This directory is created automatically and some papers may be mislabeled. Only document within the CiteSeer database are listed. The directory is intended to provide entry points for browsing the database and is not intended to be authoritative. Papers may not appear in all relevant categories. For example, papers in a sub-category may not appear in higher level categories.
859 A Method for Obtaining Digital Signatures and Public-Key Cryptosystems - Rivest, Shamir, Adleman (1978)(Correct)
An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key. This has two important consequences: 1. Co... / L. Adleman Abstract An encryption method is presented with the br that publicly revealing an encryption key does not thereby reveal the
586 RTP: A Transport Protocol for Real-Time Applications - Schulzrinne, Casner (1993)(Correct)
This memorandum describes the real-time transport protocol, RTP. RTP provides end-toend
network transport functions suitable for applications transmitting real-time data, such as
audio, video or simul... / . . ENC Encryption br integrity check asymmetric encryption
278 A Survey of Active Network Research - Tennenhouse, Smith, Sincoskie.. (1997)(Correct)
Active networks are a novel approach to network architecture in which the switches of the network perform customized computations on the messages flowing through them. This approach is motivated by bo... / additional security such as encryption when operating away from the
256 End-To-End Arguments In System Design - Saltzer, Reed, Clark (1984)(Correct)
This paper presents a design principle that helps guide placement of functions among the modules of a distributed computer system. The principle, called the end-to-end argument, suggests that function... / error recovery security using encryption duplicate message suppression br system this range includes encryption duplicate message detection
230 Random Oracles are Practical: A Paradigm for Designing Efficient.. - Bellare, Rogaway (1995)(Correct)
We argue that the random oracle model ---where all parties have access to a public random oracle--- provides a bridge between cryptographic theory and cryptographic practice. In the paradigm we sugges... / gains for problems including encryption signatures and zero-knowledge br oracle setting. Efficient Encryption. Goals which are possible but
171 A Logic of Authentication - Burrows, Abadi, Needham (1990)(Correct)
Authentication protocols form the basis of security in many distributed systems, making it imperative to ensure the proper functioning of these protocols. A simple logic is presented that allows the a... / is by means of secrets usually encryption keys. In barest outline an br protocols establish shared encryption keys that principals can use in
163 A Calculus for Cryptographic Protocols - The Spi Calculus - Abadi, Gordon (1997)(Correct)
We introduce the spi calculus, an extension of the pi calculus
designed for the description and analysis of cryptographic
protocols. We show how to use the spi calculus,
particularly for studying auth... / not include any constructs for encryption and decryption and these do not br . fMgN shared-key encryption In order to represent
160 Privacy Enhancement for Internet Electronic Mail: Part II.. - Kent (1993)(Correct)
this memo is unlimited.
Acknowledgements unknown Privacy Enhancement for Internet Electronic Mail:
Part II: Certificate-Based Key Management
S. Kent
February 1993
Status of this Memo
This RFC specif... / and used to encrypt the data encryption key DEK which in turn is br CIC algorithm and a public-key encryption algorithm. RFC contains
139 Non-Malleable Cryptography - Dolev, Dwork, Naor (1998)(Correct)
The notion of non-malleable cryptography, an extension of semantically secure cryptography,
is defined. Informally, in the context of encryption the additional requirement is that given
the ciphertext... / Informally in the context of encryption the additional requirement is br Informally in the context of encryption the additional requirement is
129 Horus: A Flexible Group Communications System - van Renesse, Birman, Maffeis (1996)(Correct)
This paper reports on the Horus system, which provides an unusually flexible group communication model to application-developers. This flexibility extends to system interfaces, the properties provided... / accept the overhead of data encryption but wish to avoid this cost br overcoming lost packets encryption and decryption maintaining
125 Differential Cryptanalysis attacks - Biham, Shamir (1991)(Correct)
The Data Encryption Standard (DES) is the best known and most
widely used cryptosystem for civilian applications. It was developed
at IBM and adopted by the National Buraeu of Standards in the mid
70'... / July Abstract The Data Encryption Standard DES is the best known br data. In most applications the encryption algorithm is assumed to be known
113 MediaBench: A Tool for Evaluating and Synthesizing Multimedia and.. - Lee (1997)(Correct)
Over the last decade, significant advances have been made in compilation technology for capitalizing on instruction-level parallelism (ILP). The vast majority of ILP compilation research has been cond... / PEGWIT A program for public key encryption and authentication. It uses an
104 The Inductive Approach to Verifying Cryptographic Protocols - Paulson (1998)(Correct)
Informal arguments that cryptographic protocols are secure can be made rigorous using inductive definitions. The approach is based on ordinary predicate calculus and copes with infinite-state systems.... / OtwayRees which uses shared-key encryption Needham-Schroeder which uses br which uses public-key encryption and a recursive protocol
102 Prudent Engineering Practice for Cryptographic Protocols - Abadi, Needham (1995)(Correct)
We present principles for designing cryptographic protocols. The principles are neither necessary nor sufficient for correctness. They are however helpful, in that adherence to them would have prevent... / Notation Naming Encryption . The uses of encryption br Encryption . The uses of encryption .
98 Agent Tcl: A flexible and secure mobile-agent system - Gray (1996)(Correct)
An information agent manages all or a portion of a user's information space. The electronic resources in this space are often distributed across a network and can contain tremendous quantities of data... / issues -Tacoma via simple encryption and SodaBot via minimal user br PGP or that uses different encryption software Way When an
97 Reasoning about Belief in Cryptographic Protocols - Gong, Needham, Yahalom (1990)(Correct)
Abstract. Analysis methods for cryptographic protocols
have often focused on information leakage rather
than on seeing whether a protocol meets its goals. Many
protocols, however, fall far short of me... / formulae shared secrets and encryption keys are denoted as S and K br Gamma K conventional encryption and decryption e.g. DES It
94 A Practical Public Key Cryptosystem Provably Secure against Adaptive.. - Cramer, Shoup (1998)(Correct)
A new public key cryptosystem is proposed and analyzed. The scheme is quite practical, and is provably secure against adaptive chosen ciphertext attack under standard intractability assumptions. There... / security of the basic El Gamal encryption scheme Thus with just a br there are several provably secure encryption schemes in the literature they
94 A Calculus for Access Control in Distributed Systems - Abadi, Burrows, Lampson, Plotkin (1991)(Correct)
This paper is a study of some of the concepts, protocols, and algorithms for security in distributed systems, with a focus on access control. Our treatment is fairly formal, as it is based on logics. ... / communication lines some form of encryption is typically required. In what br we assume that shared-key encryption e.g. and public-key
90 File System Development with Stackable Layers - Heidemann (1994)(Correct)
Filing services have experienced a number of innovations
in recent years, but many of these promising ideas have
failed to enter into broad use. One reason is that current
filing environments present ... / decompression ffl automatic encryption and decryption ffl cache br could be built by configuring encryption decryption layers around the
87 SDSI - A Simple Distributed Security Infrastructure - Rivest, Lampson (1996)(Correct)
We propose a new distributed security infrastructure, called SDSI (pronounced "Sudsy"). SDSI combines a simple public-key infrastructure design with a means of defining groups and issuing group-member... / Object Types Keys and Encryption Parameters Principals as br and signed objects. Keys and encryption parameters Cryptographic keys
83 Garp: A MIPS Processor with a Reconfigurable Coprocessor - Hauser, Wawrzynek (1997)(Correct)
Typical reconfigurable machines exhibit shortcomings that make them less than ideal for general-purposecomputing. The Garp Architecture combines reconfigurable hardware with a standard MIPS processor ... / pattern searching and RSA encryption to name just a few. br least some problems. . Data Encryption Standard DES One of the
82 Keying Hash Functions for Message Authentication - Bellare, Canetti, Krawczyk (1996)(Correct)
The use of cryptographic hash functions like MD5 or SHA for message authentication has
become a standard approach in many Internet applications and protocols. Though very easy to
implement, these mech... / authentication as opposed to encryption the breaking of a MAC does not
81 Automated Analysis of Cryptographic Protocols Using Murphi - Mitchell, Mitchell, Stern (1997)(Correct)
A methodology is presented for using a generalpurpose state enumeration tool, Murphi, to analyze cryptographic and security-related protocols. We illustrate the feasibility of the approach by analyzin... / involving properties of the encryption primitives which may be br the adversary to generate an encryption of nm from an encryption of
81 The Kerberos Network Authentication Service - Kohl, Neuman (1991)(Correct)
This DRAFT document gives an overview and specification of the Version 5 protocol for the Kerberos network authentication system. Version 4, described elsewhere [1, 2], is presently in production use ... / for the server and a temporary encryption key often called a session br keys. Code libraries provide encryption and implement the Kerberos
80 Proving Properties of Security Protocols by Induction - Paulson (1997)(Correct)
Informal justifications of security protocols involve arguing backwards that
various events are impossible. Inductive definitions can make such arguments
rigorous. The resulting proofs are complicated... / outer-level braces and indicating encryption by a notation such as fjNa br Crypt KX. Under public-key encryption K Gamma is the
79 Programmable Active Memories: a Performance Assessment - Bertin Roncin (1993)(Correct)
We present some quantitative performance measurements for the computing power of Programmable
Active Memories (PAM), as introduced by [BRV 89]. Based on Programmable Gate Array (PGA)
technology, the P... / with this design computes RSA encryption decryption at bits per
78 The Exact Security of Digital Signatures - How to Sign with RSA and.. - Bellare, Rogaway (1996)(Correct)
We describe an RSA-based signing scheme which combines essentially optimal efficiency with
attractive security properties. Signing takes one RSA decryption plus some hashing, verification
takes one RS... / verification takes one RSA encryption plus some hashing and the size br but still takes only one RSA encryption and some hashing. See Section
76 A Continuous Media Player - Rowe, Smith (1992)(Correct)
The design and implementation of a continuous media player for Unix workstations
is described. The player can play synchronized digital video and audio read
from a file server. The system architectu... /
75 Internet Security Association and Key Management Protocol (ISAKMP) - Maughan, Patrick, Schertler (1995)(Correct)
This memo describes a combination of security concepts and protocols for establishing Security Associations
(SA) and cryptographic keys in an Internet environment. A Security Association Protocol whic... / as the session key or the key encryption key for encrypting the session br communications using conventional encryption. The ordering of these ISAKMP
74 Encrypted Key Exchange: Password-Based Protocols Secure Against.. - Bellovin, Merritt (1992)(Correct)
Classical cryptographic protocols based on userchosen
keys allow an attacker to mount passwordguessing
attacks. We introduce a novel combination
of asymmetric (public-key) and symmetric (secret-key)
... / cryptosystem has public encryption keys and private decryption br R info Symmetric secret-key encryption of info with key R. R
74 Markov Ciphers and Differential Cryptanalysis - Lai, Massey, Murphy (1991)(Correct)
This paper considers the security of iterated block ciphers against the differential cryptanalysis
introduced by Biham and Shamir. Differential cryptanalysis is a chosen-plaintext attack on
secret-key... / r times e.g.the -round Data Encryption Standard DES It is shown br of difference the Proposed Encryption Standard PES of Lai and
72 Secrecy by Typing in Security Protocols - Abadi (1997)(Correct)
We develop principles and rules for achieving secrecy properties in security protocols. Our approach is based on traditional classification techniques, and extends those techniques to handle concurr... / In our approach encryption keys are pieces of data and as br made public-declassified-by encryption under a secret key. However
72 A Proposal for a New Block Encryption Standard - Lai, Massey (1991)(Correct)
A new secret-key block cipher is proposed as a candidate for a new encryption standard.
In the proposed cipher, the plaintext and the ciphertext are 64 bit blocks,
while the secret key is 128 bit long... / A Proposal for a New Block Encryption Standard Xuejia Lai and James br proposed as a candidate for a new encryption standard. In the proposed
70 Voice Communication Across the Internet: A Network Voice Terminal - Schulzrinne (1992)(Correct)
Voice conferencing has attracted interest as a useful and viable first real-time application on the Internet. This report describes Nevot a network voice terminal meant to support multiple concurrent ... / ffl DES-based voice encryption ffl current audio encodings br despot.ecs.umass.edu The encryption key is used when encryption
70 Increasing Network Throughput by Integrating Protocol Layers - Abbott, Peterson (1993)(Correct)
Integrating protocol data manipulations is a strategy for increasing the throughput of network protocols. The idea is to combine a series of protocol layers into a pipeline so as to access message dat... / Data manipulation-e.g.encryption presentation formatting br checksumming and DES Data Encryption Standard encryption. These data
69 Towards Robust and Hidden Image Copyright Labeling - Koch, Zhao (1995)(Correct)
This paper first presents a "hidden label" approach for identifying the ownership and distribution of multimedia information (image or video data) in digital networked environment. Then it discusses c... / A secret key type encryption code must be created using the br implementing it using existing encryption and pseudo random number
67 NetBill Security and Transaction Protocol - Cox, al. (1995)(Correct)
NetBill is a system for micropayments for information
goods on the Internet. This paper presents the NetBill
protocol and describes its security and transactional
features. Among our key innovations a... / delivers the goods under encryption but withholds the key. Key br are assured by the symmetric key encryption protocol only accountability
65 Provably Secure Session Key Distribution - The Three Party Case - Bellare, Rogaway (1995)(Correct)
We study session key distribution in the three-party setting
of Needham and Schroeder. (This is the trust model
assumed by the popular Kerberos authentication system.)
Such protocols are basic buildin... / to provably achieve goals like encryption and signatures private or br of polynomial security of encryption We emphasize that it is
64 The NRL Protocol Analyzer: An Overview - Meadows (1996)(Correct)
this paper we give an overview of how the
Analyzer works and describe its achievements so far. We also show how our
use of the Prolog language benefited us in the design and implementation
of the Anal... / communication protocol that uses encryption in order to achieve goals such br to perform operations such as encryption that are available to honest
64 Transparent Robust Image Watermarking - Swanson, Zhu, Tewfik (1996)(Correct)
We propose a watermarking scheme to hide copyright information in an image. The scheme employs visual masking to guarantee that the embedded watermark is invisible and to maximize the robustness of th... / to its pixels. Unlike encryption watermarking does not restrict
63 The SLam Calculus: Programming with Secrecy and Integrity - Heintze, Riecke (1998)(Correct)
We describe the SLam calculus, a typed -calculus that maintains security information as well as type information. The type system propagates both secrecy and integrity, maintaining four distinct forms... / of public keys in a public key encryption system. To study secrecy and
61 Why Cryptosystems Fail - Anderson (1994)(Correct)
Designers of cryptographic systems are at a disadvantage to most other engineers, in that information on how their systems fail is hard to get: their major users have traditionally been government age... / ATM must be able to perform this encryption operation or to check the PIN br these devices having a full encryption capability. For example
61 On Unifying Some Cryptographic Protocol Logics - Syverson, van Oorschot (1994)(Correct)
We present a logic for analyzing cryptographic protocols. This logic encompasses a unification of four of its predecessors in the BAN family of logics, namely those given in [GNY90], [AT91], [vO93], a... / simple arithmetical functions encryption etc. In addition to these is a br X Xn and encryptions fXgK ffl is a
61 Interposition Agents: Transparently Interposing User Code at the.. - Jones(Correct)
1.1. Terminology Many contemporary operating systems utilize a system Many contemporary operating systems provide an call interface between the operating system and its clients. interface between user... / system data compression and or encryption agents transactional
60 Limitations of the Kerberos Authentication System+ - Bellovin (1991)(Correct)
The Kerberos authentication system, a part of MIT's Project Athena, has been
adopted by other organizations. Despite Kerberos's many strengths, it has a number of
limitations and some weaknesses. Some... / the adversary to invert the encryption algorithm or to subvert a br goal can justify the expense of encryption. No steel doors in paper
57 Authentication in the Taos Operating System - Wobber, Abadi, Burrows, Lampson (1993)(Correct)
We describe a design for security in a distributed system and its implementation.
In our design, applications gain access to security services through a
narrow interface. This interface provides a not... / we explain our treatment of encryption and time sketch the rules of br We use shared key encryption to secure short-term
56 Robustness principles for public key protocols - Anderson, Needham (1995)(Correct)
We present a number of attacks, some new, on public key protocols. We also advance a number of principles which may help designers avoid many of the pitfalls, and help attackers spot errors which ca... / some old ones. The Order of Encryption and Signature We will start br on several protocols which do encryption before signature including
56 On Hiding Information from an Oracle - Abadi, Feigenbaum, Kilian (1989)(Correct)
We consider the problem of computing with encrypted data. Player A wishes to know the value f(x) for some x but lacks the power to compute it. Player B has the power to compute f and is willing to s... / y for any y. Informally an encryption scheme for the problem f is a br infer x from y. When such an encryption scheme exists we say that f
55 Security and Composition of Multi-party Cryptographic Protocols - Canetti (1998)(Correct)
We present general definitions of security for multi-party cryptographic protocols.We show
that, with respect to these definitions, security is preserved under a natural composition operation.
The de... / in to define security of encryption functions and in to define br as in the case of probabilistic encryption or zeroknowledge but
54 A Semantics for a Logic of Authentication - Abadi, Tuttle (1991)(Correct)
Burrows, Abadi, and Needham have proposed a logic for the analysis of authentication protocols. It is a logic of belief, with special constructs for expressing some of the central concepts used in aut... / on secrets such as passwords or encryption keys that one principal can br S trusted to generate good encryption keys and two principals A
50 Protecting Poorly Chosen Secrets from Guessing Attacks - Gong, Lomas, Needham, Saltzer (1993)(Correct)
In a security system that allows people to choose their own passwords, those people tend to choose passwords that can be easily guessed. This weakness exists in practically all widely used systems. In... / message using the password as the encryption key and experimenting br of user acceptability an encryption key is derived algorithmically
50 New Types of Cryptanalytic Attacks Using Related Keys - Biham (1994)(Correct)
In this paper we study the influence of key scheduling algorithms on the
strength of blockciphers. We show that the key scheduling algorithms of many
blockciphers inherit obvious relationships between... / plaintext attacks LOKI Data Encryption Standard. Introduction In br before the second round in an encryption under the key K equals the data
49 Proxy-Based Authorization and Accounting for Distributed Systems - Neuman (1993)(Correct)
Despite recent widespread interest in the secure authentication
of principals across computer networks
there has been considerably less discussion of distributed
mechanisms to support authorization an... / proxies relies on the use of encryption-based authentication of the br restrictions and establishing an encryption or integrity key to
48 The RC5 Encryption Algorithm - Rivest (1995)(Correct)
This document describes the RC5 encryption algorithm, a fast symmetric block cipher suitable for hardware or software implementations. A novel feature of RC5 is the heavy use of data-dependent rotat... / The RC Encryption Algorithm Ronald L. br This document describes the RC encryption algorithm a fast symmetric
48 A Cryptographic File System for Unix - Blaze (1993)(Correct)
Although cryptographic techniques areplaying an increasingly
important role in modern computing system security,userlevel
tools for encrypting file data arecumbersome and suffer
from a number of inher... / File System CFS pushes encryption services into the file system br of CFS under Unix. Encryption techniques for file system-level
48 Applying Formal Methods to the Analysis of a Key Management Protocol - Meadows (1992)(Correct)
In this paper we develop methods for analyzing key management and authentication protocols using
techniques developed for the solutions of equations in a term rewriting system. In particular, we descr... / its security on a combination of encryption and tamperproof processors that br the notation e X Y to mean the encryption of word Y with key X and d X Y
47 Computer Immunology - Forrest, Hofmeyr, Somayaji (1996)(Correct)
this article argues that the similarities are compelling
and could point the way to improved computer security. Improvements can be achieved by
designing computer immune systems that have some of the ... / security system that relies on encryption to protect data but has no br no mechanism for noticing if the encryption system has been broken. ffl
46 Towards a Completeness Result for Model Checking of Security.. - Lowe (1998)(Correct)
Gavin Lowe
Department of Mathematics and Computer Science
University of Leicester, University Road
Leicester, LE1 7RH, UK
E-mail: gavin.lowe@mcs.le.ac.uk
Abstract
Model checking approaches to the... / for example if there is an encryption with a public secret or shared br keys so we assume perfect encryption. However some of the
45 Limits on the Provable Consequences of One-way Permutations. - Impagliazzo, Rudich (1989)(Correct)
We present strong evidence that the implication, "if one-way permutations exist, then secure
secret agreement is possible", is not provable by standard techniques. Since both sides of this
implicati... / exist Yao private-key encryption is possible GM GGM br and S. Micali. Probabalistic Encryption. JCSS - .
44 Tight Bounds on Quantum Searching - Boyer, Brassard, Høyer, Tapp (1998)(Correct)
this paper we assume for simplicity that each evaluation of F takes unit time. Grover [1] has discovered an algorithm for the quantum computer that can solve this problem in expected time in O( unknow... / to crack the widely used Data Encryption Standard des under a br Bureau of Standards Data Encryption Standard Federal Information
44 Privacy Enhancement for Internet Electronic Mail: Part III.. - Balenson (1993)(Correct)
This document provides definitions, formats, references, and citations for cryptographic
algorithms, usage modes, and associated identifiers and parameters used
in support of Privacy Enhanced Mail (PE... / sections dealing with message encryption algorithms message integrity br including both asymmetric encryption and asymmetric signature
43 Crowds: Anonymity for Web Transactions - Reiter, Rubin (1997)(Correct)
In this paper we introduce a system called Crowds for protecting users' anonymity on the world-wide-web. Crowds, named for the notion of "blending into a crowd", operates by grouping users into a larg... / time and frequency of exchanges. Encryption also does little to protect the br typically rely on public key encryption the algebraic properties of
43 RTP Profile for Audio and Video Conferences with Minimal Control - Schulzrinne (1997)(Correct)
This memo describes a profile called "RTP/AVP" for the use of the real-time transport protocol
(RTP), version 2, and the associated control protocol, RTCP, within audio and video multiparticipant
conf... / by a specification of the encryption algorithm. Any characters up to br are taken as the name of the encryption algorithm. The encryption format
43 AES Proposal: Rijndael - Daemen, Rijmen (1998)(Correct)
this document we describe the cipher Rijndael. First we present the mathematical basis
necessary for understanding the specifications followed by the design rationale and the
description itself. Subse... / functionality other than block encryption decryption. We conclude with the br if the mode of use is ECB encryption are mapped onto the state
42 Digital Watermarks for Audio Signals - Boney (1996)(Correct)
In this paper, we present a novel technique for embedding digital "watermarks" into digital audio signals. Watermarking is a technique used to label digital media by hiding copyright or other informat... / to data security is to use encryption however once the
42 Learning Recursive Distributed Representations for Holistic.. - Chrisman (1991)(Correct)
A number of connectionist models capable of representing data with compositional structure
have recently appeared. These new models suggest the intriguing possibility of performing
holistic structure-... / is viewed as a complicated encryption of the original data then
41 Anonymous Connections and Onion Routing - Syverson, Goldschlag, Reed (1997)(Correct)
Onion Routing provides anonymous connections
that are strongly resistant to both eavesdropping and
traffic analysis. Unmodified Internet applications can
use these anonymous connections by means of pr... / important public issue. Encryption can effectively hide the br a cryptographic operation be it encryption or decryption. Paul F.
41 Kerberos Authentication and Authorization System - Miller, Neuman, Schiller, Saltzer (1988)(Correct)
This document describes the assumptions, short and long term goals, and system model
for a network authentication system, named Kerberos, for the Athena environment. An
appendix specifies the detailed... / and server. Private key An encryption key between a principal and the br Session key A temporary encryption key used between two principals
41 iKP - A Family of Secure Electronic Payment Protocols - Bellare, Garay, Hauser, Herzberg.. (1995)(Correct)
Mihir Bellare
y
, Juan A. Garay
z
, Ralf Hauser
x
, Amir Herzberg
z
,
Hugo Krawczyk
z
, Michael Steiner
x
, Gene Tsudik
x
, Michael Waidner
x
August 2, 1995
Abstract
This paper propose... / do not explicitly provide encryption of the order information. Such br The decoupling of order encryption from the electronic payment
41 Mobile Agent Security and Telescript - Tardo, Valente (1996)(Correct)
Telescript is a software technology for building distributed
applications using the mobile agent paradigm. Telescript
mobile agents are migrating processes capable of
being executed on any Telescript ... / a credit card number password encryption key or e-cash token br modify data e.g.change an encryption key to a known value
41 Protocol Implementation Using Integrated Layer Processing - Braun, Diot (1995)(Correct)
Integrated Layer Processing (ILP) is an implementation concept which "permit[s] the implementor the option of performing all the [data] manipulation steps in one or two integrated processing loops" [1... / transfer application with an encryption function on top of a user-level br by integrating marshalling encryption and TCP checksum calculation.
40 On The Computational Power of DNA - Boneh, Dunworth, Lipton, Sgall (1995)(Correct)
We show how DNA based computers can be used to solve the satisfiability problem for boolean circuits. Furthermore, we show how DNA computers can solve optimization problems directly without first solv... / Czech Republic the Data Encryption Standard DES could be broken
39 The Oakley Key Determination Protocol - Orman (1997)(Correct)
This document describes a protocol, named OAKLEY, by which two authenticated parties can agree on secure and secret keying material. The basic mechanism is the Diffie-Hellman key exchange algorithm. T... / a shared value without requiring encryption. The shared value is immediately br keys which will be used for encryption. The OAKLEY protocol is related
38 A Semantic Model for Authentication Protocols - Woo, Lam (1993)(Correct)
We specify authentication protocols as formal objects with precise syntax and semantics, and define a semantic model that characterizes protocol executions. We have identified two basic types of corre... / is denoted by m m Encryption of a message m by a key k br is necessary. ffl Encryption is ideal. That is it is not
37 Watermarking Digital Images for Copyright Protection - Ruanaidh, Dowling, Boland (1996)(Correct)
A watermark is an invisible mark placed on an image that can be detected when the image is compared with the original. This mark is designed to identify both the source of an image as well as its in... / is required. Public key encryption systems such as the RSA br can be inspected or used. Once encryption is removed the document can be
37 Password Security: A Case History - Morris (1979)(Correct)
This paper describes the history of the design of the password security scheme on a remotely accessed time-sharing system. The present design was the result of countering observed attempts to penetrat... / the security of apassword encryption algorithm is an interesting br ideas was to find a means of encryption that was very difficult to
37 Model Checking for Security Protocols - Marrero, Clarke, Jha (1997)(Correct)
As more resources are added to computer networks, and as more vendors look to the World Wide Web as
a viable marketplace, the importance of being able to restrict access and to insure some kind of acc... / has made the following perfect encryption assumptions. ffl The br can only be generated using encryption with the appropriate key. This
37 Fast Implementations of RSA Cryptography - Shand, Vuillemin (1993)(Correct)
We detail and analyse the critical techniques which may be combined in the design of fast hardware for RSA cryptography: chinese remainders, star chains, Hensel's odd division (a.k.a. Montgomery modul... / a different PAM design for RSA encryption and de- although br in order to speed-up public encryption it is chosen to be small
37 The Interpolation Attack on Block Ciphers - Jakobsen, Knudsen (1997)(Correct)
In this paper we introduce a new method of attacks on block
ciphers, the interpolation attack. This new method is useful for attacking
ciphers using simple algebraic functions (in particular quadrat... / we use the total number of encryptions of the attacked block cipher. br and uses the following encryption rule m i F k
37 Formal Verification of Cryptographic Protocols: A Survey - Meadows (1995)(Correct)
In this paper we give a survey of the state of the art in the application of formal methods to the analysis of cryptographic protocols. We attempt to outline some of the major threads of research in t... / perform any operation such as encryption that is available to legitimate br is to be kept secret such as encryption keys belonging to honest users
37 MARS - a candidate cipher for AES - Burwick, al.(Correct)
We describe MARS, a shared-key (symmetric) block cipher supporting 128-bit blocks and
variable key size. MARS is designed to take advantage of the powerful operations supported in
today's computers,... / MARS an excellent choice for the encryption needs of the information world br mbps stands for Mbit sec Encryption speed of several ciphers using
36 ISDN-MIXes: Untraceable Communication with Very Small Bandwidth.. - Pfitzmann, al. (1991)(Correct)
Untraceable communication for services like telephony is often considered infeasible in the near future
because of bandwidth limitations. We present a technique, called ISDN-MIXes, which shows that th... / be used RSA and before encryption a random part should be added br of the key. We will use hybrid encryption of minimal length Assume A
35 Optimistic Fair Exchange of Digital Signatures - Asokan, Shoup, Waidner (1998)(Correct)
We present a new protocol that allows two players to exchange digital signatures over the
Internet in a fair way, so that either each player gets the other's signature, or neither player
does. The obv... / makes use of verifiable encryptions of these inverses under the br third party's public key such an encryption can be verified to contain the
35 How to Protect DES Against Exhaustive Key Search - Kilian, Rogaway (1996)(Correct)
The block cipher DESX is defined by DESX k:k1:k2 (x) = k2 \Phi DES k (k1 \Phi x), where \Phi denotes
bitwise exclusive-or. This construction was first suggested by Rivest as a computationallycheap
way... / problem. Specifically triple-DES encryption decryption requires multiple DES br requires multiple DES encryptions decryptions. This paper
34 On the Construction of Pseudo-Random Permutations: Luby-Rackoff.. - Naor, Reingold (1997)(Correct)
Luby and Rackoff [27] showed a method for constructing a pseudo-random permutation from
a pseudo-random function. The method is based on composing four (or three for weakened security)
so called Feist... / Block ciphers are private-key encryption schemes such that the br encryption schemes such that the encryption of every plaintext-block is a
34 Two-bit gates are universal for quantum computation - Di Vincenzo (1995)(Correct)
A proof is given, which relies on the commutator algebra of the unitary Lie groups, that quantum gates operating on just two bits at a time are sufficient to construct a general quantum circuit. The b... / of certain popular data encryption schemes the absolute
33 Efficient DES Key Search - Wiener (1993)(Correct)
Despite recent improvements in analytic techniques for attacking the Data Encryption Standard (DES), exhaustive key search remains the most practical and efficient attack. Key search is becoming ala... / techniques for attacking the Data Encryption Standard DES exhaustive key br to use DES in a triple-encryption mode. . Introduction From
33 Publicly Verifiable Secret Sharing - Stadler (1996)(Correct)
A secret sharing scheme allows to share a secret among several participants such that only certain groups of them can recover it. Verifiable secret sharing has been proposed to achieve security agai... / PVSS In a PVSS scheme a public encryption function E i is assigned to br The dealer now uses the public encryption functions to distribute the
33 SSH - Secure Login Connections over the Internet - Ylonen (1996)(Correct)
SSH provides secure login, file transfer, X11, and
TCP/IP connections over an untrusted network. It
uses cryptographic authentication, automatic session
encryption, and integrity protection for transf... / automatic session encryption and integrity protection for br as a generic transport layer encryption mechanism providing both host
32 Finite-State Analysis of SSL 3.0 - Mitchell, al. (1998)(Correct)
The Secure Sockets Layer (SSL) protocol is analyzed using a finite-state enumeration tool called Murphi. The analysis is presented using a sequence of incremental approximations to the SSL 3.0 handsha... / if the participants support weak encryption algorithms which can be broken br time required to attack the encryption or attacks relying on the
31 Studies in Secure Multiparty Computation and Applications - Canetti (1995)(Correct)
Consider a set of parties who do not trust each other, nor the channels by which they
communicate. Still, the parties wish to correctly compute some common function of their
local inputs, while keepin... / . Defining non-committing encryption br computation given non-committing encryption . . Constructing
31 Using State Space Exploration and a Natural Deduction Style Message.. - Clarke, Jha, Marrero (1998)(Correct)
As more resources are added to computer networks, and as more vendors look to the World Wide Web as a viable marketplace, the importance of being able to restrict access and to insure some kind of acc... / and generate new messages using encryption decryption concatenation br on the reasons for the perfect encryption and atomic key assumptions which
31 Augmented Encrypted Key Exchange: a Password-Based Protocol Secure.. - Bellovin, Merritt (1993)(Correct)
The encrypted key exchange (EKE) protocol is augmented
so that hosts do not store cleartext passwords. Consequently,
adversaries who obtain the one-way encrypted password file
may (i) successfully mim... / K info Symmetric secret-key encryption of info with key K. K br cryptosystem has public encryption keys and private decryption
31 A probabilistic poly-time framework for protocol analysis - Lincoln, Mitchell, Mitchell, Scedrov (1998)(Correct)
We develop a framework for analyzing security protocols in which protocol adversaries may be arbitrary probabilistic polynomial-time processes. In this framework, protocols are written in a form of pr... / primitives. For example encryption is generally considered a br and all protocols relying on encryption would be broken. However in
31 A Fair Non-repudiation Protocol - Zhou, Gollmann(Correct)
A fair non-repudiation protocol should not give the sender of a message an advantage over the receiver, or vice versa. We will present a fair non-repudiation protocol that requires a Trusted Third Par... / to the nonstandard use of encryption in our protocol and discuss br of this protocol show that encryption is used in a non-standard
31 Adaptively Secure Multi-party Computation - Canetti, Feige, Goldreich, Naor (1996)(Correct)
A fundamental problem in designing secure multi-party protocols is how to deal with adaptive adversaries
(i.e., adversaries that may choose the corrupted parties during the course of the computation),... / propose a novel property of encryption protocols and show that if an br protocols and show that if an encryption protocol enjoying this property
31 Abstractions for Mobile Computation - Cardelli (1998)(Correct)
ions for Mobile Computation
Luca Cardelli
August 1, 1998
Technical Report
MSR-TR-98-34
Microsoft Research
Microsoft Corporation
One Microsoft Way
Redmond, WA
1
Abstract. We discuss the difficulties... / because of authentication and encryption across domain boundaries. br piece of text can be seen as an encryption of the text in the sense that a
31 A review of watermarking and the importance of perceptual modeling - Cox, Miller (1997)(Correct)
A watermark embeds an imperceptible signal into data such as audio, video and images, for a variety of purposes, including captioning and copyright control. In this paper, we first outline the desirab... / Two complimentary techniques are encryption and watermarking. Encryption br are encryption and watermarking. Encryption protects content during the
31 Using CSP to detect errors in the TMN protocol - Lowe, Roscoe (1997)(Correct)
In this paper we use FDR, a model checker for CSP, to
detect errors in the TMN protocol [TMN90]. We model
the protocol and a very general intruder as CSP processes,
and use the model checker to test w... / The protocol employs two sorts of encryption Standard encryption This br sorts of encryption Standard encryption This uses an encryption
30 On the Security of ElGamal based Encryption - Tsiounis, Yung (1998)(Correct)
The ElGamal encryption scheme has been proposed several
years ago and is one of the few probabilistic encryption schemes. However,
its security has never been concretely proven based on clearly unde... / On the Security of ElGamal based Encryption Yiannis Tsiounis and br Abstract. The ElGamal encryption scheme has been proposed several
30 Problem Areas for the IP Security Protocols - Bellovin (1996)(Correct)
The Internet Engineering Task Force (IETF) is in
the process of adopting standards for IP-layer encryption
and authentication (IPSEC). We describe
a number of attacks against various versions of these... / adopting standards for IP-layer encryption and authentication IPSEC We br adopting standards for IP-layer encryption and authentication IPSEC
30 Trust Relationships in Secure Systems - A Distributed Authentication.. - Yahalom, Klein, Beth (1993)(Correct)
The notion of trust is fundamental in inter-domain authentication protocols. The goal of this paper is to develop an effective formalism for explicit expressions of trust relations between entities in... / by cryptographic means such as encryption and decryption algorithms br it may perform operations such as encryption and decryption of messages.
30 Towards Mobile Cryptography - Sander, Tschudin (1998)(Correct)
Mobile code technology has become a driving force for recent advances in distributed
systems. The concept of mobility of executable code raises major security problems.
In this paper we deal with the ... / based on the use of homomorphic encryption schemes and function composition br relies on the use of a public key encryption scheme that has certain
29 Identity Escrow - Kilian, Petrank (1997)(Correct)
We introduce the notion of escrowed identity, an application of key-escrow ideas to the
problem of identification. In escrowed identity, one party A does not give his identity to
another party B, but ... / on the El-Gamal signature and encryption schemes and on the RSA br One is based on the RSA encryption scheme and the other on the
29 Number-Theoretic Constructions of Efficient Pseudo-Random Functions - Naor, Reingold (1997)(Correct)
We describe efficient constructions for various cryptographic primitives (both in privatekey
and in public-key cryptography). We show these constructions to be at least as secure as
the decisional ver... / the public key g a the encryption of a message m is hg b br in order to get a probabilistic encryption-scheme whose semantic security
29 Bucket Hashing and its Application to Fast Message Authentication - Rogaway (1997)(Correct)
We introduce a new technique for constructing a family of universal hash functions.
At its center is a simple metaphor: to hash a string x, cast each of its words into a small
number of buckets; xor... / to a cryptographic operation encryption now applied to a much shorter br th Workshop on Fast Software Encryption Springer-Verlag . T.
29 Message Authentication with One-Way Hash Functions - Tsudik (1992)(Correct)
Fast message integrity and authentication services are
very important in today's high-speed network protocols.
Current message authentication techniques are mostly
encryption-based which is undesirabl... / techniques are mostly encryption-based which is undesirable for br In this brief paper we introduce encryption-free message authentication
29 Discrete logarithms in finite fields and their cryptographic.. - Odlyzko (1984)(Correct)
Given a primitive element g of a finite field GF(q), the discrete logarithm of a nonzero element
u GF(q) is that integer k, 1 k q - 1, for which u = g
k
. The well-known problem of computing
dis... / communicate using some standard encryption method such as DES but who do br cryptanalysis of the NBS Data Encryption Standard Computer
28 Programming Satan's Computer - Anderson, Needham(Correct)
Cryptographic protocols are used in distributed systems to identify users and authenticate transactions. They may involve the exchange of about 2--5 messages, and one might think that a program of thi... / the improper use of shared key encryption. For a tutorial on cryptographic br then they can use a shared-key encryption algorithm to transform a
28 Fail-Stop Protocols: An Approach to Designing Secure Protocols - Gong (1994)(Correct)
This paper presents a methodology to facilitate the design and analysis of secure cryptographic protocols. This work is based on a novel notion of a fail-stop protocol, which automatically halts in re... / cryptographic mechanisms such as encryption and decryption algorithms to br party does not possess the encryption key with which the target
28 How to Make Replicated Data Secure - Herlihy, Tygar (1987)(Correct)
Many distributed systems manage some form of long-lived data, such as files or data bases. The
performance and fault-tolerance of such systems may be enhanced if the repositories for the data are
phys... / we describe and analyze several encryption-based secrecy protocols that br one based on private key encryption and one based on public key
28 Byzantine Quorum Systems - Dahlia Malkhi (1997)(Correct)
Quorum systems are well-known tools for ensuring the consistency
and availability of replicated data despite the benign
failure of data repositories. In this paper we consider
the arbitrary (Byzantine... / data self-verifying via encryption and thus the quorum system
28 MDx-MAC and Building Fast MACs from Hash Functions - Preneel, van Oorschot (1995)(Correct)
We consider the security of message authentication code
(MAC) algorithms, and the construction of MACs from fast hash functions.
A new forgery attack applicable to all iterated MAC algorithms is
des... / fast MAC algorithm not based on encryption a new generic construction br that such MACs do not involve encryption algorithms has favorable export
28 On Formal Models for Secure Key Exchange - Shoup (1999)(Correct)
A new formal security model for session key exchange protocols in the public key setting is
proposed, and several efficient protocols are analyzed in this model. The relationship between
this new mode... / the security of a public key encryption based key exchange protocol. In br consider the Diffie-Hellman and encryption protocols previously proved
28 Serpent: A Proposal for the Advanced Encryption Standard - Anderson, Biham, Knudsen(Correct)
We propose a new block cipher as a candidate for the Advanced Encryption Standard. Its design is highly conservative, yet still allows a very e#cient implementation. It uses S-boxes similar to those... / A Proposal for the Advanced Encryption Standard Ross Anderson br as a candidate for the Advanced Encryption Standard. Its design is highly
27 Public Watermarks and Resistance to Tampering - Cox, Linnartz (1997)(Correct)
Public watermarks allow embedded signals to be extracted
from audio and video content for a variety of
purposes. One application is for copyright control,
where it is envisaged that digital video reco... / be prevented by a combination of encryption and watermarking. For example br the private use of cryptographic encryption is outlawed The copyrighted
27 Time Limited Blackbox Security: Protecting Mobile Agents From.. - Hohl (1998)(Correct)
In this paper, an approach to partially solve one of the most difficult aspects of security of mobile agents systems is presented, the problem of malicious hosts. This problem consists in the possib... / cryptographic techniques like encryption or digital signatures. The br the attacker cannot break the encryption of the data it cannot read or
27 Adaptive Fraud Detection - Fawcett, Foster (1997)(Correct)
One method for detecting fraud is to check for suspicious changes in user behavior. This paper describes the automatic design of user profiling methods for the purpose of fraud detection, using a se... / reliable and secure private-key encryption method that imposes no
27 Privacy And Authentication For Wireless Local Area Networks - Aziz, Diffie (1993)(Correct)
Wireless networks are being driven by the need for providing network access to mobile or nomadic
computing devices. Although the need for wireless access to a network is evident, new problems
are inhe... / restrictions require different encryption algorithms for privacy aspects br should they require different encryption algorithms for exportability
27 Securing Distance-Vector Routing Protocols - Smith, Murthy, Garcia-Luna-Aceves (1997)(Correct)
We analyze the security requirements of distance-vector routing protocols, identify their vulnerabilities, and propose countermeasures to these vulnerabilities. The innovation we propose involves the ... / of countermeasures include encryption of network traffic to provide br vulnerabilities are primarily encryption and digital signatures. We now
27 Selecting Cryptographic Key Sizes - Lenstra, Verheul (2001)(Correct)
In this article we offer guidelines for the determination of key sizes for
symmetric cryptosystems, RSA, and discrete logarithm based cryptosystems both
over finite fields and over groups of ellip... / by the recently broken Data Encryption Standard and thereby br Often both the message and its encryption consist of a whole number of
26 Data Mining Approaches for Intrusion Detection - Lee, Stolfo (1998)(Correct)
In this paper we discuss our research in developing general and systematic methods for intrusion detection. The key ideas are to use data mining techniques to discover consistent and useful patterns o... / information protection e.g.encryption have been used to protect
26 MAGMA: An Agent-Based Virtual Market for Electronic Commerce - Tsvetovatyy, Gini, Mobasher.. (1997)(Correct)
In this paper, we propose an architecture for an agent-based virtual market that includes all elements required for simulating a real market. These elements include a communication infrastructure, mec... / bank need to include a layer of encryption as well as other safeguards br usually achieved through encryption data integrity data sent as
26 A Fast New DES Implementation in Software - Biham (1997)(Correct)
In this paper we describe a fast new DES implementation.
This implementation is about five times faster than the fastest known
DES implementation on a (64-bit) Alpha computer, and about three
times ... / about instructions for the encryption of each DES block. Conversion br instructions per block and thus encryption of standard representations with
26 Enclaves: Enabling Secure Collaboration over the Internet - Gong (1996)(Correct)
The rapid expansion of the Internet means that
users increasingly want to interact with each other. Due to
the openness and unsecure nature of the net, users often
have to rely on firewalls to protect... / authentication which involves encryption primitives. Using br an organization. With automatic encryption and other support by the
26 Refinement and Extension of Encrypted Key Exchange - Steiner, Tsudik, Waidner (1995)(Correct)
In their recent paper, "Encrypted Key Exchange: Password-based Protocols Secure Against Dictionary Attacks,
" Bellovin and Merritt propose a novel and elegant method for safeguarding weak passwords. T... / We use X Y to denote encryption of input Y under the key X. br a D a of some public key encryption scheme. Then A sends to B
26 A Survey of Fast Exponentiation Methods - Gordon (1997)(Correct)
Public-key cryptographic systems often involve raising elements of
some group (e.g. GF(2
n
), Z=NZ, or elliptic curves) to large powers.
An important question is how fast this exponentiation can be ... / In the RSA cryptosystem encryption and decryption are accomplished
26 Watermarking of Uncompressed and Compressed Video - Hartung, Girod (1998)(Correct)
this paper, methods for embedding additive digital watermarks
into uncompressed and compressed video sequences are presented.
The basic principle borrows from spread spectrum communications.
It consis... / individual receiver ID encryption sealed set-top box at receiver
26 Key Establishment in Large Dynamic Groups Using One-Way Function Trees - McGrew, Sherman (1998)(Correct)
We present and analyze a new algorithm for establishing shared cryptographic keys in large, dynamically changing groups. Our algorithm is based on a novel application of one-way function trees. In com... / group manager must perform n encryptions and transmit n keys. br are slow in software relative to encryption or one-way function operations.
26 Proactive RSA - Frankel, Gemmell, MacKenzie, Yung (1997)(Correct)
Distributed threshold protocols that incorporate proactive
maintenance can tolerate a very strong "mobile adversary." This adversary
may corrupt all participants throughout the lifetime of the syste... / is kept private. The RSA encryption function is public defined for br used for secure probabilistic encryption GM L which emulates a
26 Invertible Cellular Automata: A Review - Toffoli, Margolus (1990)(Correct)
this paper. Our involvement with ica represents the convergence of several research trails, including unknown Reprinted with corrections and
annotations (as of Dec. 1996) from
Physica D (1990), 229--... / cellular automata. ffl Data encryption. . An apology We have
26 Proactive Secret Sharing Or: How to Cope With Perpetual Leakage - Herzberg, Jarecki, Krawczyk, Yung (1995)(Correct)
Secret sharing schemes protect secrets by distributing them over different locations
(share holders). In particular, in k out of n threshold schemes, security is assured if
throughout the entire life... / assumes the existence of secure encryption and signature functions as br our design namely a public-key encryption and signature scheme and a
26 Java Security: Present and Near Future - Gong (1997)(Correct)
Windowing Toolkit, a package for building GUIs in
Java
bytecode verifier Mechanism to verify that Java language constraints are satisfied
by the class bytecode
class loader Mechanism to dynamically ... / and thus cannot include strong encryption technology. The Java br loader manager Nonexportable encryption extension Signature
25 Secure Coprocessors in Electronic Commerce Applications - Yee, Tygar (1995)(Correct)
Many researchers believe electronic wallets (secure storage devices that maintain account balances) are the solution to electronic commerce challenges. This paper argues for a more powerful model --- ... / memory for example high speed encryption decryptionhardware may be used. br example it is often assumed that encryption systems are resistant to
25 Two Practical and Provably Secure Block Ciphers: BEAR and LION - Anderson, Biham (1996)(Correct)
In this paper we suggest two new provably secure block ciphers, called BEAR and LION. They both have large block sizes, and are based on the Luby-Rackoff construction. Their underlying components are ... / is of length greater than k. Encryption is done by L L Phi br and our hash function only once. Encryption is done by R R Phi
25 KryptoKnight Authentication and Key Distribution System - Molva, Tsudik, van Herreweghen, Zatti (1993)(Correct)
This paper describes KryptoKnight, an authentication and key distribution system that provides facilities for secure communication in any type of network environment. KryptoKnight was designed with th... / avoids the use of bulk encryption it is easily exportable. Owing br function of N r e.g.the encryption of N r under the secret key
25 Secret Key Agreement by Public Discussion From Common Information - Maurer (1993)(Correct)
The problem of generating a shared secret key S by two parties knowing dependent
random variables X and Y , respectively, but not sharing a secret key initially, is
considered. An enemy who knows th... / with key distribution as well as encryption a shared secret key generated
25 The COPS Security Checker System - Farmer, Spafford (1992)(Correct)
In the past several years, there have been a large number of published
works that have graphically described a wide variety of security
problems particular to Unix. Without fail, the same problems hav... / implementation of the password encryption algorithm used on a particular br privilege might alter the encryption algorithm or the internal
25 SKEME: A Versatile Secure Key Exchange Mechanism for Internet - Krawczyk (1996)(Correct)
A secure and versatile key exchange protocol for key
management over Internet is presented. SKEME constitutes
a compact protocol that supports a variety of
realistic scenarios and security models over... / is similar to that of public key encryption. Therefore SKEME deviates br cryptographic functions in use encryption authentication etc are secure
25 A Taxonomy of Replay Attacks - Syverson (1994)(Correct)
This paper presents a taxonomy of replay attacks on cryptographic protocols in terms of message origin and destination. The taxonomy is independent of any method used to analyze or prevent such attack... / replay in addition to a good encryption algorithm. This example br and Michael D. Schroeder. Using Encryption for Authentication in Large
25 Using Secure Coprocessors - Yee (1994)(Correct)
How do we build distributed systems that are secure? Cryptographic techniques can be used to secure the communications between physically separated systems, but this is not enough: we must be able to ... / requires end-to-end encryption. As a result of the need for br As a result of the need for encryption and authentication our systems
25 Witness-Based Cryptographic Program Checking and Robust Function.. - Yair Frankel (1996)(Correct)
We suggest a new methodology for "result checking" that
enables us to extend the notion of Blum's program result
checking to the on-line checking of cryptographic functions.
In our model, the checker ... / the checking process requires the encryption of other unauthorized br similar to the concept of escrow encryption systems such as Clipper
25 Abstracting Interaction Patterns: A Programming Paradigm for Open.. - Agha (1997)(Correct)
ing Interaction Patterns: A Programming Paradigm for Open Distributed Systems Gul A. Agha Open Systems Laboratory Department of Computer Science, 1304 W. Springfield Avenue, University of Illinois at ... / for each actor to implement the encryption and decryption. What we would br do is simply define a module for encryption decryption and compose it with
25 Breaking DES Using a Molecular Computer - Boneh, Dunworth, Lipton (1995)(Correct)
Recently Adleman [1] has shown that a small traveling salesman problem can be solved by
molecular operations. In this paper we show how the same principles can be applied to breaking
the Data Encrypti... / applied to breaking the Data Encryption Standard DES Our method is br program for breaking the Data Encryption standard or DES for short.
24 A Bisimulation Method for Cryptographic Protocols - Abadi, Gordon (1998)(Correct)
We introduce a definition of bisimulation for cryptographic
protocols. The definition includes a simple and precise model of the
knowledge of the environment with which a protocol interacts. Bisimul... / suc M successor fMgN encryption x variable Intuitively br we study an example with nested encryption. We consider the processes K
24 Increasing Availability and Security of an Authentication Service - Gong (1993)(Correct)
Authentication is a process by which one satisfies another about one's claim of identity.
Typically an authentication server provides the authentication service via an authentication
protocol. The a... / are verified agree upon an encryption key-a session key-for later br and M.D. Schroeder Using Encryption for Authentication in Large
24 Practical Protocols For Certified Electronic Mail - Deng, Gong, Lazar, Wang (1996)(Correct)
Electronic mail, or e-mail, has brought us a big step closer towards the vision of paperless
offices. To advance even closer to this vision, however, it is essential that existing e-mail systems
be... / signature electronic mail encryption security . Introduction br public key of party P used for encryption and for verifying signatures
24 A Software-Optimized Encryption Algorithm - Rogaway, Coppersmith (1997)(Correct)
We describe a software-efficient encryption algorithm named
SEAL 3.0. Computational cost on a 32-bit processor is about 5 elementary
machine instructions per byte of text. The cipher is a pseudoran... / A Software-Optimized Encryption Algorithm Phillip Rogaway br We describe a software-efficient encryption algorithm named SEAL . .
23 The Internet Multimedia Conferencing Architecture - Handley, Crowcroft, Bormann (1996)(Correct)
This document provides an overview of multimedia conferencing on the Internet. The protocols mentioned
are all specified elsewhere as internet-drafts or RFCs. Each RFC gives details of the protocol it... / methods are used for encryption and authentication which need br can be implemented using encryption and restricted distribution of