[doc/texmf] / mdw-crypto.bib

%%% mdw's bibliography

%%%--------------------------------------------------------------------------
%%% Initial hacking.

@preamble {
"
\ifx\url\undefined\let\url\texttt\fi
\ifx\msgid\undefined\let\msgid\texttt\fi
\let\mdwxxthebibliography\thebibliography
\def\thebibliography{\mdwxxbibhook\mdwxxthebibliography}
\def\mdwxxurl#1{[#1]}
\def\biburl#1{\let\biburlsep\empty\biburlxi#1;;\done}
\def\biburlxi#1;{\def\temp{#1}\ifx\temp\empty\expandafter\biburlxiii\else
  \biburlxii#1,,\done\let\biburlxafter\biburlxi\expandafter\biburlxmunch\fi}
\def\biburlxii#1,{\def\temp{#1}\ifx\temp\empty\expandafter\biburlxiii\else
  \biburlsep\mdwxxurl{#1}\def\biburlsep{, }\let\biburlxafter\biburlxii
  \expandafter\biburlxmunch\fi}
\def\biburlxiii#1\done{}
\def\biburlxmunch{\futurelet\next\biburlxmunchi}
\def\biburlxmunchi{\expandafter\ifx\space\next\expandafter\biburlxmunchii
  \else\expandafter\biburlxafter\fi}
\expandafter\def\expandafter\biburlxmunchii\space{\biburlxmunch}
\def\mdwxxbibhook{\let\mdwxxurl\url\let\url\biburl}
"
}

%%%--------------------------------------------------------------------------
%%% The main bibliography.

@InProceedings{Abdalla:2001:DHIES,
  author =	 "Michel Abdalla and Mihir Bellare and Phillip Rogaway",
  title =	 "{DHIES}: An Encryption Scheme Based on the
                  {Diffie--Hellman} Problem",
  crossref =	 "Naccache:2001:TCC",
  year =	 2001,
  url =		 "http://www-cse.ucsd.edu/users/mihir/papers/dhies.html"
}

@InProceedings{Alexander:2007:IUA,
  author =	 "Chris Alexander and Ian Goldberg",
  title =	 "Improved user authentication in off-the-record messaging",
  booktitle =	 "WPES",
  year =	 2007,
  pages =	 "41--47",
  ee =		 "http://doi.acm.org/10.1145/1314333.1314340",
  url =		 "http://www.cypherpunks.ca/~iang/pubs/impauth.pdf",
  crossref =	 "DBLP:conf/wpes/2007",
  bibsource =	 "DBLP, http://dblp.uni-trier.de"
}

@InProceedings{Bellare:1993:ROP,
  author =	 "Mihir Bellare and Phillip Rogaway",
  title =	 "Random oracles are practical",
  booktitle =	 "Proceedings of the First Annual Conference on Computer and
                  Communications Security",
  organization = "{ACM}",
  year =	 1993,
  url =		 "http://www-cse.ucsd.edu/users/mihir/papers/ro.html",
  pages =	 "62--73"
}

@InProceedings{Bellare:2004:EAX,
  title =	 "The {EAX} Mode of Operation",
  author =	 "Mihir Bellare and Phillip Rogaway and David Wagner",
  bibdate =	 "2004-07-29",
  bibsource =	 "DBLP,
                  http://dblp.uni-trier.de/db/conf/fse/fse2004.html#BellareRW04",
  booktitle =	 "FSE",
  booktitle =	 "Fast Software Encryption, 11th International Workshop,
                  {FSE} 2004, Delhi, India, February 5-7, 2004, Revised
                  Papers",
  publisher =	 "Springer",
  year =	 2004,
  volume =	 3017,
  editor =	 "Bimal K. Roy and Willi Meier",
  isbn =	 "3-540-22171-9",
  pages =	 "389--407",
  series =	 "Lecture Notes in Computer Science",
  url =		 "http://www.cs.berkeley.edu/~daw/papers/eax-fse04.ps"
}

@InProceedings{Bellare:2006:STE,
  title =	 "The Security of Triple Encryption and a Framework for
                  Code-Based Game-Playing Proofs",
  author =	 "Mihir Bellare and Phillip Rogaway",
  bibdate =	 "2006-07-05",
  bibsource =	 "DBLP,
                  http://dblp.uni-trier.de/db/conf/eurocrypt/eurocrypt2006.html#BellareR06",
  booktitle =	 "Advances in Cryptology - {EUROCRYPT} 2006, 25th Annual
                  International Conference on the Theory and Applications of
                  Cryptographic Techniques, St. Petersburg, Russia, May 28 -
                  June 1, 2006, Proceedings",
  publisher =	 "Springer",
  year =	 2006,
  volume =	 4004,
  editor =	 "Serge Vaudenay",
  isbn =	 "3-540-34546-9",
  pages =	 "409--426",
  series =	 "Lecture Notes in Computer Science",
  note =	 "Proceedings version of \cite{cryptoeprint:2004:331}"
}

@InProceedings{Borisov:2004:OTR,
  author =	 "Nikita Borisov and Ian Goldberg and Eric A. Brewer",
  title =	 "Off-the-record communication, or, why not to use PGP",
  booktitle =	 "WPES",
  year =	 2004,
  pages =	 "77--84",
  ee =		 "http://doi.acm.org/10.1145/1029179.1029200",
  url =		 "http://www.cypherpunks.ca/otr/otr-wpes.pdf",
  crossref =	 "DBLP:conf/wpes/2004",
  bibsource =	 "DBLP, http://dblp.uni-trier.de"
}

@InProceedings{Brassard:1989:SZK,
  author =	 "Gilles Brassard and Claude Crepeau",
  title =	 "Sorting out Zero-Knowledge",
  booktitle =	 "Theory and Application of Cryptographic Techniques",
  pages =	 "181--191",
  year =	 1989,
  url =		 "http://citeseer.nj.nec.com/brassard90sorting.html"
}

@TechReport{Canetti:2001:UCS,
  author =	 "Ran Canetti",
  title =	 "Universally Composable Security: {A} New Paradigm for
                  Cryptographic Protocols",
  added-by =	 "sti",
  url =		 "http://eprint.iacr.org/2000/067",
  number =	 "2000/067",
  month =	 oct,
  abstract =	 "We propose a new paradigm for defining security of
                  cryptographic protocols, called {\sf universally composable
                  security.} The salient property of universally composable
                  definitions of security is that they guarantee security
                  even when a secure protocol is composed with an arbitrary
                  set of protocols, or more generally when the protocol is
                  used as a component of an arbitrary system. This is an
                  essential property for maintaining security of
                  cryptographic protocols in complex and unpredictable
                  environments such as the Internet. In particular,
                  universally composable definitions guarantee security even
                  when an unbounded number of protocol instances are executed
                  concurrently in an adversarially controlled manner, they
                  guarantee non-malleability with respect to arbitrary
                  protocols, and more. We show how to formulate universally
                  composable definitions of security for practically any
                  cryptographic task. Furthermore, we demonstrate that
                  practically any such definition can be realized using known
                  general techniques, as long as only a minority of the
                  participants are corrupted. We then proceed to formulate
                  universally composable definitions of a wide array of
                  cryptographic tasks, including authenticated and secure
                  communication, key-exchange, public-key encryption,
                  signature, commitment, oblivious transfer, zero-knowledge,
                  and more. We also make initial steps towards studying the
                  realizability of the proposed definitions in other natural
                  settings.",
  keywords =	 "foundations / cryptographic protocols, security analysis of
                  protocols, concurrent composition",
  type =	 "Report",
  annote =	 "Revised version of \cite{Canetti:2000:SCM}.",
  year =	 2001,
  institution =	 "Cryptology {ePrint} Archive",
  added-at =	 "Wed Oct 17 16:02:37 2001",
  note =	 "Extended Abstract appeared in proceedings of the 42nd
                  Symposium on Foundations of Computer Science (FOCS), 2001"
}

@PhdThesis{Daemen:1995:CHF,
  author =	 "Joan Daemen",
  title =	 "Cipher and hash function design strategies based on linear
                  and differential cryptanalysis",
  year =	 1995,
  school =	 "K. U. Leuven"
}

@Misc{Ferguson:2005:AWG,
  author =	 "Niels Ferguson",
  title =	 "Authentication Weaknesses in GCM",
  year =	 2005,
  month =	 "May",
  url =          "http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/comments/CWC-GCM/Ferguson2.pdf",
  note =	 "Public comment to NIST"
}

@Misc{Fisher:2000:Storin-collide,
  author =	 "Matthew Fisher",
  title =	 "Re: Yet another block cipher: {Storin}",
  howpublished = "Usenet article in {\texttt{sci.crypt}}",
  year =	 2000,
  note =	 "Message-id {\msgid{<8gjctn\$9ct\$1@nnrp1.deja.com>}}"
}

@TechReport{Frier:1996:SSL,
  author =	 "A. Frier and P. Karlton and P. Kocher",
  title =	 "The {SSL 3.0} Protocol",
  institution =	 "Netscape Communications Corp.",
  month =	 nov,
  year =	 1996,
  url =		 "http://home.netscape.com/eng/ssl3/ssl-toc.html"
}

@Misc{Goldwasser:1999:LNC,
  author =	 "Shafi Goldwasser and Mihir Bellare",
  title =	 "Lecture Notes on Cryptography",
  howpublished = "Summer Course ``Cryptography and Computer Security'' at
                  MIT, 1996--1999",
  year =	 1999,
  url =		 "http://citeseer.nj.nec.com/goldwasser96lecture.html"
}

@InProceedings{Groth:2008:ENP,
  author =	 "Jens Groth and Amit Sahai",
  title =	 "Efficient Non-interactive Proof Systems for Bilinear
                  Groups",
  booktitle =	 "EUROCRYPT",
  year =	 2008,
  pages =	 "415--432",
  ee =		 "http://dx.doi.org/10.1007/978-3-540-78967-3_24",
  crossref =	 "DBLP:conf/eurocrypt/2008",
  bibsource =	 "DBLP, http://dblp.uni-trier.de"
}

@Manual{IEEE:2000:1363,
  author =	 "{IEEE}",
  title =	 "IEEE 1363-2000: Standard Specifications for Public Key
                  Cryptography",
  year =	 2000,
  isbn =	 "0-7381-1956-3",
  abstract =	 "This standard specifies common public-key cryptographic
                  techniques, including mathematical primitives for secret
                  value (key) derivation, public-key encryption, and digital
                  signatures, and cryptographic schemes based on those
                  primitives. It also specifies related cryptographic
                  parameters, public keys and private keys. The purpose of
                  this standard is to provide a reference for specifications
                  of a variety of techniques from which applications may
                  select.",
  organization = "Microprocessor Standards Committee of the IEEE Computer
                  Society, USA"
}

@PhdThesis{IWJ:1997:WGT,
  author =	 "Ian Jackson",
  title =	 "Who goes there?  Location confidentiality through
                  anonymity",
  year =	 1997,
  school =	 "Cambridge University Computer Laboratory",
  pages =	 "vi + 97",
  url =		 "http://www.chiark.greenend.org.uk/~ijackson/thesis/"
}

@Misc{Kohno:2003:CWC,
  author =	 "Tadayoshi Kohno and John Viega and Doug Whiting",
  title =	 "The CWC Authenticated Encryption (Associated Data) Mode",
  howpublished = "Cryptology ePrint Archive, Report 2003/106",
  year =	 2003,
  url =		 "http://eprint.iacr.org/2003/106"
}

@InProceedings{Maurer:2009:UZK,
  author =	 "Ueli M. Maurer",
  title =	 "Unifying Zero-Knowledge Proofs of Knowledge",
  booktitle =	 "AFRICACRYPT",
  year =	 2009,
  pages =	 "272-286",
  ee =		 "http://dx.doi.org/10.1007/978-3-642-02384-2_17",
  crossref =	 "DBLP:conf/africacrypt/2009",
  bibsource =	 "DBLP, http://dblp.uni-trier.de"
}

@InProceedings{McGrew:2004:SPG,
  author =	 "David A. McGrew and John Viega",
  title =	 "The Security and Performance of the Galois/Counter Mode
                  (GCM) of Operation",
  booktitle =	 "INDOCRYPT",
  year =	 2004,
  pages =	 "343--355",
  ee =
                  "http://springerlink.metapress.com/openurl.asp?genre=article{\&}issn=0302-9743{\&}volume=3348{\&}spage=343",
  crossref =	 "DBLP:conf/indocrypt/2004",
  bibsource =	 "DBLP, http://dblp.uni-trier.de"
}

@Misc{Menezes:2005:IPB,
  author =	 "Alfred Menezes",
  title =	 "An Introduction to Pairing-Based Cryptography",
  url =
                  "http://www.cacr.math.uwaterloo.ca/~ajmeneze/publications/pairings.pdf",
  note =	 "Notes from lectures given in Santander, Spain",
  year =	 2005
}

@InProceedings{Rogaway:2001:OCB,
  author =	 "Phillip Rogaway and Mihir Bellare and John Black and Ted
                  Krovetz",
  title =	 "{OCB}: a block-cipher mode of operation for efficient
                  authenticated encryption",
  booktitle =	 "{ACM} Conference on Computer and Communications Security",
  pages =	 "196--205",
  year =	 2001,
  url =		 "http://www.cs.ucdavis.edu/~rogaway/ocb/"
}

@InProceedings{Rogaway:2002:AEA,
  author =	 "Phillip Rogaway",
  title =	 "Authenticated-encryption with associated-data",
  added-by =	 "msteiner",
  url =		 "http://www.cs.ucdavis.edu/~rogaway/papers/ad.html",
  pages =	 "98--107",
  added-at =	 "Sun Nov 16 12:50:24 2003",
  abstract =	 "When a message is transformed into a ciphertext in a way
                  designed to protect both its privacy and authenticity,
                  there may be additional information, such as a packet
                  header, that travels alongside the ciphertext (at least
                  conceptually) and must get authenticated with it. We
                  formalize and investigate this authenticated-encryption
                  with associated-data (AEAD) problem. Though the problem has
                  long been addressed in cryptographic practice, it was never
                  provided a definition or even a name. We do this, and go on
                  to look at efficient solutions for AEAD, both in general
                  and for the authenticated-encryption scheme OCB. For the
                  general setting we study two simple ways to turn an
                  authenticated-encryption scheme that does not support
                  associated-data into one that does: nonce stealing and
                  ciphertext translation. For the case of OCB we construct an
                  AEAD-scheme by combining OCB and the pseudorandom function
                  PMAC, using the same key for both algorithms. We prove
                  that, despite ``interaction'' between the two schemes when
                  using a common key, the combination is sound. We also
                  consider achieving AEAD by the generic composition of a
                  nonce-based, privacy-only encryption scheme and a
                  pseudorandom function.",
  booktitle =	 "Proceedings of the 9th {ACM} Conference on Computer and
                  Communications Security",
  year =	 2002,
  editor =	 "Ravi Sandhu",
  month =	 nov,
  publisher =	 "ACM Press",
  address =	 "Washington, DC, USA"
}

@Misc{SEC1,
  author =	 "{Certicom Research}",
  title =	 "Standards for Efficient Cryptography, {SEC} 1: {E}lliptic
                  curve cryptography, Version 1.0",
  year =	 2000,
  url =		 "http://www.secg.org/download/aid-385/sec1_final.pdf"
}

@Unpublished{Shoup:2001:PIS,
  author =	 "Victor Shoup",
  title =	 "Proposal for an {ISO} Standard for Public Key Encryption
                  (Version 2.0)",
  year =	 2001,
  note =	 "Unpublished manuscript",
  url =		 "http://www.shoup.net/papers/"
}

@TechReport{Silverman:2000:CBA,
  author =	 "Robert Silverman",
  title =	 "A Cost-Based Security Analysis of Symmetric and Asymmetric
                  Key Lengths",
  institution =	 "RSA Laboratories",
  number =	 13,
  month =	 "April",
  year =	 2000,
  url =		 "http://www.rsa.com/rsalabs/node.asp?id=2088"
}

@InProceedings{Wagner:2000:PSU,
  author =	 "David Wagner and Ian Goldberg",
  title =	 "Proofs of Security for the {Unix} Password Hashing
                  Algorithm",
  crossref =	 "Okamoto:2000:ACA",
  pages =	 "560--572",
  url =		 "http://www.cs.berkeley.edu/~daw/papers/"
}

@TechReport {Wooding:2000:Storin,
  author =	 "Mark Wooding",
  title =	 "{Storin}: A block cipher for digitial signal processors",
  institution =	 "Straylight/Edgeware",
  year =	 2000,
  url =		 "http://www.excessus.demon.co.uk/crypto/storin.ps.gz",
  abstract =	 "We present Storin: a new 96-bit block cipher designed to
                  play to the strengths of current digital signal processors
                  (DSPs).  In particular, DSPs tend to provide single-cycle
                  multiply-and-accumulate operations, making matrix
                  multiplications very cheap.  Working in an environment
                  where multiplication is as fast as exclusive-or changes the
                  usual perceptions about which operations provide good
                  cryptographic strength cheaply.  The scarcity of available
                  memory, for code and for tables, and a penalty for
                  nonsequential access to data also make traditional block
                  ciphers based around substitution tables unsuitable."
}

@Misc{Wooding:2000:Storin-diff,
  author =	 "Mark Wooding",
  title =	 "Re: Yet another block cipher: {Storin}",
  howpublished = "Usenet article in \texttt{sci.crypt}",
  year =	 2000,
  note =	 "Message-id {\msgid{<slrn8iqhaq.872.mdw@mull.ncipher.com>}}"
}

@Misc{Wooding:2001:TrIPE,
  author =	 "Mark Wooding",
  year =	 "2001--2010",
  url =		 "http://git.distorted.org.uk/~mdw/tripe/",
  title =	 "Trivial IP Encryption (TrIPE): A simple {VPN}"
}

@Misc{Wooding:2003:NPO,
  author =	 "Mark Wooding",
  title =	 "New proofs for old modes",
  howpublished = "Unpublished work in progress",
  year =	 2003
}

@Misc{Ylonen:2001:STL,
  author =	 "T. Ylonen and T. Kivinen and M. Saarinen and T. Rinne and
                  S. Lehtinen",
  title =	 "{SSH} Transport Layer Protocol",
  month =	 jan,
  year =	 2001,
  howpublished = "Internet Draft",
  url =          "http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-09.txt"
}

%%%--------------------------------------------------------------------------
%%% Proceedings volumes.

@Proceedings{DBLP:conf/africacrypt/2009,
  editor =	 "Bart Preneel",
  title =	 "Progress in Cryptology - AFRICACRYPT 2009, Second
                  International Conference on Cryptology in Africa, Gammarth,
                  Tunisia, June 21-25, 2009. Proceedings",
  booktitle =	 "AFRICACRYPT",
  publisher =	 "Springer",
  series =	 "Lecture Notes in Computer Science",
  volume =	 5580,
  year =	 2009,
  isbn =	 "978-3-642-02383-5",
  ee =		 "http://dx.doi.org/10.1007/978-3-642-02384-2",
  bibsource =	 "DBLP, http://dblp.uni-trier.de"
}

@Proceedings{DBLP:conf/eurocrypt/2008,
  editor =	 "Nigel P. Smart",
  title =	 "Advances in Cryptology - EUROCRYPT 2008, 27th Annual
                  International Conference on the Theory and Applications of
                  Cryptographic Techniques, Istanbul, Turkey, April 13-17,
                  2008. Proceedings",
  booktitle =	 "EUROCRYPT",
  publisher =	 "Springer",
  series =	 "Lecture Notes in Computer Science",
  volume =	 4965,
  year =	 2008,
  isbn =	 "978-3-540-78966-6",
  bibsource =	 "DBLP, http://dblp.uni-trier.de"
}

@Proceedings{DBLP:conf/fse/2001,
  editor =	 "Mitsuru Matsui",
  title =	 "Fast Software Encryption, 8th International Workshop, FSE
                  2001 Yokohama, Japan, April 2-4, 2001, Revised Papers",
  booktitle =	 "FSE",
  publisher =	 "Springer",
  series =	 "Lecture Notes in Computer Science",
  volume =	 2355,
  year =	 2002,
  isbn =	 "3-540-43869-6",
  bibsource =	 "DBLP, http://dblp.uni-trier.de"
}

@Proceedings{DBLP:conf/indocrypt/2004,
  editor =	 "Anne Canteaut and Kapalee Viswanathan",
  title =	 "Progress in Cryptology - INDOCRYPT 2004, 5th International
                  Conference on Cryptology in India, Chennai, India, December
                  20-22, 2004, Proceedings",
  booktitle =	 "INDOCRYPT",
  publisher =	 "Springer",
  series =	 "Lecture Notes in Computer Science",
  volume =	 3348,
  year =	 2004,
  isbn =	 "3-540-24130-2",
  bibsource =	 "DBLP, http://dblp.uni-trier.de"
}

@Proceedings{DBLP:conf/wpes/2004,
  editor =	 "Vijay Atluri and Paul F. Syverson and Sabrina De Capitani
                  di Vimercati",
  title =	 "Proceedings of the 2004 ACM Workshop on Privacy in the
                  Electronic Society, WPES 2004, Washington, DC, USA, October
                  28, 2004",
  booktitle =	 "WPES",
  publisher =	 "ACM",
  year =	 2004,
  isbn =	 "1-58113-968-3",
  bibsource =	 "DBLP, http://dblp.uni-trier.de"
}

@Proceedings{DBLP:conf/wpes/2007,
  editor =	 "Peng Ning and Ting Yu",
  title =	 "Proceedings of the 2007 ACM Workshop on Privacy in the
                  Electronic Society, WPES 2007, Alexandria, VA, USA, October
                  29, 2007",
  booktitle =	 "WPES",
  publisher =	 "ACM",
  year =	 2007,
  isbn =	 "978-1-59593-883-1",
  bibsource =	 "DBLP, http://dblp.uni-trier.de"
}

@Book{Washington:2003:EC,
  author =	 "Lawrence C. Washington",
  title =	 "Elliptic Curves: Number Theory and Cryptography",
  isbn =	 "1-584-88365-0",
  publisher =	 "CRC Press",
  year =	 2003,
  pages =	 428
}

%%%--------------------------------------------------------------------------
\f
%%% Local variables:
%%% mode: bibtex
%%% bibtex-maintain-sorted-entries: entry-class
%%% End:
Commit	Line	Data
3c0f06a3 MW	1	%%% mdw's bibliography
	2
	3	%%%--------------------------------------------------------------------------
	4	%%% Initial hacking.
38e062db MW	5
	6	@preamble {
	7	"
	8	\ifx\url\undefined\let\url\texttt\fi
	9	\ifx\msgid\undefined\let\msgid\texttt\fi
3c0f06a3 MW	10	\let\mdwxxthebibliography\thebibliography
	11	\def\thebibliography{\mdwxxbibhook\mdwxxthebibliography}
	12	\def\mdwxxurl#1{[#1]}
	13	\def\biburl#1{\let\biburlsep\empty\biburlxi#1;;\done}
	14	\def\biburlxi#1;{\def\temp{#1}\ifx\temp\empty\expandafter\biburlxiii\else
	15	\biburlxii#1,,\done\let\biburlxafter\biburlxi\expandafter\biburlxmunch\fi}
	16	\def\biburlxii#1,{\def\temp{#1}\ifx\temp\empty\expandafter\biburlxiii\else
	17	\biburlsep\mdwxxurl{#1}\def\biburlsep{, }\let\biburlxafter\biburlxii
	18	\expandafter\biburlxmunch\fi}
	19	\def\biburlxiii#1\done{}
	20	\def\biburlxmunch{\futurelet\next\biburlxmunchi}
	21	\def\biburlxmunchi{\expandafter\ifx\space\next\expandafter\biburlxmunchii
	22	\else\expandafter\biburlxafter\fi}
	23	\expandafter\def\expandafter\biburlxmunchii\space{\biburlxmunch}
	24	\def\mdwxxbibhook{\let\mdwxxurl\url\let\url\biburl}
38e062db MW	25	"
	26	}
	27
3c0f06a3 MW	28	%%%--------------------------------------------------------------------------
3c0f06a3 MW	29	%%% The main bibliography.
38e062db	30
3c0f06a3 MW	31	@InProceedings{Abdalla:2001:DHIES,
	32	author = "Michel Abdalla and Mihir Bellare and Phillip Rogaway",
	33	title = "{DHIES}: An Encryption Scheme Based on the
	34	{Diffie--Hellman} Problem",
	35	crossref = "Naccache:2001:TCC",
	36	year = 2001,
	37	url = "http://www-cse.ucsd.edu/users/mihir/papers/dhies.html"
38e062db MW	38	}
38e062db MW	39
a9d7d77e MW	40	@InProceedings{Alexander:2007:IUA,
	41	author = "Chris Alexander and Ian Goldberg",
	42	title = "Improved user authentication in off-the-record messaging",
	43	booktitle = "WPES",
	44	year = 2007,
aa1ee4d8	45	pages = "41--47",
a9d7d77e MW	46	ee = "http://doi.acm.org/10.1145/1314333.1314340",
	47	url = "http://www.cypherpunks.ca/~iang/pubs/impauth.pdf",
	48	crossref = "DBLP:conf/wpes/2007",
	49	bibsource = "DBLP, http://dblp.uni-trier.de"
	50	}
	51
3c0f06a3 MW	52	@InProceedings{Bellare:1993:ROP,
	53	author = "Mihir Bellare and Phillip Rogaway",
	54	title = "Random oracles are practical",
	55	booktitle = "Proceedings of the First Annual Conference on Computer and
38e062db MW	56	Communications Security",
38e062db MW	57	organization = "{ACM}",
3c0f06a3	58	year = 1993,
aa1ee4d8 MW	59	url = "http://www-cse.ucsd.edu/users/mihir/papers/ro.html",
aa1ee4d8 MW	60	pages = "62--73"
b675c096 MW	61	}
	62
	63	@InProceedings{Bellare:2004:EAX,
3c0f06a3 MW	64	title = "The {EAX} Mode of Operation",
	65	author = "Mihir Bellare and Phillip Rogaway and David Wagner",
	66	bibdate = "2004-07-29",
	67	bibsource = "DBLP,
	68	http://dblp.uni-trier.de/db/conf/fse/fse2004.html#BellareRW04",
	69	booktitle = "FSE",
	70	booktitle = "Fast Software Encryption, 11th International Workshop,
	71	{FSE} 2004, Delhi, India, February 5-7, 2004, Revised
	72	Papers",
	73	publisher = "Springer",
	74	year = 2004,
	75	volume = 3017,
	76	editor = "Bimal K. Roy and Willi Meier",
	77	isbn = "3-540-22171-9",
	78	pages = "389--407",
	79	series = "Lecture Notes in Computer Science",
	80	url = "http://www.cs.berkeley.edu/~daw/papers/eax-fse04.ps"
b675c096 MW	81	}
	82
	83	@InProceedings{Bellare:2006:STE,
3c0f06a3 MW	84	title = "The Security of Triple Encryption and a Framework for
	85	Code-Based Game-Playing Proofs",
	86	author = "Mihir Bellare and Phillip Rogaway",
	87	bibdate = "2006-07-05",
	88	bibsource = "DBLP,
	89	http://dblp.uni-trier.de/db/conf/eurocrypt/eurocrypt2006.html#BellareR06",
	90	booktitle = "Advances in Cryptology - {EUROCRYPT} 2006, 25th Annual
	91	International Conference on the Theory and Applications of
	92	Cryptographic Techniques, St. Petersburg, Russia, May 28 -
	93	June 1, 2006, Proceedings",
	94	publisher = "Springer",
	95	year = 2006,
	96	volume = 4004,
	97	editor = "Serge Vaudenay",
	98	isbn = "3-540-34546-9",
	99	pages = "409--426",
	100	series = "Lecture Notes in Computer Science",
	101	note = "Proceedings version of \cite{cryptoeprint:2004:331}"
	102	}
	103
a9d7d77e MW	104	@InProceedings{Borisov:2004:OTR,
	105	author = "Nikita Borisov and Ian Goldberg and Eric A. Brewer",
	106	title = "Off-the-record communication, or, why not to use PGP",
	107	booktitle = "WPES",
	108	year = 2004,
aa1ee4d8	109	pages = "77--84",
a9d7d77e MW	110	ee = "http://doi.acm.org/10.1145/1029179.1029200",
	111	url = "http://www.cypherpunks.ca/otr/otr-wpes.pdf",
	112	crossref = "DBLP:conf/wpes/2004",
	113	bibsource = "DBLP, http://dblp.uni-trier.de"
	114	}
	115
3c0f06a3 MW	116	@InProceedings{Brassard:1989:SZK,
	117	author = "Gilles Brassard and Claude Crepeau",
	118	title = "Sorting out Zero-Knowledge",
	119	booktitle = "Theory and Application of Cryptographic Techniques",
aa1ee4d8	120	pages = "181--191",
3c0f06a3 MW	121	year = 1989,
3c0f06a3 MW	122	url = "http://citeseer.nj.nec.com/brassard90sorting.html"
b675c096 MW	123	}
b675c096 MW	124
3c0f06a3 MW	125	@TechReport{Canetti:2001:UCS,
	126	author = "Ran Canetti",
	127	title = "Universally Composable Security: {A} New Paradigm for
	128	Cryptographic Protocols",
	129	added-by = "sti",
	130	url = "http://eprint.iacr.org/2000/067",
	131	number = "2000/067",
	132	month = oct,
	133	abstract = "We propose a new paradigm for defining security of
	134	cryptographic protocols, called {\sf universally composable
	135	security.} The salient property of universally composable
	136	definitions of security is that they guarantee security
	137	even when a secure protocol is composed with an arbitrary
	138	set of protocols, or more generally when the protocol is
	139	used as a component of an arbitrary system. This is an
	140	essential property for maintaining security of
	141	cryptographic protocols in complex and unpredictable
	142	environments such as the Internet. In particular,
	143	universally composable definitions guarantee security even
	144	when an unbounded number of protocol instances are executed
	145	concurrently in an adversarially controlled manner, they
	146	guarantee non-malleability with respect to arbitrary
	147	protocols, and more. We show how to formulate universally
	148	composable definitions of security for practically any
	149	cryptographic task. Furthermore, we demonstrate that
	150	practically any such definition can be realized using known
	151	general techniques, as long as only a minority of the
	152	participants are corrupted. We then proceed to formulate
	153	universally composable definitions of a wide array of
	154	cryptographic tasks, including authenticated and secure
	155	communication, key-exchange, public-key encryption,
	156	signature, commitment, oblivious transfer, zero-knowledge,
	157	and more. We also make initial steps towards studying the
	158	realizability of the proposed definitions in other natural
	159	settings.",
	160	keywords = "foundations / cryptographic protocols, security analysis of
	161	protocols, concurrent composition",
	162	type = "Report",
	163	annote = "Revised version of \cite{Canetti:2000:SCM}.",
	164	year = 2001,
	165	institution = "Cryptology {ePrint} Archive",
	166	added-at = "Wed Oct 17 16:02:37 2001",
	167	note = "Extended Abstract appeared in proceedings of the 42nd
	168	Symposium on Foundations of Computer Science (FOCS), 2001"
	169	}
	170
3c0f06a3 MW	171	@PhdThesis{Daemen:1995:CHF,
	172	author = "Joan Daemen",
	173	title = "Cipher and hash function design strategies based on linear
	174	and differential cryptanalysis",
	175	year = 1995,
	176	school = "K. U. Leuven"
	177	}
	178
a9d7d77e MW	179	@Misc{Ferguson:2005:AWG,
	180	author = "Niels Ferguson",
	181	title = "Authentication Weaknesses in GCM",
	182	year = 2005,
	183	month = "May",
	184	url = "http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/comments/CWC-GCM/Ferguson2.pdf",
	185	note = "Public comment to NIST"
	186	}
	187
3c0f06a3 MW	188	@Misc{Fisher:2000:Storin-collide,
	189	author = "Matthew Fisher",
	190	title = "Re: Yet another block cipher: {Storin}",
	191	howpublished = "Usenet article in {\texttt{sci.crypt}}",
	192	year = 2000,
	193	note = "Message-id {\msgid{<8gjctn\$9ct\$1@nnrp1.deja.com>}}"
	194	}
	195
	196	@TechReport{Frier:1996:SSL,
	197	author = "A. Frier and P. Karlton and P. Kocher",
	198	title = "The {SSL 3.0} Protocol",
	199	institution = "Netscape Communications Corp.",
	200	month = nov,
	201	year = 1996,
	202	url = "http://home.netscape.com/eng/ssl3/ssl-toc.html"
	203	}
	204
	205	@Misc{Goldwasser:1999:LNC,
a9d7d77e	206	author = "Shafi Goldwasser and Mihir Bellare",
3c0f06a3 MW	207	title = "Lecture Notes on Cryptography",
	208	howpublished = "Summer Course ``Cryptography and Computer Security'' at
	209	MIT, 1996--1999",
	210	year = 1999,
	211	url = "http://citeseer.nj.nec.com/goldwasser96lecture.html"
	212	}
	213
aa1ee4d8 MW	214	@InProceedings{Groth:2008:ENP,
	215	author = "Jens Groth and Amit Sahai",
	216	title = "Efficient Non-interactive Proof Systems for Bilinear
	217	Groups",
	218	booktitle = "EUROCRYPT",
	219	year = 2008,
	220	pages = "415--432",
	221	ee = "http://dx.doi.org/10.1007/978-3-540-78967-3_24",
	222	crossref = "DBLP:conf/eurocrypt/2008",
	223	bibsource = "DBLP, http://dblp.uni-trier.de"
	224	}
	225
3c0f06a3 MW	226	@Manual{IEEE:2000:1363,
	227	author = "{IEEE}",
	228	title = "IEEE 1363-2000: Standard Specifications for Public Key
	229	Cryptography",
	230	year = 2000,
	231	isbn = "0-7381-1956-3",
	232	abstract = "This standard specifies common public-key cryptographic
	233	techniques, including mathematical primitives for secret
	234	value (key) derivation, public-key encryption, and digital
	235	signatures, and cryptographic schemes based on those
	236	primitives. It also specifies related cryptographic
	237	parameters, public keys and private keys. The purpose of
	238	this standard is to provide a reference for specifications
	239	of a variety of techniques from which applications may
	240	select.",
	241	organization = "Microprocessor Standards Committee of the IEEE Computer
	242	Society, USA"
b675c096 MW	243	}
b675c096 MW	244
3c0f06a3 MW	245	@PhdThesis{IWJ:1997:WGT,
	246	author = "Ian Jackson",
	247	title = "Who goes there? Location confidentiality through
	248	anonymity",
	249	year = 1997,
	250	school = "Cambridge University Computer Laboratory",
	251	pages = "vi + 97",
	252	url = "http://www.chiark.greenend.org.uk/~ijackson/thesis/"
b675c096 MW	253	}
b675c096 MW	254
3c0f06a3 MW	255	@Misc{Kohno:2003:CWC,
	256	author = "Tadayoshi Kohno and John Viega and Doug Whiting",
	257	title = "The CWC Authenticated Encryption (Associated Data) Mode",
	258	howpublished = "Cryptology ePrint Archive, Report 2003/106",
	259	year = 2003,
	260	url = "http://eprint.iacr.org/2003/106"
b675c096 MW	261	}
b675c096 MW	262
aa1ee4d8 MW	263	@InProceedings{Maurer:2009:UZK,
	264	author = "Ueli M. Maurer",
	265	title = "Unifying Zero-Knowledge Proofs of Knowledge",
	266	booktitle = "AFRICACRYPT",
	267	year = 2009,
	268	pages = "272-286",
	269	ee = "http://dx.doi.org/10.1007/978-3-642-02384-2_17",
	270	crossref = "DBLP:conf/africacrypt/2009",
	271	bibsource = "DBLP, http://dblp.uni-trier.de"
	272	}
	273
3c0f06a3	274	@InProceedings{McGrew:2004:SPG,
3c0f06a3	275	author = "David A. McGrew and John Viega",
aa1ee4d8 MW	276	title = "The Security and Performance of the Galois/Counter Mode
aa1ee4d8 MW	277	(GCM) of Operation",
3c0f06a3	278	booktitle = "INDOCRYPT",
3c0f06a3	279	year = 2004,
3c0f06a3	280	pages = "343--355",
aa1ee4d8 MW	281	ee =
	282	"http://springerlink.metapress.com/openurl.asp?genre=article{\&}issn=0302-9743{\&}volume=3348{\&}spage=343",
	283	crossref = "DBLP:conf/indocrypt/2004",
	284	bibsource = "DBLP, http://dblp.uni-trier.de"
3c0f06a3 MW	285	}
	286
	287	@Misc{Menezes:2005:IPB,
	288	author = "Alfred Menezes",
	289	title = "An Introduction to Pairing-Based Cryptography",
	290	url =
	291	"http://www.cacr.math.uwaterloo.ca/~ajmeneze/publications/pairings.pdf",
	292	note = "Notes from lectures given in Santander, Spain",
	293	year = 2005
	294	}
	295
	296	@InProceedings{Rogaway:2001:OCB,
	297	author = "Phillip Rogaway and Mihir Bellare and John Black and Ted
	298	Krovetz",
	299	title = "{OCB}: a block-cipher mode of operation for efficient
	300	authenticated encryption",
	301	booktitle = "{ACM} Conference on Computer and Communications Security",
aa1ee4d8	302	pages = "196--205",
3c0f06a3 MW	303	year = 2001,
3c0f06a3 MW	304	url = "http://www.cs.ucdavis.edu/~rogaway/ocb/"
b675c096 MW	305	}
b675c096 MW	306
3c0f06a3 MW	307	@InProceedings{Rogaway:2002:AEA,
	308	author = "Phillip Rogaway",
	309	title = "Authenticated-encryption with associated-data",
	310	added-by = "msteiner",
	311	url = "http://www.cs.ucdavis.edu/~rogaway/papers/ad.html",
	312	pages = "98--107",
	313	added-at = "Sun Nov 16 12:50:24 2003",
	314	abstract = "When a message is transformed into a ciphertext in a way
	315	designed to protect both its privacy and authenticity,
	316	there may be additional information, such as a packet
	317	header, that travels alongside the ciphertext (at least
	318	conceptually) and must get authenticated with it. We
	319	formalize and investigate this authenticated-encryption
	320	with associated-data (AEAD) problem. Though the problem has
	321	long been addressed in cryptographic practice, it was never
	322	provided a definition or even a name. We do this, and go on
	323	to look at efficient solutions for AEAD, both in general
	324	and for the authenticated-encryption scheme OCB. For the
	325	general setting we study two simple ways to turn an
	326	authenticated-encryption scheme that does not support
	327	associated-data into one that does: nonce stealing and
	328	ciphertext translation. For the case of OCB we construct an
	329	AEAD-scheme by combining OCB and the pseudorandom function
	330	PMAC, using the same key for both algorithms. We prove
	331	that, despite ``interaction'' between the two schemes when
	332	using a common key, the combination is sound. We also
	333	consider achieving AEAD by the generic composition of a
	334	nonce-based, privacy-only encryption scheme and a
	335	pseudorandom function.",
	336	booktitle = "Proceedings of the 9th {ACM} Conference on Computer and
	337	Communications Security",
	338	year = 2002,
	339	editor = "Ravi Sandhu",
	340	month = nov,
	341	publisher = "ACM Press",
	342	address = "Washington, DC, USA"
	343	}
	344
	345	@Misc{SEC1,
	346	author = "{Certicom Research}",
	347	title = "Standards for Efficient Cryptography, {SEC} 1: {E}lliptic
	348	curve cryptography, Version 1.0",
	349	year = 2000,
	350	url = "http://www.secg.org/download/aid-385/sec1_final.pdf"
	351	}
	352
	353	@Unpublished{Shoup:2001:PIS,
	354	author = "Victor Shoup",
	355	title = "Proposal for an {ISO} Standard for Public Key Encryption
	356	(Version 2.0)",
	357	year = 2001,
	358	note = "Unpublished manuscript",
	359	url = "http://www.shoup.net/papers/"
	360	}
	361
	362	@TechReport{Silverman:2000:CBA,
	363	author = "Robert Silverman",
	364	title = "A Cost-Based Security Analysis of Symmetric and Asymmetric
	365	Key Lengths",
	366	institution = "RSA Laboratories",
	367	number = 13,
	368	month = "April",
	369	year = 2000,
	370	url = "http://www.rsa.com/rsalabs/node.asp?id=2088"
371	}
372
373	@InProceedings{Wagner:2000:PSU,
374	author = "David Wagner and Ian Goldberg",
375	title = "Proofs of Security for the {Unix} Password Hashing
376	Algorithm",
377	crossref = "Okamoto:2000:ACA",
378	pages = "560--572",
379	url = "http://www.cs.berkeley.edu/~daw/papers/"
380	}
381
3c0f06a3 MW	382	@TechReport {Wooding:2000:Storin,
	383	author = "Mark Wooding",
	384	title = "{Storin}: A block cipher for digitial signal processors",
	385	institution = "Straylight/Edgeware",
	386	year = 2000,
	387	url = "http://www.excessus.demon.co.uk/crypto/storin.ps.gz",
	388	abstract = "We present Storin: a new 96-bit block cipher designed to
	389	play to the strengths of current digital signal processors
	390	(DSPs). In particular, DSPs tend to provide single-cycle
	391	multiply-and-accumulate operations, making matrix
	392	multiplications very cheap. Working in an environment
	393	where multiplication is as fast as exclusive-or changes the
	394	usual perceptions about which operations provide good
	395	cryptographic strength cheaply. The scarcity of available
	396	memory, for code and for tables, and a penalty for
	397	nonsequential access to data also make traditional block
	398	ciphers based around substitution tables unsuitable."
	399	}
	400
	401	@Misc{Wooding:2000:Storin-diff,
	402	author = "Mark Wooding",
	403	title = "Re: Yet another block cipher: {Storin}",
	404	howpublished = "Usenet article in \texttt{sci.crypt}",
	405	year = 2000,
	406	note = "Message-id {\msgid{<slrn8iqhaq.872.mdw@mull.ncipher.com>}}"
b675c096 MW	407	}
b675c096 MW	408
a9d7d77e MW	409	@Misc{Wooding:2001:TrIPE,
	410	author = "Mark Wooding",
	411	year = "2001--2010",
	412	url = "http://git.distorted.org.uk/~mdw/tripe/",
	413	title = "Trivial IP Encryption (TrIPE): A simple {VPN}"
	414	}
	415
3c0f06a3 MW	416	@Misc{Wooding:2003:NPO,
	417	author = "Mark Wooding",
	418	title = "New proofs for old modes",
	419	howpublished = "Unpublished work in progress",
	420	year = 2003
b675c096 MW	421	}
b675c096 MW	422
3c0f06a3 MW	423	@Misc{Ylonen:2001:STL,
	424	author = "T. Ylonen and T. Kivinen and M. Saarinen and T. Rinne and
	425	S. Lehtinen",
	426	title = "{SSH} Transport Layer Protocol",
	427	month = jan,
	428	year = 2001,
	429	howpublished = "Internet Draft",
aa1ee4d8	430	url = "http://www.ietf.org/internet-drafts/draft-ietf-secsh-transport-09.txt"
38e062db MW	431	}
38e062db MW	432
aa1ee4d8 MW	433	%%%--------------------------------------------------------------------------
	434	%%% Proceedings volumes.
	435
	436	@Proceedings{DBLP:conf/africacrypt/2009,
	437	editor = "Bart Preneel",
	438	title = "Progress in Cryptology - AFRICACRYPT 2009, Second
	439	International Conference on Cryptology in Africa, Gammarth,
	440	Tunisia, June 21-25, 2009. Proceedings",
	441	booktitle = "AFRICACRYPT",
	442	publisher = "Springer",
	443	series = "Lecture Notes in Computer Science",
	444	volume = 5580,
	445	year = 2009,
	446	isbn = "978-3-642-02383-5",
	447	ee = "http://dx.doi.org/10.1007/978-3-642-02384-2",
	448	bibsource = "DBLP, http://dblp.uni-trier.de"
	449	}
	450
	451	@Proceedings{DBLP:conf/eurocrypt/2008,
	452	editor = "Nigel P. Smart",
	453	title = "Advances in Cryptology - EUROCRYPT 2008, 27th Annual
	454	International Conference on the Theory and Applications of
	455	Cryptographic Techniques, Istanbul, Turkey, April 13-17,
	456	2008. Proceedings",
	457	booktitle = "EUROCRYPT",
	458	publisher = "Springer",
	459	series = "Lecture Notes in Computer Science",
	460	volume = 4965,
	461	year = 2008,
	462	isbn = "978-3-540-78966-6",
	463	bibsource = "DBLP, http://dblp.uni-trier.de"
	464	}
	465
	466	@Proceedings{DBLP:conf/fse/2001,
	467	editor = "Mitsuru Matsui",
	468	title = "Fast Software Encryption, 8th International Workshop, FSE
	469	2001 Yokohama, Japan, April 2-4, 2001, Revised Papers",
	470	booktitle = "FSE",
	471	publisher = "Springer",
	472	series = "Lecture Notes in Computer Science",
	473	volume = 2355,
	474	year = 2002,
	475	isbn = "3-540-43869-6",
	476	bibsource = "DBLP, http://dblp.uni-trier.de"
	477	}
	478
	479	@Proceedings{DBLP:conf/indocrypt/2004,
	480	editor = "Anne Canteaut and Kapalee Viswanathan",
	481	title = "Progress in Cryptology - INDOCRYPT 2004, 5th International
	482	Conference on Cryptology in India, Chennai, India, December
	483	20-22, 2004, Proceedings",
	484	booktitle = "INDOCRYPT",
	485	publisher = "Springer",
	486	series = "Lecture Notes in Computer Science",
	487	volume = 3348,
	488	year = 2004,
	489	isbn = "3-540-24130-2",
	490	bibsource = "DBLP, http://dblp.uni-trier.de"
	491	}
	492
	493	@Proceedings{DBLP:conf/wpes/2004,
	494	editor = "Vijay Atluri and Paul F. Syverson and Sabrina De Capitani
	495	di Vimercati",
	496	title = "Proceedings of the 2004 ACM Workshop on Privacy in the
497	Electronic Society, WPES 2004, Washington, DC, USA, October
498	28, 2004",
499	booktitle = "WPES",
500	publisher = "ACM",
501	year = 2004,
502	isbn = "1-58113-968-3",
503	bibsource = "DBLP, http://dblp.uni-trier.de"
504	}
505
506	@Proceedings{DBLP:conf/wpes/2007,
507	editor = "Peng Ning and Ting Yu",
508	title = "Proceedings of the 2007 ACM Workshop on Privacy in the
509	Electronic Society, WPES 2007, Alexandria, VA, USA, October
510	29, 2007",
511	booktitle = "WPES",
512	publisher = "ACM",
513	year = 2007,
514	isbn = "978-1-59593-883-1",
515	bibsource = "DBLP, http://dblp.uni-trier.de"
516	}
517
518	@Book{Washington:2003:EC,
519	author = "Lawrence C. Washington",
520	title = "Elliptic Curves: Number Theory and Cryptography",
521	isbn = "1-584-88365-0",
522	publisher = "CRC Press",
523	year = 2003,
524	pages = 428
525	}
a9d7d77e	526
3c0f06a3 MW	527	%%%--------------------------------------------------------------------------
	528	\f
	529	%%% Local variables:
	530	%%% mode: bibtex
aa1ee4d8	531	%%% bibtex-maintain-sorted-entries: entry-class
3c0f06a3	532	%%% End: