-@inproceedings{Bellare:1993:ROP,
- author = "Mihir Bellare and Phillip Rogaway",
- title = "Random oracles are practical",
- booktitle = "Proceedings of the First Annual Conference on Computer and
- Communications Security",
- organization = "{ACM}",
- year = 1993,
- url = "http://www-cse.ucsd.edu/users/mihir/papers/ro.html"
-}
-
-@inproceedings{Brassard:1989:SZK,
- author = "Gilles Brassard and Claude Crepeau",
- title = "Sorting out Zero-Knowledge",
- booktitle = "Theory and Application of Cryptographic Techniques",
- pages = "181-191",
- year = "1989",
- url = "http://citeseer.nj.nec.com/brassard90sorting.html"
-}
-
-@inproceedings{Bellare:2000:CST,
- author = "Mihir Bellare and Anand Desai and E. Jokipii and Phillip Rogaway",
- title = "A Concrete Security Treatment of Symmetric Encryption",
- booktitle = "{IEEE} Symposium on Foundations of Computer Science",
- pages = "394-403",
- year = "1997",
- url = "http://www-cse.ucsd.edu/users/mihir/papers/sym-enc.html"
-}
-
-@misc{Goldwasser:1999:LNC,
- author = "Shafi Goldwasser and Mihir Bellare",
- title = "Lecture Notes on Cryptography",
- howpublished = "Summer Course ``Cryptography and Computer Security'' at MIT, 1996--1999",
- year = "1999",
- url = "http://citeseer.nj.nec.com/goldwasser96lecture.html"
-}
-
-
-@InProceedings{Rogaway:2002:AEA,
- author = "Phillip Rogaway",
- title = "Authenticated-encryption with associated-data",
- added-by = "msteiner",
- URL = "http://www.cs.ucdavis.edu/~rogaway/papers/ad.html",
- pages = "98--107",
- added-at = "Sun Nov 16 12:50:24 2003",
- abstract = "When a message is transformed into a ciphertext in a
- way designed to protect both its privacy and
- authenticity, there may be additional information, such
- as a packet header, that travels alongside the
- ciphertext (at least conceptually) and must get
- authenticated with it. We formalize and investigate
- this authenticated-encryption with associated-data
- (AEAD) problem. Though the problem has long been
- addressed in cryptographic practice, it was never
- provided a definition or even a name. We do this, and
- go on to look at efficient solutions for AEAD, both in
- general and for the authenticated-encryption scheme
- OCB. For the general setting we study two simple ways
- to turn an authenticated-encryption scheme that does
- not support associated-data into one that does: nonce
- stealing and ciphertext translation. For the case of
- OCB we construct an AEAD-scheme by combining OCB and
- the pseudorandom function PMAC, using the same key for
- both algorithms. We prove that, despite
- {"}interaction{"} between the two schemes when using a
- common key, the combination is sound. We also consider
- achieving AEAD by the generic composition of a
- nonce-based, privacy-only encryption scheme and a
- pseudorandom function.",
- booktitle = "Proceedings of the 9th {ACM} Conference on Computer
- and Communications Security",
- year = "2002",
- editor = "Ravi Sandhu",
- month = nov,
- publisher = "ACM Press",
- address = "Washington, DC, USA",
-}
-
-@Article{Rogaway:2003:OCB,
- author = "Phillip Rogaway and Mihir Bellare and John Black",
- title = "{OCB}: a block-cipher mode of operation for efficient
- authenticated encryptiona",
- added-by = "msteiner",
- URL = "http://www.cs.colorado.edu/~jrblack/papers/ocb.pdf",
- journal = "ACM Transactions on Information and System Security",
- volume = "6",
- year = "2003",
- pages = "365--403",
- number = "3",
- added-at = "Sun Sep 28 21:27:38 2003",
-}
-
-@InProceedings{McGrew:2004:SPG,
- title = "The Security and Performance of the Galois/Counter
- Mode ({GCM}) of Operation",
- author = "David A. McGrew and John Viega",
- bibdate = "2004-12-13",
- bibsource = "DBLP,
- http://dblp.uni-trier.de/db/conf/indocrypt/indocrypt2004.html#McGrewV04",
- booktitle = "INDOCRYPT",
- booktitle = "Progress in Cryptology - {INDOCRYPT} 2004, 5th
- International Conference on Cryptology in India,
- Chennai, India, December 20-22, 2004, Proceedings",
- publisher = "Springer",
- year = "2004",
- volume = "3348",
- editor = "Anne Canteaut and Kapalee Viswanathan",
- ISBN = "3-540-24130-2",
- pages = "343--355",
- series = "Lecture Notes in Computer Science",
- URL = "http://eprint.iacr.org/2004/193"
-}
-
-@techreport{Abdalla:1999:DHAES,
- author = "Michel Abdalla and Mihir Bellare and Phillip Rogaway",
- title = "{DHAES}: An Encryption Scheme Based on the {Diffie-Hellman} Problem",
- number = "99-07",
- year = "1999",
- url = "http://www-cse.ucsd.edu/users/mihir/papers/pke.html"
-}
-
-@inproceedings{Abdalla:2001:DHIES,
- author = "Michel Abdalla and Mihir Bellare and Phillip Rogaway",
- title = "{DHIES}: An Encryption Scheme Based on the {Diffie-Hellman} Problem",
- crossref = "Naccache:2001:TCC",
- year = 2001,
- url = "http://www-cse.ucsd.edu/users/mihir/papers/dhies.html"
-}
-
-@inproceedings{Shoup:2001:OAEPR,
- author = "V. Shoup",
- title = "{OAEP} reconsidered",
- crossref = "Kilian:2001:ACC",
- pages = "239--259",
- url = "http://www.shoup.net/papers/"
-}
-
-@inproceedings{Wagner:2000:PSU,
- author = "David Wagner and Ian Goldberg",
- title = "Proofs of Security for the {Unix} Password Hashing Algorithm",
- crossref = "Okamoto:2000:ACA",
- pages = "560--572",
- url = "http://www.cs.berkeley.edu/~daw/papers/"
-}
-
-@inproceedings{Brier:2001:CRS,
- author = "Eric Brier and Cristophe Clavier and Jean-S\'ebastien Coron and
- David Naccache",
- title = "Cryptanalysis of {RSA} Signatures with Fixed-Patten Padding",
- year = 2001,
- crossref = "Kilian:2001:ACC",
- pages = "433--439"
-}
-
-@inproceedings{ Alkassar:2001:OSS,
- author = "Ammar Alkassar and Alexander Geraldy and Birgit Pfitzmann and Ahmad-Reza Sadeghi",
- title = "Optimized Self-Synchronizing Mode of Operation",
- crossref = "DBLP:conf/fse/2001",
- year = 2001,
- url = "http://citeseer.nj.nec.com/alkassar01optimized.html" }
-
-@unpublished{Shoup:2001:PIS,
- author = "Victor Shoup",
- title = "Proposal for an {ISO} Standard for Public Key Encryption
- (Version 2.0)",
- year = 2001,
- note = "Unpublished manuscript",
- url = "http://www.shoup.net/papers/"
-}
-
-@inproceedings{Shoup:1997:LBD,
- author = "Victor Shoup",
- title = "Lower bounds for discrete logarithms and related problems",
- year = 1997,
- url = "http://www.shoup.net/papers/",
- crossref = "Fumy:1997:ACE"
-}
-
-@InProceedings{Bellare:2004:EAX,
- title = "The {EAX} Mode of Operation",
- author = "Mihir Bellare and Phillip Rogaway and David Wagner",
- bibdate = "2004-07-29",
- bibsource = "DBLP,
- http://dblp.uni-trier.de/db/conf/fse/fse2004.html#BellareRW04",
- booktitle = "FSE",
- booktitle = "Fast Software Encryption, 11th International Workshop,
- {FSE} 2004, Delhi, India, February 5-7, 2004, Revised
- Papers",
- publisher = "Springer",
- year = "2004",
- volume = "3017",
- editor = "Bimal K. Roy and Willi Meier",
- ISBN = "3-540-22171-9",
- pages = "389--407",
- series = "Lecture Notes in Computer Science",
- URL = "http://www.cs.berkeley.edu/~daw/papers/eax-fse04.ps"
-}
-
-@Misc{Shoup:1999:OFM,
- title = "On Formal Models for Secure Key Exchange",
- author = "Victor Shoup",
- year = "1999",
- month = apr # "~21",
- abstract = "A new formal security model for session key exchange
- protocols in the public key setting is proposed, and
- several efficient protocols are analyzed in this model.
- The relationship between this new model and previously
- proposed models is explored, and several interesting,
- subtle distinctions between static and adaptive
- adversaries are explored. We also give a brief account
- of anonymous users.",
- citeseer-references = "oai:CiteSeerPSU:100248; oai:CiteSeerPSU:159141;
- oai:CiteSeerPSU:587558; oai:CiteSeerPSU:70784;
- oai:CiteSeerPSU:459391; oai:CiteSeerPSU:340126;
- oai:CiteSeerPSU:343528; oai:CiteSeerPSU:451555;
- oai:CiteSeerPSU:432396",
- annote = "Victor Shoup (IBM Zurich Research Lab , Saumerstr; 4 ,
- 8803 Ruschlikon , Switzerland);",
- bibsource = "OAI-PMH server at cs1.ist.psu.edu",
- oai = "oai:CiteSeerPSU:190779",
- rights = "unrestricted",
- URL = "http://www.shoup.net/papers/skey.ps.Z",
-}
-
-@misc{Koblitz:2006:ALP,
- author = {Neal Koblitz and Alfred Menezes},
- title = {Another Look at ``Provable Security''. {II}},
- howpublished = {Cryptology ePrint Archive, Report 2006/229},
- year = {2006},
- url = {http://eprint.iacr.org/2006/229},
-}
-
-@Article{Blake-Wilson:1998:EAA,
- author = "S. Blake-Wilson and A. Menezes",
- title = "Entity Authentication and Authenticated Key Transport
- Protocols Employing Asymmetric Techniques",
- journal = "Lecture Notes in Computer Science",
- volume = "1361",
- pages = "137--??",
- year = "1998",
- CODEN = "LNCSD9",
- ISSN = "0302-9743",
- bibdate = "Tue Apr 28 08:51:33 MDT 1998",
- acknowledgement = "Nelson H. F. Beebe, Center for Scientific
- Computing, University of Utah, Department of
- Mathematics, 110 LCB, 155 S 1400 E RM 233, Salt Lake
- City, UT 84112-0090, USA, Tel: +1 801 581 5254, FAX: +1
- 801 581 4148, e-mail: \path|beebe@math.utah.edu|,
- \path|beebe@acm.org|, \path|beebe@computer.org|,
- \path|beebe@ieee.org| (Internet), URL:
- \path|http://www.math.utah.edu/~beebe/|",
- url = "http://www.cacr.math.uwaterloo.ca/~ajmeneze/publications/transport.ps"
-}
-
-@Article{Blake-Wilson:1997:KAP,
- author = "S. Blake-Wilson and D. Johnson and A. Menezes",
- title = "Key Agreement Protocols and Their Security Analysis",
- journal = "Lecture Notes in Computer Science",
- volume = "1355",
- pages = "30--??",
- year = "1997",
- CODEN = "LNCSD9",
- ISSN = "0302-9743",
- bibdate = "Tue Apr 28 08:51:33 MDT 1998",
- acknowledgement = "Nelson H. F. Beebe, University of Utah, Department
- of Mathematics, 110 LCB, 155 S 1400 E RM 233, Salt Lake
- City, UT 84112-0090, USA, Tel: +1 801 581 5254, FAX: +1
- 801 581 4148, e-mail: \path|beebe@math.utah.edu|,
- \path|beebe@acm.org|, \path|beebe@computer.org|
- (Internet), URL:
- \path|http://www.math.utah.edu/~beebe/|",
- url = "http://www.cacr.math.uwaterloo.ca/~ajmeneze/publications/agreement.ps"
-}
-
-@InProceedings{Bellare:1998:MAD,
- author = "Mihir Bellare and Ran Canetti and Hugo Krawczyk",
- title = "A Modular Approach to the Design and Analysis of Key
- Exchange Protocols",
- pages = "419--428",
- ISBN = "0-89791-962-9",
- booktitle = "Proceedings of the 30th Annual {ACM} Symposium on
- Theory of Computing ({STOC}-98)",
- month = may # "~23--26",
- publisher = "ACM Press",
- address = "New York",
- year = "1998",
- url = "http://www.cs.ucsd.edu/~mihir/papers/key-distribution.html"
-}
-
-@TechReport{Canetti:2001:UCS,
- author = "Ran Canetti",
- title = "Universally Composable Security: {A} New Paradigm for
- Cryptographic Protocols",
- added-by = "sti",
- URL = "http://eprint.iacr.org/2000/067",
- number = "2000/067",
- month = oct,
- abstract = "We propose a new paradigm for defining security of
- cryptographic protocols, called {\sf universally
- composable security.} The salient property of
- universally composable definitions of security is that
- they guarantee security even when a secure protocol is
- composed with an arbitrary set of protocols, or more
- generally when the protocol is used as a component of
- an arbitrary system. This is an essential property for
- maintaining security of cryptographic protocols in
- complex and unpredictable environments such as the
- Internet. In particular, universally composable
- definitions guarantee security even when an unbounded
- number of protocol instances are executed concurrently
- in an adversarially controlled manner, they guarantee
- non-malleability with respect to arbitrary protocols,
- and more. We show how to formulate universally
- composable definitions of security for practically any
- cryptographic task. Furthermore, we demonstrate that
- practically any such definition can be realized using
- known general techniques, as long as only a minority of
- the participants are corrupted. We then proceed to
- formulate universally composable definitions of a wide
- array of cryptographic tasks, including authenticated
- and secure communication, key-exchange, public-key
- encryption, signature, commitment, oblivious transfer,
- zero-knowledge, and more. We also make initial steps
- towards studying the realizability of the proposed
- definitions in other natural settings.",
- keywords = "foundations / cryptographic protocols, security
- analysis of protocols, concurrent composition",
- type = "Report",
- annote = "Revised version of \cite{Canett2000a}.",
- year = "2001",
- institution = "Cryptology {ePrint} Archive",
- added-at = "Wed Oct 17 16:02:37 2001",
- note = "Extended Abstract appeared in proceedings of the 42nd
- Symposium on Foundations of Computer Science (FOCS),
- 2001",
-}
-
-@Article{Canett2000a,
- author = "Ran Canetti",
- title = "Security and Composition of Multiparty Cryptographic
- Protocols",
- added-by = "sti",
- URL = "http://link.springer-ny.com/link/service/journals/00145/papers/0013001/00130143.pdf",
- journal = "Journal of Cryptology",
- number = "1",
- month = "Winter",
- abstract = "We present general definitions of security for
- multiparty cryptographic protocols, with focus on the
- task of evaluating a probabilistic function of the
- parties' inputs. We show that, with respect to these
- definitions, security is preserved under a natural
- composition operation. The definitions follow the
- general paradigm of known definitions; yet some
- substantial modifications and simplifications are
- introduced. The composition operation is the natural
- ``subroutine substitution'' operation, formalized by
- Micali and Rogaway. We consider several standard
- settings for multiparty protocols, including the cases
- of eavesdropping, Byzantine, nonadaptive and adaptive
- adversaries, as well as the information-theoretic and
- the computational models. In particular, in the
- computational model we provide the first definition of
- security of protocols that is shown to be preserved
- under composition.",
- volume = "13",
- annote = "Discusses general formalization of Secure Multiparty
- Computation in synchronous model with passive vs active
- (=> compute function t-privately vs t-securely) and
- static vs adaptive adversaries as well as perfect
- (e.g., with secure channel) and cryptographic settings.
- Contrary to previous definitions doesn't restrict to
- black-box simulations (though probably that restriction
- was not that important) and allows rewinds (more
- important, e.g., ZKP). Probably most precise and
- complete to date. Proves composition theorems for
- 'sequential subroutine composition'. To model adaptive
- adversaries he defines an additional TM Z to model the
- environment which feeds the context as auxiliary input
- on corruptions as well models post-execution effects in
- a non-erasing model by allowing Z (on input \emph{all}
- outputs of the protocol) to further corrupt parties
- (via adversary) after the termination of the protocol.
