W Diffie and M E Hellman, "Privacy and Authentication : An Introduction to Cryptography",Proc. of the IEEE, vol 67, no 3, pp. 397-427, Mar 1992.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....two persons who need not trust each other. Public key cryptosystems accomplish this by relying on the inability of present day tools to factor large numbers (e.g. RSA like implementations) or on the difficulty in solving the discrete logarithm problem (Diffie Hellman like implementations) etc. [2]. Since such computations take reasonable time on most implementations, they become vulnerable to a host of attacks. The nature of the key may be understood by monitoring the time taken for encryption and decryption. This is the basis of timing attack. A slightly different attack known as the ....

W. Diftle, M. E. Hellman, "Privacy and Authentication: An introduction to Cryptography, " in Proc. IEEE, vol. 67, no.3, pp. 397 - 427, 1979.

....keys [3,13,2] atypical example is the well known RSA algorithm) whichare appropriate for offline communications and for authentications, but they are usually slow for online communication. 2. Algorithms that use secret key ( typical example is the so called Data Encryption Standard DES [4,12,10]) which are more appropriated for online communications. The encoding method weare proposing in this paper is of the second type. Of course, when we are dealing with the algorithms with secret key, one needs a secure channel for key transfer, and that problem can be solved using some algorithm ....

Diffie, W., Hellman, M.E.: Privacy and authentication: An introduction to cryptography. Proc. IEEE 67 (1979) 397--427

....be achieved for all eight byte modes. This is the fastest DES chip reported yet, allowing equally fast execution of all four DES modes of operation due to an original pipeline architecture. I. INTRODUCTION NTIL the last decade, cryptography was the domain of the diplomatic and military ,world [3]. Due to the microelectronics (r)evolution a need for commercial cryptography has emerged. The ever cheaper and higher performance digital circuits have caused a rapid expansion of international telephone communications, computer net works, etc. Electronic mail, electronic funds transfer, and ....

....The algorithmic equivalent to save this routing is explained in Section III. C. The Modes: Combining Feedback and Pipelining For a given fixed key and given fixed data input, the DES cipher output is always the same. An opponent could thus use frequency analysis to retrieve the original text [3]. To avoid this, several DES modes of operation. are defin, ed [2] These provide feedback and block Chaining. As an example, in Fig. 5 the Cipher block chaining (CBC) i defined. In this mode a given fixed input and a given fixed key wi 1 produce different alpher outputs, because ,they do not ....

W. Diffie and M, E. Hellman, ".Privacy and authentication: An introduction to cryptography," Proc. IEEE, vol. 67, no. 3, pp. 397-427, Mar. 1979.

....We also suggest another CBC variant that does not require additional random padding: CBC mode where the IV is generated by encrypting a counter with a di erent key. As an additional alternative, we suggest replacing the underlying encryption scheme with a variant of counter (CTR) mode [12, 22] in which both the sender and receiver maintain a copy of the counter. We also present a framework within which to analyze other possible replacements. One important advantage of these xes over the current SSH speci cation is provable security. Making reasonable assumptions (e.g. that SSH s ....

W. Die and M. E. Hellman. Privacy and authentication: An introduction to cryptography. Proceedings of the IEEE, 67(3):397-427, Mar. 1979.

.... M cn is the encryption of message M with the encryp tion key KAB. M ( cndv) denotes the encryption of message M, with key KAB, and the initialization vector 1 V which is used in encryption modes such as cipher block chaining (CBC) output feedback mode (OFB) or counter mode (CTR) [3, 14,29]. MAG(K, M) denotes the computation of the message authentication code (MAC) of message M, with MAC key K AB. By a secure channel, we mean a channel that offers confidentiality, data authentication, integrity, and freshness. 5. SPINS security building blocks To achieve the security ....

W. Diffie and M.E. Hellman, Privacy and authentication: An introduction to cryptography, Proceedings of the 1EEE 67(3) (1979) 397-427.

..... We also suggest another CBC variant that does not require additional random padding: CBC mode where the IV is generated by encrypting a counter with a di erent key. As an additional alternative, we suggest replacing the underlying encryption scheme with a variant of counter (CTR) mode [12, 22] in which both the sender and receiver maintain a copy of the counter. We also present a framework within which to analyze other possible replacements. One important advantage of these xes over the current SSH speci cation is provable security. Making reasonable assumptions (e.g. that SSH s ....

W. Die and M. E. Hellman. Privacy and authentication: An introduction to cryptography. Proceedings of the IEEE, 67(3):397-427, Mar. 1979.

....translates into equally good bounds for the other notions. With the notions of security, especially left or right indistinguishability(LOR) they proved the concrete security analysis of the XOR, CTR, and CBC Schemes. The counter(CTR) mode was originally introduced by W.Die and M. Hellman in 1979 [6]. Recently H.Lipmaa, P.Rogaway, and D. Wagner suggested the CTR mode in standardizing AES modes of operation [12] The CTR mode has signi cant eciency advantages, which can be preprocessed because of the independence of message blocks and easy to random access. Furthermore the CTR mode gives the ....

W. Die and M. Hellman, Privacy and Authentication : An introduction to Cryptography, Proceedings of the IEEE, 67(

....with support from NSF grant DCR 8607494. Author s address: MIT Lab. for Computer Science, Cambridge, Massachusetts 02139 USA. Author s net address: rivest theory.lcs.mit.edu 2 The reader who wishes to explore further will nd available many excellent texts, collections, and survey articles [9, 13, 29, 45, 49, 48, 53, 54, 51, 66, 91, 99, 102, 117, 146, 150, 149, 148, 151], works of historical or political interest [12, 69, 92, 138, 157] relevant conference proceedings (CRYPTO, EUROCRYPT, FOCS, STOC, 46, 86, 100] and bibliographies [14, 129] 6 A key space K: a set of strings (keys) over some alphabet. An encryption algorithm E mapping K M into C. A ....

W. Die and M. E. Hellman. Privacy and authentication: an introduction to cryptography. Proceedings of the IEEE, 67:397-427, March 1979.

....lifetime. I intend on migrating NASD to the Advanced Encryption Standard (AES) when it is finalized [NIST98] although this may not be for several years. 4.4.4. 3 Encryption Mode NASD uses the cipher in counter mode, shown in Figure 4 7, which is similar to the better known output feedback mode [Diffie79], because counter mode enables block level parallelism in the encryption decryption processing. Counter mode operates by encrypting a counter, which identifies the block s location in the message and the output of a hash function in NASD, then XORing the counter with the plaintext. Since the ....

Diffie, W., and Hellman, M.E., "Privacy and Authentication: An Introduction to Cryptography," Proceedings of the IEEE, Volume 67, No. 3, March 1979, pp. 397-427.

....Mai University (Thailand) rogaway cs.ucdavis.edu http: www.cs.ucdavis.edu rogaway David Wagner University of California Berkeley (USA) daw cs.berkeley.edu http: www.cs. berkeley.edu wagner Abstract Counter mode encryption ( CTR mode ) was introduced by Diffie and Hellman already in 1979 [5] and is already standardized by, for example, 1, Section 6.4] It is indeed one of the best known modes that are not standardized in [10] We suggest that NIST, in standardizing AES modes of operation, should include CTR mode encryption as one possibility for the next reasons. First, CTR mode ....

WHITFIELD DIFFIE and MARTIN HELLMAN. Privacy and Authentication: An Introduction to Cryptography. Proceedings of the IEEE, 67 (1979), pp. 397--427.

....go beyond those available in a single server. Looking to the future, technologies supporting digital cash and digital commerce are likely to be of increasing importance, and will often depend upon the use of trusted banking agents and strong forms of encryption, such as the RSA or DES standards [DH79, RSA78, DES88]. Progress in this area has been very rapid and we will review some of the major approaches. Yet, if the progress in distributed systems security has been impressive, the limitations on such systems remain quite serious. On the whole, it remains difficult to secure a distributed system and very ....

....technologies and their limitations. Although a number of encryption schemes have been proposed, the most popular ones at the time of this writing are the RSA public key algorithms and the DES encryption standard. 19.3. 1 RSA and DES RSA [RSA78] is an implementation of a public key cryptosystem [DH79] that exploits properties of modular exponentiation. In practice, the method operates by generating pairs of keys that are distributed to the users and programs within a distributed system. One key within each pair is the private key and is kept secret. The other key is public, as is an encryption ....

