%% URL: "http://theory.lcs.mit.edu/~rivest/crypto.bib"
%% Maintained by Be Hubbard and Ronald L. Rivest.
%% Last updated 4/2/95 (1268 entries)
%% This bibliography contains COMPLETE listings for:
%%    CRYPTO '81--'94, EUROCRYPT '84, AUSCRYPT'90
%%    Burg Feuerstein '82
%% and PARTIAL lists for many other conferences.
%% We are in the process of merging into this bibliography the
%% bibliography from "Cryptography: Theory and Practice" by Doug
%% Stinson (CRC Press, 1995).  An excellent book! (Thanks, Doug)

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%% Various journal and conference string definitions:
@string{ASIACRYPT91 = "Advances in Cryptology--ASIACRYPT '91"}
@string{AUSCRYPT90 = "Advances in Cryptology--AUSCRYPT '90"}
@string{CACM = {Communications of the ACM}}
@string{JCSS = {JCSS}}
@string{SIAM = {SIAM J.\ Computing}}
@string{ACM =  {ACM}}
@string{IEEE = {IEEE}}
@string{AFIPS = {AFIPS}}
@string{CRYPTO81 = "Advances in Cryptology: A Report on CRYPTO 81"}
@string{CRYPTO82 = "Proc.\ CRYPTO 82"}
@string{CRYPTO83 = "Proc.\ CRYPTO 83"}
@string{CRYPTO84 = "Proc.\ CRYPTO 84"}
@string{CRYPTO85 = "Proc.\ CRYPTO 85"}
@string{CRYPTO86 = "Proc.\ CRYPTO 86"}
@string{CRYPTO87 = "Proc.\ CRYPTO 87"}
@string{CRYPTO88 = "Proc.\ CRYPTO 88"}
@string{CRYPTO89 = "Proc.\ CRYPTO 89"}
@string{CRYPTO90 = "Proc.\ CRYPTO 90"}
@string{CRYPTO91 = "Proc.\ CRYPTO 91"}
@string{CRYPTO92 = "Proc.\ CRYPTO 92"}
@string{CRYPTO93 = "Proc.\ CRYPTO 93"}
@string{CRYPTO94 = "Proc.\ CRYPTO 94"}
@string{CRYPTO94 = "Proc.\ CRYPTO 95"}
@string{EUROCRYPT84 = {Proc.\ EUROCRYPT 84}}
@string{EUROCRYPT85 = {Proc.\ EUROCRYPT 85}}
@string{EUROCRYPT86 = {Proc.\ EUROCRYPT 86}}
@string{EUROCRYPT87 = {Proc.\ EUROCRYPT 87}}
@string{EUROCRYPT88 = {Proc.\ EUROCRYPT 88}}
@string{EUROCRYPT89 = {Proc.\ EUROCRYPT 89}}
@string{EUROCRYPT90 = {Proc.\ EUROCRYPT 90}}
@string{EUROCRYPT91 = {Proc.\ EUROCRYPT 91}}
@string{EUROCRYPT92 = {Proc.\ EUROCRYPT 92}}
@string{EUROCRYPT93 = {Proc.\ EUROCRYPT 93}}
@string{EUROCRYPT94 = {Proc.\ EUROCRYPT 94}}
@string{EUROCRYPT95 = {Proc.\ EUROCRYPT 95}}
@string{FOCS77 = {Proc.\ $18$th IEEE Symp.\ on Foundations of Comp.\ Science}}
@string{FOCS78 = {Proc.\ $19$th IEEE Symp.\ on Foundations of Comp.\ Science}}
@string{FOCS79 = {Proc.\ $20$th IEEE Symp.\ on Foundations of Comp.\ Science}}
@string{FOCS80 = {Proc.\ $21$st IEEE Symp.\ on Foundations of Comp.\ Science}}
@string{FOCS81 = {Proc.\ $22$nd IEEE Symp.\ on Foundations of Comp.\ Science}}
@string{FOCS82 = {Proc.\ $23$rd IEEE Symp.\ on Foundations of Comp.\ Science}}
@string{FOCS83 = {Proc.\ $24$th IEEE Symp.\ on Foundations of Comp.\ Science}}
@string{FOCS84 = {Proc.\ $25$th IEEE Symp.\ on Foundations of Comp.\ Science}}
@string{FOCS85 = {Proc.\ $26$th IEEE Symp.\ on Foundations of Comp.\ Science}}
@string{FOCS86 = {Proc.\ $27$th IEEE Symp.\ on Foundations of Comp.\ Science}}
@string{FOCS87 = {Proc.\ $28$th IEEE Symp.\ on Foundations of Comp.\ Science}}
@string{FOCS88 = {Proc.\ $29$th IEEE Symp.\ on Foundations of Comp.\ Science}}
@string{FOCS89 = {Proc.\ $30$th IEEE Symp.\ on Foundations of Comp.\ Science}}
@string{FOCS90 = {Proc.\ $31$st IEEE Symp.\ on Foundations of Comp.\ Science}}
@string{FOCS91 = {Proc.\ $32$nd IEEE Symp.\ on Foundations of Comp.\ Science}}
@string{FOCS92 = {Proc.\ $33$rd IEEE Symp.\ on Foundations of Comp.\ Science}}
@string{FOCS93 = {Proc.\ $34$th IEEE Symp.\ on Foundations of Comp.\ Science}}
@string{FOCS94 = {Proc.\ $35$th IEEE Symp.\ on Foundations of Comp.\ Science}}
@string{FOCS95 = {Proc.\ $36$th IEEE Symp.\ on Foundations of Comp.\ Science}}
@string{STOC79 = {Proc.\ $11$th ACM Symp.\ on Theory of Computing}}
@string{STOC80 = {Proc.\ $12$th ACM Symp.\ on Theory of Computing}}
@string{STOC81 = {Proc.\ $13$th ACM Symp.\ on Theory of Computing}}
@string{STOC82 = {Proc.\ $14$th ACM Symp.\ on Theory of Computing}}
@string{STOC83 = {Proc.\ $15$th ACM Symp.\ on Theory of Computing}}
@string{STOC84 = {Proc.\ $16$th ACM Symp.\ on Theory of Computing}}
@string{STOC85 = {Proc.\ $17$th ACM Symp.\ on Theory of Computing}}
@string{STOC86 = {Proc.\ $18$th ACM Symp.\ on Theory of Computing}}
@string{STOC87 = {Proc.\ $19$th ACM Symp.\ on Theory of Computing}}
@string{STOC88 = {Proc.\ $20$th ACM Symp.\ on Theory of Computing}}
@string{STOC89 = {Proc.\ $21$st ACM Symp.\ on Theory of Computing}}
@string{STOC90 = {Proc.\ $22$nd ACM Symp.\ on Theory of Computing}}
@string{STOC91 = {Proc.\ $23$rd ACM Symp.\ on Theory of Computing}}
@string{STOC92 = {Proc.\ $24$th ACM Symp.\ on Theory of Computing}}
@string{STOC93 = {Proc.\ $25$th ACM Symp.\ on Theory of Computing}}
@string{STOC94 = {Proc.\ $26$th ACM Symp.\ on Theory of Computing}}
@string{STOC95 = {Proc.\ $27$th ACM Symp.\ on Theory of Computing}}
@string{PODC87 = {Proc.\ $6$th ACM Symp.\ on Principles of Distributed Computation}}
@string{PODC86 = {Proc.\ $5$th ACM Symp.\ on Principles of Distributed Computation}}
@string{PODC95 = {Proc.\ $14$th ACM Symp.\ on Principles of Distributed Computation}}

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%% Sorted into order by latex key value

@inproceedings{AbadiAlBrFeHe88,
author =       {M. Abadi and E. Allender and A. Broder and J. Feigenbaum
               and L.A. Hemachandra},
title =        {On Generating Solved Instances of Computational Problems},
pages =        {297--310},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}


@article{AbadiFeKi89,
author =       {Martin Abadi and Joan Feigenbaum and Joe Kilian},
title =        {On Hiding Information from an Oracle},
journal =      {Journal of Computer and Systems Science},
volume =       39,
number =	1,
year =         1989,
pages =        {21--50}
}


@inproceedings{AbadiBuLa92,
author =       {M. Abadi and M. Burrows and B. Lampson},
title =        {A calculus for access control in distributed systems},
pages =        {1--23},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}

@inproceedings{Abadi97,
author =       {Martin Abadi},
title =        {On SDSI's Linked Local Name Spaces},
booktitle =    {Proceedings 10th IEEE Computer Security Foundations Workshop},
month =        Jun,
year =         1997
}

@manual{AccreditedSC81,
author =       {{Accredited Standards Committee X3}},
year =         {1981},
title =        {American National Standard X3.92: Data Encryption Algorithm
               ({DEA})}
}

@manual{AccreditedSC82,
author =       {{Accredited Standards Committee X9}},
year =         {1982},
title =        {American National Standard X9.9: Financial Institution
               Message Authentication}
}

@manual{AccreditedSC85,
author =       {{Accredited Standards Committee X9}},
year =         {1985},
title =        {American National Standard X9.17: Financial Institution
               Key Management (Wholesale)}
}

@manual{AccreditedSC93,
newtag =       {AccreditedSC93},
author =       {{Accredited Standards Committee X9}},
year =         {1993},
title =        {Working Draft: American National Standard X9.30-199X:
               Public Key Cryptography Using Irreversible Algorithms
               for the Financial Services Industry: Part 1: The Digital
               Signature Algorithm (DSA)},
month =        {June 18,}
}

@manual{AccreditedSC93a,
newtag =       {AccreditedSC93a},
author =       {{Accredited Standards Committee X9}},
year =         {1993},
title =        {Working Draft: American National Standard X9.30-1993:
               Public Key Cryptography Using Irreversible Algorithms
               for the Financial Services Industry: Part 2: The Secure
               Hash Algorithm ({SHA})}
}

@manual{AccreditedSC93b,
newtag =       {AccreditedSC93b},
author =       {{Accredited Standards Committee X9}},
year =         {1993},
title =        {Working Draft: American National Standard X9.30-1993:
               Public Key Cryptography Using Irreversible Algorithms
               for the Financial Services Industry: Part 4: Management
               of Symmetric Algorithm Keys Using {Diffie-Hellman}},
month =        {June 4,}
}

@manual{AccreditedSC93c,
newtag =       {AccreditedSC93c},
author =       {{Accredited Standards Committee X9}},
year =         {1993},
title =        {Working Draft: American National Standard X9.31-1992:
               Public Key Cryptography Using Reversible Algorithms
               for the Financial Services Industry: Part 1: The {RSA}
               Signature Algorithm},
month =        {March 7,}
}

@manual{AccreditedSC93d,
newtag =       {AccreditedSC93d},
author =       {{Accredited Standards Committee X9}},
year =         {1993},
title =        {Working Draft: American National Standard X9.31-1992:
               Public Key Cryptography Using Reversible Algorithms
               for the Financial Services Industry: Part 2: The {MDC-2}
               Hash Algorithm},
month =        {June 4,}
}

@manual{AccreditedSC93e,
newtag =       {AccreditedSC93e},
author =       {{Accredited Standards Committee X9}},
year =         {1993},
title =        {Working Draft: American National Standard X9.31-1993:
               Public Key Cryptography Using Reversible Algorithms
               for the Financial Services Industry: Part 4: Management
               of Symmetric Algorithm Keys Using {RSA}},
month =        {June 4,}
}

@manual{AccreditedSC93f,
newtag =       {AccreditedSC93f},
author =       {{Accredited Standards Committee X9}},
year =         {1993},
title =        {Working Draft: American National Standard X9.41-1993:
               Security Services Management for the Financial Services
               Industry},
month =        {August}
}



@phdthesis{Adams90,
author =       {C.M. Adams},
title =        {A formal and practical design procedure for substitution-permutation
               network cryptosystems},
school =       {Queen's University},
year =         1990
}


@article{Adams92,
author =       {Adams, C.M.},
year =         {1992},
title =        {{On Immunity against Biham and Shamir's ``Differential
               Cryptanalysis''}},
journal =      {Information Processing Letters},
volume =       41,
number =       2,
pages =        {77--80}
}

@inproceedings{AdamsMe88,
author =       {Carlisle M. Adams and Henk Meijer},
title =        {Security-related comments regarding McEliece's public-key
               cryptosystem},
pages =        {224--228},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{AdamsTa90,
author =       {Carlisle Adams and Stafford Tavares},
title =        {Good-{S}-boxes are easy to find},
pages =        {612--615},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@article{AdamsTa90a,
author =       {C.M. Adams and S.E. Tavares},
title =        {Generating and counting binary bent sequences},
journal =      {IEEE Transactions on Information Theory},
month =        Sep,
year =         1990,
volume =       36,
number =       5,
pages =        {1170--1173}
}


@article{AdamsTa90b,
author =       {C.M. Adams and S.E. Tavares},
title =        {The Structured Design of Cryptographically Good {S}-Boxes},
journal =      {Journal of Cryptology},
year =         1990,
volume =       3,
number =       1,
pages =        {27--41}
}


@inproceedings{Adleman77,
author =       {L. M. Adleman},
title =        {A Subexponential Algorithm for the Discrete Logarithm
               Problem with Applications to Cryptography},
pages =        {55--60},
booktitle =    FOCS77,
address =      {Providence},
year =         1977,
publisher =    {IEEE}
}


@inproceedings{Adleman82,
author =       {Leonard Adleman},
title =        {Primality Testing},
pages =        {10--10},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@inproceedings{Adleman83,
author =       {L. M. Adleman},
title =        {On Breaking Generalized Knapsack Public Key Cryptosystems},
pages =        {402--412},
booktitle =    STOC83,
publisher =    ACM,
address =      {Boston},
year =         1983
}

@inproceedings{Adleman83a,
author =       {Leonard M. Adleman},
title =        {Implementing an Electronic Notary Public},
pages =        {259--265},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}

@inproceedings{Adleman83b,
author =       {Leonard M. Adleman},
title =        {On Breaking the Iterated {M}erkle-{H}ellman Public-Key
               Cryptosystem},
pages =        {303--308},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}

@techreport{Adleman90,
author =       {L. M. Adleman},
title =        {Factoring Numbers Using Singular Integers},
institution =  {U.S.C. Computer Science Department},
number =       {TR 90-20},
month =        Sep,
year =         1990
}

@inproceedings{Adleman88,
author =       {L.M. Adleman},
title =        {An Abstract Theory of Computer Viruses},
pages =        {354--374},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{Adleman94,
author =       {Leonard M. Adleman},
title =        {Algorithmic Number Theory--The Complexity Contribution},
booktitle =    STOC94,
publisher =    ACM,
address =      {Montreal, Canada},
year =         1994,
pages =        {88--113}
}


@article{Adleman95,
author =       {Leonard M. Adleman},
title =        {A thousand billion billion sums},
journal =      {The Economist},
year =         1995,
pages =        {83--84}
}


@inproceedings{AdlemanDe94,
author =       {Leonard M. Adleman and Johnathan DeMarrais},
title =        {A subexponential algorithm for discrete logarithms
               over all finite fields },
pages =        {147--158},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}

@inproceedings{AdlemanHu87,
author =       {L. M. Adleman and M. A. Huang},
title =        {Recognizing primes in random polynomial time},
pages =        {462--469},
booktitle =    STOC87,
publisher =    ACM,
address =      {New York City},
year =         1987
}

@inproceedings{AdlemanMaMi77,
author =       {L. M. Adleman and K. Manders and G. Miller},
title =        {On taking roots in finite fields},
pages =        {175--177},
booktitle =    FOCS77,
address =      {Providence},
publisher =    IEEE,
year =         1977
}

@article{AdlemanPoRu83,
author =       {L. M. Adleman and C. Pomerance and R. S. Rumely},
title =        {On distinguishing prime numbers from composite numbers},
journal =      {Ann. Math.},
volume =       117,
year =         1983,
pages =        {173--206}
}



@inproceedings{Agnew85, author = {Gordon B. Agnew}, title = {Secrecy
and Privacy in a Local Area Network Environment}, pages = {349--363},
booktitle = EUROCRYPT84, editor = {T. Beth and N. Cot and I.
Ingemarsson}, note = {Lecture Notes in Computer Science No.\ 209},
publisher = {Springer-Verlag}, year = 1985 }


@inproceedings{AgnewMuVa88,
author =       {Agnew, G.B. and Mullin, R.C. and Vanstone, S.A.},
year =         1988,
title =        {A secure public key protocol based on discrete exponentiation},
booktitle =    {Advances in Cryptology --- Eurocrypt '88},
editor =       {C.G. {G\"{u}nther}},
publisher =    {Springer-Verlag},
address =      {Berlin},
pages =        {159--166}
}


@inproceedings{AielloBeVe95,
author =       {William Aiello and Mihir Bellare and Ramarathnam Venkatesan},
title =        {Knowledge on the Average--- Perfect, Statistical and
               Logarithmic},
pages =        {469-478},
booktitle =    STOC95,
publisher =    ACM,
address =      {Las Vegas},
year =         1995
}

@article{AielloGoHa90,
author =       {W. Aiello and S. Goldwasser and J. Hastad},
title =        {On the Power of Interaction},
journal =      {Combinatorica},
volume =       10,
number =       1,
year =         1990,
pages =        {3-25}
}

@article{AielloHa91,
author =       {W. