Криптография 2е издание Протоколы, алгоритмы и исходные тексты на языке С
Скачать 3.25 Mb.
|
Knowledge, " Advances in Cryptology CKYPTO 93 I'roceedings, Springer-Verlag, 1994, pp. 73-84. 477. A. De Santis, S. Micali, and G. Persiano, "Non-interactive Zero-Knowledge Proof Systems," Advances in Cryptology CRYPTO '87 Pro cee dings , Springer Verlag, 1988, pp. 52-72. 478. A. De Santis, S. Micali, and G. Persiano, "Non-Interactive Zero-Knowledge with Preprocessing," Advances in Cryptology CRYPTO 88 Proceedings, Springer-Verlag, 1990, pp. 269-282. 479. Y. Desmedt, "What Happened with Knapsack Cryptographic Schemes" Performance limits in Communication, Theory and P'ractice, NATO ASI Series E: Applied Sciences, v. 142, Kluwer Academic Publishers, 1988, pp. 113-134. 480. Y. Desmedt, "Subliminal-Free Authentication and Signature," Advances in Cryptology EUROCRYPT '88 Proceedings, Springer-Verlag, 1988, pp. 23-33. 481. Y. Desmedt, "Abuses in Cryptography and How to Fight Them," Advances in Cryptology CRYPTO '83 Proceedings, Springer Verlag, 1990, pp.375-389. 482. Y. Desmedt and M. Burmester, "An Effi cient Zero-Knowledge Scheme for the Discrete Logarithm Based on Smooth Numbers, " Advances in Cryptology ASIA CRYPT '91 Proceedings, Springer Verlag, 1993, pp. 360-367. 483. Y. Desmedt and Y. Frankel, "Threshold 496. Cryptosystems, " Advances in Cryptol ogy CRYPTO '89 Proceedings, Springer Verlag, 1990, pp. 307-315. 484. Y. Desmedt and Y. Frankel, "Shared Gen eration of Authentication and Signatures, " Advances in Cryptology CRYPTO '91 Proceedings, Springer-Verlag, 1992, pp. 457 469. 485. Y. Desmedt, C. Goutier, and S. Bengio, "Special Uses and Abuses of the Fiat Shamir Passport Protocol," Advances in Cryptology CRYPTO '87 Proceedings, Springer- Verlag, 1988, pp. 21-39. 486. Y. Desmedt and A.M. Odlykzo, "A Chosen Text Attack on the RSA Cryptosystem and Some Discrete Logarithm Problems, " Advances in Cryptology CRYPTO '85 Proceedings, Springer-Verlag, 1986, pp. 516-522. 487. Y. Dcsmedt, J.-J. Quisquater, and M. Davio, "Dependence of Output on Input in DES: Small Avalanche Characteristics," Advances in Cryptology: Proceedings of CRYPTO 84, Springer-Verlag, 1985, pp. 359-376. 488. Y. Desmedt, J. Vandewalle, and R. Go vaerts, "Critical Analysis of the Security of Knapsack Public Key Algorithms," IEEE Transactions on Information Theory, v. IT 30,n.4,Jull984,pp.601-611. 489. Y. Desmedt and M. Yung, "Weaknesses of Undeniable Signature Schemes, " Ad vances in Cryptology EUROCRYPT '91 Proceedings, Springer-Verlag, 1991, pp. 205-220. 490. W. Diffie, lecture at IEEE Information The ory Workshop, Ithaca, N.Y., 1977. 491. W. Diftie, "Cryptographic Technology: Fif teen Year Forecast," BNR Inc., Jan 1981. 492. W. Diffie, "The First Ten Years of Public Key Cryptography, " Proceedings of the IEEE, v 76, n. 5, May 1988, pp. 560-577. 493. W. Diffie, "Authenticated Key Exchange and Secure Interactive Communication," Proceedings of SECURICOM'90, 1990. 494. W. Diffie, "The First Ten Years of Public- Key Cryptography, " in Contemporary Cryptology: The Science of Information Integrity, G.J. Simmons. ed., IEEE Press, 1992, pp. 135-175. 495. W. Diffie and M.E. Hellman, "Multiuser Cryptographic Techniques, " Proceedings of AFIPS National Computer Conference, 1976, pp. 109-112. 496. W. Diffie and M.E. Hellman, "New Direc- tions in Cryptography, " IEEE Transactions on Information Theory, v. IT-22, n. 6, Nov 1976, pp. 64454. 497. W. Diffie and M.E. Hellman, "Exhaustive Cryptanalysis of the NBS Data Encryption Standard," Computer, v. 10, n. 6, Jun 1977, pp. 74-84. 498. W. Diffie and M.E. Hellman, "Privacy and Authentication: An Introduction to Cryp- tography," Proceedings of the IEEE, v. 67, n. 3, Mar 1979, pp. 397-427. 499. W. Diffie, L. Strawczynski, B. O'Higgins, and D. Steer, "An ISDN Secure Telephone Unit," Proceedings of the National Tele- communications Forum, v 41, n. 1, 1987, pp. 473 477. 500. W. Diffie, RC. van Oorschot, and M.J. Wiener, "Authentication and Authenti- cated Key Exchanges," Designs, Codes and Cryptography, v. 2, 1992, 107-125. 501. C. Ding, "The Differential Cryptanalysis and Design of Natural Stream Ciphers," Fast Software Encryption, Cambridge Security Workshop Proceedings, Springer- Verlag, 1994, pp. 101-115. 502. C. Ding, G. Xiao, and W. Shan, The Stahility Theory of Stream Ciphers, Springer- Verlag, 1991. 503. A. Di Porto and W. Wolfewicz, "VINO: A Block Cipher Including Variable Permuta- tions, " Fast Software Encryption, Cambridge Secunty Workshop l'roceedings, Springer- Verlag, 1994, pp. 205-210. 504. B. Dixon and A.K. Lenstra, "Factoring Inte- gers Using SIMD Sieves, " Advances in Cryptology E UR O CRYPT '93 Proceed- ings, Springer-Verlag, 1994, pp. 28-39. 505. J.D. Dixon, "Factorization and Primality Tests," American Mathematical Monthly, v.91,n.6, 1984,pp.333-352. 506. D. Dolev and A. Yao, "On the Security of Public Key Protocols," Proceedings ol the 22nd Annual Symposium on the Founda- tions of Computer Science, 1981, pp. 350- 357. 507. L.X. Duan and C.C. Nian, "Modified Lu- Lee Cryptosystems," Electronics Letters, v. 25, n. 13, 22 Jun 1989, p. 826. 508. R. Durstenfeld, "Algorithm 235: Random Permutation, " Communications of the ACM, v. 7, n. 7, Jul 1964, p. 420. 509. S. Dusse and B. Kaliski, Jr., "A Cryptographic Library for the Motorola DSP56000, " Advances in Cryptology EUROCRYPT '90 Proceedings, Springer- Verlag, 1991, pp. 230-244. 510. C. Dwork and L. Stockmeyer, "Zero- Knowledge with Finite State Verifiers, " Advances in Cryptology CRYPTO '88 Proceedings, Springer-Verlag, 1990, pp. 71-75. 511. D.E. Eastlake, S.D. Crocker, and J.I. Schiller, "Randomness Requirements for Security," RFC 1750, Dec 1994. 512. H. Eberle, "A High-Speed DES Implementation for Network Applications, " Advances in Cryptology CRYPTO '92 Proceedings, Springer-Verlag, pp. 521-539. 513. T. Edwards, "Implementing Electronic Poker: A Practical Exercise in Zero Knowledge Interactive Proofs, " Master's thesis, Department of Computer Science, University of Kentucky, May 1994. 514. W.F. Ehrsam, C.H.W. Meyer, R.L. Powers, J L. Smith, and W.L. Tuchman, "Product Block Cipher for Data Security, " U.S. Patent #3,962,539, 8 Jun 1976. 515. W.F. Ehrsam, C.H.W. Meyer, and W.L. Tuchman, "A Cryptographic Key Manage ment Scheme for Implementing the Data Encryption Standard," IBM Systems lour nal, v. 17, n. 2, 1978, pp. 106-125. 516. R. Eier and H. Lagger, "Trapdoors in Knap sack Cryptosystems, " Lecture Notes in Computer Science 149; Cryptography Proceedings, Burg Feuerstein 1982, Springer- Verlag, 1983, pp. 316-322. 517. A.K. Ekert, "Quantum Cryptography Based on Bell's Theorem, " Physical Review Letters, v. 67, n. 6, Aug 1991, pp. 529. 661-663. 518. T. ElGamal, "A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms, " Advances in Cryptology: Proceedings of CRYPTO 84, Springer" Verlag, 1985, pp. 118. 519. T. ElGamal, "A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms," IEEE Transactions on Infor- mation Theory, v. IT-31, n. 4, 1985, pp. 469- 472. 520. T. ElGamal, "On Computing Logarithms Over Finite Fields," Advances in Cryptol- ogy CR YP TO '85 Pro cee dings, Springe r - Verlag, 1986, pp. 396 402. 521. T. ElGamal and B. Kaliski, letter to the edi- tor regarding LUC, Dr. Dobb's /ournal, v. 18,n.5,Mayl993,p. 10. 522. T. Eng and T. Okamoto, "Single-Term Divisible Electronic Coins," Advances in Cryptology EUROCRYPT '94 Proceed- ings, Springer-Verlag, 1995, to appear. 523. M.H. Er, D.J. Wong, A.A. Sethu, and K.S. Ngeow, "Design and Implementation of RSA Cryptosystem Using Multiple DSP Chips," 1991 IEEE International Sympo- sium on Circuits and Systems, v. 1, Singa- pore, 11-14 Jun 1991, pp. 49-52. 524. D. Estes, L.M. Adleman, K. Konpella, K.S. McCurley, and G.L. Miller, "Breaking the Ong-Schnorr-Shamir Signature Schemes for Quadratic Number Fields," Advances in Cryptology CRYPTO '85 Proceedings, Springer-Verlag, 1986, pp. 3-13. 525. ETEBAC, "Echanges Telematiques Entre Les Banques et Leurs Clients," Standard ETEBAC 5, Comite Fran,cais d'Organisa- tion et de Normalisation Bancaires, Apr 1989. IIn French. 526. A. Evans, W. Kantrowitz, and E. Weiss, "A User Identification Scheme Not Requiring Secrecy in the Computer," Communica- tions of the ACM, v. 17, n. 8, Aug 1974, pp. 437-472. 527. S. Even and O. Goldreich, "DES-Like Functions Can Generate the Alternating Group, " IEEE Transactions on Informa- tion Theory, v. IT-29, n. 6, Nov 1983, pp. 863-865. 528. S. Even and O. Goldreich, "On the Power of Cascade Ciphers," ACM Transactions on Computer Systems, v. 3, n. 2, May 1985, pp. 108-116. 529. S. Even, O. Goldreich, and A. Lempel, "A Randomizing Protocol for Signing Con- tracts," Communications of the ACM, v. 28, n. 6, [un 1985, pp. 637-647. 530. S. Even and Y. Yacobi, "Cryptography and NP-Completeness," I'roceedings of the 7th International CoRoquium on Automata, Languages, and Programming, Springer -Verlag, 1980, pp. 195-207. 531. H.-H. Evertse, "Linear Structures in Block Ciphers, " Advances in Cryptology EUROCRYPT '87 Proceedings, Springer Verlag, 1988, pp. 249-266. 532. R Fahn and M.J.B. Robshaw, "Results from the RSA Factoring Challenge," Technical Report TR-501, Version 1.3, RSA Laboratories, Jan 1995. 533. R.C. Fairfield, A. Matusevich, and J. Plany, "An LSI Digital Encryption Processor (DEP)," Advances in Cryptology: Proceed ings of CRYPTO 84, Springer-Verlag 1985, pp. 115-143. 534. R.C. Fairfield, A. Matusevich, and J. Plany, "An LSI Digital Encryption Processor (DEPJ," IEEE Communications, v. 23. n. 7, Jul 1985, pp. 30-41. 535. R.C. Fairfield, R.L. Mortenson, and K.B. Koulthart, "An LSI Random Number Gen erator (RNG," Advances in Cryptology: Proceedings of CRYPTO 84, Springer Verlag, 1985, pp. 203-230. 536. "International Business Machines Corp. License Under Patents," Federal Register, v. 40, n. 52, 17 Mar 1975, p. 12067. 537. "Solicitation for Public Key Cryptographic Algorithms," Federal Register, v. 47, n. 126, 30 Jun 1982, p. 28445. 538. "Proposed Federal Information Processing Standard for Digital Signature Standard (DSSi," Federal Register, v. 56, n. 169, 30 Aug 1991, pp. 42980-42982. 539. "Proposed Federal Information Processing Standard for Secure Hash Standard," Fed eral Register, v. 57, n. 21, 31 Jan 1992, pp. 3747-3749. 540. "Proposed Reaffirmation of Federal Infor mation Processing Standard (FIPS) 46-1, Data Encryption Standard (DES)," Federal Register, v. 57, n. 177, 11 Sep 1992, p. 41727. 541. "Notice of Proposal for Grant of Exclusive Patent License," [ederal Register, v. 58, n. 108, 8 Jun 1993, pp. 23105-23106. 542. "Approval of Federal Information Process ing Standards Publication 186, Digital Sig nature Standard (DSS)," Federal Register, v. 58, n. 96, 19 May 1994, pp. 26208-26211. 543. "Proposed Revision of Federal Information Processing Standard (FIPS) 180, Secure Hash Standard, " Federal Register, v. 59, n. 131, 11 Jul 1994, pp. 35317-35318. 544. U. Feige, A. Fiat, and A. Shamir, "Zero Knowledge Proofs of Identity," Proceed- ings of the lPth Annual ACM Symposium on the Theory of Computing, 1987, pp. 210-217. 545. U. Feige, A. Fiat, and A. Shamir, "Zero Knowledge Proofs of Identity," Journal of Cryptology v. 1, n. 2, 1988, pp. 77-94. 546. U. Feige and A. Shamir, "Zero Knowledge Proofs of Knowledge in Two Rounds, " Advances in Cryptology CRYPTO '89 Proceedings, Springer-Verlag, 1990, pp. 526-544. 547. J. Feigenbaum, "Encrypting Problem Instances, or, ..., Can You Take Advan- tage of Someone Without Having to Trust Him, " Advances in Cryptology CRYPTO '85 Proceedings, Springer-Verlag, 1986, pp. 477-488. 548. J. Feigenbaum, "Overview of Interactive Proof Systems and Zero-Knowledge, " in Contemporary Cryptology: The Science of Information Integrity, G.J. Simmons, ed., IEEE Press, 1992, pp. 423 439. 549. J. Feigenbaum, M.Y. Liberman, E. Grosse, and J.A. Reeds, "Cryptographic Protection of Membership Lists," Newsletter of the International Association of Cryptologic Research, v. 9, 1992, pp. 16-20. 550. J. Feigenbaum, M.Y. Liverman, and R.N. Wright, "Cryptographic Protection of Databases and Software, " Distnbuted Computing and Cryptography, 1 Feigen- baum and M. Merritt, eds., American Mathematical Society, 1991, pp. 161-172. 551. H. Feistel, "Cryptographic Coding for Data-Bank Privacy," RC 2827, Yorktown Heights, NY: IBM Research, Mar 1970. 552. H. Feistel, "Cryptography and Computer Privacy, " Scientific American, v. 228, n. 5, May 1973, pp. 15-23. 553. H. Feistel, "Block Cipher Cryptographic System," U.S. Patent #3,798,359, 19 Mar 1974. 554. H. Feistel, "Step Code Ciphering System," U.S. Patent #3,798,360, 19 Mar 1974. 555. H. Feistel, "Centralized Verification Sys- tem," U.S. Patent #3,798,605, 19 Mar 1974. 556. H. Feistel, W.A. Notz, and J.L. Smith, "Cryptographic Techniques for Machine to Machine Data Communications," RC 3663, Yorktown Heights, N.Y.: IBM Research, Dec 1971. 557. H. Feistel, W.A. Notz, and J.L. Smith, "Some Cryptographic Techniques for Machine to Machine Data Communica tions," Proceedings of the IEEE, v. 63, n. 11, Nov 1975, pp. 1545-1554. 558. R Feldman, "A Practical Scheme for Non interactive Verifiable Secret Sharing," Proceedings of the 28th Annual Symposium on the Foundations of Computer Science, 1987, pp. 427 437. 559. R.A. Feldman, "Fast Spectral Test for Mea suring Nunrandomness and the DES, " Advances in Cryptology CRYPTO '87 Proceedings, Springer-Verlag, 1988, pp. 243- 254. 560. R.A. Feldman, "A New Spectral Test for Nonrandomness and the DES, " IEEE 573. Transactions on Software Engineering, v. 16, n. 3, Mar 1990, pp. 261-267. 561. D.C. Feldmeier and RR. Karn, "UNIX Password Security Ten Years Later, " Advances in Cryptology CRYPTO '89 Proceedings, Springer-Verlag, 1990, pp. 44-63. 562. H. Fell and W. Diffie, "Analysis of a Public Key Approach Based on Polynomial Sub stitution, " Advances in Cryptology CRYPTO '85 Proceedings, Springer-Verlag, 1986, pp. 427-437. 563. N.T. Ferguson, "Single Term Off-Line Coins," Report CS-R9318, Computer Sci577. ence/Department of Algorithms and Architecture, CWI, Mar 1993. 564. N.T. Ferguson, "Single Term Off-Line Coins," Advances in Cryptology EUROCRYPT '93 Proceedings, Springer-Verlag, 1994, pp. 318-328. 565. N.T. Ferguson, "Extensions of Single-term Coins," Advances in Cryptology 579. CRYPTO '93 Proceedings, Springer-Verlag, 1994, pp. 292-301. 566. A. Fiat and A. Shamir, "How to Prove Yourself: Practical Solutions to Idcntifica tion and Signature Problems," Advances in Cryptology C RYPTO '86 Proceedings, Springer- Verlag, 1987, pp. 186-194. 567. A. Fiat and A. Shamir, "Unforgeable Proofs of Identity," Proceedings of sec uricom 87, Paris, 1987, pp. 147-153. 568. P. Finch, "A Study of the Blowfish Encryp tion Algorithm," Ph.D. dissertation, Department of Computer Science, City University of New York Graduate School and University Center, Feb 1995. 569. R. Flynn and A.S. Campasano, "Data Dependent Keys for Selective Encryption Terminal," Proceedings of NCC, vol. 47, AFIPS Press, 1978, pp. 1127-1129. 570. R.H. Follett, letter to NIST regarding DSS, 25 Nov 1991. 571. R. Forre, "The Strict Avalanche Criterion: Spectral Properties and an Extended Defi- nition, " Advances in Cryptology CRYPTO '88 Proceedings, Springer-Verlag, 1990, pp. 450-468. 572. R. Forre, "A Fast Correlation Attack or Nonlinearity Feedforward Filtered Shift Register Sequences, " Advances in Cryptology CRYPTO '89 Proceedings, Springer-Verlag, 1990, pp. 568-595. 573. S. Fortune and M. Merritt, "Poker Protocols," Advances in Cryptology: Proceedings of CRYPTO 84, Springer-Verlag, 1985, pp. 454-464. 574. R.B. Fougner, "Public Key Standards and Licenses," RFC 1170, Jan 1991. 575. Y. Frankel and M. Yung, "Escrowed Encryption Systems Visited: Threats. Attacks, Analysis and Designs," Advances in Cryptology CKYPTO '95 Proceedings'. Springer- Verlag, 1995, to appear. 576. W.F. Friedman, Methods for the Solution of Running-Key Ciphers, Riverbank Publica- tion No. 16, Riverbank Labs, 1918. 577. W.F. Friedman, The Index of Coincidence and Its Applications in Cryptography, Riverbank Publication No. 22, Rivcrhank Labs, 1920. Reprinted by Aegean Park Press, 1987. 578. W.F. Friedman, Elements of Cryptanalysis, Laguna Hills, CA: Aegean Park Press, 1976. 579. W.F. Friedman, "Cryptology," Encyclopedia Britannica, v. 6, pp. 844-851, 1967. 580. A.M. Frieze, J. Hastad, R. Kannan, J.C. Lagarias, and A. Shamir, "Reconstructing Truncated Integer Variables Satisfying Linear Congru enccs," SIAM Journal on Computing, v. 17, n. 2, Apr 1988, pp. 262-280. 581. A.M. Frieze, R. Kannan, and J.C. Lagarias, "Linear Congruential Generators loo not Produce Random Sequences," Proceedings of the 25th IEEE Symposium on Founda- tions of Computer Science, 1984, pp. 480 484. 582. E. Fujiaski and T. Okamoto, "On Comparison of Practical Digitial Signature Schemes," Proceedings of the l992 Symposium on Cryptography and Information Security (SCIS 92), Tateshina, Japan, 2 4 Apr 1994, pp. lA.1-12. 583. A. Fujioka, T. Okamoto, and S. Miyaguchi, "ESIGN: An Efficient Digital Signature Implementation for Smart Cards, " Advances in Cryptology EUROCRYPT '91 Proceedings, Springer-Verlag, 1991, pp. 446 457. 584. A. Fujioka, T. Okamoto, and K. Ohta, "Interactive Bi-Proof Systems and Undeniable Signature Schemes," Advances in Cryptology EU ROCRYPT '91 Proceedings, Springer- Verlag, 1991, pp. 243-256. 585. A. Fujioka, T. Okamoto, and K. Ohta, "A Practical Secret Voting Scheme for Large Scale Elections, " Advances in Cryptology AUSCRYPT '92 Proceedings, Springer-Verlag, 1993, pp. 244-251. 586. K. Gaardner and E. Snekkenes, "Applying a Formal Analysis Technique to the CCITT X.509 Strong Two-Way Authentication Protocol," lournal of Cryptology v. 3,n.2, l991,pp.81-98. 587. H.E Gaines, Cryptanalysis, American Photographic Press, 1937. Reprintcd by Dover Publications, 1956. 588. J. Gait, "A New Nonlinear Pseudorandom Number Generator, " IEEE Transactions on Software Engineering, v. SE-3, n. 5, Sep 1977, pp. 359-363. 589. J. Gait, "Short Cycling in the Kravitz-Reed Public Key Encryption System," Electron- ics Letters, v. 18, n. 16, 5 Aug 1982, pp. 706-707. 590. Z. Galil, S. Haber, and M. Yung, "A Private Interactive Test of a Boolean Predicate and Minimum-Knowledge Public-Key Cryp- tosystems," Proceedings of the 26th IEEE Symposium on Foundations of Computer Science, 1985, pp. 360-371. 591. Z. Galil, S. Haber, and M. Yung, "Crypto- graphic Computation: Secure Fault- Tolerant Protocols and the Public-Key Model, " Advances in Cryptology CRYPTO '87Proceedings, Springer-Verlag, 1988, pp. 135-155. 592. Z. Galil, S. Haber, and M. Yung, "Mini- mum-Knowledge Interactive Proofs for Decision Problems, " SIAM lournal on Computing, v. 18, n. 4, 1989, pp. 711-739. 593. R.G. Gallager, Information Theory and Reliable Communications, New York:John Wiley & Sons, 1968. 594. P. Gallay and E. Depret, "A Cryptography Microprocessor," 1988 IEEE International Solid-State Circuits Conference Digest of Technical Papers, 1988, pp. 148-149. 595. R.A. Games, "There are no de Bruijn Sequences of Span n with Complexity 2n + n + 1," Journal of Combinatorical Theory, Series A, v. 34, n. 2, Mar 1983, pp. 248-251. 596. R.A. Games and A.H. Chan, "A Fast Algo- rithm for Determining the Complexity of a Binary Sequence with 2n,'t IEEE Transactions on Information Theory, v. IT-29, n. 1, Jan 1983, pp. 144-146. 597. R.A. Games, A.H. Chan, and E.L. Key, "On the Complexity of de Brui jn Sequences," ournal of Combinatorical Theory, Series A, v. 33, n. 1, Nov 1982, pp. 233-246. 598. S.H. Gao and G.L. Mullen, "Dickson Polynomials and Irreducible Polynomials over Finite Fields," Journal of Number Theory, v. 49, n. 1, Oct 1994, pp. 18-132. 599. M. Gardner, "A New Kind of Cipher That Would Take Millions of Years to Break," Scientific American, v. 237, n. 8, Aug 1977, pp. 120-124. 600. M.R. Garey and D.S. Johnson, Computers and Intractability: A Guide to the Theory of NP-Completeness, W.H. Freeman and Co., 1979. 601. S.L. Garfinkel, POP: Pretty Good Privacy, Sebastopol, CA: O'Reilly and Associates, 1995. 602. C.W. Gardiner, "Distributed Public Key Certificate Management," Proceedings of the Privacy and Security Research Group 1993 Workshop on Network and Distributed System Security, The Internet Society, 1993, pp. 69-73. 603. G. Garon and R. Outerbridge, "DES Watch: An Examination of the Sufficiency of the Data Encryption Standard for Finan- cial Institution Information Security in the 1990's," Cryptologia, v. 15, n. 3, Jul 1991, pp. 177-193. 604. M. Gasser, A. Goldstein, C. Kaufman, and B. Lampson, "The Digital Distributed Sys- tems Security Architecture," Proceedings of the 12th National Computer Seezznty Conference, NIST, 1989, pp. 305-319. 605. J. von zur Gathen, D. Kozen, and S. Lan- dau, "Functional Decomposition of Poly- nomials, " Proceedings of the 28tl1 IEEE Symposium on the Poundations of Computer Science, IEEE Press, 1987, pp. 127617. 131. 606. RR. Geffe, "How to Protect Data With Ciphers That are Really Hard to Break," Electronics, v. 46, n. 1, Jan 1973, pp. 99-101. 607. D.K. Gifford, D. Heitmann, D.A. Segal, R.G. Cote, K. Tanacea, and D.E. Burmas- ter, "Boston Community Information Sys- tem 1986 Experimental Test Results, " MIT/LCS/TR-397, MIT Laboratory for Computer Science, Aug 1987. 608. D.K. Gifford, J.M. Lucassen, and S.T. Berlin, "The Application of Digital Broadcast Communication to Large Scale Information Systems, " IEEE Journal on Selected Areas in Communications, v. 3, n. 3, May 1985, pp. 457-467. 609. D.K. Gifford and D.A. Segal, "Boston Community Information System 1987-1988 Experimental Test Results," MIT/LCS/ TR-422, MIT Laboratory for Computer Science, May 1989. 610. H. Gilbert and G. Chase, "A Statistical Attack on the Feal-8 Cryptosystem, " Advances in Cryptology CRYPTO '90 Proceedings, Springer-Verlag, 1991, pp. 22-33 611. H. Gilbert and R Chauvaud, "A Chosen Plaintext Attack of the 16-Round Khufu Cryptosystem," Advances in Cryptol- ogy CRYPTO '94 Proceedings, Springer-Verlag, 1994, pp. 259-268. 612. M. Girault, "Hash-Functions Using Mod- ulo-N Operations," Advances in Cryptology EUROCRYPT '87 Proceedings, Springer-Verlag, 1988, pp. 217-226. 613. J. Gleick, "A New Approach to Protecting Secrets is Discovered, " The New York Times, 18 Feb 1987, pp. C1 and C3. 614. J.-M. Goethals and C. Couvreur, "A Crypt analytic Attack on the Lu-Lee Public-Key Cryptosystem, " Philips lournal of Re search, v. 35, 1980, pp. 301-306. 615. O. Goldreich, "A Uniform-Complexity Treatment of Encryption and Zero Knowledge, Journal of Cryptology, v. 6, n. 1, 1993, pp. 21-53. 616. O. Goldreich and H. Krawczyk, "On the Composition of Zero Knowledge Proof Systems," Proceedings on the 17th Inter national Colloquium on Automata, Languages, and Programming, Springer" Verlag, 1990, pp. 268-282. 617. O. Goldreich and E. Kushilevitz, "A Perfect Zero-Knowledge Proof for a Problem Equivalent to Discrete Logarithm, " Advances in Cryptology CRYPTO '88 I'roceedings, Springer-Verlag, 1990, pp. 58-70. 618. O. Goldreich and E. Kushilevitz, "A Per- fect Zero-Knowledge Proof for a Problem Equivalent to Discrete Logarithm," lour- nal of Cryptology, v. 6, n. 2, law, pp. 97-116. 619. O. Goldreich, S. Micali, and A. Wigderson, "Proofs That Yield Nothing but Their Validity and a Methodology of Cryptographic Protocol Design," Proceedings of the 27th IEEE Symposium on the Foundations of Computer Science, 1 986, pp. 174-187. 620. O. Goldreich, S. Micali, and A. Wigderson, "How to Prove All NP Statements in Zero Knowledge and a Methodology of Cryptographic Protocol Design, " Advances in Cryptology CRYPTO '86 Proceedings, Springer-Verlag, 1987, pp. 171-185. 621. O. Goldreich, S. Micali, and A. Wigderson, "How to Play Any Mental Game," Pro- ceedings of the 19th ACM Symposium on the Theory of Computing, 1987, pp. 218-229. 622. O. Goldreich, S. Micali, and A. Wigdcrson, "Proofs That Yield Nothing but Their Validity and a Methodology of Crypto- graphic Protocol Design," Journal of the ACM, v. 38, n. 1, Jul 1991, pp. 691-729. 623. S. Goldwasser and J. Kilian, "Almost All Primes Can Be Quickly Certified, " Pro- ceedings of the 18th ACM Symposium on the Theory of Computing, 1986, pp. 316- 329. 624. S. Goldwasser and S. Micali, "Probabilistic Encryption and How to Play Mental Poker Keeping Secret All Partial Information," Proceedings of the 14th ACM Symposium on the Theory of Computing, 1982, pp. 270-299. 625. S. Goldwasser and S. Micali, "Probabilistic Encryption," Journal of Computer and System Sciences. v. 28, n. 2, Apr 1984, pp. 270-299. 626. S. Goldwasscr, S. Micali, and C. Rackoff, "The Knowledge Complexity of Interac- tive Proof Systems, " Proceedings of the 17th ACM Symposium on Theory of Com- puting, 1985, pp. 291-304. 627. S.Goldwasser, S. Micali, and C. Rackoff, "The Knowledge Complexity of Interac tive Proof Systems, " SIAM lournal on Computing, v. 18, n. 1, Feb 1989, pp. 186 208. 628. S. Goldwasser, S. Micali, and R.L. Rivest, "A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks," SIAM lournal on Computing, v. 17,n.2,Aprl988,pp.281-308. 629. S. Goldwasser, S. Micali, and A.C. Yao, "On Signatures and Authentication," Advances in Cryptology: Proceedings of Crypto 82, Plenum Press, 1983, pp. 211-215. 630. J.D. Golic, "On the Linear Complexity of Functions of Periodic GFIq Sequences," IEEE Transactions on Information Theory, v. IT-35, n. 1. Jan 1989, pp. 69-75. 631. J.D. Golic, "Linear Cryptanalysis of Stream Ciphers," K.U. Le uven Workshop on Cryptographic Algorithms, Springer Verlag, 1995, pp. 262-282. 632. J.D. Golic, "Towards Fast Correlation Attacks on Irregularly Clocked Shift Registers," Advances in Cryptology EURO CRYPT '95 Proceedings, Springer-Verlag, 1995, to appear. 633. J.D. Golic and M.J. Mihajlevic, "A Gener alized Correlation Attack on a Class of Stream Ciphers Based on the Levenshtein Distance, " journal of Cryptology, v. 3, n.3, 1991, pp. 201-212. 634. J.D. Golic and L. O'Connor, "Embedding and Probabilistic Correlation Attacks on Clock- Controlled Shift Registers," Advances in Cryptology EUROCRYPT '94 I'roceedings, Springer-Verlag, 1995, to appear. 635. R. Golliver, A.K. Lenstra, K.S. McCurley, "Lattice Sieving and Trial Division," Pro ceedings of the Algorithmic Number Theory Symposium, Cornell, 1994, to appear. 636. D. Gollmann, "Kaskadenschaltungen takt gesteuerter Schicberegister als Pseudozu fallszahlengencratoren," Ph.D. disserta tion, Universitat Linz, 1983. (In German ). 637. D. Gollmann, "Pseudo Random Properties of Cascade Connections of Clock Con trolled Shift Registers," Advances in Cryp tology: Proceedings of EUROCRYPT 84, Springer- Verlag, 1985, pp. 93-98. 638. D. Gollmann, "Correlation Analysis of Cascaded Sequences," Cryptography and Coding, H.J. Beker and F.C. Piper, eds., Oxford: Clarendon Press, 1989, pp. 289-297. 639. D. Gollmann, "Transformation Matrices of Clock-Controlled Shift Registers, " Cryptography and Coding 111, M.J. Ganley, e d., Oxford: Clarendon Press, 1993, pp. 197-210. 640. D. Gollmann and W.G. Chambers, "Lock-In Effect in Cascades of Clock-Controlled Shift- Registers, " Advances in Cryptology EUROCRYPT '88 Proceedings, Springer-Verlag, 1988, pp. 331-343. 641. D. Gollmann and WG. Chambers, "Clock-Controlled Shift Registers: A Review, " IEEE lournal on Selected Areas in Communications, v. 7, n. 4, May 1989, pp. 525-533. 642. D. Gollmann and W.G. Chambers, "A Cryptanalysis of Step-cascades," Advances in Cryptology EUROCRYPT '89 Proceedings, Springer-Verlag, 1990, pp. 680-687. 643. S.W. Golomb, Shift Register Sequences, San Francisco: Holden-Day, 1967. (Reprinted by Aegean Park Press, 1982. 644. L. Gong, "A Security Risk of Depending on Synchronized Clocks, " Operating Systems Review, v. 26, n. 1, Jan 1992, pp. 49-53. 645. L. Gong, R. Needham, and R. Yahalom, "Reasoning About Belief in Cryptographic Protocols," Proceedings of the 1991 IEEE Computer Society Symposium on Research in Security and Privacy, 1991, pp. 234-248. 646. R.M. Goodman and A.J. McAuley, "A New Trapdoor Knapsack Public Key Cryptosys- tem," Advances in Cryptology: Proceedings of EUROCRYPT 84, Springer-Verlag, 1985, pp. 150-158. 647. R.M. Goodman and A.J. McAuley, "A New Trapdoor Knapsack Public Key Cryptosystem," IKE Proceedings, v. 132, pt. E, n. 6, Nov 1985, pp. 289-292. 648. D.M. Gordon, "Discrete Logarithms Using the Number Field Sieve," Preprint, 28 Mar 1991. 649. D.M. Gordon and K.S. McCurley, "Computation of Discrete Logarithms in Fields of Characteristic Two," presented at the rump session of CRYPTO'91, Aug 1991. 650. D.M. Gordon and K.S. McCurley, "Massively Parallel Computation of Discrete Logarithms, " Advances in Cryptology CRYPTO '92 Proceedings, Springer-Verlag, 661. 1993, pp. 312-323. 651. J.A. Gordon, "Strong Primes are Easy to Find," Advances in Cryptology: Proceedings of EUROCRYPT 84, Springer-Verlag, 1985, pp. 216-223. 652. J.A. Gordon, "Very Simple Method to Find the Minimal Polynomial of an Arbitrary Non- Zero Element of a Finite Field, " Electronics Letters, v. 12, n. 25, 9 Dec 1976, pp. 663- 664. 653. J.A. Gordon and R. Retkin, "Are Big S- Boxes Best7" Cryptograph y Proceedings of the Workshop on Cryptography, Burg Feuerstein, Germany, March 29-April 2, 1982, Springer-Verlag, 1983, pp. 257-262. 654. M. Goresky and A. Klapper, "Feedback Registers Based on Ramified Extension of the 2- adic Numbers," Advances in Cryptology EUROCRYPT '94 Proceedings, Springer-Verlag, 1995, to appear. 655. GOST, Gosudarstvennyi Standard 28147-89, "Cryptographic Protection for Data Processing Systems," Government Committee of the USSR for Standards, 1989. ( in Russian.} 656. GOST R 34.10-94, Gosudarstvennyi Standard of Russian Federation, "Information technology. Cryptographic Data Security. Produce and check procedures of Electronic Digital Signature based on Asymmetric Cryptographic Algorithm. " Government Committee of the Russia for Standards, 1994. (In Russian. ) 657. GOST R 34.11-94, Gosudarstvennyi Standard of Russian Federation, " Information technology. Cryptographic Data Security. Hashing function." Government Committee of the Russia for Standards, 1994. (In Russian.) 658. R. Gottfert and H. Niederreiter, "On the Linear Complexity of Products of Shift-Register Sequences," Advances in Cryptology EUROCRYPT '93 Proceedings, Springer-Verlag, 1994, pp. 151-158. 659. R. Gottfert and H. Niederreiter, "A General Lower Bound for the Linear Complexity of the Product of Shift-Register Sequences, " Advances in Cryptology EUROCRYPT '94 Proceedings, Springer- Verlag, 1995, to appear. 660. J. van de Graaf and R. Peralta, "A Simple and Secure Way to Show the Validity of Your Public Key," Advances in Cryptology CRYPTO '87 Proceedings, Springer- Verlag, 1988, pp. 128-134. 661. J. Grollman and A.L. Selman, "Complexity Measures for Public-Key Cryptosystems," Proceedings of the 25th IEEE Symposium on the Foundations of Computer Science, 1984, pp. 495-503 662. GSA Federal Standard 1026, "Telecommunications: General Security Requirements for Equipment Using the Data Encryption Standard, " General Services Administration, Apr 1982. 663. GSA Federal Standard 1027, ''Telecommunications: Interoperability and Security Requirements for Use of the Data Encryption Standard in the Physical and Data Link Layers of Data Communications, " General Services Administration, Jan 1983. 664. GSA Federal Standard 1028, "Intcroperability and Security Requirements for Use of the Data Encryption Standard with CCITT Group 3 Facsimile Equipment, " General Services Administration, Apr 1985. 665. R Guam, "Cellular Automaton Public Key Cryptosystems," Complex Systems, v. 1, 1987, pp. 51-56. 666. H. Guan, "An Analysis of the Finite Automata Public Key Algorithm, " CHINACRYPT'94, Xidian, China, 11-15 Nov 1994, pp. 120-126. (In Chinese) 667. G. Guanella, "Means for and Method for Secret Signalling," U.S. Patent #2,405,500, 6 Aug 1946. 668. M. Gude, "Concept for a High-Performance Random Number Generator Based on Physical Random Phenomena," Frequenz, v. 39, 1985, pp. 187-190. 669. M. Gude, "Ein quasi-idealer Gleichverteil-ungsgenerator basierend auf physikalischen Zufallsphinomenen," Ph.D. dissertation, Aachen University of Technology, 1987. (In German.) 670. L.C. Guillou and J.-J. Quisquater, "A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing Both Transmission and Memory," Advances in Cryptology EUROCRYPT '88 Proceedings, Springer-Verlag, 1988, pp. 123-128. 671. L.C. Guillou and J. Quisquater, "A 'Paradoxical' Identity-Based Signature Scheme Resulting from Zero-Knowledge," Advances in Cryptology CRYPTO '88 Proceedings, Springer- Verlag, 1990, pp. 216- 231. 672. L.C. Guillou, M. Ugon, and J. -J. Quisquater, "The Smart Card: A Standardized Security Device Dedicated to Public Cryptology," contemporary Cryptology: The Science of Information Integrity G. Simmons, ed., IEEE Press, 1992, pp. 561-613. 673. C.G. Gunther, "Alternating Step Generators Controlled by de Bruijn Sequences," Advances in Cryptology EUROCRYPT '87 Proceedings, Springer-Verlag, 1988, pp. 5-14. 674. C.G. Gunther, "An Identity-based Key-exchange Protocol, " Advances in Cryptology EUROCRYPT '89 Proceedings, Springer-Verlag, 1990, pp. 29-37. 675. H. Gustafson, E. Dawson, and B. Caelli, "Comparison of Block Ciphers, " Advances in Cryptology AUSCRYPT '90 Proceed- ings, Springer-Verlag, 1990, pp. 208-220. 676. P. Gutmann, personal communication, 1993. 677. H. Gutowitz, "A Cellular Automaton Cryptosystem: Specification and Call for Attack," unpublished manuscript, Aug 1992. 678. H. Gutowitz, "Method and Apparatus for Encryption, Decryption, and Authentication Using Dynamical Systems," U.S. Patent #5,365,589, 15 Nov 1994. 679. H. Gutowitz, "Cryptography with Dynamical Systems, " Cellular Automata and Cooperative Phenomenon, Kluwer Academic Press, 1993. 680. R.K. Guy, "How to Factor a Number, " Fifth Manitoba Conference on Numeral Mathematics Congressus Numerantium, v. 16, 1976, pp. 49-89. 681. R.K. Guy, Unsolved Problems in Number Theory, Springer-Verlag, 1981. 682. S. Haber and W.S. Stornetta, "How to Time-Stamp a Digital Document, " Advances in Cryptology CRYPTO '90 Proceedings, Springer-Verlag, 1991, pp. 437-455. 683. S. Haber and W.S. Stornetta, "How to Time-Stamp a Digital Document, " journal of Cryptology, v. 3, n. 2, 1991, pp. 99-112. 684. S. Haber and W.S. Stornetta, "Digital Document Time-Stamping with Catenate Certificate," U.S. Patent #5,136,646, 4 Aug 1992. 685. S. Haber and W.S. Stornetta, "Method for Secure Time-Stamping of Digital Documents," U.S. Patent #5,136,647, 4 Aug 1992. 686. S. Haber and W.S. Stornetta, "Method of Extending the Validity of a Cryptographic Certificate," U.S. Patent #5,373,561, 13 Dec 1994. 687. T. Habutsu, Y. Nishio, I. Sasase, and S. Mori, "A Secret Key Cryptosystem by Iterating a Chaotic Map," Transactions of the Institute of Electronics, Information, and Communication Engineers, v. E73, n. 7,1ul 1990, pp. 1041-1044. 688. T. Habutsu, Y. Nishio, I. Sasase, and S. Mori, "A Secret Key Cryptosystem by Iterating a Chaotic Map, " Advances in Cryptology EUROCRYPT '91 Proceedings, Springer-Verlag, 1991, pp. 127-140. 689. S. Hada and H. Tanaka, "An Improvement Scheme of DES against Differential Cryptanalysis," Proceedings of the 1994 Symposium on Cryptography and Information Security (SCIS 94), Lake Biwa, Japan, 27-29 Jan 1994, pp 14A. I-l l. fin Japanese. l 690. B.C.W. Hagelin, "The Story of the Hagelin Cryptos," Cryptologia, v. 18, n.3, Jul 1994, pp. 204-242. 691. T. Hansen and G.L. Mullen, "Primitive Polynomials over Finite Fields," Mathematics of Computation, v. 59, n. 200, Oct 1992, pp. 639-643. 692. S. Harada and S. Kasahara, "An ID-Based Key Sharing Scheme Without Preliminary Communication," IEICE Japan, Technical Report, ISEC89-38, 1989. (In Japanese ). 693. S. Harari, "A Correlation Cryptographic Scheme," EUROCODE '90 International Symposium on Coding Theory, Springer-Verlag, 1991, pp. 180-192. 694. T. Hardjono and J. Seberry, "Authentication via Multi-Service Tickets in the Kuperee Server, " Computer Security ESORICS 94, Springer-Verlag, 1994, pp. 144 160. 695. L. Harn and T. Kiesler, "New Scheme for Digital Multisignatures," Electronics Letters, v. 25, n. 15, 20 Jul 198Y, pp. 1002- 1003. 696. L. Harn and T. Kiesler, ''Improved Rabin's Scheme with High Efficiency, " Electronics Letters, v. 25, n. 15, 20 Jul 1989, p. 1016. 697. L. Harn and T. Kiesler, "Two New Efficient Cryptosystems Based on Rabin's Scheme, " Fifth Annual Computer Secunty Applications Conference, IEEE Computer Society Press, 1990, pp. 263-270. 698. L. Harn and D.-C. Wang "Cryptanalysts and Modification of Digital Signature Scheme Based on Error-Correeting Codes, " Electronics Letters, v. 28. n. 2, 10 Jan 1992, p. 157- 159. 699. L. Harn and Y. Xu, "Design of Generalized ElGamal Type Digital Signature Schemes Based on Discrete Logarithm, " Electronics Letters, v. 30, n. 24. 24 Nov 1994, p. 2025- 2026. 700. L. Harn and S. Yang, "Group-Oriented Undeniable Signature Schemes without the Assistance of a Mutually Trusted Party," Advances in Cryptology AUSCRYPT '92 Proceedings, Springer- Verlag, 1993, pp. 133-142. 701. G. Harper, A. Menezes, and S. Vanstone, "Public-Key Cryptosystems with Very Small Key Lengths," Advances in Cryptology EUROCRYPT '92 Proceedings, Springer-Verlag 1993, pp. 163-173. 702. C. Harpes, "Notes on High Order Differen- tial Cryptanalysis of DES, " internal report, Signal and Information Processing Labora- tory, Swiss Federal Institute of Technology, Aug 1993. 703. G.W. Hart, "To Decode Short Cryptograms," Communications of the ACM, 717. v. 37, n. 9, Sep 1994, pp. 102-108. 704. J. Hastad, "On Using RSA with Low Exponent in a Public Key Network," Advances in Cryptology CRYPTO '85 Proceedings, Springer-Verlag 1986, pp. 403-408. 705 1 Hastad and A. Shamir, "The Cryptographic Secunty of Truncated Linearly Related Variables, " Proceedings of the 1 7th Annual ACM Symposium on the Theory of Computing, 1985, pp. 356-362. 706. R.C. Hauser and E.S. Lee, "Verification and Modelling of Authentication Protocols, " ESORICS 92, Proceedings of the Second European Symposium on Research in Computer Security, Springer-Verlag 1992, pp. 131-154. 707. B. Hayes, "Anonymous One-Time Signatures and Flexible Untraceable Electronic Cash," Advances in Cryptology AUSCRYPT '90 Proceedings, Springer Verlag, 1990, pp. 294- 305. 708. D.K. He, "LUC Public Key Cryptosystem and its Properties," CHINACRYPT '94, Xidian, China, 11-15 Nov 1994, pp. 60-69. (In Chinese.) 709. J. He and T. Kiesler, "Enhancing the Security of ElGamal's Signature Scheme," IKE Proceedings on Computers and Digital Techniques, v. 141, n.3, 1994. pp.193-195. 710. E.H. Hebern, "Electronic Coding Machine, " U.S. Patent #1,510,441, 30 Sep 1924. 711. N. Heintze and J.D. Tygar, "A Model for Secure Protocols and their Compositions, " Proceedings of the 1994 IEEE Computer Society Symposium on Research in Secu rity and Privacy 1994, pp. 2-13. 712. M.E. Hellman, "An Extension of the Shannon Theory Approach to Cryptography," IEEE Transactions on Information Theory, v. IT-23, n. 3, May 1977, pp. 289-294. 713. M.E. Hellman, "The Mathematics of Public-Key Cryptography," Scientihc American, v. 241, n. 8, Aug 1979, pp. 146-157. 714. M.E. Hellman, "DES Will Be Totally Insecure within Ten Years, " IEEE Spectrum, v. 16, n. 7, Jul 1979, pp. 32-39. 715. M.E. Hellman, "On DES-Based Synchronous Encryption," Dept. of Electrical Engineering Stanford University, 1980. 716. M.E. Hellman, "A Cryptanalytic Time- Memory Trade Off," IEEE Transactions on Information Theory, v. 26, n. 4, Jul 1980, pp. 401-406. 717. M.E. Hellman, "Another Cryptanalytic Attack on Cryptosystem for Multiple Communications', " Information Processing Letters, v. 12, 1981. pp. 182-183. 718. M.E. Hellman, W. Diffie, and R.C. Merkle, "Cryptographic Apparatus and Method," U.S. Patent #4,200,770, 29 Apr 1980. 719. M.E. Hellman, W. Diffie, and R.C. Merkle, "Cryptographic Apparatus and Method," Canada Patent #1,121,480, 6 Apr 1982. 720. M.E. Hellman and R.C. Merkle, "Public Key Cryptographic Apparatus and Method," U.S. Patent #4,218,582, 19 Aug 1980. 721. M.E. Hellman, R. Merkle, R. Schroeppel, L. Washington, W. Diffie, S. Pohlig, and R Schweitzer, "Results of an Initial Attempt to Cryptanalyze the NBS Data Encryption Standard," Technical Report SEL 76-042, Information Systems Lab, Department of Electrical Engineering Stanford University, 1976. 722. M.E. Hellman and S.C. Pohlig, "Exponentiation Cryptographic Apparatus and Method," U.S. Patent #4,424,414, 3 Jan 1984. 723. M.E. Hellman and J.M. Reyneri, "Distribution of Drainage in the DES," Advances in Cryptology: Proceedings of Crypto 82, Plenum Prcss, 1983, pp. 129-131. 724. E Hendessi and M.R. Arcf, "A Successful Attack Against the DES, " Third Canadian Workshop on Information Theory and Applications, Springer-Verlag, 1994, pp. 78-90. 725. T. Herlestam, "Critical Remarks on Some 738. Public-Key Cryptosystems, " BIT, v. 18, 1978, pp. 493-496. 726. T. Herlestam, "On Ftmctions of Linear Shift Register Sequences", Advances in Cryptology EUROCRYPT '85, Springer Verlag, 1986, pp. 119-129. 727. T. Herlestam and R. Iohannesson, "On Computing Logarithms over GF (2P),'' BIT, 740. v. 21, 1981, pp. 326-334. 728. H.M. Heys and S.E. Tavares, "On thc Security of the CAST Encryption Algorithm," Proceedings of the Canadian Conference on Electrical and Computer Engineenng, Halifax, Nova Scotia, Sep 1994, pp. 332-335. 729. H.M. Heys and S.E. Tavares, "The Design of Substitution-Permutation Networks Resistant to Differential and Linear Cryptanalysis," Proceedings of the 2nd Annual ACM Conference on Computer and Communications Security, ACM Press, 1994, pp. 148-155. 730. E. Heyst and T.P. Pederson, "How to Make Fail-Stop Signatures," Advances in Cryptology EUROCRYPT '92 Proceedings, Springer-Verlag 1993, pp. 366-377. 731. E. Heyst, T.R Pederson, and B. Pfitzmann, "New Construction of Fail-Stop Signatures and Lower Bounds," Advances in Cryptology CRYPTO '92 Proceedings, Springer-Verlag 1993, pp. 15-30. 732. L.S. Hill, "Cryptography in an Algebraic Alphabet," American Mathematical Monthly, v. 36, Jun-Jul 1929, pp. 306-312. 733. P.J.M. Hin, "Channel-Error-Correcting Privacy Cryptosystems," Ph.D. dissertation, Delft University of Technology, 1986. (In Dutch ). 734. R. Hirschield, "Making Elcctronic Refunds Safer, " Advances in Cryptology CRYPTO '92 Proceedings, Springer-Verlag, 1993, pp. 106 -112. 735. A. Hodges, Alan Turing: The Enigma of Intelligence, Simon and Schuster, 1983. 736. W. Hohl, X. Lai, T. Meier, and C. Waldvogel, "Security of Iterated Hash Functions Based on Block Ciphers, " Advances in Cryptology CRYPTO '93 Proceedings, Springer- Verlag, 1994, pp. 379-390. 737. F. Hoornaert, M. Decroos, J. Vandewalle, and R. Govaerts, "Fast RSA-Hardware: Dream or Reality?" Advances in Cryptology E UROCRYPT '88 Proceedings, Springer-Verlag, 1988, pp. 257-264. 738. F. Hoornaert, J. Goubert, and Y. Desmedt, "Efficient Hardware Implementation of the DES," Advances in Cryptology: Proceedings of CRYPTO 84, Springer-Verlag, 1985, pp. 147-173. 739. E. Horowitz and S. Sahni, Fundamentals of Computer Algonthms, Rockville, MD: Computer Science Press, 1978. 740. R Horster, H. Petersen, and M. Michels, "Meta-EIGamal Signature Schemes," Proceedings of the 2nd Annual ACM Conference on Computer and Communications Security, ACM Press, 1994, pp. 96-107. 741. R Horster, H. Petersen, and M. Michels, "Meta Message Recovery and Meta Blind Signature Schemes Based on the Discrete Logarithm Problem and their Applications, " Advances in Cryptology ASIACRYPT '94 Proceedings, Springer-Verlag, 1995, pp. 224- 237. 742. L.K. Hua, Introduction to Number Theory, Springer-Verlag, 1982. 743. K. Huber, "Specialized Attack on Chor-Rivest Public Key Cryptosystem, " Electronics Letters, v.27, n. 23, 7 Nov 1991, pp. 2130-2131. 744. E. Hughes, "A Cypherpunk's Manifesto, " 9 Mar 1993. 745. E. Hughes, "An Encrypted Key Transmission Protocol," presented at the rump s ession of CRYPTO '94, Aug 1994. 746. H. Hule and W.B. Muller, "On the RSA- Cryptosystem with Wrong Keys," Contributions to General Algebra 6, Vienna: Verlag Holder-Pichler-Tempsky, 1988, pp. 103-109. 747. H.A. Hussain, J.W.A. Sada, and S.M. Kalipha, "New Multistage Knapsack Public-Key Cryptosystem," International Journal of Systems Science, v. 22, n. 11, Nov 1991, pp. 2313-2320. 748. T. Hwang, "Attacks on Okamoto and Tanaka's One-Way ID-Based Key Distribution System," Information Processing Letters,v.43,n.2,Augl992, pp.83-86. 749. T. Hwang and T.R.N. Rao, "Secret Error- Correcting Codes (SECC )." Advances in Cryptology CRYPTO '88 Proceedings, Springer-Verlag, 1990, pp. 540-563. 750. C. Ianson and C. Mitchell, "Security Defects in CCITT Recommendation X.509 the Directory Authentication Framework," Computer Communications Review, v. 20, n. 2, Apr 1990, pp. 30-34. 751. IBM, "Common Cryptographic Architecture: Cryptographic Application Programming Interface Reference," SC40-1675-1, IBM Corp., Nov 1990. 752. IBM, "Common Cryptographic Architecture: Cryptographic Application Programming Interface Reference Public Key Algorithm," IBM Corp., Mar 1993. 753. R. Impagliazzo and M. Yung, "Direct Minimum-Knowledge Computations, " Advances in Cryptology CRYPTO '87 Proceedings, Springer-Verlag, 1988, pp. 40-51. 754. I. Ingemarsson, "A New Algorithm for the Solution of the Knapsack Problem," Lecture Notes in Computer Science 149; Cryptography: Proceedings of the Workshop on Cryptography, Springer-Verlag, 1983, pp. 309-315. 755. I. Ingemarsson, "Delay Estimation for Truly Random Binary Sequences or How to Measure the Length of Rip van Winkle's Sleep," Communications and Cryptography: Two Sides of One Tapestry, R.E. Blahut ct al., eds., Kluwer Adademic Pub- lishcrs, 1994, pp. 179-186. 756. I. Ingemarsson and G.J. Simmons, "A Protocol to Set Up Shared Secret Schemes without the Assistance of a Mutually Trusted Party," Advances in Cryptology EUROCRYPT '90 Proceedings, Springer-Verlag, 1991, pp. 266-282. 757. I. Ingemarsson, D.T. Tang, and C.K. Wong, "A Conference Key Distribution System," IEEE Transactions on Information Theory, v. IT-28, n. 5, Sep 1982, pp. 714-720. 758. ISO DIS 8730, "Banking Requirements for Message Authentication Wholesale," Association for Payment Clearing Services, London, Jul 1987. 759. ISO DIS 8781-1, "Banking Approved Algorithms for Message Authentication Part 1: DEA" Association for Payment Clearing Services, London, 1987. 760. ISO DIS 8731-2, "Banking Approved Algorithms for Message Authentication Part 2: Message Authenticator Algorithm, " Association for Payment Clearing Services, London, 1987. 761. ISO DIS 8732, "Banking Key Management (Wholesaled ) " Association for Payment Clearing Services, London, Dec 1987. 762. ISO/IEC 9796, "Information Technology Security Techniques . Digital Signature Scheme Giving Message Recovery," International Organization for Standardization, Jul 1991. 763. ISO/IEC 9797, "Data Cryptographic Techniques. Data Integrity Mechanism Using a Cryptographic Check Function Employing a Block Cipher Algorithm," International Organization for Standardization, 1989. 764. ISO DIS 10118 DRAFT, "Information Technology Security Techniques . Hash Functions" International Organization for Standardization, 1989. 765. ISO DIS 10118 DRAFT, "Information Technology Security Techniques . Hash Functions" International Organization for Standardization, April 1991. 766. ISO N98, "Hash Functions Using a Pseudo Random Algorithm,'' working document, ISO- IEC/JTC 1 /SC27/WG2, International Organization for Standardization, 1992. 767. ISO N179, "AR Fingerprint Function," working document, ISO-IEC/JTC1/SC27/ WG2, International Organization for Standardization, 1992. 768. ISO/IEC 10118, "Information Technology Security Techniques . Hash Functions Part 1: General and Part 2: Hash-Functions Using an e-Bit Block Cipher Algorithm, " International Organization for Standardization, 1993. 769. K. Ito, S. Kondo, and Y. Mitsuoka, "SXAL8/MBAL Algorithm," Technical Report, ISEC93-68, IEICE Japan, 1993. (In Japancsc. ) 770. K.R. Iversen, "The Application of Cryptographic Zero-Knowledge Techniques in Computerized Secret Ballot Election Schemes, " Ph.D. dissertation, IDT-report 1991:3, Norwegian Institute of Technology, Feb 1991. 771. K.R. Iversen, "A Cryptographic Scheme for Computerized General Elections, " Advances in Cryptology CRYPTO '91 Proceedings, Springcr-Vcrlag, 1992, pp. 405 -419. 772. K. Iwamura, T. Matsumoto, and H. Imai, "An Implcmcutation Method for RSA Cryp- tosystem with Parallel Processing ", Transactions of the Institute of Electronics, Information, and Communication Engineers, v. J75-A, n. 8, Aug 1992, pp. 1301-1311. 773. W.J. Jaburek, "A Generalization of ElGamal's Public Key Cryptosystem, " Advances in Cryptology EUROCRYPT '89 Proceedings, 1990, Springer-Verlag, pp. 23-28. 774. N.S. James, R. Lidl, and H. Niederreiter, "Breaking the Cade Cipher," Advances in Cryptology CRYPTO '86 Proceedings, 1987, Springer-Verlag, pp. 60-63. 775. C.J.A. Jansen, "On the Key Storage Requirements for Secure Terminals'" Computers and Security, v. 5, n. 2, Jun 788. 1986, pp. 145-149. 776. C.J.A. Jansen, "Investigations on Nonlin ear Strcamcipher Systems: Construction and Evaluation Methods," Ph.D. dissertation, Technical University of Delft, 1989. 777. C.J.A. Jansen and D.E. Boekee, "Modes of Blockcipher Algorithms and their Protection against Active Eavesdropping, " Advances in Cryptology EUROCRYPT '87 Proceedings, Springer-Verlag, 1988, pp. 281-286. 778. S.M. Jennings, "A Special Class of Binary Sequences," Ph.D. dissertation, University of London, 1980. 779. S.M. Jennings, "Multiplexed Sequences: Some Properties of the Minimum Polynomial," Lecture Notes in Computer Science 149; Cryptography: Proceedings of the Workshop on Cryptography, Springer-Verlag, 1983, pp. 189-206. 780. S.M. Jennings, "Autocorrelation Function of the Multiplexed Sequence, " IKE Pro ceedings, v. 131, n. 2, Apr 1984, pp. 169-172. 781. T. Jin, "Care and Feeding of Your Three Headed Dog, " Document Number IAG-90 -011, Hewlett-Packard, May 1990. 782. T. Jin, "Living with Your Three-Headed Dog," Document Number IAG-90-012, Hewlett- Packard, May 1990. 783. A. Jiwa, J. Seberry. and Y. Zheng, "Beacon Based Authentication," Computer Security ESORICS 94, Springer-Verlag, 1994, pp. 125-141. 784. D.B. Johnson, G.M. Dolan, M.J. Kelly, A.V . Le, and S.M. Matyas, "Common Cryptographic Architecture. Cryptographic Application Programming Interface," IBM Systems journal, v. 30, n.2, 1991, pp.130-150. 785. D.B. Johnson, S.M. Matyas, A.V. Le. and J.D. Wilkins, "Design of the Commercial Data Masking Facility Data Privacy Algorithm," 1st ACM Conference on Computer and Communications Security, ACM Press, 1993, pp. 93-96. 786. J.R Jordan, "A Variant of a Public-Key Cryptosystem Based on Goppa Codes," Sigact News, v. 15, n. 1, 1983, pp. 61-66. 787. A. Joux and L. Granboulan, "A Practical Attack Against Knapsack Based Hash Functions" Advances in Cryptology EUROCRYPT '94 Proceedings, Springer-Verlag, 1995, to appear. 788. A. Joux and J. Stern, "Cryptanalysis of Another Knapsack Cryptosystem, " Advances in Cryptology ASIACRYPT '91 Proceedings, Springer-Verlag, 1993, pp. 470-476. 789. R.R. Jueneman, "Analysis of Certain Aspects of Output-Feedback Mode, " Advances in Cryptology: Proceedings of Crypto 82, Plenum Press, 1983, pp.99-127. 790. R.R. Jueneman, "Electronic Document Authentication, " IEEE Network Magazine, v. 1, n.2, Apr 1978, pp. 17-23. 791. R.R. Jueneman, "A High Speed Manipulation Detection Code," Advances in Cryptology CRYPTO '86 Proceedings, Springer-Verlag, 1987, pp. 327-346. 792. R.R. Jueneman, S.M. Matyas, and C.H. Meyer, "Message Authentication with Manipulation Detection Codes," Proceedings of the 1983 IEEE Computer Society Symposium on Research in Security and Privacy, 1983, pp. 733-54. 793. R.R. Jucncman, S.M. Matyas, and C.H. Meyer, "Message Authentication, " IEEE Communications Magazine, v. 23, n. 9, Sep 1985, pp. 29 40. 794. D. Kahn, The Codebreakers: The Story of Secret Writing, New York: Macmillan Publishing Co., 1967. 795. D. Kahn, Kahn on Codes, New York: Macmillan Publishing Co., 1983. 796. D. Kahn, Seizing the Enigma, Boston: Houghton Mifflin Co., 1991. 797. P. Kaijser, T. Parker, and D. Pinkas, "SESAME: The Solution to Security for Open Distributed Systems," Journal of Computer communications, V. 17, n. 4, Jul 1994, pp. 501-518. 798. R. Kailar and V.D. Gilgor, "On Belief Evolution in Authentication Protocols," Proceedings of the Computer Security Foundations Workshop IV, IEEE Computer Society Press, 1991, pp. 102-116. 799. B.S. Kaliski, "A Pseudo Random Bit Generator Based on Elliptic Logarithms," Master's thesis, Massachusetts Institute of Technology, 1987. 800. B.S. Kaliski, letter to NIST regarding DSS, 4 Nov 1991. 801. B.S. Kaliski, "The MD2 Message Digest Algorithm," RFC 1319, Apr 1992. 802. B.S. Kaliski, "Privacy Enhancement for Internet Electronic Mail: Part IV: Key Cer- tificates and Related Services," RFC 1424, Feb 1993. 803. B.S. Kaliski, "An Overview of the PKCS Standards," RSA Laboratories, Nov 1993. 804. B.S. Kaliski, "A Survey of Encryption Standards, IEEE Micro, v. 13, n. 6, Dec 1993, pp. 74-81. 805. B.S. Kaliski, personal communication, 1993. 806. B.S. Kaliski, "On the Security and Performance of Several Triple-DES Modes," RSA Laboratories, draft manuscript, Jan 1994. 807. B.S. Kaliski, R.L. Rivest, and A.T. Sherman, "Is the Data Encryption Standard a Group?", Advances in Cryptology EUROCRYPT '85, Springer-Verlag, 1986, pp. 81-95. 808. B.S. Kaliski, R.L. Rivest, and A.T. Sherman, "Is the Data Encryption Standard a Pure Cipher? Results of More Cycling Experiments in DESK, " Advances in Cryptology CRYPTO '85 Proceedings, Springer-Verlag, 1986, pp. 212-226. |