[Article contains additional citation context not shown here]

W. Diffie and M. E. Hellman. Privacy and Authentication: An Introduction to Cryptography. Proceedings of the IEEE, 67:3 (March 1979), 397427.

....e.g. K, K 1, K 2, etc. Related key attacks were also used against rotor machines: operators sometimes set rotors incorrectly. If the operator then corrected the rotor positions and retransmitted the same plaintext, an adversary would have a single plaintext encrypted in two related keys [DH79]. Hash functions built from block ciphers can also be vulnerable to a related key attack against the block cipher [Win84, RIPE92] In [KSW96] we gave a summary of key schedule attacks against block ciphers, showed practical protocols that allow related key attacks to be mounted, and presented ....

W. Di#e and M.E. Hellman. "Privacy and Authentication: An Introduction to Cryptography". Proceedings of the IEEE, vol 67 no 3, March 1979.

....messages (namely, DLP requests and replies) between the pilot and the remote server along with their Message Authentication Codes are encrypted with the session key (CK) This encryption ensures the integrity of the data in transit. Our key exchange protocol is based on the Diffie Hellman protocol[1] shown as follows (R s and R p are random numbers generated on the pilot and the remote server respectively) ffl P S: user name, R p ffl S P: R p , R s , CK) SK ffl P S: R s ) CK First, the pilot sends the user name and a random number (R p ) to the remote server indicating the start of a ....

W. Diffie and M.E. Hellman. Privacy and authentication: An introduction to cryptography. In Proceedings of the IEEE, 1979.

....that depends on strong, total, commutative AOWFs. There are two key worries regarding the Rabi Sherman approach. The first is whether their protocols are secure even if strong, total, commutative AOWFs exist. This worry has two facets. The first facet is that, as they note, like Diffie Hellman [DH76,DH79] the protocol they describe has no current proof of security (even if the existence of strong, total, commutative AOWFs is given) though Rabi and Sherman give intuitively attractive arguments suggesting the plausibility of security. In particular, they prove that certain direct attacks against ....

W. Diffie and M. Hellman. Privacy and authentication: An introduction to cryptography. Proceedings of the IEEE, 67(3):397--427, 1979.

No context found.

W Diffie and M E Hellman, "Privacy and Authentication : An Introduction to Cryptography",Proc. of the IEEE, vol 67, no 3, pp. 397-427, Mar 1992.

No context found.

W. Diffie and M. E. Hellman. Privacy and authentication: An introduction to cryptography. Proc. of the IEEE, 67(3):397--427, 1979.

No context found.

W. Die and M. Hellman, Privacy and Authentication : An introduction to Cryptography, Proceedings of the IEEE, 67(1979), pp. 397-427, 1979.

No context found.

W. Diffie and M. Hellman. Privacy and Authentication: An Introduction to Cryptography. Proceedings of the IEEE, Volume 67, Number 3, March, 1979.

No context found.

W. Die and M. E. Hellman. Privacy and authentication: An introduction to cryptography. Proceedings of the IEEE, 67:397-427, March 1979.

No context found.

W. Die and M.E. Hellman. \Privacy and Authentication: An Introduction to Cryptography". Proceedings of the IEEE, vol 67 no 3, March 1979.

No context found.

W. Diffic and M. Hellman, "Privacy and Authentication: An Introduction to Cryptography." Proceedings of IEEE, 67 (1979), pp. 397-427.

No context found.

W. Die and M. Hellman. Privacy and Authentication: An Introduction to Cryptography. Proceedings of the IEEE, 67, pp. 397 - 427, 1979.

No context found.

Diffie, W. and Hellman, M "Privacy and Authentication: An Introduction to Cryptography" Proceedings of the IEEE, Vol 67, No 3. March 1979.

No context found.

Diffie, W., Hellman, M.E. 'Privacy and Authentication: an Introduction to Cryptography' Proceedings of the IEEE, v67 n3, March 1979, pp 397-427.

No context found.

W. Diffie and M.E. Hellman, "Privacy and authentication: an introduction to cryptography," Proceedings of the IEEE, vol. 67, no. 3, March 1979, pp. 397-427.

First 50 documents

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC