[Adl94] L.M. Adleman. Molecular computation of solutions to combinatorial
problems. Science, 266: 1021-1024, November 1994.
[Adl95] L.M. Adleman. On constructing a molecular
computer, University of Southern California, draft, January 1995.
(See Question 111)
[Adl96] L.M. Adleman. Statement, Cryptographer's
Expert Panel, RSA Data Security Conference, San Francisco, CA,
January 17, 1996.
(See Question 111)
[AGL95] D. Atkins, M. Graff, A.K. Lenstra
and P.C. Leyland. The magic words are squeamish ossifrage. In
Advances in Cryptology - Asiacrypt '94, pages 263-277,
Springer-Verlag, 1995.
(See Question 51)
[ANS83] American National Standards Institute.
American National Standard X3.106: Data Encryption Algorithm,
Modes of Operations, 1983.
(See Question 82)
[ANS85] American National Standards Institute.
American National Standard X9.17: Financial Institution Key
Management (Wholesale), 1985.
(See Question 159)
[Return to Main FAQ Home Page]
[ANS86a] American National Standards Institute.
American National Standard X9.9: Financial Institution Message
Authentication (Wholesale), 1986.
(See Question 158)
[ANS86b] American National Standards Institute.
American National Standard X9.19: Financial Institution Retail
Message Authentication, 1986.
(See Question 158)
[ANS93a] American National Standards Institute.
Draft: American National Standard X9.30-199X: Public-Key Cryptography
Using Irreversible Algorithms for the Financial Services Industry:
Part 1: The Digital Signature Algorithm (DSA). American Bankers
Association, March 1993.
(See Question 160)
[ANS93b] American National Standards Institute.
American National Standard X9.31-1992: Public Key Cryptography
Using Reversible Algorithms for the Financial Services Industry:
Part 1: The RSA Signature Algorithm, March 1993.
(See Question 160)
[ANS93c] American National Standards Institute.
American National Standard X9.31-1992: Public Key Cryptography
Using Reversible Algorithms for the Financial Services Industry:
Part 2: The MDC-2 Hash Algorithm, June 1993.
[ANS94a] American National Standards Institute.
Accredited Standards Committee X9 Working Draft: American National
Standard X9.42-1993: Public Key Cryptography for the Financial
Services Industry: Management of Symmetric Algorithm Keys Using
Diffie-Hellman, American Bankers Association, September 21,
1994.
(See Question 161)
[Return to Main FAQ Home Page]
[ANS94b] American National Standards Institute.
Accredited Standards Committee X9 Working Draft: American National
Standard X9.44: Public Key Cryptography Using Reversible Algorithms
for the Financial Services Industry: Transport of Symmetric Algorithm
Keys Using RSA, American Bankers Association, September 21,
1994.
(See Question 161)
[ANS95] American National Standards Institute.
Accredited Standards Committee X9 Working Draft: American National
Standard X9.57: Certificate Management, American Bankers Association,
1995.
(See Question 160)
[Atk95a] R. Atkinson. RFC 1825: Security
Architecture for the Internet Protocol. Naval Research Laboratory,
August 1995.
(See Question 137)
[Atk95b] R. Atkinson. RFC 1826: IP Authentication
Header. Naval Research Laboratory, August 1995.
(See Question 137)
[Atk95c] R. Atkinson. RFC 1827: IP Encapsulating
Security Payload (ESP). Naval Research Laboratory, August
1995.
(See Question 137)
[Bam82] J. Bamford. The Puzzle Palace.
Houghton Mifflin, Boston, 1982.
(See Question 148)
[Return to Main FAQ Home Page]
[Bar92] J.P. Barlow. Decrypting the puzzle
palace. Communications of the ACM, 35(7): 25-31, July 1992.
(See Question 149)
[BBB92] C. Bennett, F. Bessette, G. Brassard,
L. Savail, and J. Smolin. Experimental quantum cryptography.
Journal of Cryptology, 5(1): 3-28, 1992.
(See Question 110)
[BBC88] P. Beauchemin, G. Brassard, C. Crepeau,
C. Goutier, and C. Pomerance. The generation of random numbers
that are probably prime. Journal of Cryptology, 1: 53-64,
1988.
(See Question 15)
[BBL95] D. Bleichenbacher, W. Bosma, and A.
Lenstra. Some remarks on Lucas-based cryptosystems. In Advances
in Cryptology Crypto '95, pages 386-396, Springer-Verlag,
1995.
(See Question 33)
[BBS86] L. Blum, M. Blum, and M. Shub. A simple
unpredicatable random number generator. SIAM Journal on Computing
, 15: 364-383, 1986.
(See Question 92)
[BD93b] J. Brandt and I. Damgard. On generation
of probable primes by incremental search. In Advances in Cryptology
- Crypto '92, pages 358-370, Springer-Verlag, 1993.
(See Question 15)
[Return to Main FAQ Home Page]
[BDB92] M.V.D. Burmester, Y.G. Desmedt, and
T. Beth. Efficient zero-knowledge identification schemes for smart
cards. Computer Journal, 35: 21-29, 1992.
(See Question 18 and Question 143)
[BDK93] E.F. Brickell, D.E. Denning, S.T.
Kent, D.P. Maher, and W. Tuchman. Skipjack Review, Interim
Report: The Skipjack Algorithm. July 28, 1993.
(See Question 57and Question 80)
[Bea95] D. Beaver. Factoring: The DNA solution.
In Advances in Cryptology - Asiacrypt '94, pages
419-423, Springer-Verlag, 1995.
(See Question 111)
[Ben82] P. Benioff. Quantum mechanical Hamiltonian
models of Turing machines. Journal of Statistical Physics,
29(3): 515-546, 1982.
(See Question 109)
[BG85] M. Blum and S. Goldwasser. An efficient
probabilistic public-key encryption scheme which hides all partial
information. In Advances in Cryptology - Crypto '84, pages
289-299, Springer-Verlag, 1985.
(See Question 36)
[BGH95] M. Bellare, J.A. Garay, R. Hauser,
A. Herzberg, H. Krawczyk, M. Steiner, G. Tsudik, and M. Waidner.
iKP - A Family of Secure Electronic Payment Protocols.
Usenix Electronic Commerce Workshop, July 1995.
(See Question 139)
[Return to Main FAQ Home Page]
[BHS93] D. Bayer, S. Haber, and W.S. Stornetta.
Improving the efficiency and reliability of digital timestamping.
In Proceedings Sequences II: Methods in Communication, Security,
and Computer Science, pages 329-334, Springer-Verlag, 1993.
(See Question 108)
[Bih95] E. Biham. Cryptanalysis of Multiple
Modes of Operation. In Advances in Cryptology - Asiacrypt '94
, pages 278-292, Springer-Verlag, 1995.
(See Question 71 and Question 73)
[BKR94] M. Bellare, J. Killian and P. Rogaway.
The security of cipher block chaining. In Advances in Cryptology
- Crypto '94, pages 341-358, Springer-Verlag, 1994.
(See Question 102)
[Bla79] G.R. Blakley. Safeguarding cryptographic
keys. AFIPS Conference Proceedings, 48: 313-317, 1979.
(See Question 103 and Question 105)
[BLP94] J.P. Buhler, H.W. Lenstra, and C.
Pomerance. The development of the number field sieve. Volume 1554
of Lecture Notes in Computer Science, Springer-Verlag,
1994.
(See Question 48)
[BLS88] J. Brillhart, D.H. Lehmer, J.L. Selfridge,
B. Tuckerman, and S.S. Wagstaff Jr. Factorizations of bn ±
1, b = 2,3,5,6,7,10,11,12 up to High Powers. Volume
22 of Contemporary Mathematics, American Mathematical Society,
2nd edition, 1988.
(See Question 48)
[Return to Main FAQ Home Page]
[BLS95] J. Benaloh, B. Lampson, D. Simon,
T. Spies, and B. Yee. The Private Communication Technology
Protocol. Version 1.00, Microsoft Corporation, Redmond, WA,
October 1995.
<
http://www.microsoft.com/>
(See Question 136)
[BLZ94] J. Buchmann, J. Loho, and J. Zayer.
An implementation of the general number field sieve. In Advances
in Cryptology - Crypto '93, pages 159-166, Springer-Verlag,
1994.
(See Question 48)
[BM84] M. Blum and S. Micali. How to generate
cryptographically strong sequences of pseudo-random bits. SIAM
Journal on Computing, 13(4): 850-863, 1984.
(See Question 92 and Question 112)
[BO88] E.F. Brickell and A.M. Odlyzko. Cryptanalysis:
A survey of recent results. Proceedings of the IEEE, 76:
578-593, 1988.
(See Question 18)
[BR94] M. Bellare and P. Rogaway. Optimal
asymmetric encryption. In Advances in Cryptology - Eurocrypt
'94, pages 92-111, Springer-Verlag, 1994.
(See Question 139 and
Question 142
and Question 161)
[Bra88] G. Brassard. Modern Cryptology
. Volume 325 of Lecture Notes in Computer Science,
Springer-Verlag, 1988.
(See Question 1and Question 84)
[Return to Main FAQ Home Page]
[Bra93] G. Brassard. Cryptography column -
Quantum cryptography: A bibliography. Sigact News, 24(3):
16-20, 1993.
(See Question 110)
[Bra95a] G. Brassard. The computer in the
21st Century. Scientific American. March 1995.
(See Question 109)
[Bra95b] G. Brassard. The impending demise
of RSA? CryptoBytes, 1(1): 1-4, Spring 1995.
(See Question 109)
[Bra95c] G. Brassard. A quantum jump in computer
science. Current Trends in Computer Science, LNCS 1000,
Springer-Verlag, 1995.
(See Question 109)
[Bre89] D.M. Bressoud. Factorization and
Primality Testing. Springer-Verlag, 1989.
(See Question 48)
[Bri85] E.F. Brickell. Breaking iterated knapsacks.
In Advances in Cryptology - Crypto '84, pages 342-358,
Springer-Verlag, 1985.
(See Question 32)
[Return to Main FAQ Home Page]
[BS91a] E. Biham and A. Shamir. Differential
cryptanalysis of DES-like cryptosystems. In Advances in Cryptology
Crypto '90, pages 2-21, Springer-Verlag, 1991.
(See Question 58)
[BS91b] E. Biham and A. Shamir. Differential
cryptanalysis of FEAL and N-Hash. In Advances in Cryptology
Eurocrypt '91, pages 156-171, Springer-Verlag, 1991.
(See Question 79)
[BS93a] E. Biham and A. Shamir. Differential
cryptanalysis of the full 16-round DES. In Advances in Cryptology
- Crypto '92, pages 487-496, Springer-Verlag, 1993.
(See Question 58 and Question 65)
[BS93b] E. Biham and A. Shamir. Differential
Cryptanalysis of the Data Encryption Standard. Springer-Verlag,
1993.
(See Question 58 and Question 74)
[CCI88a] CCITT. Recommendation X.400: Message
Handling System and Service Overview. 1988.
(See Question 163)
[CCI88b] CCITT. Recommendation X.500: The
Directory - Overview of Concepts, Models and Services. 1988.
(See Question 162)
[Return to Main FAQ Home Page]
[CCI88c] CCITT. Recommendation X.509: The
Directory - Authentication Framework. 1988.
(See Question 165)
[CCI91] CCITT. Recommendation X.435: Message
Handling Systems: EDI Messaging System. 1991.
(See Question 164)
[CFG95] S. Crocker, N. Freed, J. Galvin, and
S. Murphy. RFC 1848: MIME Object Security Services. CyberCash,
Inc., Innosoft International, Inc., and Trusted Information Systems,
October 1995.
(See Question 132)
[CFN88] D. Chaum, A. Fiat and M. Naor. Untraceable
electronic cash. In Advances in Cryptology - Crypto '88,
pages 319-327, Springer-Verlag, 1988.
(See Question 39)
[Cha83] D. Chaum. Blind signatures for untraceable
payments. In Advances in Cryptology - Crypto '82,
pages 199-203, Springer-Verlag, 1983.
(See Question 39
and Question 138)
[Cha85] D. Chaum. Security without identification:
transaction systems to make big brother obsolete. Communications
of the ACM, 28(10): 1030-1044, October 1985.
(See Question 39 and
See Question 138)
[Return to Main FAQ Home Page]
[Cha94] D. Chaum. Designated confirmer signatures.
In Advances in Cryptology - Eurocrypt '94, pages 86-91,
Springer-Verlag, 1994.
(See Question 40)
[CKM94] D. Coppersmith, H. Krawczyz and Y.
Mansour. The shrinking generator. In Advances in Cryptology
- Crypto '93, pages 22-38, Springer-Verlag, 1994.
(See Question 91)
[CLR90] T.H. Cormen, C.E. Leiserson, and R.L.
Rivest. Introduction to Algorithms. MIT Press, Cambridge,
Massachusetts, 1990.
(See Question 9 and Question 48)
[Cop92] D. Coppersmith. The data encryption
standard and its strength against attacks. IBM Research Report
RC 18613 (81421), T. J. Watson research center, December
1992.
(See Question 58)
[COS86] D. Coppersmith, A.M. Odlyzko, and
R. Schroeppel. Discrete logarithms in GF(p). Algorithmica
, 1: 1-15, 1986.
(See Question 52)
[CP94] L. Chen and T.P. Pederson. New group
signature schemes. In Advances in Cryptology - Eurocrypt
'94, pages 171-181, Springer-Verlag, 1994.
(See Question 42)
[Return to Main FAQ Home Page]
[CP95] L. Chen and T.P. Pedersen. On the efficiency
of group signatures: providing information-theoretic anonymity.
In Advances in Cryptology - Eurocrypt '95, pages
39-49, Springer-Verlag, 1995.
(See Question 42)
[CR88] B. Chor and R.L. Rivest. A knapsack-type
public-key cryptosystem based on arithmetic in finite fields.
IEEE Transactions on Information Theory, 34(5): 901-909,
1988.
(See Question 32)
[CV90] D. Chaum and H. van Antwerpen. Undeniable
signatures. In Advances in Cryptology - Crypto '89, pages
212-216, Springer-Verlag, 1990.
(See Question 44)
[CV91] D. Chaum and E. van Heijst. Group signatures.
In Advances in Cryptology - Eurocrypt '91, pages 257-265,
Springer-Verlag, 1991.
(See Question 42)
[CV92] D. Chaum and H. van
Antwerpen. Cryptographically strong undeniable signatures, unconditionally
secure for the signer. In Advances in Cryptology - Crypto '91
, pages 470-484, Springer-Verlag, 1992.
(See Question 44)
[CW93] K.W. Campbell and M.J. Wiener. DES is
not a group. In Advances in Cryptology - Crypto '92, pages
512-520, Springer-Verlag, 1993.
(See Question 70)
[Return to Main FAQ Home Page]
[Dam90] I. Damgård. A design principle
for hash functions. In Advances in Cryptology - Crypto
'89, pages 416-427, Springer-Verlag, 1990.
(See Question 32 and Question 97)
[Dav82] G. Davida. Chosen signature cryptanalysis
of the RSA public key cryptosystem. Technical Report TR-CS-82-2,
Department of EECS, University of Wisconsin, Milwaukee, 1982.
(See Question 10)
[DB92] B. den Boer and A. Bosselaers. An attack
on the last two rounds of MD4. In Advances in Cryptology -
Crypto '91, pages 194-203, Springer-Verlag, 1992.
(See Question 99)
[DB94] B. den Boer and A. Bosselaers. Collisions
for the compression function of MD5. In Advances in Cryptology
- Eurocrypt '93, pages 293-304, Springer-Verlag, 1994.
(See Question 99)
[DB95] D.E. Denning and D.K. Branstad. A
taxonomy for key escrow encryption systems. January, 1995.
(See Question 153 and
Question 154)
[DBP96] H. Dobbertin, A. Bosselaers, and B.
Preneel. RIPEMD-160: A strengthened version of RIPEMD. To appear
in 3rd Workshop on Fast Software Encryption, 1996.
(See Question 101)
[Den93] D.E. Denning. The Clipper encryption
system. American Scientist, 81(4): 319-323, July-August
1993.
(See Question 152)
[Return to Main FAQ Home Page]
[Den95] D.E. Denning. The Case for "Clipper."
Technology Review, pages 48-55, July 1995.
[Des95] Y. Desmedt. Securing traceability
of ciphertexts-Towards a secure software key escrow system. In
Advances in Cryptology - Eurocrypt '95, pages 147-157,
Springer-Verlag, 1995.
(See Question 154)
[Deu92] D. Deutsch. Quantum theory, the Church-Turing
principle and the universal quantum computer. Proceedings of
the Royal Society, London, A439: 553-558, 1992.
(See Question 109)
[DGV94] J. Daemen, R. Govaerts, and J. Vandewalle.
Weak keys for IDEA. In Advances in Cryptology - Crypto
'93, pages 224-231, Springer-Verlag, 1994.
(See Question 77)
[DH76] W. Diffie and M.E. Hellman. New directions
in cryptography. IEEE Transactions on Information Theory,
IT-22: 644-654, 1976.
(SeeQuestion 3,
Question 4,
and Question 108)
[DH77] W. Diffie and M.E. Hellman. Exhaustive
cryptanalysis of the NBS Data Encryption Standard. Computer
, 10: 74-84, 1977.
(See Question 57 and Question 65)
[Dif88] W. Diffie. The first ten years of
public-key cryptography. Proceedings of the IEEE, 76: 560-577,
1988.
(See Question 3)
[Return to Main FAQ Home Page]
[DIP94] D. Davies, R. Ihaka, and P. Fenstermacher.
Cryptographic randomness from air turbulence in disk drives. In
Advances in Cryptology - Crypto '94, pages 114-120,
Springer-Verlag, 1994.
(See Question 112)
[Div95] D.P. DiVincenzo. Two-bit gates are universal for quantum
computation. Physical Review A, 51: 1015-1022, 1995.
[DL95] B. Dodson and A.K. Lenstra. NFS with
four large primes: An explosive experiment. In Advances in
Cryptology Crypto '95, pages 372-385, Springer-Verlag, 1995.
(See Question 48)
[DO86] Y. Desmedt and A.M. Odlyzko. A chosen
text attack on the RSA cryptosystem and some discrete logarithm
schemes. In Advances in Cryptology - Crypto '85,
pages 516-522, Springer-Verlag, 1986.
(See Question 10)
[Dob95] H. Dobbertin. Alf Swindles Ann. CryptoBytes, 1(3): 5, 1995.
(See Question 99)
[DP83] D.W. Davies and G.I. Parkin. The average
cycle size of the key stream in output feedback encipherment.
In Advances in Cryptology: Proceedings of Crypto '82, pages
97-98, Plenum Press, 1983.
(See Question 83)
[Return to Main FAQ Home Page]
[DRB95] P. Domokos, M.J. Raimond, M. Brune,
and S. Haroche. A simple cavity-QED two-bit universal quantum
logic gate: principle and expected performances. Physical Review
A. To appear.
[DVW92] W. Diffie, P.C. van Oorschot, and
M.J. Wiener. Authentication and authenticated key exchanges.
Designs, Codes and Cryptography, 2: 107-125, 1992.
(See Question 25)
[ECS94] D. Eastlake, 3rd, S. Crocker, and
J. Schiller. RFC 1750: Randomness Recommendations for Security
. DEC, Cybercash, and MIT, December 1994.
(See Question 112)
[Elg85] T. ElGamal. A public-key cryptosystem
and a signature scheme based on discrete logarithms. IEEE Transactions
on Information Theory, IT-31: 469-472, 1985.
(See Question 29)
[Elg95] T. ElGamal. Commerce on the Internet
. Version 1.00, Netscape Communications Corporation, Mountain
View, CA, July 14, 1995. <
http://www.netscape.com/newsref/std/credit.html>
(See Question 141)
[Fei73] H. Feistel. Cryptography and Computer
Privacy, Scientific American, May 1973.
(See Question 56)
[Return to Main FAQ Home Page]
[Fey82] R.P. Feynman. Simulating physics with
computers. International Journal of Theoretical Physics,
21(6): 467-488, 1982.
(See Question 109)
[Fey86] R.P. Feynman. Quantum mechanical computers.
Optic News, February 1985. Reprinted in Foundations
of Physics, 16(6): 507-531, 1986.
(See Question 109)
[FFS88] U. Feige, A. Fiat and A. Shamir. Zero-knowledge
proofs of identity. Journal of Cryptography, 1: 66-94,
1988.
(See Question 107)
[For94] W. Ford. Computer Communications
Security - Principles, Standard Protocols and Techniques,
Prentice-Hall, New Jersey, 1994.
(See Question 1, Question 20, and Question 113)
[FR95] P. Fahn and M.J.B. Robshaw. Results
from the RSA Factoring Challenge. Technical Report TR-501,
version 1.3, RSA Laboratories, January 1995.
(See Question 50)
[FS87] A. Fiat and A. Shamir. How to prove
yourself: Practical solutions to identification and signature
problems. In Advances in Cryptology - Crypto '86, pages
186-194, Springer-Verlag, 1987.
(See Question 18 and Question 107)
[Return to Main FAQ Home Page]
[FY94] M. Franklin and M. Yung. Blind Weak
Signature and its Applications: Putting Non-Cryptographic Secure
Computation to Work. In Advances in Cryptology - Eurocrypt
'94, pages 67-76, Springer-Verlag, 1994.
(See Question 39)
[Gan95] R. Ganesan. Yaksha: Augmenting Kerberos
with public key cryptography. In Proceedings of the 1995 Internet
Society Symposium on Network and Distributed Systems Security
, pages 132-143, IEEE Press, 1995.
(See Question 144)
[GC89] D. Gollman and W.G. Chambers. Clock-controlled
shift registers: a review. IEEE Journal on Selected Areas in
Communications, 7(4): 525-533, May 1989.
(See Question 90)
[Gib93] J.K. Gibson. Severely denting the
Babidulin version of the McElience public key cryptosystem. In
Prepoceedings of the 4th IMA Conference on Cryptography and
Coding, 1993.
(See Question 34)
[GM84] S. Goldwasser and S. Micali. Probabilistic
encryption. Journal of Computer and System Sciences, 28:
270-299, 1984.
(See Question 36)
[GM93] D.M. Gordon and K.S. McCurley. Massively
parallel computation of discrete logarithms. In Advances in
Cryptology - Crypto '92, pages 312-323, Springer-Verlag, 1993.
(See Question 52)
[Return to Main FAQ Home Page]
[GMR86] S. Goldwasser, S. Micali, and R. Rivest.
A digital signature scheme secure against adaptive chosen message
attack. SIAM Journal on Computing, 17(2): 289-308, March
1988.
(See Question 37)
[Gor93] D.M. Gordon. Discrete logarithms in
GF(p) using the number field sieve. SIAM Journal of
Computing, 6(1): 124-138, February 1993.
(See Question 52)
[GPT91] E.M. Gabidulin, A.V. Paramonov, and
O.V. Tretjakov. Ideals over a non-commutative ring and their application
in cryptology. In Advances in Cryptology - Eurocrypt '91,
pages 482-489, Springer-Verlag, 1991.
(See Question 34)
[GQ88] L.C. Guillou and J.J. Quisquater. A
practical zero-knowledge protocol fitted to security microprocessor
minimizing both transmission and memory. In Advances in Cryptology
- Eurocrypt '88, pages 123-128, Springer-Verlag, 1988.
(See Question 107)
[Has88] J. Hastad. Solving simultaneous modular
equations of low degree. SIAM Journal of Computing, 17:
336-241, 1988.
(See Question 10)
[Hel80] M.E. Hellman. A cryptanalytic time-memory
trade off. IEEE Transactions on Information Theory, IT-26:
401-406, 1980.
(See Question 65)
[Return to Main FAQ Home Page]
[Hic95] K.E.B. Hickman. The SSL Protocol
. December 1995. <http://
www.netscape.com/newsref/std/>
(See Question 134)
[HKM95] C. Harpes, G.G. Kramer, and J.L. Massey.
A generalization of linear cryptanalysis and the applicability
of Matsui's piling-up lemma. In Advances in Cryptology - Eurocrypt
'95, pages 24-38, Springer-Verlag, 1995.
[HS91] S. Haber and W.S. Stornetta. How to
timestamp a digital document. Journal of Cryptology, 3(2):
99-111, 1991.
(See Question 108)
[IBM95] IBM, Netscape, GTE, CyberCash, and
MasterCard. Secure Electronic Payment Protocol (SEPP). Draft,
Version 1.2, November 3, 1995.
<http://www.mastercard.com/>
(See Question 140)
[IEE95] IEEE Working Group P1363. Working
Draft: IEEE 1363: Standard for RSA, Diffie-Hellman and Related
Public-Key Cryptography. In preparation, 1995.
(See Question 167)
[ISO87] ISO DIS 8730. Banking requirements
for message authentication (wholesale). 1987.
(See Question 158)
[Return to Main FAQ Home Page]
[ISO91] ISO/IEC 9979. Data Cryptographic
Techniques - Procedures for the Registration of Cryptographic
Algorithms. 1991.
(See Question 169)
[ISO92a] ISO/IEC 9798. Entity authentication
mechanisms using symmetric techniques. 1992.
(See Question 168)
[ISO92b] ISO/IEC 10116. Modes of operation
for an n-bit block cipher algorithm. 1992.
(See Question 82)
[ISO92c] ISO/IEC 10118. Information technology
- Security techniques - Hash functions. 1992.
(See Question 160)
[JML93] D.B. Johnson, S.M. Matyas, A.V. Le,
and J.D. Wilkins. Design of the commercial data masking facility
data privacy algorithm. In Proceedings of the 1st ACM Conference
on Communications and Computer Security, ACM Press, VA, 1993.
(See Question 133)
[Jue83] R.R. Jueneman. Analysis of certain
aspects of output feedback mode. In Advances in Cryptology:
Proceedings of Crypto '82, pages 99-127, Plenum Press, 1983.
(See Question 83)
[Return to Main FAQ Home Page]
[Kah67] D. Kahn. The Codebreakers.
Macmillan Co., New York, 1967.
(See Question 1)
[Kal92] B.S. Kaliski Jr. RFC 1319: The
MD2 Message-Digest Algorithm. RSA Laboratories, April 1992.
(See Question 99)
[Kal93a] B.S. Kaliski Jr. RFC 1424: Privacy
Enhancement for Internet Electronic Mail: Part IV: Key Certification
and Related Services. RSA Laboratories, February 1993.
[Kal93b] B.S. Kaliski Jr. A survey of encryption
standards. IEEE Micro, 13(6): 74-81, December 1993.
(See Question 20 and Question 127)
[Kal95] B.S. Kaliski Jr. A chosen message
attack on Demytko's cryptosystem. Journal of Cryptology. To appear.
(See Question 31)
[Ken93] S. Kent. RFC 1422: Privacy Enhancement
for Internet Electronic Mail, Part II: Certificate-Based Key Management
. Internet Activities Board, February 1993.
(See Question 123)
[Return to Main FAQ Home Page]
[KMS95] P. Karn, P. Metzger, and W. Simpson.
RFC 1829: The ESP DES-CBC Transform. Qualcomm, Piermont,
and Daydreamer, August 1995.
(See Question 137)
[KN93] J. Kohl and B. Neuman. The Kerberos
Network Authentication Service. Network Working Group RFC
1510, 1993.
(See Question 144)
[KNT94] J. Kohl, B. Neuman, and T. Tso. The
evolution of the Kerberos authentication service. Distributed
Open Systems, IEEE Press, 1994.
(See Question 144)
[Knu81] D.E. Knuth. The Art of Computer
Programming, volume 2, Seminumerical Algorithms. Addison-Wesley,
2nd edition, 1981.
(See Question 48 and Question 112)
[Knu93] L.R. Knudsen. Practically secure
Feistel ciphers. In Proceedings of 1st Workshop on Fast
Software Encryption, pages 211-221, Springer-Verlag, 1993.
(See Question 59)
[Knu95] L.R. Knudsen. A key-schedule weakness
in SAFER K-64. In Advances in Cryptology - Crypto '95,
pages 274-286, Springer-Verlag, 1995.
(See Question 78)
[Return to Main FAQ Home Page]
[KO95] K. Kurosawa and K. Okada. Low exponent
attack against elliptic curve RSA. In Advances in Cryptology
- Asiacrypt '94, pages 376-383, Springer-Verlag, 1995.
(See Question 31)
[Kob87] N. Koblitz. Elliptic curve cryptosystems.
Mathematics of Computation, 48: 203-209, 1987.
(See Question 31)
[Kob94] N. Koblitz. A Course in Number
Theory and Cryptography. Springer-Verlag, 1994.
(Question 30 and Question 48)
[Koc94] Ç.K. Koç. High-Speed
RSA Implementation. Technical Report TR-201, version 2.0,
RSA Laboratories, November 1994.
(See Question 9)
[KR94] B.S. Kaliski Jr. and M.J.B. Robshaw.
Linear cryptanalysis using multiple approximations. In Advances
in Cryptology - Crypto '94, pages 26-39, Springer-Verlag,
1994.
(See Question 59)
[KR95a] B.S. Kaliski Jr. and M.J.B. Robshaw.
Linear cryptanalysis using multiple approximations and FEAL. In
Proceedings of 2nd Workshop on Fast Software
Encryption, pages 249-264, Springer-Verlag, 1995.
(See Question 79)
[Return to Main FAQ Home Page]
[KR95b] B.S. Kaliski Jr. and M.J.B. Robshaw.
Message authentication with MD5. CryptoBytes, 1(1): 5-8,
1995.
(See Question 102)
[KR95c] B.S. Kaliski Jr. and M.J.B. Robshaw.
The secure use of RSA. CryptoBytes, 1(3): 7-13, 1995.
(See Question 10)
[KR96] B.S. Kaliski Jr. and M.J.B. Robshaw.
Multiple encryption: weighing up security and performance.
Dr. Dobb's Journal, #243, pages 123-127, January 1996.
(See Question 85 and
Question 72)
[Kra93] D. Kravitz. Digital signature algorithm.
U.S. Patent #5,231,668, July 27, 1993.
(See Question 28)
[KRS88] B.S. Kaliski Jr., R.L. Rivest, and
A.T. Sherman. Is the data encryption standard a group? Journal
of Cryptology, 1: 3-36, 1988.
(See Question 61)
[KT91] V.I. Korzhik and A.I. Turkin. Cryptanalysis
of McEliece's public-key cryptosystem. In Advances in Cryptology
- Eurocrypt '91, pages 68-70, Springer-Verlag, 1991.
(See Question 34)
[Return to Main FAQ Home Page]
[KY95] B.S. Kaliski Jr. and Y.L. Yin. On differential
and linear cryptanalysis of the RC5 encryption algorithm. In
Advances in Cryptology - Crypto '95, pages 171-183,
Springer-Verlag, 1995.
(See Question 76)
[Lan88] S. Landau. Zero knowledge and the
Department of Defense. Notices of the American Mathematical
Society, 35: 5-12, 1988.
(See Question 149)
[Len87] H.W. Lenstra Jr. Factoring integers
with elliptic curves. Annuals of Mathematics., 126: 649-673,
1987.
(See Question 48)
[LH94] S.K. Langford and M.E. Hellman. Differential-linear
cryptanalysis. In Advances in Cryptology - Crypto '94
, pages 17-25, Springer-Verlag, 1994.
(See Question 59)
[Lin93] J. Linn. RFC 1508: Generic Security
Services Application Programming Interface. Geer Zolot Associates,
September 1993.
(See Question 145)
[Lip94] R.J. Lipton. Speeding up computations
via molecular biology. Princeton University, draft, December 1994.
(See Question 111)
[Return to Main FAQ Home Page]
[LL90] A.K. Lenstra and H.W. Lenstra Jr. Algorithms
in number theory. In J. van Leeuwen, editor, Handbook of Theoretical
Computer Science, volume A, pages 673-715, MIT Press/Elsevier,
Amsterdam, 1990.
(See Question 48 and Question 52)
[LLM93] A.K. Lenstra, H.W. Lenstra Jr., M.S.
Manasse, and J.M. Pollard. The factorization of the ninth Fermat
number. Mathematics of Computation, 61(203): 319-349, 1993.
(See Question 48)
[LM91a] X. Lai and J.L. Massey. A proposal
for a new block encryption standard. In Advances in Cryptology
- Eurocrypt '90, pages 389-404, Springer-Verlag, 1991.
(See Question 77)
[LM91b] A.K. Lenstra and M.S. Manasse. Factoring
with two large primes. In Advances in Cryptology - Eurocrypt
'90, pages 72-82, Springer-Verlag, 1991.
[LMM92] X. Lai, J.L. Massey and S. Murphy.
Markov ciphers and differential cryptanalysis. In Advances
in Cryptology - Eurocrypt '91, pages 17-38, Springer-Verlag,
1992.
(See Question 58 and Question 77)
[LO91] B.A. LaMacchia and A.M. Odlyzko. Computation
of discrete logarithms in prime fields. Designs, Codes and
Cryptography, 1: 47-62, 1991.
(See Question 53)
[Return to Main FAQ Home Page]
[LRW92] X. Lai, R.A. Rueppel, and J. Woollven.
A fast cryptographic checksum algorithm based on stream ciphers.
In Advances in Cryptology - Auscrypt '92, Springer-Verlag,
1992.
(See Question 102)
[Mas93] J.L. Massey. SAFER K-64: A byte-oriented
block ciphering algorithm. In Proceedings of 1st Workshop
on Fast Software Encryption, pages 1-17, Springer-Verlag,
1993.
(See Question 78)
[Mas95] J.L. Massey. SAFER K-64: One year
later. In Proceedings of 2nd Workshop on Fast
Software Encryption, pages 212-241, Springer-Verlag, 1995.
[Mat93] M. Matsui. Linear cryptanalysis method
for DES cipher. In Advances in Cryptology - Eurocrypt '93,
pages 386-397, Springer-Verlag, 1993.
Question 59
[Mat94] M. Matsui. The first experimental
cryptanalysis of the data encryption standard. In Advances
in Cryptology - Crypto '94, pages 1-11, Springer-Verlag, 1994.
(See Question 65)
[Mat96] T. Matthews. Suggestions for random
number generation in software. Bulletin No. 1, RSA Laboratories,
January 1996.
(See Question 112)
[Return to Main FAQ Home Page]
[Mau94] U. Maurer. Towards the equivalence
of breaking the Diffie-Hellman protocol and computing discrete
logarithms. In Advances in Cryptology - Crypto '94, pages
271-281, Springer-Verlag, 1994.
(See Question 24)
[Mce78] R.J. McEliece. A public-key cryptosystem
based on algebraic coding theory. JPL DSN Progress Report 42-44
, pages 114-116, 1978.
(See Question 34)
[Mcn95] F.L. McNulty. Clipper Alive and well
as a voluntary government standard for telecommunications. The
1995 RSA Data Security Conference, January 1995.
[Men93] A. Menezes. Elliptic Curve Public
Key Cryptosystems. Kluwer Academic Publishers, 1993.
[Mer79] R.C. Merkle. Secrecy, authentication
and public-key systems. Ph. D. Thesis, Stanford University, 1979.
[Mer90a] R.C. Merkle. One way hash functions
and DES. In Advances in Cryptology - Crypto '89, pages
428-446, Springer-Verlag, 1990.
(See Question 97)
[Return to Main FAQ Home Page]
[Mer90b] R.C. Merkle. A digital signature
based on a conventional encryption function. In Advances in
Cryptology - Crypto '89, pages 428-446, Springer-Verlag, 1990.
(See Question 35)
[Mer91] R.C. Merkle. Fast software encryption functions. In Advances
in Cryptology - Crypto '90, pages 627-638, Springer-Verlag,
1991.
[MH78] R.C. Merkle and M.E. Hellman. Hiding
information and signatures in trapdoor knapsacks. IEEE Transactions
on Information Theory, IT-24: 525-530, 1978.
(See Question 32)
[MH81] R.C. Merkle and M.E. Hellman. On the
security of multiple encryption. Communications of the ACM
, 24: 465-467, July 1981.
(See Question 63, Question 72, and Question 85)
[Mic93] S. Micali. Fair public-key cryptosystems.
In Advances in Cryptology - Crypto '92, pages 113-138,
Springer-Verlag, 1993.
(See Question 154)
[Mic95] Microsoft Corporation. STT Wire
Formats and Protocols. Version 0.902, Redmond, WA, October
5, 1995. <http://www.microsoft.com/>
(See Question 142)
[Return to Main FAQ Home Page]
[Mil86] V.S. Miller. Use of elliptic curves
in cryptography. In Advances in Cryptology - Crypto '85,
pages 417-426, Springer-Verlag, 1986.
(See Question 31)
[MOV90] A. Menezes, T. Okamoto, and S. Vanstone.
Reducing elliptic curve logarithms to logarithms in a finite
field. Unpublished manuscript, September 1990.
(See Question 31)
[MQV95] A. Menezes, M. Qu, and S. Vanstone.
Some new key agreement protocols providing implicit authentication.
In Preproceedings of Workshops on Selected Areas in Cryptography
, 1995.
(See Question 127
and Question 161)
[MS95a] P. Metzger and W. Simpson. RFC 1828: IP Authentication
using Keyed MD5. Piermont and Daydreamer, August 1995.
(See Question 91)
[MS95b] W. Meier and O. Staffelbach. The self-shrinking
generator. In Advances in Cryptology - Eurocrypt '94, pages
205-214, Springer-Verlag, 1995.
(See Question 137)
[Mur90] S. Murphy. The cryptanalysis of FEAL-4
with 20 chosen plaintexts. Journal of Cryptology, 2(3):
145-154, 1990.
(See Question 58 and Question 79)
[Return to Main FAQ Home Page]
[MY92] M. Matsui and A. Yamagishi. A new method
for known plaintext attack of FEAL cipher. In Advances in Cryptology
- Eurocrypt '92, pages 81-91, Springer-Verlag, 1992.
(See Question 59)
[NIS80] National Institute of Standards and
Technology (NIST). FIPS Publication 81: DES Modes of Operation
. December 2, 1980. Originally issued by National Bureau of
Standards.
(See Question 66 and Question 82)
[NIS85] National Institute of Standards and
Technology (NIST). FIPS Publication 113: Computer Data Authentication
. 1985.
(See Question 102)
[NIS92] National Institute of Standards and
Technology (NIST). The Digital Signature Standard, proposal and
discussion. Communications of the ACM, 35(7): 36-54, July
1992.
(See Question 26)
[NIS93a] National Institute of Standards
and Technology (NIST). FIPS Publication 180: Secure Hash Standard
(SHS). May 1993.
(See Question 100)
[NIS93b] National Institute of Standards
and Technology (NIST). FIPS Publication 46-2: Data Encryption
Standard. December 1993.
(See Question 64)
[Return to Main FAQ Home Page]
[NIS94a] National Institute of Standards
and Technology (NIST). FIPS Publication 185: Escrowed Encryption
Standard. February 1994.
(See Question 146 and Question 155)
[NIS94b] National Institute of Standards
and Technology (NIST). FIPS Publication 186: Digital Signature
Standard (DSS). May 1994.
(See Question 26 and Question 146)
[NIS94c] National Institute of Standards
and Technology (NIST). Announcement of Weakness in the Secure
Hash Standard. May 1994.
(See Question 100)
[NK95] K. Nyberg and L.R. Knudsen. Provable
security against a differential attack. Journal of Cryptology
, 8(1): 27-37, 1995.
(See Question 58)
[NMR94] D. Naccache, D. M'raïhi, D. Raphaeli,
and S. Vaudenay. Can D.S.A. be improved? Complexity trade-offs
with the Digital Signature Standard. In Advances in Cryptology
- Eurocrypt '94, pages 77-85, Springer-Verlag, 1994.
(See Question 26)
[NS78] R.M. Needham and M.D. Schroeder. Using
encryption for authentication in large networks of computers.
Communications of the ACM, 21: 993-999, 1978.
(See Question 144)
[Return to Main FAQ Home Page]
[NS94] M. Naor and A. Shamir. Visual cryptography.
In Advances in Cryptology - Eurocrypt '94, pages 1-12,
Springer-Verlag, 1994.
(See Question 106)
[NSA95] NSA Cross Organization CAPI Team.
Security Service API: Cryptographic API Recommendation,
1995.
(See Question 145)
[Nyb95] K. Nyberg. Linear approximation of
block ciphers. In Advances in Cryptology - Eurocrypt '94
(rump session), pages 439-44, Springer-Verlag, 1995.
(See Question 59)
[OA94] K. Ohta and K. Aoki. Linear cryptanalysis
of the fast data encipherment algorithm. In Advances in Cryptology
- Crypto '94, pages 12-16, Springer-Verlag, 1994.
(See Question 79)
[Oco95] L. O'Connor. A unified markov approach
to differential and linear cryptanalysis. In Advances in Cryptology
- Asiacrypt '94, pages 387-397, Springer-Verlag, 1995.
(See Question 59)
[Odl84] A.M. Odlyzko. Discrete logarithms
in finite fields and their cryptographic significance. In Advances
in Cryptology - Eurocrypt '84, pages 224-314, Springer-Verlag,
1984.
(See Question 52)
[Return to Main FAQ Home Page]
[Odl95] A.M. Odlyzko. The future of integer
factorization. CryptoBytes, 1(2): 5-12, 1995.
(See Question 12)
[Oka93] T. Okamoto. Provably secure and practical
identification schemes and corresponding signature schemes. In
Advances in Cryptology - Crypto '92, pages 31-53, Springer-Verlag,
1993.
(See Question 143)
[OPS93] Office of the Press Secretary. Statement
. The White House, April 16, 1993.
(See Question 151)
[Pol74] J. Pollard. Theorems of factorization
and primality testing. Proceedings of Cambridge Philosophical
Society, 76: 521-528, 1974.
(See Question 48 and Question 52)
[Pol75] J. Pollard. Monte Carlo method for
factorization. BIT, 15: 331-334, 1975.
(See Question 48)
[Pre93] B. Preneel. Analysis and Design
of Cryptographic Hash Functions. Ph.D. Thesis, Katholieke
University Leuven, 1993.
(See Question 94,
Question 99, Question 100,
and Question 101)
[Return to Main FAQ Home Page]
[Pre94] B. Preneel. The State of DES. 1994
RSA Laboratories Seminar Series, August 1994.
(See Question 72)
[QG90] J.J. Quisquater and L. Guillou. How
to explain zero-knowledge protocols to your children. In Advances
in Cryptology - Crypto '89, pages 628-631, Springer-Verlag,
1990.
(See Question 107)
[Rab79] M.O. Rabin. Digitalized signatures
and public-key functions as intractable as factorization.
Technical Report MIT/LCS/TR-212, MIT, 1979.
(See Question 37)
[RC93] P. Rogaway and D. Coppersmith. A software-optimized
encryption algorithm. In Proceedings of 1st Workshop on
Fast Software Encryption, pages 56-63, Springer-Verlag,
1993.
(See Question 88)
[RC95] N. Rogier and P. Chauvaud. The compression
function of MD2 is not collision free. Presented at Selected
Areas in Cryptography '95, Ottawa, Canada, May 18-19, 1995.
(See Question 99)
[RG91] D. Russell and G.T. Gangemi Sr. Computer
Security Basics. O'Reilly & Associates, Inc., 1991.
(See Question 171)
[Return to Main FAQ Home Page]
[Riv90] R.L. Rivest. Cryptography. In J. van
Leeuwen, editor, Handbook of Theoretical Computer Science,
volume A, pages 719-755, MIT Press/Elsevier, Amsterdam, 1990.
(See Question 1)
[Riv91a] R.L. Rivest. Finding four million
random primes. In Advances in Cryptology - Crypto '90,
pages 625-626, Springer-Verlag, 1991.
(See Question 15 and Question 52)
[Riv91b] R.L. Rivest. The MD4 message digest
algorithm. In Advances in Cryptology - Crypto '90, pages
303-311, Springer-Verlag, 1991.
(See Question 99)
[Riv92a] R.L. Rivest. Response to NIST's
proposal. Communications of the ACM, 35: 41-47, July 1992.
(See Question 12 and Question 52)
[Riv92b] R.L. Rivest. RFC 1320: The MD4
Message-Digest Algorithm. Network Working Group, April 1992.
(See Question 99)
[Riv92c] R.L. Rivest. RFC 1321: The MD5
Message-Digest Algorithm. Internet Activities Board, April
1992.
(See Question 99)
[Return to Main FAQ Home Page]
[Riv95] R.L. Rivest. The RC5 encryption algorithm.
CryptoBytes, 1(1): 9-11, 1995.
(See Question 76)
[Rob95a] M.J.B. Robshaw. Block Ciphers
. Technical Report TR-601, version 2.0, RSA Laboratories,
August 1995.
(See Question 54 and Question 61)
[Rob95b] M.J.B. Robshaw. Stream Ciphers
. Technical Report TR-701, version 2.0, RSA Laboratories,
July 1995.
(See Question 86 and Question 92)
[Rob95c] M.J.B. Robshaw. MD2, MD4, MD5,
SHA and Other Hash Functions. Technical Report TR-101, version
4.0, RSA Laboratories, July 1995.
(See Question 99 and Question 100)
[Rob95d] M.J.B. Robshaw. Security estimates
for 512-bit RSA. Technical Note, RSA Laboratories, June 1995.
(See Question 12)
[RS95] E. Rescorla and A. Schiffman. The
Secure HyperText Transfer Protocol. Internet-Draft, EIT, July
1995.
(See Question 133)
[Return to Main FAQ Home Page]
[RSA78] R.L. Rivest, A. Shamir, and L.M. Adleman.
A method for obtaining digital signatures and public-key cryptosystems.
Communications of the ACM, 21(2): 120-126, February 1978.
(See Question 8 and Question 108)
[RSA95] RSA Laboratories. PKCS #11: Cryptographic
Token Interface Standard. Version 1.0, April 1995.
(See Question 145)
[Rue92] R.A. Rueppel. Stream ciphers. In
Contemporary Cryptology - The Science of Information Integrity
. IEEE Press, 1992.
(See Question 92)
[SB93] M.E. Smid and D.K. Branstad. Response
to comments on the NIST proposed Digital Signature Standard. In
Advances in Cryptology - Crypto '92, pages 76-87, Springer-Verlag,
1993.
(See Question 26 and Question 27)
[Sch83] I. Schaumuller-Bichl. Cryptanalysis
of the Data Encryption Standard by a method of formal coding.
Cryptography, Proc. Burg Feuerstein 1982, 149: 235-255,
Berlin,1983.
(See Question 74)
[Sch90] C.P. Schnorr. Efficient identification
and signatures for smart cards. In Advances in Cryptology -
Crypto '89, pages 239-251, Springer-Verlag, 1990.
(See Question 27 and Question 18)
[Return to Main FAQ Home Page]
[Sch91] C.P. Schnorr. Method for identifying
subscribers and for generating and verifying electronic signatures
in a data exchange system. U.S. Patent #4,995,082, February 19,
1991.
(See Question 28)
[Sch93] B. Schneier. Description of a new
variable-length key, 64-bit block cipher (Blowfish). In Proceedings
of 1st Workshop on Fast Software Encryption, pages
191-204, Springer-Verlag, 1993.
(See Question 81)
[Sch95a] B. Schneier. The Blowfish encryption
algorithm: one year later. Dr. Dobb's Journal, No. 234,
pages 137-138, September 1995.
(See Question 81)
[Sch95b] B. Schneier. Applied Cryptography
: Protocols, Algorithms, and Source Code in C. Wiley,
2nd Edition, 1995.
(See Question 1 and Question 18)
[SH95] C.P. Schnorr and H.H. Hörner. Attacking
the Chor-Rivest cryptosystem by improved lattice reduction. In
Advances in Cryptology - Eurocrypt '95, pages 1-12,
Springer-Verlag, 1995.
(See Question 32)
[Sha49] C.E. Shannon. Communication Theory
of Secrecy Systems. Bell Systems Technical Journal, 28:
656-715, October 1949.
(See Question 93)
[Return to Main FAQ Home Page]
[Sha79] A. Shamir. How to share a secret.
Communications of the ACM, 22: 612-613, 1979.
(See Question 103)
(See Question 104)
[Sha84] A. Shamir. A polynomial time algorithm
for breaking the basic Merkle-Hellman cryptosystem. IEEE Transactions
on Information Theory, IT-30(5): 699-704, September 1984.
(See Question 32)
[Sha95] M. Shand. Personal communication.
1995.
(See Question 9)
[Sho94] P.W. Shor. Algorithms for quantum
computation: Discrete logarithms and factoring. In Proceedings
of the 35th Annual IEEE Symposium on the Foundations of Computer
Science, pages 124-134, 1994.
(See Question 109)
[Sil87] R.D. Silverman. The multiple polynomial
quadratic sieve. Mathematics of Computation, 48: 329-339,
1987.
(See Question 48)
[Sim92] G.J. Simmons, editor. Contemporary
Cryptology - The Science of Information Integrity. IEEE Press,
1992.
(See Question 1,
Question 103, and
Question 105)
[Return to Main FAQ Home Page]
[SM88] A. Shimizu and S. Miyaguchi. Fast data
encipherment algorithm FEAL. In Advances in Cryptology - Eurocrypt
'87, pages 267-280, Springer-Verlag, 1988.
(See Question 79)
[SPC95] M. Stadler, J.M. Piveteau, and J.
Carmenisch. Fair blind signatures. In Advances in Cryptology
- Eurocrypt '95, pages 209-219, Springer-Verlag, 1995.
(See Question 39)
[SS95] P. Smith and C. Skinner. A public-key
cryptosystem and a digital signature system based on the Lucas
function analogue to discrete logarithms. In Advances in Cryptology
- Asiacrypt '94, pages 357-364, Springer-Verlag, 1995.
(See Question 33)
[Sta95] W. Stallings. Network and Internetwork
Security Principles and Practice. Prentice-Hall, New Jersey,
1995.
(See Question 1)
[Sti95] D.R. Stinson. Cryptography - Theory
and Practice. CRC Press, Boca Raton, 1995.
(See Question 1 and Question 102)
[SV93] M. Shand and J. Vuillemin. Fast implementations
of RSA cryptography. In Proceedings of the 11th IEEE Symposium
on Computer Arithmetic, pages 252-259, IEEE Computer Society
Press, 1993.
(See Question 9)
[Return to Main FAQ Home Page]
[Ver26] G.S. Vernam. Cipher printing telegraph
systems for secret wire and radio telegraphic communications.
J. Amer. Inst. Elec. Eng., vol. 45, pages 109-115, 1926.
(See Question 93)
[Vis95] Visa International. Secure Transaction
Technology Specifications, Version 1.0, September 26, 1995.
(http://www.visa.com/)
(See Question 142)
[VP92] E. van Heyst and T.P. Pederson. How
to make efficient fail-stop signatures. In Advances in Cryptology
- Eurocrypt '92, pages 366-377, Springer-Verlag, 1992.
(See Question 41)
[VW91] P. van Oorschot and M. Wiener. A known
plaintext attack on two-key triple encryption. In Advances
in Cryptology - Eurocrypt '90, pages 318-325, Springer-Verlag,
1991.
[VW94] P. van Oorschot and M. Wiener. Parallel
collision search with application to hash functions and discrete
logarithms. In Proceedings of 2nd ACM Conference on Computer
and Communication Security, 1994.
(See Question 96 and Question 99)
[Wie94] M.J. Wiener. Efficient DES key search.
Technical Report TR-244, School of Computer Science, Carleton
University, Ottawa, Canada, May 1994.
(See Question 57 and Question 65)
[Return to Main FAQ Home Page]
[Xop95] X/Open Company Ltd. Generic Cryptographic
Service API (GCS-API). Base - Draft 3, April 1995.
(See Question 145)
[Yuv79] G. Yuval. How to swindle Rabin.
Cryptologia, July 1979.
(See Question 96)
[ZPS93] Y. Zheng, J. Pieprzyk and J. Seberry.
HAVAL - a one-way hashing algorithm with variable length output.
In Advances in Cryptology - Auscrypt '92, pages 83-104,
Springer-Verlag, 1993.
(See Question 101)
[Return to Main FAQ Home Page]
