Foreword Preface Contents Author index Keyword Index Search Help

Keyword Index

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

A reference of the form c90 refers to a paper in Crypto '90, whereas a reference of the form e90 refers to a paper in Eurocrypt '90.

A5 algorithm e97-239
access control c81-31 e84-480 c89-316 e90-446 c91-1
algebraic number fields c85-369 c97-385
alternating step generator e87-5 c97-499
analog cryptosystems c81-59 c81-115 c81-120 e82-130 e82-147 e82-157 e82-173 c84-83 c84-95 e87-143
anonymity c81-138 c84-432 e85-241 e89-302 e89-320 e89-373 e89-690 e93-248 e94-332 e95-39 c96-61 e97-88 c97-395
approximation attacks e96-268
arbitrated signature schemes (see also digital signatures) c81-65 c87-216
arthur-merlin games c88-580 c97-31
asymmetric encryption (see public key cryptosystems)
audio teleconference c87-418 c89-324
authentication codes c84-411 e85-261 c85-42 e86-1 c86-418 e87-167 e87-171 c87-269 c87-355 e88-57 c88-311 e90-283 e90-294 e90-306 c90-169 c90-177 e91-472 c91-62 e92-467 e93-1 e93-12 e94-244 e94-254 e94-456 c94-140 e95-289 c96-16 c96-31 e97-149 e97-409
arbitration e87-151 e88-51 c93-343
interactive authentication c93-355 c94-121 e95-158
perfect e89-476
universal hashing c82-79 c91-74 c91-74 e95-311
avalanche criterion (see also DES S-box design) c81-53 c84-359 c84-468 c85-523 c88-450 e89-63 c89-612 e90-174 c90-564 e93-102 e94-376 e97-434
BAN logic e93-240 e93-443
banking networks c81-31 c81-38 c82-187 c84-393 c84-401 e85-208 c86-347
batch operations
Diffie-Hellman e92-208
RSA c89-175
Benes network e96-307
bent functions e90-151 c92-280 e93-77 e94-356 c94-383 e97-422
Berlekamp-Massey algorithm (see also linear complexity) c83-249 c86-405 e88-345 c89-90 e96-256 e94-215 c95-262
binary multiplying channel e84-339
birational permutations c93-1 c93-435 c95-136
birthday attack c85-14 e88-129 e96-307
bit commitment c87-87 e89-150 c89-17 c89-128 c90-49 c90-94 e92-324 c93-250 c94-188 e95-367 c95-84 c96-201 e97-306
bit security c85-128 e97-267
of Diffie-Hellman c96-129
of linear functions c96-114
of Rabin and RSA schemes c83-369 e84-113 e84-127 c84-303 c85-448 e97-267 e96-178
black box fields c96-283
black box cryptanalysis e94-47
blind signatures c82-199 c83-153 e87-227 c92-89 e94-67 e94-428 c97-150
fair blind signatures e95-209
block ciphers (see also IDEA, DES, FEAL LOKI, and Lucifer) c81-42 e87-237 c89-461 c90-530 c90-564 e97-14
cipher block chaining mode (CBC) c83-209 c94-341
cipher feedback mode (CFB) c93-212
design principles c84-377 e87-249 e91-352 e91-368 e91-378
and hash functions e89-102 c89-428 c93-379
modes of operation e87-281
output feedback mode (OFB) e82-263 c82-97 c82-99 e86-4
Blom key distribution scheme c82-231
Blum-Goldwasser encryption scheme (see probabilistic encryption)
book ciphers c84-101
boolean functions e82-235 e82-257 c89-612 e90-124 e90-161 e90-214 e91-141 e91-368 e96-268 e96-294 e97-14 e97-226 e97-434
non-linearity e84-25 e89-549 c90-582 c90-601 e91-378 e93-65 c93-49 e94-376
Brickell-McCurley scheme e90-63 e95-64
broadcast encryption c83-157 e91-535 e93-424 c93-480 e94-287 c96-387
bucket hashing c95-29 e97-149
business issues c81-110
byzantine agreement c82-167
Cade cipher e86-27 c86-60 c86-64
Capstone c96-89
cascade ciphers c83-43 e84-99 e86-37 e86-40 e86-45 e88-331 e89-680 c95-148
CBC-MAC c93-200
cellular automata c85-429 e91-186
cellular telephones c97-526 e97-239
certificate (see digital signature)
challenge-response protocol (see identification schemes)
chaotic maps e91-127 e91-532 c94-318
Chinese remainder theorem c96-104
Chor-Rivest public key cryptosystem c84-54 e95-1
chosen ciphertext attack c85-516 c88-256 e89-3 c92-292 c93-420
cipher block chaining (CBC) (see block ciphers)
cipher feedback (CFB) (see block ciphers)
claw-free function (see also collision intractibility) e87-203 e90-441 c90-94 c92-433
Clipper chips (see key escrow)
CMEA c97-526
codes c86-35 c88-540 e89-657 e91-517 e94-131 e96-212 c97-485
hash functions c93-331 c93-368
interactive authentication (see also identification) e82-283 c93-355 c94-121 e95-158
syndrome decoding e96-245 c93-13
coin flipping c81-11 c85-87 c90-253
collision free (see collision intractibility)
collision resistance (see collision intractibility)
collision intractibility e87-203 e90-326 c90-285 c97-470 c96-201 c92-433 c94-40
FFT-Hash e92-35 e92-45 c92-587
collision search e89-429 c89-408 c96-229
COMSEC device security c81-124
computation with encrypted inputs (see also instance hiding, locally random reductions, and random self-reducibility) c85-477 c87-40 c87-73 c87-87 c88-336 c91-377 c91-392 c91-420
computer and network security c81-130 e82-219
computer viruses c86-459 c88-354 c89-616
conference key distribution c87-175 e88-11 c88-520 c89-324 e92-437 e92-449 e93-440 e94-275
confusion c84-314
constrained linear equations c94-164
continued fractions e88-191 e89-571 e90-313
contracts (see fair exchange)
correlation attack e87-25 e88-301 e89-586 e90-204 e90-214 e91-176 e92-113 e92-472 e94-230 e95-248 c97-499
correlation immunity (see also boolean function non-linearity) c85-260 c85-260 e86-42 e86-43 e89-549 e90-124 c91-86 e93-181 e96-283 c96-372 e97-422
covert channels (see subliminal channels)
cryptanalysis (see also differential cryptanalysis, linear cryptanalysis, correlation attacks, timing attacks, and differential fault analysis) e82-31 e82-49 c84-339 e86-21 e86-27 e89-395 c94-294 c94-318
cryptographic coprocessors c87-257 e90-230
cut and choose e87-227 e89-294
cyclotomic fields c85-396
databases and storage c81-80 c83-157 c83-231 e86-50 e88-167 c92-89
data compression c83-209 e91-266
Ziv-Lempel complexity e91-114
data-dependent rotations c81-42
Data Encryption Standard (DES) c81-39 c82-89 c83-171 c85-192 c89-428 c90-530 c97-513
DESX c96-252
differential cryptanalysis c92-487 c90-2 c92-497 c93-212
cryptanalysis e82-235 c82-97 c90-2 c92-487 c92-497 e93-386 c93-212 e94-461 c94-1 c94-17 e95-24
cycle structure e82-263 c82-99 c82-129 e85-81 c85-212 c85-282 c85-535 e86-16 c86-9 c87-243 c87-255 e89-429 e92-99 c92-512
exhaustive search e86-17
hardware implementations c84-115 c84-144 c84-147 e87-287 e87-301 c87-257 c91-367 c92-521 c92-575
key schedule c82-311 c84-359 c85-537 e93-398
linear cryptanalysis c94-1 e93-386 c94-26
linearity c84-377 e87-249
propagation characteristics e84-62 c84-359 c84-468 e89-696
pseudo-random permutations c91-301
S-box design (see also avalanche criterion) e82-257 c84-359 c85-280 e86-20 e87-25 c85-523 c86-3 c87-438 c89-612 c90-564 e94-366
triple DES e90-318 c96-237
weak keys c81-41 c82-89 c82-97 e86-16 c86-9 e94-419
Davies-Price message authentication scheme c85-14
deniable encryption c97-90
designated confirmer signatures c89-253 e94-86 c94-61
Dickson scheme e85-50
difference sets e90-151
differential cryptanalysis e91-17 e94-356 e94-366 c94-17 e95-13 c96-216 e97-1
authentication codes c93-200
characteristics e93-360
DES c92-487 c90-2 c92-497 c93-212
FEAL e91-1
Khafre c91-156
LOKI c91-156
Lucifer c91-156 c93-187
MD5 e92-71
N-hash e91-1
RC5 c95-171 c96-216
REDOC-II c91-156
Snefru c91-156
provable security against c92-566 e93-55 c93-403 c94-383 e94-356 e94-376
differential fault analysis (see also tamper resistance) c97-513 e97-37
Diffie-Hellman (see also bit security) c83-359 e89-29 c89-344 e89-597 c90-268 c94-308 e96-332 c97-75 c97-249 c97-264 e97-62 e97-256
batch operation e92-208
bit security e85-62 c96-129
relation to discrete logarithms c88-530 c94-271 c96-268 c96-283
timing attacks c96-104
short exponent attacks e96-332
diffusion c84-314 e89-696 c85-282 e90-389
digital signatures c81-65 c82-211 c83-377 c97-165 c97-180 e96-399
constructions c84-47 c84-54 c84-66 c84-467 c87-369 c89-218 c89-239 c93-1
existentially computationally unforgeable c94-234
forgery e90-441
interactive protocols c95-297
legal requirements e89-273
message recovery e94-182
online/offline signatures c89-263
reductions c83-137 c88-200 e89-16 c94-75
unconditionally secure c90-206
Digital Signature Algorithm (DSA) see Digital Signature Standard
Decimal, Shift, and Add algorithm (DSA) e86-3
Digital Signature Standard (DSS) c97-264 c97-277 e96-354 e94-77 e94-182
attacks c92-76 c96-83
variations e94-77
threshold signatures c95-397
timing attacks c96-104
dining cryptographers (see anonymity)
discrete logarithms c81-142 c84-3 c82-3 c82-15 c83-253 e84-224 c84-73 c90-109 c90-616 e91-281 e91-399 e92-420 e95-341 c97-249 c97-264 e97-62 e97-256 e96-332
class groups c90-134 c94-56
Coppersmith algorithm c84-73 c92-312
elliptic curves c86-84
ElGamal algorithm c84-10 c85-396
in GF(p2) c83-275
special exponents c90-639 e92-454
modulo a composite e90-481
number field sieve c93-159 e95-95
proof of knowledge c86-200 c88-57
subexponential algorithms c93-147
distance bounding e93-344
divertibility e90-1
dynamic passwords (see also password security, identification) e87-171
edit distance c97-499
education c89-628 c92-371
efficient algorithms
GF(2k) e97-363
election schemes e88-177 e89-134 e89-617 c91-405 e93-248 c94-411 e95-393 e97-103 e96-72
electronic cash (see also blind signatures and wallets) c91-338 c92-106 e94-156
anonymous cash c82-199 e88-107 c88-319 c89-481 c96-45 e95-121
divisible cash c91-324 e94-306 c95-438
double spending c93-292
off-line e93-318 c93-302
on-line e89-288
payment systems c82-187 c88-328 e89-294 e95-121
transferability e92-390
ElGamal signature scheme c84-10 c97-249 c97-264 e97-119 e96-10 e96-387 c91-445
cryptanalysis c96-89
verifiable secret sharing c90-253 e95-50 e95-168
electronic funds transfer (EFT) (see banking networks)
electronic mail c81-64 c81-83 e85-43 e89-237 e89-249 e89-355 c92-139
elliptic curve cryptosystem c85-417 c86-84 e91-316 e96-49 c97-235 c97-342 c97-357 e97-363
CM-curves c91-279
counting points e91-328 e95-79 e97-379 e95-79
efficient algorithms e89-706 c89-186 c90-156 e92-163 e92-482 c92-333 c92-345 c94-50 c95-43 e97-379
modulo a composite c91-252 c92-54 e93-40
engineering experience e85-191 c84-3 e89-243
Enigma e82-65 c89-2
entropy e86-28 c87-438 e97-193
ESIGN e91-446
Euler totient function e88-267
exhaustive search c81-2 c81-7 e86-17 e88-361 c88-132 c96-229 c96-252 c92-575
exponentiation e92-200 e92-477 c92-345 e93-274 c94-95 e96-166
addition chains c89-400 e90-222 e92-174 e94-389
in GF(2n) c86-277 c86-302 e88-251
nonlinearity e89-80
exponential sums c96-31
export issues c81-135
factoring c83-71 c83-81 c83-87 c84-114 e85-31 e89-355 e91-281 e92-429
class group algorithm e82-325
elliptic curve algorithm c85-409 e92-183
Morrison-Brillhart algorithm e82-331
number field sieve c95-372
quadratic sieve c83-103 e84-169 e84-183 e88-235 e90-72 c92-324 c93-166 e93-28 e94-400
Schroeppel algorithm e82-331
fail-stop signatures e92-366 c92-15 c93-250 e97-480
fair cryptosystems c92-113 c95-208
fair exchange c81-148 c82-205 c83-133 c83-377 c84-434 e89-150 e93-200 e95-220
FEAL e87-267 c87-434 e88-293 c89-624 c90-22 c90-627 e91-1 c91-172 e92-81 e94-341 c94-12 c94-369
Feistel cipher e96-307
FFT-Hash c92-587
Fiat-Shamir protocol c86-186 c87-21 e88-87 c88-232 c88-244 e89-173 e90-432 e90-446 c90-169 c90-456 e92-488 e97-37 c92-139 c94-202
security c96-143 e89-122
filter generators e96-268
finite state machines e87-65
fingerprinting c85-180 c95-452 e97-88 e96-84
formal coding e82-235
formal verification (see protocol analysis)
forward secrecy e97-62
function composition e88-3 e89-23
Gabidulin cryptosystem e96-212
GCHQ e97-134
generic algorithms e92-420 e97-256
Goldwasser-Micali-Rivest signature scheme c86-104
GOST c96-237 e94-433
graph isomorphism c92-390
group factorizations e93-50 c97-198
group signatures c87-120 e89-56 e91-257 c91-457 e94-171 e94-194 e95-39 e97-465 c97-410
Guillou-Quisquater identification scheme (see identification)
hard core bits e95-356
hard core predicate c97-1
hash functions c89-416 c89-428 e90-412 c97-485 e94-410
block ciphers c83-203 e89-102 c89-428 e92-55 c93-379
constructions e87-217 e91-508 e93-286 c93-331 c93-368 c93-379 c94-40 c94-129 e95-301
heat equation c87-306
Herlestam, Tore e87-3
hidden field equations e96-33 c96-45
history c81-84 c81-110 c81-154 e82-1 e82-31 e82-65 c84-339 e85-3 e85-18 e87-3 e89-2 e89-649 e93-142
HMAC c95-1 c96-1
homophonic coding e88-405 e89-382
homomorphic functions e87-117
hyperelliptic curve c88-94 e91-337 c91-267
IDEA block cipher e90-389 e93-371 e93-453 c93-224 e95-24 c96-237 e97-1
identification schemes e82-283 e84-387 c87-211 e90-493 e91-409 c92-31 e93-260 c93-232
constructions e89-173 c93-13 c94-164
Guillou-Quisquater identification scheme e88-123 c88-216 e89-16 c92-31 c94-202
interactive identification e82-289 c86-186 e88-35 e88-77 c89-498 e90-63 c90-169 e92-461 c94-202 e96-344 e95-319
Okamoto identification scheme e88-281
identity-based cryptosystems c84-47 c86-111 c87-203 c87-340 c87-429 e88-11 e90-16 e90-481 e91-498 c94-83
key exchange c87-194 c88-583 e89-29 e92-458 c91-288
conference key distribution c87-175
incremental hashing c94-216 e97-163 e97-393
information-theoretic security (see also key exchange, perfect secrecy, and security models) c83-303 e86-28 e86-29 e86-49
instance generators c88-297
instance hiding (see also computation with encrypted inputs, locally random reductions, and random self-reducibility) c90-62 c90-326
interconnection networks e91-302
intractible problems in number theory c88-77
irreducibility testing e82-165
ISDN c87-9
ISO 9796 digital signature standard e90-465
isomorphism of polynomials e96-33
Kerberos (see also Needham-Schroeder) c89-35 e91-399
cryptanalysis c96-89
key distribution c82-231 c87-185 e89-75 e89-436 c89-344 c90-268 c90-274 e93-461 c93-444 e94-320 e96-321 c96-387
key equivocation e84-51 c85-489 c87-461 e88-375
key escrow c95-222 e97-119 e97-134 c92-113
Clipper c92-113 c93-456 c95-185 c95-222
software systems e95-147 e96-237 c96-89
warrant bounds c95-197
key exchange c83-137 c83-359 c84-434 e88-159 e89-29 e89-597 c89-335 c89-604 e90-11 e90-98 c91-44 c91-242 c92-461 c92-471 e93-410 c93-456 e94-299 c97-75 c97-292
authentication e89-38 e89-665 c93-232
function composition c81-140 e88-3
information-theoretically secure e97-209
multiparty c91-141
one-way functions e89-56
key freshness and lifetime c85-246 e90-16
key generation e84-317 e84-335 e89-110 c97-425 c92-66 c92-358
key recovery (see key escrow)
key schedule c85-537 e93-398 c96-237
kleptography c97-264 e97-62
Khafre c90-476 c91-156
Khufu c90-476 c94-359
knapsack cryptosystems c81-16 c81-17 e82-289 e82-309 e82-316 c82-279 c82-289 c82-303 c83-3 c83-25 c83-39 c84-54 c84-342 e87-109 e88-97 c89-416 e91-39 e93-305 c93-13 e94-112 c97-105 c97-112 c97-198 c97-221
modular knapsacks c81-20 e90-405 c91-204
polynomial knapsacks e85-73
Kryha machine e82-49
Lamport signature scheme c89-218 c92-1 c94-75
Lanczos algorithm e95-106
lattice reduction (see also knapsack cryptosystems) e87-109 e88-281 c97-105 c97-112 c97-198 c97-221 c97-385 e97-52 e97-163
Chor-Rivest scheme e95-1
LLL algorithm c82-303 c83-39 c84-54 c84-342 c85-104 e90-313 e91-54 e91-281 e94-58
simultaneous diophantine approximation c83-3 e89-47
learning problems c93-278
Lim-Lee cryptosystem c95-287
linear cryptanalysis (see also Data Encryption Standard linearity and boolean function non-linearity) e87-249 e94-341 e94-356 e94-366 c94-12 c94-17 c94-26 c95-157 e96-224 e97-1
DES c94-1 e93-386 c94-26
piling-up lemma e95-24
RC5 c95-171
provable security against e94-439
linear complexity (see also Berlekamp-Massey algorithm) e84-99 e85-119 e85-156 e85-161 c85-260 e86-30 e86-33 e86-34 e86-35 c86-405 e87-15 e87-37 e87-53 e88-191 e89-523 e89-533 e89-563 e89-571 e89-691 c89-82 c89-90 e90-174 e90-189 e91-168 e92-138 e93-151 c93-22 e94-205 e94-223 c94-332 c96-358
de Bruijn sequences e87-5 c88-479 e89-544 e90-196 e95-263
random sequences e85-167
linear congruential generator c82-317 e86-23 c89-138 c97-277
linear consistency c89-164
linear syndrome attack c88-469 c90-34
local area networks c81-73 e82-219 c82-251 e84-349 e85-214 e85-221 c86-451 e87-301 c88-507 e89-38 e89-249 c89-30 c89-64 c89-356
local randomness e92-408
locally random reductions (see instance hiding)
LOKI e93-398 e94-419
Luby-Rackoff block cipher e92-239 e96-307
Lucas sequences c95-386
Lucifer block cipher e93-398 c93-187
MD4 hash function e90-492 c90-303 c91-194 e93-293 c96-298
MD5 hash function e92-71 c96-298
magic ink signatures e97-450
man in the middle attack e97-75
manipulation detection code (MDC) c86-327 e88-97
Markov chains e95-13
Markov ciphers e91-17 e93-453
matrix cover problem c82-21
Matsumoto-Imai public key scheme e84-142 c87-185 e88-419 e95-382 c95-248
maximum order complexity e91-153
McEliece cryptosystem c81-25 e87-143 c87-224 e88-275 c88-119 e89-657 e91-68 e91-482 e91-517 c97-213 e96-212
medical records e82-228 e84-416 e89-662
meet in the middle attacks c83-209 e85-81 c85-192 c91-183 c96-229
Merkle-Hellman cryptosystem (see knapsack cryptosystems)
message authentication code (MAC) c84-393 e86-7 e89-93 c89-154 e97-149 e97-393 e96-19 c96-1 c96-313
CBC-MAC c94-341
differential attacks c93-200
hash functions e95-301 c95-1 c96-1
XOR MACs c95-15
bucket hashing c95-29
Meyer-Matyas hash function e90-326
MIX-networks (see anonymity)
modular arithmetic c82-51 e86-15 e87-217 e88-245 c89-371 c89-387 e90-496 c90-601 c90-619 c91-313 c93-175 e96-166
Montgomery multiplication e90-230 e92-477 e92-488 c96-104
modular polynomial relations c97-16
multi-level security c82-237 e86-50
multi-party computation c82-167 c87-135 c87-462 e89-208 c89-560 c89-589 c89-591 c90-62 c90-77 c93-266 c94-397 c94-425 e95-168 c95-110
multiple encryption c85-212 e89-636
multiplexed sequences e82-189
MTI protocol c97-264
NMAC c96-1
Needham-Schroeder model c93-456 e96-321
noisy channels e82-165 e97-306
non-linearity order (see boolean functions) e89-80 e90-161 e92-92 c96-372
non-malleability c97-46 e94-92
notary c82-259
number field sieve c92-66 c95-372
Okamoto identification scheme (see identification)
Okamoto-Shiraishi signature scheme c85-28
oblivious transfer c82-205 c83-147 e84-379 c84-439 c87-350 c88-2 e89-150 c89-547 c89-604 e90-31 e90-46 c90-77 e91-106 c91-351 e92-285 c95-97 c95-110 e96-119 e97-306 e97-334
old jokes (see recursion)
one time pad c82-39
one-way accumulators e93-274
one-way functions c88-578 c89-604 c90-285 e92-408 c94-75 c97-1 c97-385
bit security c96-114
circuits c91-232
key distribution e89-56
permutations c88-8 c92-421
one way group actions c90-94
Ong-Schnorr signature scheme c83-117 c84-37 e90-432
Ong-Schnorr-Shamir signature scheme c85-3 c92-139 e93-233
optimal asymmetric encryption e94-92
orthogonal arrays c91-62 c94-247
orthogonal groups e82-71 c84-95
orthogonal latin squares e94-47
passports c87-21 e88-183
password security (see also dynamic passwords) c81-81 e82-283 c87-392 c89-44
perceptrons e95-319
perfect secrecy c82-39 e87-237 e89-497 e90-361
permutation group cryptosystems (PGM) c89-447 c94-108
permutation polynomials c83-293
permuted kernel problem c89-606 c92-305 c93-391
personal computers e85-231
physical access control c85-543
ping-pong protocols c82-177 c82-315 c85-58
plug and play encryption c97-75
poker c84-439 c84-454 c85-73 c85-104 c86-234 c86-239 e90-374 c93-319
polyalphabetic ciphers e82-31 e82-49
polynomial substitution c85-340 e86-51
polynomial time e92-297
primality testing c81-10 e84-216 c86-443 e88-211 e89-626 e89-636 e89-652 e90-110 c90-625 e91-328 e91-512 c92-358 c94-282
of polynomials e82-207
privacy amplification c85-468 c97-307 e97-334 e94-266
proactive security e92-307 c95-339 c97-440
probabilistic encryption c82-145 c84-289 c86-381 e88-415
program checking c90-515
propagation criterion e90-161 e91-141
protocol analysis c81-71 c85-87 e85-254 e86-48 c87-167 c87-289 e91-387 c91-24 c91-44 e94-320
pseudo-exponentiation e90-344
pseudo-random number generator (see also alternating step generator, stream ciphers) c81-1 c82-61 c84-193 c84-303 e85-149 c85-433 e87-15 e87-77 e88-225 c88-146 c88-173 e89-423 e91-431 c97-46 c97-277 e96-245 c91-300
hardware constructions c84-203
shrinking generator e94-205 c93-22
pseudo-randomness c89-100 c89-113 c90-421 c94-114
integrity check c93-40
Legendre and Jacobi sequences c88-163
pseudo-random functions c84-276 c89-461 c95-185 c97-46
pseudo-random permutations c84-269 c85-447 e89-412 e90-140 c91-301 e92-239 e92-256 e92-267
tests c90-394 c90-409
public key cryptosystem (see also RSA, Chor-Rivest, Matsumoto-Imai, knapsack cryptosystems, probabilistic encryption) c90-576 e94-92 c95-236 e97-27
constructions c82-21 e84-16 e84-150 c84-10 c84-19 c84-66 c85-128 e87-143 e87-3 e89-3 e89-23 e89-47 c91-445 e94-445 e95-329 e96-33 e96-49 e96-60 c96-45
small key lengths e92-163
public randomness e90-46 c92-421 c92-461
quadratic fields c83-275 c84-37 c85-3 e89-597 c89-335 e90-98 e90-432 c94-56
quadratic residuosity c86-213 c86-234 c90-339 c93-61 e95-367 e96-131
quadratic span (see also linear complexity) c89-82
quantum cryptography c82-267 c84-475 e94-468 c95-424 c97-337
bit commitment c90-49
experiments e90-253 c96-329
key distribution c96-343
oblivious transfer c91-351 e95-133 c95-124
Quisquater-Girault hash function e90-326
RC4 e97-226
RC5 c95-171 c96-216
RIPEMD c96-298
RSA (see also bit security) e82-325 c97-132 c97-221 c97-372 c97-425 c97-440 e97-37 e96-399
and semigroups e82-353
approximate L-th roots c88-100
authentication c89-154
batch operation c89-175
equivalence to factoring c85-358
hardware designs c81-83 c82-327 e84-159 c85-350 c86-277 c86-311 c86-480 e87-95 c87-257 e88-257 e89-219 c89-368 e90-245 e92-221
key generation e84-216 e91-294
low exponent attacks c85-403 e86-55 e89-372 e96-1 e96-155 e96-178
redundancy attacks c85-18
shared key construction c97-425
signature forgery e90-83 e92-378 e97-495 e96-1
threshold signatures e88-455 c89-253 c93-413 e94-194 c96-157
timing attacks (see also tamper resistance) c96-104
variations c82-211 c83-293 c86-49 c86-118 e87-203 e88-455 e89-617 c90-140 c92-1 c94-234 c96-173
random permutations e82-71
random functions c83-43 c87-231 c87-243 e89-329 e91-542 e91-552
random oracle model c97-455 e96-387
random self-reducibility (see also computation with encrypted inputs, instance hiding, and locally random reductions) e89-134
Rao-Nam scheme c87-445 c87-458
REDOC-II c90-545
recursion (see old jokes)
redundancy c97-221 e97-495
related key attack e93-398 c96-237
related message attack c97-213
relativized cryptosystem c81-54
release of secrets c87-156
replay attack c97-213
replicated data c87-379
resilient functions c94-247 e95-274 e96-283 e97-422
rights management e93-260
Rip van Winkle cipher c86-393
RIPE e89-267
rotor machines e89-395
SAFER e95-24 c95-274 c96-237
satellite communications e84-426
Schnorr pseudo-random number generator e89-423
Schnorr signature scheme e89-688 c89-239 e91-71 e93-435 c97-264 e97-37 c92-31 c94-202 e95-64
secret sharing (see also visual cryptography) e82-371 c82-321 c84-231 c84-481 c88-390 e89-436 c89-299 c90-216 c92-558 e93-126 e93-448 e96-107 e96-200
access structures c88-27 e92-1 c95-367
cheaters c86-261 c88-564
dynamic schemes c84-481 c93-110
homomorphic schemes c86-251 c92-549
ideal secret sharing e89-468 c89-278 c92-183
information rate c86-266 c90-242 c91-101 c92-148 c92-168 e93-118 c93-136 e94-13 e95-194
multi-secret schemes c93-126 c94-150
perfect secret sharing e94-23
proactive c95-339
public reconstruction c95-353
ramp schemes c84-242
randomness e94-35
shadow schemes e89-491
threshold schemes c81-82 e86-46 e86-47 c87-330 e88-389 c89-286 e92-25 c95-410
trusted third parties e90-266 e95-183
verifiable secret sharing c86-251 c91-114 c91-129 e95-50 e96-96 e96-190
zero knowledge c93-73
secret key certificates e95-231
Secure Hash Algorithm (SHA) c96-298 e97-348
security models (complexity vs. information-theoretic security) c81-54 e84-3 e85-3 c88-249
self-certified public keys e91-490
semantic security c97-46 e94-92
semigroups e82-353
server-aided computations c88-497 e92-153 e95-64 c95-57 c95-70
SETUP attacks c96-89 c97-264
Shannon's theory c87-461 e90-361
shrinking generator e94-205
shuffle-permutation networks c85-523 c92-260
signcryption c97-165
singular cubic curves e95-329
smart cards c81-109 c82-219 e84-446 e84-457 e84-459 e84-464 e84-470 e84-480 e85-200 e86-8 e86-10 c86-464 e87-177 e88-77 e88-87 c90-502 e91-446 e94-445 e95-404 e96-321
digital signatures c88-484 e91-446
smart diskette c89-74
Snefru c90-476 c91-156
software primitives c90-476 c96-298 e97-348
software libraries e90-230
software protection c81-79 e84-446 c85-140 c85-158 c86-426 c89-610 e90-474
space filling curves c87-398 e89-403
sparse linear systems c90-109
speech scrambling e82-130 e82-147 e82-157 e82-173 e84-399 c84-83 e91-422
spread spectrum e85-273
square root extraction e86-15
standards c81-39 e86-14 c87-3 c87-223 e89-267 c89-620 e91-547
stream signatures c97-180
stream ciphers (see also cascade ciphers) c81-121 e82-181 c82-133 e87-53 e87-237 e88-317 e88-325 e96-256 e97-226 e97-239 c97-499
active attacks e86-4
binary sequence generators e82-189 e91-160 e91-200
clock-controlled generator c82-323 e84-74 e84-93 e85-142 e87-53 e88-331 e89-680 e90-487 c95-148 c97-499 e94-230 e94-450
cryptanalysis c95-262
divide and conquer attacks c85-273
feedback shift registers e82-207 c82-323 c83-249 e85-35 e85-40 e85-130 e85-135 e86-38 e89-503 e89-670 e92-124 e94-215
hardware constructions c84-203 e87-77 e87-83
iterative error correction e91-527
m-sequences e88-351
ML-sequences e85-103
public key e86-53
stop and go generator e84-88
summation generator c85-260
synchronization c84-174 e89-110 e91-458 e93-159 e93-168
strong primes e84-216
subset sum problem e97-163
subliminal channels c83-51 c84-101 c85-33 c87-21 e88-23 c88-375 c89-6 e97-62
digital signatures e84-364 e93-218
surveillance systems e84-437
symmetric encryption c82-139 e85-96 c85-227 c97-292
polynomials over finite fields e84-10
TCP c85-108
tamper resistance (see also timing attacks and differential fault analysis) c83-387 c86-111 e87-83 c87-203 c87-216 c92-89 c93-456 c97-513
threshold cryptosystems e88-455 e89-56 c89-307 e89-617 e90-352 e91-522 e96-107 e96-354 e97-465
disenrollment c92-540
signature schemes c96-74
RSA c96-157
time stamping c90-437 e93-274
timing attacks (see also tamper resistance) c96-104
Toeplitz matrices e95-301
tracing traitors c94-257
traffic analysis e85-245
trapdoors e82-316 c92-66 c92-442 e92-194
trapdoor commitments e96-143
trapdoor rings c85-369
treaty verification c81-138
triple DES (see DES)
unconditional security c97-292 c85-42
undeniable signatures c89-212 e90-458 c90-189 e91-205 e91-221 e91-243 e91-554 c91-470 e96-372 c97-132
cryptanalysis c96-74
blackmail e94-425
universal one-way hash function (see also authentication codes) c82-79 e90-412 c90-285 e91-431 e92-408 c94-129 e95-311 e95-356 c95-29 c96-16 c96-31 c96-313 c97-470 e97-149
video scrambling c87-398 e89-403
visual cryptography e94-1 c96-401 c97-322
voting schemes (see election schemes)
wallets c83-383 c92-89 e93-329 c93-302
Walsh transform (see also correlation immunity) e85-103 e86-43 c87-243 c88-450 e89-80 e90-161 e91-141
weak keys
RC5 c96-216
DES c81-41 c82-89 c82-97 e86-16 c86-9 e94-419
IDEA c93-224
wiretap channel c82-145 e84-33 e97-306
write-once memories e85-111 c85-458
word problem c84-19
zero knowledge c88-37 e89-181 c89-628 c90-456 c92-390 c95-325 c97-46 c96-201
all-or-nothing disclosure c86-234 c89-573
Arthur-Merlin games c88-580
bit commitment c89-17 c90-94
boolean circuits c86-223 c89-507
computational zero knowledge e92-356 c97-31 c97-46 e97-280
designated verifier proofs e96-143
discrete logarithms e87-127 c86-200 c88-57
divertible proofs e89-134 e90-1 e94-140
interactive hashing e93-267 c93-100
interactive proofs (see also identification) e87-3 c87-128 c88-71 c88-284 e89-122 c89-526 c89-545 c90-303 c90-313 c90-339 c90-378 e91-81 e91-96 c93-61 c94-174 c97-46 e97-318 e96-131
key distribution c89-344
medical records e89-662
multi-prover c89-498 c90-366 e91-221 c91-213 c92-215
non-interactive proofs c86-213 c87-52 c88-269 c89-194 c89-547 c90-353 c91-433 e92-341 c92-228 c92-442 c93-85 e95-413 c97-46
NP c86-171
predicates c86-195
oblivious proofs c96-186
parallel proofs c92-246 e94-140
perfect zero knowledge e89-192 c92-196 c93-73 e95-367 c95-311 c97-46
practicality e89-155
proof of computational ability e89-196
proof of knowledge e94-140
proof of primitivity e89-150
space-bounded c91-225
statistical zero knowledge c97-16 c97-31
protocols c97-46

Copyright © 1998, Springer-Verlag.