516-522.

[Dob95]
H. Dobbertin, Alf Swindles Ann, CryptoBytes (3) 1 (Autumn 1995).

[DP83]
D.W. Davies and G.I. Parkin, The average cycle size of the key stream in output feedback encipherment, Advances in Cryptology - Crypto '82, Plenum Press (1983), 97-98.

[DVW92]
W. Diffie, P.C. van Oorschot, and M.J. Wiener, Authentication and authenticated key exchanges, Designs, Codes and Cryptography 2 (1992), 107-125.

[ECS94]
D. Eastlake, 3rd, S. Crocker, and J. Schiller, RFC 1750: Randomness Recommendations for Security, DEC, Cybercash, and MIT, 1994.

[EGM89]
S. Even, O. Goldreich, and S. Micali, On-Line/Off-Line Digital Signatures, Advances in Cryptology - Crypto '89 Springer-Verlag (1990), 263-275.

[Elg85]
T. ElGamal, A public-key cryptosystem and a signature scheme based on discrete logarithms, IEEE Transactions on Information Theory 31 (1985), 469-472.

[EPIC99]
Electronic Privacy Information Center, Cryptography and Liberty 1999, An International Survey of Encryption Policy, Washington, DC, 1999. 1
[Fei73]
H. Feistel, Cryptography and Computer Privacy, Scientific American (May 1973).

[Fey82]
R.P. Feynman, Simulating physics with computers, International Journal of Theoretical Physics (6) 21 (1982), 467-488.

[Fey86]
R.P. Feynman, Quantum mechanical computers, Optic News (February 1985); Reprinted in Foundations of Physics (6) 16 (1986), 507-531.

[FFS88]
U. Feige, A. Fiat and A. Shamir, Zero-knowledge proofs of identity, Journal of Cryptography 1 (1988), 66-94.

[FGM97]
Y. Frankel, P. Gemmel, P. D. MacKenzie and M. Yung, Proactive RSA, Advances in Cryptology - Crypto '97, Springer-Verlag (1997), 440-454.

[For94]
W. Ford, Computer Communications Security Principles, Standard Protocols and Techniques, Prentice-Hall, New Jersey (1994).

[Fra98]
J.B. Fraleigh, An Introduction to Abstract Algebra, 6th edition, Addison-Wesley, 1998.

[FR95]
P. Fahn and M.J.B. Robshaw, Results from the RSA Factoring Challenge, Technical Report TR-501, version 1.3, RSA Laboratories, January 1995.

[FS87]
A. Fiat and A. Shamir, How to prove yourself: Practical solutions to identification and signature problems, Advances in Cryptology - Crypto '86, Springer-Verlag (1987), 186-194.

[FY94]
M. Franklin and M. Yung, Blind Weak Signature and its Applications: Putting Non-Cryptographic Secure Computation to Work, Advances in Cryptology - Eurocrypt '94, Springer-Verlag (1994), 67-76.

[Gan95]
R. Ganesan. Yaksha, Augmenting Kerberos with public key cryptography, Proceedings of the 1995 Internet Society Symposium on Network and Distributed Systems Security, IEEE Press (1995), 132-143.

[GC89]
D. Gollman and W.G. Chambers, Clock-controlled shift registers: a review, IEEE Journal on Selected Areas in Communications (4) 7 (1989), 525-533.

[Gib93]
J.K. Gibson, Severely denting the Babidulin version of the McElience public key cryptosystem, Preproceedings of the 4th IMA Conference on Cryptography and Coding (1993).

[GJ79]
Michael R. Garey and David S. Johnson, Computers and Intractability - A Guide to the Theory of NP-Completeness, W.H. Freeman, New York, 1979.

[GJK96]
R. Gennaro, S. Jarecki, H. Krawczyk and T. Rabin, Robust Threshold DSS Signatures, Advances in Cryptology - Eurocrypt '96, Springer-Verlag, (1996), 354-371.

[GM84]
S. Goldwasser and S. Micali, Probabilistic encryption, Journal of Computer and System Sciences, 28 (1984), 270-299.

[GM93]
D.M. Gordon and K.S. McCurley, Massively parallel computation of discrete logarithms, Advances in Cryptology - Crypto '92, Springer-Verlag (1993), 312-323.

[GMR86]
S. Goldwasser, S. Micali, and R. Rivest, A digital signature scheme secure against adaptive chosen message attack, SIAM Journal on Computing (2) 17 (1988), 289-308.

[Gor93]
D.M. Gordon, Discrete logarithms in GF(p) using the number field sieve, SIAM Journal of Computing (1) 6 (1993), 124-138.

[GPT91]
E.M. Gabidulin, A.V. Paramonov, and O.V. Tretjakov, Ideals over a non-commutative ring and their application in cryptology, Advances in Cryptology - Eurocrypt '91, Springer-Verlag (1991), 482-489.

[GQ88]
L.C. Guillou and J.J. Quisquater, A practical zero-knowledge protocol fitted to security microprocessor minimizing both transmission and memory, Advances in Cryptology - Eurocrypt '88, Springer-Verlag (1988), 123-128.

[H as88]
J. Håstad, Solving simultaneous modular equations of low degree, SIAM Journal of Computing 17 (1988), 336-341.

[Hel80]
M.E. Hellman, A cryptanalytic time-memory trade off, IEEE Transactions on Information Theory 26 (1980), 401-406.

[Hic95]
K.E.B. Hickman, The SSL Protocol, December 1995. 2

[HJJ97]
A. Herzberg, M. Jakobsson, S. Jarecki, H. Krawczyk and M. Yung, Proactive Public Key and Signature Systems, 1997 ACM Conference on Computers and Communication Security (1997).

[HS91]
S. Haber and W.S. Stornetta, How to timestamp a digital document, Journal of Cryptology (2) 3 (1991), 99-111.

[ISO87]
ISO DIS 8730, Banking requirements for message authentication (wholesale), 1987.

[ISO91]
ISO/IEC 9979, Data Cryptographic Techniques - Procedures for the Registration of Cryptographic Algorithms, 1991.

[ISO92a]
ISO/IEC 9798, Entity authentication mechanisms using symmetric techniques, 1992.

[ISO92b]
ISO/IEC 10116, Modes of operation for an n-bit block cipher algorithm, 1992.

[ISO92c]
ISO/IEC 10118, Information technology - Security techniques - Hash functions, 1992.

[Jue83]
R.R. Jueneman, Analysis of certain aspects of output feedback mode, Advances in Cryptology - Crypto '82, Plenum Press (1983), 99-127.

[Kah67]
D. Kahn, The Codebreakers, Macmillan Co., New York, 1967.

[Kal92]
B.S. Kaliski Jr, RFC 1319: The MD2 Message-Digest Algorithm, RSA Laboratories, April 1992.

[Kal93a]
B.S. Kaliski Jr, RFC 1424: Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services, RSA Laboratories, February 1993.

[Kal93b]
B.S. Kaliski Jr, A survey of encryption standards, IEEE Micro (6) 13 (1993), 74-81.

[Ken93]
S. Kent, RFC 1422: Privacy Enhancement for Internet Electronic Mail, Part II: Certificate-Based Key Management, Internet Activities Board, February 1993.

[KM96]
L.R. Knudsen and W. Meier, Improved differential attacks on RC5, Advances in Cryptology - Crypto '96, Springer-Verlag (1996), 216-228.

[KNT94]
J. Kohl, B. Neuman, and T. Tso, The evolution of the Kerberos authentication service, Distributed Open Systems, IEEE Press (1994).

[Knu81]
D.E. Knuth, The Art of Computer Programming, volume 2, Seminumerical Algorithms, 2nd edition, Addison-Wesley, 1981.

[Knu93]
L.R. Knudsen, Practically secure Feistel ciphers, Proceedings of 1st International Workshop on Fast Software Encryption, Springer Verlag (1993), 211-221.

[Knu95]
L.R. Knudsen, A key-schedule weakness in SAFER K-64, Advances in Cryptology - Crypto '95, Springer-Verlag (1995), 274-286.

[Kob87]
N. Koblitz, Elliptic curve cryptosystems, Mathematics of Computation 48 (1997), 203-209.

[Kob94]
N. Koblitz, A Course in Number Theory and Cryptography, Springer-Verlag, 1994.

[Koç94]
Ç. K. Koç, High-Speed RSA Implementation, Technical Report TR-201, version 2.0, RSA Laboratories, November 1994.

[Koç95]
Ç. K. Koç, RSA Hardware Implementation, Technical Report TR-801, version 1.0, RSA Laboratories, August 1995.

[Koh90]
J.T. Kohl, The Use of Encryption in Kerberos for Network Authentication, Advances in Cryptology - Crypto '89, Springer-Verlag (1990), 35-43.

[KR94]
B.S. Kaliski Jr. and M.J.B. Robshaw, Linear cryptanalysis using multiple approximations, Advances in Cryptology - Crypto '94, Springer-Verlag (1994) 26-39.

[KR95a]
B.S. Kaliski Jr. and M.J.B. Robshaw, Linear cryptanalysis using multiple approximations and FEAL, Proceedings of 2nd International Workshop on Fast Software Encryption, Springer-Verlag (1995), 249-264.

[KR95b]
B.S. Kaliski Jr. and M.J.B. Robshaw, Message authentication with MD5, CryptoBytes (1) 1 (Spring 1995).

[KR95c]
B.S. Kaliski Jr. and M.J.B. Robshaw, The secure use of RSA, CryptoBytes (3) 1 (Autumn 1995).

[KR96]
B.S. Kaliski Jr. and M.J.B. Robshaw, Multiple encryption: weighing up security and performance, Dr. Dobb's Journal 243 (1996), 123-127.

[Kra93]
D. Kravitz, Digital signature algorithm. U.S. Patent 5,231,668, July 27, 1993.

[KRS88]
B.S. Kaliski Jr., R.L. Rivest, and A.T. Sherman, Is the data encryption standard a group? Journal of Cryptology 1 (1988), 3-36.

[KSW96]
J. Kelsey, B. Schneier, and D. Wagner, Key-Schedule Cryptanalysis of 3-WAY, IDEA, G-DES, RC4, SAFER, and Triple-DES, Advances in Cryptology-CRYPTO '96 Proceedings, Springer-Verlag (1996), 237-251.

[KY95]
B.S. Kaliski Jr. and Y.L. Yin, On differential and linear cryptanalysis of the RC5 encryption algorithm, Advances in Cryptology - Crypto '95, Springer-Verlag (1995), 171-183.

[Lan88]
S. Landau, Zero knowledge and the Department of Defense, Notices of the American Mathematical Society 35 (1988), 5-12.

[Len87]
H.W. Lenstra Jr, Factoring integers with elliptic curves, Annals of Mathematics 126 (1987), 649-673.

[LH94]
S.K. Langford and M.E. Hellman, Differential-linear cryptanalysis, Advances in Cryptology - Crypto '94, Springer-Verlag (1994), 17-25.

[Lin93]
J. Linn, RFC 1508: Generic Security Services Application Programming Interface, Geer Zolot Associates, September 1993.

[Lip94]
R.J. Lipton, Speeding up computations via molecular biology, draft, Princeton University, December 1994.

[LL90]
A.K. Lenstra and H.W. Lenstra Jr, Algorithms in number theory, Handbook of Theoretical Computer Science, volume A (editor: J. van Leeuwen), MIT Press/Elsevier, Amsterdam (1990), 673-715.

[LM91]
X. Lai and J.L. Massey, A proposal for a new block encryption standard, Advances in Cryptology - Eurocrypt '90, Springer-Verlag (1991), 389-404.

[LMM92]
X. Lai, J.L. Massey and S. Murphy, Markov ciphers and differential cryptanalysis, Advances in Cryptology - Eurocrypt '91, Springer-Verlag (1992), 17-38.

[LP98]
Harry R. Lewis and Christos H. Papadimitriou, Elements of the Theory of Computation, 2nd edition, Prentice Hall, Upper Saddle River, NJ, 1998.

[LRW92]
X. Lai, R.A. Rueppel, and J. Woollven, A fast cryptographic checksum algorithm based on stream ciphers, Advances in Cryptology - Auscrypt '92, Springer-Verlag (1992), 339-348.

[LV00]
A.K. Lenstra and E.R. Verheul, Selecting Cryptographic Key Sizes, The 2000 International Workshop on Practice and Theory in Public Key Cryptography (PKC2000), Melbourne, Australia (January 2000).

[Mas93]
J.L. Massey, SAFER K-64: A byte-oriented block ciphering algorithm, Proceedings of 1st International Workshop on Fast Software Encryption, Springer-Verlag (1993), 1-17.

[Mas95]
J.L. Massey, SAFER K-64: One year later, Proceedings of 2nd Workshop on Fast Software Encryption, Springer-Verlag (1995), 212-241.

[Mat93]
M. Matsui, Linear cryptanalysis method for DES cipher, Advances in Cryptology - Eurocrypt '93, Springer-Verlag (1993), 386-397.

[Mat94]
M. Matsui, The first experimental cryptanalysis of the data encryption standard, Advances in Cryptology - Crypto '94, Springer-Verlag (1994), 1-11.

[Mat96]
T. Matthews, Suggestions for random number generation in software, Bulletin No. 1, RSA Laboratories, January 1996.

[Mau94]
U. Maurer, Towards the equivalence of breaking the Diffie-Hellman protocol and computing discrete logarithms, Advances in Cryptology - Crypto '94, Springer-Verlag (1994), 271-281.

[Mce78]
R.J. McEliece, A public-key cryptosystem based on algebraic coding theory, JPL DSN Progress Report 4244 (1978), 114-116.

[Mcn95]
F.L. McNulty, Clipper Alive and well as a voluntary government standard for telecommunications, The 1995 RSA Data Security Conference (January 1995).

[Men93]
A. Menezes, Elliptic Curve Public Key Cryptosystems, Kluwer Academic Publishers, 1993.

[Men95]
A. Menezes, Elliptic Curve Cryptosystems, CryptoBytes (2) 1 (Summer 1995).

[Mer79]
R.C. Merkle, Secrecy, authentication and public-key systems, Ph. D. Thesis, Stanford University, 1979.

[Mer90a]
R.C. Merkle, One way hash functions and DES, Advances in Cryptology - Crypto '89, Springer-Verlag (1990), 428-446.

[Mer90b]
R.C. Merkle, A digital signature based on a conventional encryption function, Advances in Cryptology - Crypto '89, Springer-Verlag (1990), 428-446.

[Mer91]
R.C. Merkle, Fast software encryption functions, Advances in Cryptology - Crypto '90, Springer-Verlag (1991), 627-638.

[MH78]
R.C. Merkle and M.E. Hellman, Hiding information and signatures in trapdoor knapsacks, IEEE Transactions on Information Theory 24 (1978), 525-530.

[MH81]
R.C. Merkle and M.E. Hellman, On the security of multiple encryption, Communications of the ACM textbf24 (1981), 465-467.

[Mic93]
S. Micali, Fair public-key cryptosystems, Advances in Cryptology - Crypto '92, Springer-Verlag (1993), 113-138.

[Mil86]
V.S. Miller, Use of elliptic curves in cryptography, Advances in Cryptology - Crypto '85, Springer-Verlag (1986), 417-426.

[MOV90]
A. Menezes, T. Okamoto, and S. Vanstone, Reducing elliptic curve logarithms to logarithms in a finite field, Unpublished manuscript, September 1990.

[MQV95]
A. Menezes, M. Qu, and S. Vanstone, Some new key agreement protocols providing implicit authentication, Preproceedings of Workshops on Selected Areas in Cryptography (1995).

[MS95b]
W. Meier and O. Staffelbach, The self-shrinking generator, Advances in Cryptology - Eurocrypt '94, Springer-Verlag (1995), 205-214.

[Mur90]
S. Murphy, The cryptanalysis of FEAL-4 with 20 chosen plaintexts, Journal of Cryptology (3) 2 (1990), 145-154.

[MY92]
M. Matsui and A. Yamagishi, A new method for known plaintext attack of FEAL cipher, Advances in Cryptology - Eurocrypt '92, Springer-Verlag (1992), 81-91.

[NIS80]
National Institute of Standards and Technology (NIST), FIPS Publication 81: DES Modes of Operation, 1980.

[NIS85]
National Institute of Standards and Technology (NIST), FIPS Publication 113: Computer Data Authentication, 1985.

[NIS92]
National Institute of Standards and Technology (NIST), The Digital Signature Standard, proposal and discussion, Communications of the ACM (7) 35 (1992), 36-54.

[NIS93a]
National Institute of Standards and Technology (NIST), FIPS Publication 180: Secure Hash Standard (SHS), 1993.

[NIS93b]
National Institute of Standards and Technology (NIST), FIPS Publication 46-2: Data Encryption Standard, 1993.

[NIS94a]
National Institute of Standards and Technology (NIST), FIPS Publication 185: Escrowed Encryption Standard, 1994.

[NIS94b]
National Institute of Standards and Technology (NIST), FIPS Publication 186: Digital Signature Standard (DSS), 1994.

[NIS94c]
National Institute of Standards and Technology (NIST), Announcement of Weakness in the Secure Hash Standard, 1994.

[NK95]
K. Nyberg and L.R. Knudsen, Provable security against a differential attack, Journal of Cryptology (1) 8 (1995), 27-37.

[NMR94]
D. Naccache, D. M'raïhi, D. Raphaeli, and S. Vaudenay, Can D.S.A. be improved? Complexity trade-offs with the Digital Signature Standard, Advances in Cryptology - Eurocrypt '94, Springer-Verlag (1994), 77-85.

[NS78]
R.M. Needham and M.D. Schroeder, Using encryption for authentication in large networks of computers, Communications of the ACM 21 (1978), 993-999.

[NS94]
M. Naor and A. Shamir, Visual cryptography, Advances in Cryptology - Eurocrypt '94, Springer-Verlag (1994), 1-12.

[NSA95]
NSA Cross Organization CAPI Team, Security Service API: Cryptographic API Recommendation, 1995.

[Nyb95]
K. Nyberg, Linear approximation of block ciphers, Advances in Cryptology - Eurocrypt '94, Springer-Verlag (1995), 439-444.

[OA94]
K. Ohta and K. Aoki, Linear cryptanalysis of the fast data encipherment algorithm, Advances in Cryptology - Crypto '94, Springer-Verlag (1994), 12-16.

[Oco95]
L. O'Connor, A unified markov approach to differential and linear cryptanalysis, Advances in Cryptology - Asiacrypt '94, Springer-Verlag (1995), 387-397.

[Odl84]
A.M. Odlyzko, Discrete logarithms in finite fields and their cryptographic significance, Advances in Cryptology - Eurocrypt '84, Springer-Verlag (1984), 224-314.

[Odl95]
A.M. Odlyzko, The future of integer factorization, CryptoBytes (2) 1 (Summer 1995).

[OG96]
The Open Group, Generic Cryptographic Service API (GCS-API), 1996 3

[OG99]
The Open Group, Architecture for Public-Key Infrastructure (APKI), 1999.

[Pol74]
J. Pollard, Theorems of factorization and primality testing, Proceedings of Cambridge Philosophical Society 76 (1974), 521-528.

[Pol75]
J. Pollard, Monte Carlo method for factorization, BIT 15 (1975), 331-334.

[Pre93]
B. Preneel, Analysis and Design of Cryptographic Hash Functions, Ph.D. Thesis, Katholieke University Leuven, 1993.

[Pre94]
B. Preneel, The State of DES, 1994 RSA Laboratories Seminar Series (August 1994).

[PV95]
B. Preneel and P.C. van Oorschot, MDx-MAC and Building Fast MACs from Hash Functions, Advances in Cryptology - Crypto '95, Springer-Verlag (1995), 1-14.

[QG90]
J.J. Quisquater and L. Guillou, How to explain zero-knowledge protocols to your children, Advances in Cryptology - Crypto '89, Springer-Verlag (1990), 628-631.

[Rab79]
M.O. Rabin, Digitalized signatures and public-key functions as intractable as factorization, Technical Report MIT/LCS/TR-212, MIT, 1979.

[RC93]
P. Rogaway and D. Coppersmith, A software-optimized encryption algorithm, Proceedings of 1st International Workshop on Fast Software Encryption, Springer Verlag (1993), 56-63.

[RC95]
N. Rogier and P. Chauvaud, The compression function of MD2 is not collision free, Selected Areas in Cryptography '95, Ottawa, Canada (May 1995).

[RG91]
D. Russell and G.T. Gangemi Sr, Computer Security Basics, O'Reilly & Associates, Inc., 1991.

[Riv90]
R.L. Rivest, Cryptography, Handbook of Theoretical Computer Science, volume A (editor: J. van Leeuwen), MIT Press/Elsevier, Amsterdam, 1990, 719-755.

[Riv91a]
R.L. Rivest, Finding four million random primes, Advances in Cryptology - Crypto '90, Springer-Verlag (1991), 625-626.

[Riv91b]
R.L. Rivest, The MD4 message digest algorithm, Advances in Cryptology - Crypto '90, Springer-Verlag (1991), 303-311.

[Riv92a]
R.L. Rivest, Response to NIST's proposal, Communications of the ACM 35 (1992), 41-47.

[Riv92b]
R.L. Rivest, RFC 1320: The MD4 Message-Digest Algorithm, Network Working Group, 1992.

[Riv92c]
R.L. Rivest, RFC 1321: The MD5 Message-Digest Algorithm, Internet Activities Board, 1992.

[Riv95]
R.L. Rivest, The RC5 encryption algorithm, CryptoBytes (1) 1 (Spring 1995).

[RK96]
Joe Kilian and Phillip Rogaway, How to protect DES against exhaustive key search, Advances in Cryptology - Crypto '96, Springer-Verlag (1996), 252-267.

[Rob95a]
M.J.B. Robshaw, Stream Ciphers Technical Report TR-701, version 2.0, RSA Laboratories, 1995.

[Rob95b]
M.J.B. Robshaw, MD2, MD4, MD5, SHA and Other Hash Functions, Technical Report TR-101, version 4.0, RSA Laboratories, 1995.

[Rob95c]
M.J.B. Robshaw, Security estimates for 512-bit RSA, Technical Note, RSA Laboratories, 1995.

[Rob96]
M.J.B. Robshaw, On Recent Results for MD2, MD4 and MD5, RSA Laboratories Bulletin 4 (November 1996).

[Rog96]
P. Rogaway, The security of DESX, CryptoBytes (2) 2 (Summer 1996).

[RS95]
E. Rescorla and A. Schiffman, The Secure HyperText Transfer Protocol, Internet-Draft, EIT, 1995.

[RSA78]
R.L. Rivest, A. Shamir, and L.M. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM (2) 21 (1978), 120-126.

[Rue92]
R.A. Rueppel, Stream ciphers, Contemporary Cryptology - The Science of Information Integrity (1992), IEEE Press.

[RY97]
M.J.B. Robshaw and Y.L. Yin, Elliptic Curve Cryptosystems, Technical Note, RSA Laboratories, 1997.

[SB93]
M.E. Smid and D.K. Branstad, Response to comments on the NIST proposed Digital Signature Standard, Advances in Cryptology - Crypto '92, Springer-Verlag (1993), 76-87.

[Sch83]
I. Schaumuller-Bichl, Cryptanalysis of the Data Encryption Standard by a method of formal coding, Cryptography, Proc. Burg Feuerstein 1982 149 (1983), 235-255.

[Sch90]
C.P. Schnorr, Efficient identification and signatures for smart cards, Advances in Cryptology - Crypto '89, Springer-Verlag (1990), 239-251.

[Sch91]
C.P. Schnorr, Method for identifying subscribers and for generating and verifying electronic signatures in a data exchange system, U.S. Patent 4,995,082, February 19, 1991.

[Sch93]
B. Schneier, Description of a new variable-length key, 64-bit block cipher (Blowfish), Proceedings of 1st International Workshop on Fast Software Encryption, Springer-Verlag (1993), 191-204.

[Sch95]
B. Schneier, The Blowfish encryption algorithm: one year later, Dr. Dobb's Journal 234 (1995), 137-138.

[Sch96]
B. Schneier, Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd Edition, Wiley, 1995.

[Sel98]
A. A. Selcuk, New results in linear cryptanalysis of RC5, Proceedings of 5th International Workshop on Fast Software Encryption, Springer Verlag (1998), 1-16.

[SH95]
C.P. Schnorr and H.H. Hörner, Attacking the Chor-Rivest cryptosystem by improved lattice reduction, Advances in Cryptology - Eurocrypt '95, Springer-Verlag (1995), 1-12.

[Sha49]
C.E. Shannon, Communication Theory of Secrecy Systems, Bell Systems Technical Journal 28 (1949), 656-715.

[Sha79]
A. Shamir, How to share a secret, Communications of the ACM 22 (1979), 612-613.

[Sha84]
A. Shamir, A polynomial time algorithm for breaking the basic Merkle-Hellman cryptosystem, IEEE Transactions on Information Theory, (5) 30 (1984), 699-704.

[Sha95]
M. Shand, Personal communication, 1995.

[Sho94]
P.W. Shor, Algorithms for quantum computation: Discrete logarithms and factoring, Proceedings of the 35th Annual IEEE Symposium on the Foundations of Computer Science (1994), 124-134.

[Sil87]
R.D. Silverman, The multiple polynomial quadratic sieve, Mathematics of Computation 48 (1987), 329-339.

[Sim83]
G.J. Simmons, The Prisoner's Problem and the Subliminal Channel, Advances in Cryptology - Crypto '83, Plenum Press (1984), 51-70.

[Sim92]
G.J. Simmons, editor, Contemporary Cryptology - The Science of Information Integrity, IEEE Press, 1992.

[Sim93a]
G.J. Simmons, Subliminal Communication is Easy Using DSA, Advances in Cryptology - Eurocrypt '93, Springer-Verlag (1993), 218-232.

[Sim93b]
G.J. Simmons, The Subliminal Signatures in the U.S. Digital Signature Algorithm (DSA), 3rd Symposium on State and Progress of Research in Cryptography (February 15-16, 1993), Rome, Italy.

[SM88]
A. Shimizu and S. Miyaguchi, Fast data encipherment algorithm FEAL, Advances in Cryptology - Eurocrypt '87, Springer-Verlag (1988), 267-280.

[SPC95]
M. Stadler, J.M. Piveteau, and J. Carmenisch, Fair blind signatures, Advances in Cryptology - Eurocrypt '95, Springer-Verlag (1995), 209-219.

[SS95]
P. Smith and C. Skinner, A public-key cryptosystem and a digital signature system based on the Lucas function analogue to discrete logarithms, Advances in Cryptology - Asiacrypt '94, Springer-Verlag (1995), 357-364.

[Sta95]
W. Stallings, Network and Internetwork Security - Principles and Practice, Prentice-Hall, New Jersey, 1995.

[Sti95]
D.R. Stinson, Cryptography - Theory and Practice, CRC Press, Boca Raton, 1995.

[SV93]
M. Shand and J. Vuillemin, Fast implementations of RSA cryptography, Proceedings of the 11th IEEE Symposium on Computer Arithmetic, IEEE Computer Society Press (1993), 252-259,

[Ver26]
G.S. Vernam, Cipher printing telegraph systems for secret wire and radio telegraphic communications, J. Amer. Inst. Elec. Eng. 45 (1926), 109-115.

[VP92]
E. van Heyst and T.P. Pederson, How to make efficient fail-stop signatures, Advances in Cryptology - Eurocrypt '92, Springer-Verlag (1992), 366-377.

[VW91]
P. van Oorschot and M. Wiener, A known plaintext attack on two-key triple encryption, Advances in Cryptology - Eurocrypt '90, Springer-Verlag (1991), 318-325.

[VW94]
P. van Oorschot and M. Wiener, Parallel collision search with application to hash functions and discrete logarithms, Proceedings of 2nd ACM Conference on Computer and Communication Security (1994).

[Wie94]
M.J. Wiener, Efficient DES key search, Technical Report TR244, School of Computer Science, Carleton University, Ottawa, Canada, 1994.

[Wie98]
M.J. Wiener, Performance Comparison of Public-Key Cryptosytstems, CryptoBytes (1) 4 (Summer 1998).

[Yuv79]
G. Yuval, How to swindle Rabin, Cryptologia (July 1979).

[Yin97]
Y.L. Yin, The RC5 encryption algorithm: two years on, CryptoBytes (3) 2 (Winter 1997).

[ZPS93]
Y. Zheng, J. Pieprzyk and J. Seberry, HAVAL - a one-way hashing algorithm with variable length output, Advances in Cryptology - Auscrypt '92, Springer-Verlag (1993), 83-104.


Top of the page
Notes:
Connect with EMCConnect with EMC
Need help immediately? EMC Sales Specialists are standing by to answer your questions real time.
Use Live Chat for fast, direct access to EMC Customer Service Professionals to resolve your support questions.
Explore and compare EMC products in the EMC Store, and get a price quote from EMC or an EMC partner.
We're here to help. Send us your sales inquiry and an EMC Sales Specialist will get back to you within one business day.
Want to talk? Call us to speak with an EMC Sales Specialist live.