- The simulation has to hold now for all Z and all A (but
- note that contrary to A, Z is the same in the ideal
- model!). However, if we consider erasing models where
- all internal states are deleted after protocol
- terminatin then Z can be simplified to apriori fixed
- auxilliary strings for each corruption. Appeared also
- as Theory of Cryptography Library Record 98-18.",
- year = "2000",
- pages = "143--202",
- publisher = "Springer-Verlag, Berlin Germany",
- added-at = "Thu Jul 20 11:01:42 2000",
-}
-
-
-@Article{Canetti:2002:UCN,
- author = "Ran Canetti and Hugo Krawczyk",
- title = "Universally Composable Notions of Key Exchange and
- Secure Channels",
- journal = "Lecture Notes in Computer Science",
- volume = "2332",
- pages = "337--??",
- year = "2002",
- CODEN = "LNCSD9",
- ISSN = "0302-9743",
- bibdate = "Tue Sep 10 19:09:37 MDT 2002",
- bibsource = "http://link.springer-ny.com/link/service/series/0558/tocs/t2332.htm",
- url = "http://eprint.iacr.org/2002/059",
- acknowledgement = "Nelson H. F. Beebe, Center for Scientific
- Computing, University of Utah, Department of
- Mathematics, 110 LCB, 155 S 1400 E RM 233, Salt Lake
- City, UT 84112-0090, USA, Tel: +1 801 581 5254, FAX: +1
- 801 581 4148, e-mail: \path|beebe@math.utah.edu|,
- \path|beebe@acm.org|, \path|beebe@computer.org|,
- \path|beebe@ieee.org| (Internet), URL:
- \path|http://www.math.utah.edu/~beebe/|",
-}
-
-@misc{Shoup:2004:SGT,
- author = {Victor Shoup},
- title = {Sequences of games: a tool for taming complexity in security proofs},
- howpublished = {Cryptology ePrint Archive, Report 2004/332},
- year = {2004},
- url = {http://eprint.iacr.org/2004/332},
-}
-
-@InProceedings{Bellare:2006:STE,
- title = "The Security of Triple Encryption and a Framework for
- Code-Based Game-Playing Proofs",
- author = "Mihir Bellare and Phillip Rogaway",
- bibdate = "2006-07-05",
- bibsource = "DBLP,
- http://dblp.uni-trier.de/db/conf/eurocrypt/eurocrypt2006.html#BellareR06",
- booktitle = "Advances in Cryptology - {EUROCRYPT} 2006, 25th Annual
- International Conference on the Theory and Applications
- of Cryptographic Techniques, St. Petersburg, Russia,
- May 28 - June 1, 2006, Proceedings",
- publisher = "Springer",
- year = "2006",
- volume = "4004",
- editor = "Serge Vaudenay",
- ISBN = "3-540-34546-9",
- pages = "409--426",
- series = "Lecture Notes in Computer Science",
- note = "Proceedings version of \cite{Bellare:2004:CBG}"
-}
-
-@misc{Bellare:2004:CBG,
- author = {Mihir Bellare and Phillip Rogaway},
- title = {Code-Based Game-Playing Proofs and the Security of Triple Encryption},
- howpublished = {Cryptology ePrint Archive, Report 2004/331},
- year = {2004},
- url = {http://eprint.iacr.org/2004/331},
- note = "Full version of \cite{Bellare:2006:STE}"
-}
-
-@Article{Shoup:2001:OR,
- author = "Victor Shoup",
- title = "{OAEP} Reconsidered",
- journal = "Lecture Notes in Computer Science",
- volume = "2139",
- pages = "239--??",
- year = "2001",
- CODEN = "LNCSD9",
- ISSN = "0302-9743",
- bibdate = "Sat Feb 2 13:05:41 MST 2002",
- bibsource = "http://link.springer-ny.com/link/service/series/0558/tocs/t2139.htm",
- URL = "http://link.springer-ny.com/link/service/series/0558/bibs/2139/21390239.htm;
- http://link.springer-ny.com/link/service/series/0558/papers/2139/21390239.pdf",
- acknowledgement = "Nelson H. F. Beebe, Center for Scientific
- Computing, University of Utah, Department of
- Mathematics, 110 LCB, 155 S 1400 E RM 233, Salt Lake
- City, UT 84112-0090, USA, Tel: +1 801 581 5254, FAX: +1
- 801 581 4148, e-mail: \path|beebe@math.utah.edu|,
- \path|beebe@acm.org|, \path|beebe@computer.org|,
- \path|beebe@ieee.org| (Internet), URL:
- \path|http://www.math.utah.edu/~beebe/|",
-}
-
-@Article{Canetti:2004:ROM,
- author = "Ran Canetti and Oded Goldreich and Shai Halevi",
- title = "The random oracle methodology, revisited",
- journal = "Journal of the ACM",
- volume = "51",
- number = "4",
- pages = "557--594",
- month = jul,
- year = "2004",
- CODEN = "JACOAH",
- ISSN = "0004-5411",
- bibdate = "Sat Jul 10 09:49:01 MDT 2004",
- bibsource = "http://portal.acm.org/",
- acknowledgement = "Nelson H. F. Beebe, University of Utah, Department
- of Mathematics, 110 LCB, 155 S 1400 E RM 233, Salt Lake
- City, UT 84112-0090, USA, Tel: +1 801 581 5254, FAX: +1
- 801 581 4148, e-mail: \path|beebe@math.utah.edu|,
- \path|beebe@acm.org|, \path|beebe@computer.org|
- (Internet), URL:
- \path|http://www.math.utah.edu/~beebe/|",
-}
-
-@Article{Boneh:2003:IBE,
- author = "Dan Boneh and Matthew Franklin",
- title = "Identity-Based Encryption from the {Weil} Pairing",
- journal = "SIAM Journal on Computing",
- volume = "32",
- number = "3",
- pages = "586--615",
- month = jun,
- year = "2003",
- CODEN = "SMJCAT",
- doi = "http://dx.doi.org/10.1137/S0097539701398521",
- ISSN = "0097-5397 (print), 1095-7111 (electronic)",
- bibdate = "Wed Aug 20 06:43:35 MDT 2003",
- bibsource = "http://epubs.siam.org/sam-bin/dbq/toclist/SICOMP/32/3",
- URL = "http://epubs.siam.org/sam-bin/dbq/article/39852",
- acknowledgement = "Nelson H. F. Beebe, University of Utah, Department
- of Mathematics, 110 LCB, 155 S 1400 E RM 233, Salt Lake
- City, UT 84112-0090, USA, Tel: +1 801 581 5254, FAX: +1
- 801 581 4148, e-mail: \path|beebe@math.utah.edu|,
- \path|beebe@acm.org|, \path|beebe@computer.org|
- (Internet), URL:
- \path|http://www.math.utah.edu/~beebe/|",
- doi-url = "http://dx.doi.org/10.1137/S0097539701398521",
-}
-
-
-@Article{ElGamal:1985:PKC,
- author = "Taher ElGamal",
- booktitle = "Advances in cryptology (Santa Barbara, Calif., 1984)",
- title = "A public key cryptosystem and a signature scheme based
- on discrete logarithms",
- journal = "Lecture Notes in Computer Science",
- volume = "196",
- pages = "10--18",
- year = "1985",
- CODEN = "LNCSD9",
- ISSN = "0302-9743",
- MRclass = "94A60 (11T71 68P25)",
- MRnumber = "87b:94037",
- mrnumber-url = "http://www.ams.org/mathscinet-getitem?mr=87b%3a94037",
-}
-
-@misc{Menezes:2005:IPB,
- author = "Alfred Menezes",
- title = "An Introduction to Pairing-Based Cryptography",
- url = "http://www.cacr.math.uwaterloo.ca/~ajmeneze/publications/pairings.pdf",
- note = "Notes from lectures given in Santander, Spain",
- year = "2005"
-}
-
-@misc{Stinson:2006:EST,
- author = {D.R. Stinson and J. Wu},
- title = {An Efficient and Secure Two-flow Zero-Knowledge Identification Protocol},
- howpublished = {Cryptology ePrint Archive, Report 2006/337},
- year = {2006},
- url = {http://eprint.iacr.org/2006/337},
-}
-
-@misc{DiRaimondo:2006:DAK,
- author = {Mario Di Raimondo and Rosario Gennaro and Hugo Krawczyk},
- title = {Deniable Authentication and Key Exchange},
- howpublished = {Cryptology ePrint Archive, Report 2006/280},
- year = {2006},
- url = {http://eprint.iacr.org/2006/280},
-}
-
-@misc{SEC1,
- author = "{Certicom Research}",
- title = "Standards for Efficient Cryptography, {SEC} 1: {E}lliptic curve cryptography, Version 1.0",
- year = "2000",
- url = "http://www.secg.org/download/aid-385/sec1_final.pdf"
-}
-
-@proceedings{DBLP:conf/fse/2001,
- editor = {Mitsuru Matsui},
- title = {Fast Software Encryption, 8th International Workshop, FSE 2001
- Yokohama, Japan, April 2-4, 2001, Revised Papers},
- booktitle = {FSE},
- publisher = {Springer},
- series = {Lecture Notes in Computer Science},
- volume = {2355},
- year = {2002},
- isbn = {3-540-43869-6},
- bibsource = {DBLP, http://dblp.uni-trier.de}