Advances in Cryptology AUSCRYPT'90 Proceedings, Springer-Verlag, 1990, pp. 356-
359.
368. D. Coppersmith, "Fast Evaluation of Logarithms in Fields of Characteristic Two," IEEE
Transactions on Information Theory, v.30,n.4,Jull984,pp.587-594.
369. D. Coppersmith, "Another Birthday Attack, " Advances in Cryptology CRYPTO '85
Proceedings, Springer-Verlag, 1986, pp. 14-17.
370. D. Coppersmith, "Cheating at Mental Poker, " Advances in Cryptology CRYPTO '85
Proceedings, Springer-Verlag, 1986, pp. 104-107.
371. D. Coppersmith, "The Real Reason for Rivest's Phenomenon, " Advances in Cryptology
CRYPTO '85 Proceedings, Springer-Verlag, 1986, pp. 535-536.
372. D. Coppersmith, "Two Broken Hash Functions," Research Report RD 18397, IBM T.J.
Watson Center, Oct 1992.
373. D. Coppersmith, "The Data Encryption Standard (DES) and Its Strength against Attacks,"
Technical Report RC 18613, IBM T.J. Watson Center, Dec 1992.
374. D. Coppersmith, "The Data Encryption Standard (DES) and its Strength against Attacks, "
IBM /ournal of Research and Development, v. 38, n. 3, May 1994, pp. 243-250.
375. D. Coppersmith, "Attack on the Cryptographic Scheme NIKS-TAS," Advances in
Cryptology CRYPTO '94 Proceedings, Springer-Verlag, 1994, pp. 294-307.
376. D. Coppersmith, personal communication, 1994.
377. D. Coppersmith and E. Grossman, "Generators for Certain Alternating Groups with
Applications to Cryptography, " SIAM Journal on Applied Mathematics, v. 29, n. 4, Dec
1975, pp. 624-627.
378. D. Coppersmith, H. Krawczyk, and Y. Mansour, "The Shrinking Generator, " Advances in
Cryptology CRYPTO '93 Proceedings, Springer-Verlag, 1994, pp. 22-39.
379. D. Coppersmith, A. Odlykzo, and R. Schroeppel, "Discrete Logarithms in GF (p),''
Algorithmica, v. 1, n. 1, 1986, pp. 1-16.
380. D. Coppersmith and R Rogaway, "Software Efficient Pseudo Random Function and the Use
Thereof for Encryption," U.S. Patent pending, 1995.
381. D. Coppersmith, J. Stern, and S. Vaudenay, "Attacks on the Birational Signature Schemes,
" Advances in Cryptology CRYPTO '93 Proceedings, Springer-Verlag, 1994, pp. 435-
443.
382. V. Cordonnier and J.-J. Quisquater, eds.. CARD1S '94 Proceedings of the First Smart
Card Research and Advanced Application Conference, Lille, France, 24-26 Oct 1994.
383. C. Couvreur and J.-J. Quisquater, "An Introduction to Fast Generation of Large Prime
Numbers," Philips /ournal Research, v. 37. n. 5 6, 1982, pp. 231-264.
384. C. Couvreur and J.-J. Quisquater, "An Introduction to Fast Generation of Large Prime
Numbers," Philips journal Research, v. 38, 1983, i' 77 385. C. Coveyou and R.D. MacPherson, "Fourier Analysis of Uniform Random Number
Gcncrators," lournal of the ACM, v. 14, n. 1, 1967, pp. 100-119.
386. T.M. Cover and R.C. King, "A Convergent Gambling Estimate of the Entropy of English,"
IEEE Tran.saction.s on Informa- tion Theory, v. IT-24, n. 4, Jul 1978, pp. 413-421.
387. R.J.F. Cramer and T.R Pedersen, "Improved Privacy in Wallets with Observers," Advances in Cryptology EZJROCRYPT '93 Proceedings, Springer-Verlag, 1994, pp. 329-343.
388. R.E. Crandell, "Method and Apparatus for Public Key Exchange in a Cryptographic
System," U.S. Patent #5,159,632, 27 Oct 1992.
389. C. Crepeau, "A Secure Poker Protocol That Minimizes the Effect of Player Coalitions,"
Advances in Cryptology CKYP'I'O '85 Proceedings, Springer-Verlag, 1986, pit. 73-86.
390. C. Crepcau, "A Zcro-Knowlcdge Poker Protocol that Achieves Confidentiality of the
Players' Strategy, or How to Achieve an Electronic Poker Face, " Advances in Cryptology
CRYPTO '86 Proceedings, Springer-Verlag, 1987, pp. 23Y-247,
391. C. Crepeau, "Equivalence Between Two Flavours of Oblivious Transfer," Advances in
Cryptology CRYPTO 87 Proceedings, Springer-Ver lag, 1988, pp. 350-354.
392. C. Crepeau, "Correct and Private Reductions among Oblivious Transfers," Ph.D.
dissertation, Department of Electrical Engineering and Computer Science, Massachusetts
Institute of Technology, 1990.
393. C. Crcpcau, "Quantum Oblivious Transfcr, " journal of Modern Optics, v. 41, n. 12, Dec
1994, pp. 2445-2454.
394. C. Crepeau and J. Kilian, "Achieving Oblivious Transfer Using Weakened Security
Assumptions, " Proceedings of the 29th Amllzal Symposiurn on the Foundatijns of
Computer Science, 1988, pp. 42-.32.
395. C. Crepeau and J. Kilian, "Weakening Security Assumptions and Oblivious Transfer, "
Advances in Cryptology CRYPTO '88 Proceedings, Springer-Verlag, 1990, pp. 2-7.
396. C. Crepeau and L. Salvail, "Quantum Obliv ious Mutual Identification, " Advances in
Cryptology EUROCRYPT '95 Proceed- ings, Springer-Verlag 1995, pp. 133-146.
397. A. Curiger, H. Bonnenberg, R. Zimmermann, N. Felber, H. Kaeslin and W. Fichtner,
"VINCI: VLSI Implementation of the New Block Cipher IDEA," Proceedings of IEEE
CICC '93, San Diego, CA, May 1993, pp. 15.5.1-15.5.4.
398. A. Curiger and B. Stuber, "Specification for the IDEA Chip, " Technical Report No.
92/03, Institut fur Integrierte Systeme, ETH Zurich, Feb 1992.
399. T. Cusick, "Boolean Functions Satisfying a Higher Order Strict Avalanche Criterion,"
Advances in Cryptology EUROCRYPT '93 Proceedings, Springer-Verlag, 1994, pp. 102-
117.
400. T.W. Cusick and M.C. Wood, "The REDOC-II Cryptosystem," Advances in Cryptology
CRYPTO '90 Proceedings, Springer-Verlag, 1991, pp. 545-563.
401. Cylink Corporation, Cylink Corporation vs. RSA Data Security, Inc., Civil Action No.
C94-02332-CW, United States District Court for the Northern District of Califor- nia, 30
Jun 1994.
402. J. Daeman, "Cipher and Hash Function Design, " Ph.D. Thesis, Katholieke Univer- siteit
Leuven, Mar 95.
403. J. Daeman, A. Bosselaers, R. Govaerts, and J. Vandewalle, "Collisions for Schnorr's Hash
Function FFT-Hash Presented at Crypto '91," Advances in Cryptology ASIA CRYPT '91
Proceedings, Springer- Verlag, 1993, pp. 477-480.
404. J. Daeman, R. Govaerts, and J. Vandewalle, "A Framework for the Design of One-Way
Hash Functions Including Cryptanalysis of Damgard's Onc-Way Function Based on
Cellular Automata, " Advances in Cryp- tology ASIA CRYPT '91 Proceedings, Springer-
Verlag, 1993, pp. 82-96.
405. J. Daeman, R. Govaerts, and J. Vandewalle, "A Hardware Design Model for Crypto- graphic Algorithms, " ESORICS 92, Pro- ceedings of the Second European Sympo- sium on Research in Computer Security, Springer-Verlag, 1992, pp. 419 434.
406. J. Daemcn, R. Govacrts, and J. Vandewalle, "Block Ciphers Based on Modular Arith- metic, " Proceedings of the 3rd Symposium on State and Progress of Research in Cryptography,
Rome, Italy, 15-16 Feb 1993, pp. 418. 80-89.
407. J. Daemen, R. Govaerts. and J. Vandewalle, "Fast Hashing Both in Hardware and Soft ware," presented at the rump session of CRYPTO '93, Aug 1993.
408. J. Daeman, R. Govaerts, and J. Vandewalle, "Resynchronization Weaknesses in Syn chronous Stream Ciphers," Advances in Cryptology E UR O CRYPT '93 Proceed ings,
Springer-Verlag, 1994, pp. 159-167.
409. J. Daeman, R. Govaerts, and J. Vandewalle, "Weak Keys for IDEA, " Advances in
Cryptology CRYPTO '93 Proceedings, Springer-Verlag, 1994, pp. 224-230.
410. J. Daemen, R. Govaerts, and J. Vandewalle, "A New Approach to Block Cipher
Design," Fast Software Encryption, Cam bridge Security Workshop Proceedings,
Springer-Verlag, 1994, pp. 18-32.
411. Z.-D. Dai, "Proof of Rueppel's Linear Complexity Conjecture," IEEE Transactions on
Information Theory, v. IT-32, n. 3, May 1986, pp. 440 443.
412. I.B. Damgard, "Collision Free Hash Functions and Public Key Signature Schemes,"
Advances in Cryptology EUROCRYPT '87 Proceedings, Springer-Verlag, 1988, pp.
203-216.
413. I.B. Damgard, "Payment Systems and Credential Mechanisms with Provable Secu rity
Against Abuse by Individuals, " Advances in Cryptology CRYPTO '88 I'roceedings,
Springer-Verlag, 1990, pp. 328-335 414. I.B. Damgard, "A Design Principle for Hash Functions, " Advances in Cryptol428. ogy
CRYPTO '89 Proceedings, Springer Verlag, 1990, pp. 416 427.
415. I.B. Damgard, "Practical and Provably Secure Release of a Secret and Exchangc of
Signatures, " Advances in Cryptology EUROCRYPT '93 Proceedings, Springer Verlag,
1994, pp. 200-217.
416. 1.B. Damgard and L.R. Knudsen, "The Rreaking of the AR Hash Function, " Advances in Cryptology EUROCRYPT '93 Proceedings, Springer-Verlag, 1994, pp. 286-292.
417. I.B. Damgard and R Landrock, "Improved Bounds for the Rabin Primality Test, " 431.
Cryptography and Coding III, M.J. Ganley, e d., Oxford: Clarendon Press, 1993, pp. 117-
128.
418. I.B. Damgard, P. Landrock and C. Pomerance, "Average Case Error Estimates for the
Strong Probablc Prime Test," Mathematics of Computation, v. 61, n. 203, Jul 1993, pp.
177-194.
419. H.E. Daniels, Jr., letter to Datapro Research Corporation regarding CCEP, 23 Dec 1985.
420. H. Davenport, The Higher Arithmetic, Dover Books, 1983.
421. G.I. Davida, "Inverse of Elements of a Galois Field," Electronics Letters, v. 8, n. 21, 19
Oct 1972, pp. 518-520.
422. G.I. Davida, "Hellman's Scheme Breaks DES in Its Basic Form," IEEE Spectrum, v. 16, n.
7, Jul 1979, p. 39.
423. G.I. Davida, "Chosen Signature Cryptanalysis of the RSA iMITJ Public Key Cryptosystem,"
Technical Report TR-CS-82-2, Department of EECS, University of Wis- consin, 1982.
424. G.I. Davida and G.G. Walter, "A Public Key Analog Cryptosystem," Advances in
Cryptology E UR O CRYPT '8 7 Proceedings, Springer-Verlag, 1988, pp. 143-147.
425. G.I. Davida, D. Wells, and J. Kam, "A Database Encryption System with Subkeys," ACM
Transactions on Database Systems,v.6,n.2,Junl981,pp.312-328.
426. D.W. Davies, "Applying the RSA Digital Signature to Electronic Mail," Computer, v. 16,
n. 2, Feb 1983, pp. 55-62.
427. D.W. Davies, "Some Regular Properties of the DES," Advances in Cryptology: Pro- ceedings of Crypto 82, Plenum Press, 1983, pp. 89-96.
428. D.W. Davics, "A Message Authentication Algorithm Suitable for a Mainframe Com- puter," Advances in Cryptology: Proceed- ings of Crypto 82, Springer-Verlag, 1985, pp.
393 400.
429. D.W. Davies and S. Murphy, "Pairs and Triplets of DES S-boxes, " Cryptologia, v. 8, n. 1,
1995, pp. 1-25.
430. D.W. Davies and G.I.P. Parkin, "The Average Size of thc Key Stream in Output Feedback
Encipherment, " Cryptography Proceedings of the Workshop of cryplograpy Burg
Feuer.stein, Germany, March 29-April 2, 1982, Springer-Verlag, 1983, pp. 263-279.
431 D.W. Davies and G.I.R Parkin, "The Averag e Size of the Key Stream in Output Feedback
Mode, " Advances in Cryptology: Pro ceedings of Crypto 82, Plenum Press, 1983, pp. 97-
98.
432. D.W. Davies and W. L. Price, "The Applica tion of Digital Signatures Based on Public- Key
Cryptosystems, " Proceedings of the Fifth International Computer Communications
Conference, Oct 1980, pp. 525-530.
433. D.W. Davies and W.L. Price, "The Applica- tion of Digital Signatures Based on Public-
Key Cryptosystems, " National Physical Laboratory Report DNACS 39/80, Dec 1980.
434. D.W. Davies and W.L. Price, "Digital Sig- nature An Update," Proceedings of Inter- national Conference on Computer Com- munications, Sydney, Oct 1984, North Holland:
Elsevier, 1985, pp. 843-847.
435. D.W. Davies and W.L. Price, Security for Computer Networks, second edition, John
Wiley & Sons, 1989.
436. M. Davio, Y. Desmedt, M. Fosseprez, R. Govaerts, J. Hulsbrosch, R Neutjens, R Piret, J - l Quisquater, J Vandewalle, and S. Wouters, "Analytical Characteristics of the Data
Encryption Standard," Advances in Cryptology: Proceedings of Crypto 83, Plenum Press,
1984, pp. 171-202.
437. M. Davio, Y. Desmedt, l Goubert, F. Hoor- naert, and l -J Quisquater, "Efficient Hard- ware and Software Implementation of the DES," Advances in Cryptology: Proceed- ings of CRYPTO 84, Springer-Verlag, 1985, pp. 144 146.
438. M. Davio, Y. Desmedt, and l-l Quisquater, "Propagation Characteristics of the DES, "
Advances in Cryptology: Pro- ceedings of EUROCRYPT 84, Springer- Verlag, 1985, 62-
73.
439. D. Davis, R. Ihaka, and R Fenstermacher, "Cryptographic Randomness from Air
Turbulence in Disk Drives," Advances in Cryptology CRYPTO '94 Proceedings,
Springer-Verlag, 1994, pp. 114 120.
440. J.A. Davis, D. B. Holdbridge, and G.l. Sim- mons, "Status Report on Factoring tat the
Sandia National Laboratoriesi," Advances in Cryptology: Proceedings of CRYPTO 84,
Springer-Verlag, 1985, pp. 183-215.
441. R.M. Davis, "The Data Encryption Stan- dard in Perspective," Computer Secunty and the
Data Encryption Standard, National Bureau of Standards Special Pub- lication 500-27,
Feb 1978.
442. E. Dawson and A. Clark, "Cryptanalysts of Universal Logic Sequences," Advances in
Cryptology EUROCRYPT '93 Proceed- ings, Springer-Verlag, to appear.
443. M.H. Dawson and S.E. Tavares, "An Expanded Set of Design Criteria for Substi- tution
Boxes and Their Use in Strengthen- ing DES-Like Cryptosystems, " IEEE Pacific Rim
Conference on Communica- tions, Computers, and Signal Processing, Victoria, BC,
Canada, 9-10 May 1991, pp. 191-195.
444. M.H. Dawson and S.E. Tavares, "An Expanded Set of S-Box Design Criteria Based on
Information Theory and Its Relation to Differential-like Attacks," Advances in Cryptology
EUROCRYPT '91 Proceedings, Springer-Verlag, 1991, pp. 352-367.
445. C.A. Deavours, "Unicity Points in Cryptanalysis," Cryptologia, v. 1, n. 1, 1977, pp. 46-68.
446. C.A. Deavours, "The Black Chamber: A Column; How the British Broke Enigma."
Cryptologia, v. 4, n. 3, lU1 1980, pp. 129- 132.
447. C.A. Deavours, "The Black Chamber: A Column; La Methode des Batons," Cryp- tologia,
v. 4, n. 4, Oct 1980, pp. 240-247.
448. C.A. Deavours and L. Kruh, Machine Cryptography and Modern Cryptanalysis, Norwood
MA: Artech House, 1985.
449. l.M. DeLaurentis, "A Further Weakness in the Common Modulus Protocol for the RSA
Cryptosystem," Cryptologia, v. 8, n. 3, lul 1984, pp. 253-259.
450. R Delsarte, Y. Desmedt, A. Odlyzko, and P. Piret, "Fast Cryptanalysis of the Matsumoto- lmai Public-Key Scheme, " Advances in Cryptology: Proceedings of EUROCRYPT 84,
Spunger-Verlag, 1985, pp. 142-149.
451. R Delsarte and R Piret, "Comment on 'Extension of RSA Cryptostructure: A Galois
Approach'," Electronics Letters, v. 18, n. 13, 24 Jun 1982, pp. 582-583.
452. R. DeMillo, N. Lynch, and M. Merritt, "Cryptographic Protocols," Proceedings of the
14th Annual Symposium on the The- ory of Computing, 1982, pp. 383-400.
453. R. DeMillo and M. Merritt, "Protocols for Data Security," Computer, v. 16, n. 2, Feb
1983, pp. 39-50.
454. N. Demytko, "A New Elliptic Curve Based Analogue of RSA," Advances in Cryptolgy
EUROCRYPT 93 Proceedings, Springer-Verlag, 1994, pp. 40-49.
455. D.E. Denning, "Secure Personal Comput- ing in an Insecure Network," Communi- cations of the ACM, v. 22, n. 8, Aug 1979, pp. 476-482.
456. D.E. Denning, Cryptography and Data Security, Addison-Wesley, 1982.
457. D.E. Denning, "Protecting Public Keys and Signature Keys," Computer. v. 16, n. 2, Feb
1983, pp. 27-35.
458. D.E. Denning, "Digital Signatures with RSA and Other Public-Key Cryptosys471. tems,"
Communications of the ACM, v. 27, n. 4, Apr 1984, pp. 388-392.
459. D.E. Denning, "The Data Encryption Standard: Fifteen Years of Public Scrutiny, "
Proceedings of the Sixth Annual Com puter Security Applications Conference, IEEE
Computer Society Press, 1990.
460. D.E. Denning, "The Clipper Chip: A Tech nical Summary, " unpublished manuscript, 21
Apr 1993.
461. D.E. Denning and G.M. Sacco, "Time stamps in Key Distribution Protocols, "
Communications of the ACM, v. 24, n. 8, Aug 1981, pp. 533-536.
462. D.E. Denning and M. Smid, "Key Escrow ing Today," IEEE Communications Maga zine,
v. 32, n. 9, Sep 1994, pp. 58-68.
463. T. Denny, B. Dodson, A.K. Lenstra, and M.S. Manasse, "On the Factorization of RSA-
120," Advances in Cryptology CRYPTO 93 Proceedings, Springer-Verlag, 1994, pp.
166-174.
464. W.F. Denny, "Encryptions Using Linear and Non-Linear Codes: Implementations and
Security Considerations," Ph.D. dis sertation, The Center for Advanced Com puter
Studies, University of Southern Louisiana, Spring 1988.
465. Department of Defense, "Department of Defense Trusted Computer System Evalu478.
ation Criteria," DOD 5200.28-STD, Dec 1985.
466. Department of State, "International Traf fic in Arms Regulations SITARS," 22 CFR 120-
130, Office of Munitions Control, 479. Nov 1989.
467. Department of State, "Defense Trade Reg ulations," 22 CFR 120-130, Office of Defense
Trade Controls, May 1992.
468. Department of the Treasury, "Electronic Funds and Securities Transfer Policy, "
Department of the Treasury Directives Manual, Chapter TD 81, Section 80, Department of the Treasury, 16 Aug 1984.
469. Department of the Treasury, "Criteria and Procedures for Testing, Evaluating, and
Certifying Message Authentication Deci- sions for Federal E.F.T. Use," Department of the Treasury, 1 May 198..
470. Department of the Treasury, "Electronic Funds and Securitics Transfer Policy Message
Authentication and Enhanced Security," Order No. 106-09, Department of the Treasury,
2 Oct 1986.
471. H. Dobbertin, "A Survey on the Construc- tion of Bent Functions," K.U. Le uven
Workshop on Cryptographic Algorithms, Springer-Verlag, 1995, to appear.
472. B. Dodson and A.K. Lenstra, "NFS with Four Large Primes: An Explosive Experiment,"
draft manuscript.
473. D. Dolev and A. Yao, "On the Security of Public-Key Protocols, " Communications of the
ACM, v. 29, n. 8, Aug 1983, pp. 198-208.
474. J. Domingo-Ferrer, "Probabilistic Authentication Analysis," CARDIS 94 Proceed- ings of the First Smart Card Research and Applications Conference, Lille, France, 24-26 Oct
1994, pp. 49-60.
475. R de Rooij, "On the Security of the Schnorr Scheme Using Preprocessing, " Advances in
Cryptology EUR(9CRYPT 91 I'roceed- ings, Springer-Verlag, 1991, pp. 71-80.