3 %%%--------------------------------------------------------------------------
8 \ifx\url\undefined\let\url\texttt\fi
9 \ifx\msgid\undefined\let\msgid\texttt\fi
10 \let\mdwxxthebibliography\thebibliography
11 \def\thebibliography
{\mdwxxbibhook\mdwxxthebibliography
}
13 \def\biburl#
1{\let\biburlsep\empty\biburlxi#
1;;\done
}
14 \def\biburlxi#
1;{\def\temp
{#
1}\ifx\temp\empty\expandafter\biburlxiii\else
15 \biburlxii#
1,,\done\let\biburlxafter\biburlxi\expandafter\biburlxmunch\fi
}
16 \def\biburlxii#
1,{\def\temp
{#
1}\ifx\temp\empty\expandafter\biburlxiii\else
17 \biburlsep\mdwxxurl
{#
1}\def\biburlsep
{, }\let\biburlxafter\biburlxii
18 \expandafter\biburlxmunch\fi
}
19 \def\biburlxiii#
1\done
{}
20 \def\biburlxmunch
{\futurelet\next\biburlxmunchi
}
21 \def\biburlxmunchi
{\expandafter\ifx\space\next\expandafter\biburlxmunchii
22 \else\expandafter\biburlxafter\fi
}
23 \expandafter\def\expandafter\biburlxmunchii\space
{\biburlxmunch
}
24 \def\mdwxxbibhook
{\let\mdwxxurl\url\let\url\biburl
}
28 %%%--------------------------------------------------------------------------
29 %%% The main bibliography.
31 @InProceedings
{Abdalla
:2001:DHIES
,
32 author = "Michel Abdalla and Mihir Bellare and Phillip Rogaway"
,
33 title = "
{DHIES
}: An Encryption Scheme Based on the
34 {Diffie
--Hellman
} Problem"
,
35 crossref
= "Naccache
:2001:TCC"
,
37 url
= "http
://www
-cse.ucsd.edu
/users
/mihir
/papers
/dhies.html"
40 @InProceedings
{Bellare
:1993:ROP
,
41 author = "Mihir Bellare and Phillip Rogaway"
,
42 title = "Random oracles are practical"
,
43 booktitle = "Proceedings of the First Annual Conference on Computer and
44 Communications Security"
,
45 organization = "
{ACM
}"
,
47 url
= "http
://www
-cse.ucsd.edu
/users
/mihir
/papers
/ro.html"
50 @InProceedings
{Bellare
:2004:EAX
,
51 title = "The
{EAX
} Mode of Operation"
,
52 author = "Mihir Bellare and Phillip Rogaway and David Wagner"
,
53 bibdate
= "
2004-07-29"
,
55 http
://dblp.uni
-trier.de
/db
/conf
/fse
/fse2004.html#BellareRW04"
,
57 booktitle = "Fast Software Encryption
, 11th International Workshop
,
58 {FSE
} 2004, Delhi
, India
, February
5-7, 2004, Revised
60 publisher = "Springer"
,
63 editor = "Bimal K. Roy and Willi Meier"
,
64 isbn
= "
3-540-22171-9"
,
66 series = "Lecture Notes in Computer Science"
,
67 url
= "http
://www.cs.berkeley.edu
/~daw
/papers
/eax
-fse04.ps"
70 @InProceedings
{Bellare
:2006:STE
,
71 title = "The Security of Triple Encryption and a Framework for
72 Code
-Based Game
-Playing Proofs"
,
73 author = "Mihir Bellare and Phillip Rogaway"
,
74 bibdate
= "
2006-07-05"
,
76 http
://dblp.uni
-trier.de
/db
/conf
/eurocrypt
/eurocrypt2006.html#BellareR06"
,
77 booktitle = "Advances in Cryptology
- {EUROCRYPT
} 2006, 25th Annual
78 International Conference on the Theory and Applications of
79 Cryptographic Techniques
, St. Petersburg
, Russia
, May
28 -
80 June
1, 2006, Proceedings"
,
81 publisher = "Springer"
,
84 editor = "Serge Vaudenay"
,
85 isbn
= "
3-540-34546-9"
,
87 series = "Lecture Notes in Computer Science"
,
88 note = "Proceedings version of \cite
{cryptoeprint
:2004:331}"
91 @InProceedings
{Brassard
:1989:SZK
,
92 author = "Gilles Brassard and Claude Crepeau"
,
93 title = "Sorting out Zero
-Knowledge"
,
94 booktitle = "Theory and Application of Cryptographic Techniques"
,
97 url
= "http
://citeseer.nj.nec.com
/brassard90sorting.html"
100 @TechReport
{Canetti
:2001:UCS
,
101 author = "Ran Canetti"
,
102 title = "Universally Composable Security
: {A
} New Paradigm for
103 Cryptographic Protocols"
,
105 url
= "http
://eprint.iacr.org
/2000/067"
,
108 abstract = "We propose a new paradigm for defining security of
109 cryptographic protocols
, called
{\sf universally composable
110 security.
} The salient property of universally composable
111 definitions of security is that they guarantee security
112 even when a secure protocol is composed with an arbitrary
113 set of protocols
, or more generally when the protocol is
114 used as a component of an arbitrary system. This is an
115 essential property for maintaining security of
116 cryptographic protocols in complex and unpredictable
117 environments such as the Internet. In particular
,
118 universally composable definitions guarantee security even
119 when an unbounded
number of protocol instances are executed
120 concurrently in an adversarially controlled manner
, they
121 guarantee non
-malleability with respect to arbitrary
122 protocols
, and more. We show how to formulate universally
123 composable definitions of security for practically any
124 cryptographic task. Furthermore
, we demonstrate that
125 practically any such definition can be realized using known
126 general techniques
, as long as only a minority of the
127 participants are corrupted. We then proceed to formulate
128 universally composable definitions of a wide array of
129 cryptographic tasks
, including authenticated and secure
130 communication
, key-exchange
, public
-key encryption
,
131 signature
, commitment
, oblivious transfer
, zero
-knowledge
,
132 and more. We also make initial steps towards studying the
133 realizability of the proposed definitions in other natural
135 keywords = "foundations
/ cryptographic protocols
, security analysis of
136 protocols
, concurrent composition"
,
138 annote = "Revised version of \cite
{Canetti
:2000:SCM
}."
,
140 institution = "Cryptology
{ePrint
} Archive"
,
141 added
-at
= "Wed Oct
17 16:02:37 2001"
,
142 note = "Extended Abstract appeared in proceedings of the
42nd
143 Symposium on Foundations of Computer Science
(FOCS
), 2001"
146 @Proceedings
{DBLP
:conf
/fse
/2001,
147 editor = "Mitsuru Matsui"
,
148 title = "Fast Software Encryption
, 8th International Workshop
, FSE
149 2001 Yokohama
, Japan
, April
2-4, 2001, Revised Papers"
,
151 publisher = "Springer"
,
152 series = "Lecture Notes in Computer Science"
,
155 isbn
= "
3-540-43869-6"
,
156 bibsource
= "DBLP
, http
://dblp.uni
-trier.de"
159 @PhdThesis
{Daemen
:1995:CHF
,
160 author = "Joan Daemen"
,
161 title = "Cipher and hash function design strategies based on linear
162 and differential cryptanalysis"
,
164 school = "K. U. Leuven"
167 @Misc
{Fisher
:2000:Storin
-collide
,
168 author = "Matthew Fisher"
,
169 title = "Re
: Yet another block cipher
: {Storin
}"
,
170 howpublished = "Usenet article in
{\texttt
{sci.crypt
}}"
,
172 note = "Message
-id
{\msgid
{<8gjctn\$
9ct\$
1@nnrp1.deja.com
>}}"
175 @TechReport
{Frier
:1996:SSL
,
176 author = "A. Frier and P. Karlton and P. Kocher"
,
177 title = "The
{SSL
3.0} Protocol"
,
178 institution = "Netscape Communications Corp."
,
181 url
= "http
://home.netscape.com
/eng
/ssl3
/ssl
-toc.html"
184 @Misc
{Goldwasser
:1999:LNC
,
185 author = "David A. McGrew and John Viega"
,
186 title = "Lecture Notes on Cryptography"
,
187 howpublished = "Summer Course ``Cryptography and Computer Security'' at
190 url
= "http
://citeseer.nj.nec.com
/goldwasser96lecture.html"
193 @Manual
{IEEE
:2000:1363,
195 title = "IEEE
1363-2000: Standard Specifications for Public Key
198 isbn
= "
0-7381-1956-3"
,
199 abstract = "This standard specifies common public
-key cryptographic
200 techniques
, including mathematical primitives for secret
201 value
(key) derivation
, public
-key encryption
, and digital
202 signatures
, and cryptographic schemes based on those
203 primitives. It also specifies related cryptographic
204 parameters
, public keys and private keys. The purpose of
205 this standard is to provide a reference for specifications
206 of a variety of techniques from which applications may
208 organization = "Microprocessor Standards Committee of the IEEE Computer
212 @PhdThesis
{IWJ
:1997:WGT
,
213 author = "Ian Jackson"
,
214 title = "Who goes there? Location confidentiality through
217 school = "Cambridge University Computer Laboratory"
,
219 url
= "http
://www.chiark.greenend.org.uk
/~ijackson
/thesis
/"
222 @Misc
{Kohno
:2003:CWC
,
223 author = "Tadayoshi Kohno and John Viega and Doug Whiting"
,
224 title = "The CWC Authenticated Encryption
(Associated Data
) Mode"
,
225 howpublished = "Cryptology ePrint Archive
, Report
2003/106"
,
227 url
= "http
://eprint.iacr.org
/2003/106"
230 @InProceedings
{McGrew
:2004:SPG
,
231 title = "The Security and Performance of the Galois
/Counter Mode
232 ({GCM
}) of Operation"
,
233 author = "David A. McGrew and John Viega"
,
234 bibdate
= "
2004-12-13"
,
236 http
://dblp.uni
-trier.de
/db
/conf
/indocrypt
/indocrypt2004.html#McGrewV04"
,
237 booktitle = "INDOCRYPT"
,
238 booktitle = "Progress in Cryptology
- {INDOCRYPT
} 2004, 5th
239 International Conference on Cryptology in India
, Chennai
,
240 India
, December
20-22, 2004, Proceedings"
,
241 publisher = "Springer"
,
244 editor = "Anne Canteaut and Kapalee Viswanathan"
,
245 isbn
= "
3-540-24130-2"
,
247 series = "Lecture Notes in Computer Science"
,
248 url
= "http
://eprint.iacr.org
/2004/193"
251 @Misc
{Menezes
:2005:IPB
,
252 author = "Alfred Menezes"
,
253 title = "An Introduction to Pairing
-Based Cryptography"
,
255 "http
://www.cacr.math.uwaterloo.ca
/~ajmeneze
/publications
/pairings.pdf"
,
256 note = "Notes from lectures given in Santander
, Spain"
,
260 @InProceedings
{Rogaway
:2001:OCB
,
261 author = "Phillip Rogaway and Mihir Bellare and John Black and Ted
263 title = "
{OCB
}: a block
-cipher mode of operation for efficient
264 authenticated encryption"
,
265 booktitle = "
{ACM
} Conference on Computer and Communications Security"
,
268 url
= "http
://www.cs.ucdavis.edu
/~rogaway
/ocb
/"
271 @InProceedings
{Rogaway
:2002:AEA
,
272 author = "Phillip Rogaway"
,
273 title = "Authenticated
-encryption with associated
-data"
,
274 added
-by
= "msteiner"
,
275 url
= "http
://www.cs.ucdavis.edu
/~rogaway
/papers
/ad.html"
,
277 added
-at
= "Sun Nov
16 12:50:24 2003"
,
278 abstract = "When a message is transformed into a ciphertext in a way
279 designed to protect both its privacy and authenticity
,
280 there may be additional information
, such as a packet
281 header
, that travels alongside the ciphertext
(at least
282 conceptually
) and must get authenticated with it. We
283 formalize and investigate this authenticated
-encryption
284 with associated
-data
(AEAD
) problem. Though the problem has
285 long been addressed in cryptographic practice
, it was never
286 provided a definition or even a name. We do this
, and go on
287 to look at efficient solutions for AEAD
, both in general
288 and for the authenticated
-encryption scheme OCB. For the
289 general setting we study two simple ways to turn an
290 authenticated
-encryption scheme that does not support
291 associated
-data into one that does
: nonce stealing and
292 ciphertext translation. For the case of OCB we construct an
293 AEAD
-scheme by combining OCB and the pseudorandom function
294 PMAC
, using the same
key for both algorithms. We prove
295 that
, despite ``interaction'' between the two schemes when
296 using a common
key, the combination is sound. We also
297 consider achieving AEAD by the generic composition of a
298 nonce
-based
, privacy
-only encryption scheme and a
299 pseudorandom function."
,
300 booktitle = "Proceedings of the
9th
{ACM
} Conference on Computer and
301 Communications Security"
,
303 editor = "Ravi Sandhu"
,
305 publisher = "ACM Press"
,
306 address = "Washington
, DC
, USA"
310 author = "
{Certicom Research
}"
,
311 title = "Standards for Efficient Cryptography
, {SEC
} 1: {E
}lliptic
312 curve cryptography
, Version
1.0"
,
314 url
= "http
://www.secg.org
/download
/aid
-385/sec1_final.pdf"
317 @Unpublished
{Shoup
:2001:PIS
,
318 author = "Victor Shoup"
,
319 title = "Proposal for an
{ISO
} Standard for Public Key Encryption
322 note = "Unpublished manuscript"
,
323 url
= "http
://www.shoup.net
/papers
/"
326 @TechReport
{Silverman
:2000:CBA
,
327 author = "Robert Silverman"
,
328 title = "A Cost
-Based Security Analysis of Symmetric and Asymmetric
330 institution = "RSA Laboratories"
,
334 url
= "http
://www.rsa.com
/rsalabs
/node.asp?id
=2088"
337 @InProceedings
{Wagner
:2000:PSU
,
338 author = "David Wagner and Ian Goldberg"
,
339 title = "Proofs of Security for the
{Unix
} Password Hashing
341 crossref
= "Okamoto
:2000:ACA"
,
343 url
= "http
://www.cs.berkeley.edu
/~daw
/papers
/"
346 @Book
{Washington
:2003:EC
,
347 author = "Lawrence C. Washington"
,
348 title = "Elliptic Curves
: Number Theory and Cryptography"
,
349 isbn
= "
1-584-88365-0"
,
350 publisher = "CRC Press"
,
355 @TechReport
{Wooding
:2000:Storin
,
356 author = "Mark Wooding"
,
357 title = "
{Storin
}: A block cipher for digitial signal processors"
,
358 institution = "Straylight
/Edgeware"
,
360 url
= "http
://www.excessus.demon.co.uk
/crypto
/storin.ps.gz"
,
361 abstract = "We present Storin
: a new
96-bit block cipher designed to
362 play to the strengths of current digital signal processors
363 (DSPs
). In particular
, DSPs tend to provide single
-cycle
364 multiply
-and
-accumulate operations
, making matrix
365 multiplications very cheap. Working in an environment
366 where multiplication is as fast as exclusive
-or changes the
367 usual perceptions about which operations provide good
368 cryptographic strength cheaply. The scarcity of available
369 memory
, for code and for tables
, and a penalty for
370 nonsequential access to data also make traditional block
371 ciphers based around substitution tables unsuitable."
374 @Misc
{Wooding
:2000:Storin
-diff
,
375 author = "Mark Wooding"
,
376 title = "Re
: Yet another block cipher
: {Storin
}"
,
377 howpublished = "Usenet article in \texttt
{sci.crypt
}"
,
379 note = "Message
-id
{\msgid
{<slrn8iqhaq
.872.mdw@mull.ncipher.com
>}}"
382 @Misc
{Wooding
:2003:NPO
,
383 author = "Mark Wooding"
,
384 title = "New proofs for old modes"
,
385 howpublished = "Unpublished work in progress"
,
389 @Misc
{Ylonen
:2001:STL
,
390 author = "T. Ylonen and T. Kivinen and M. Saarinen and T. Rinne and
392 title = "
{SSH
} Transport Layer Protocol"
,
395 howpublished = "Internet Draft"
,
397 "http
://www.ietf.org
/internet
-drafts
/draft
-ietf
-secsh
-transport
-09.txt"
400 %%%--------------------------------------------------------------------------
404 %%% bibtex-maintain-sorted-entries: t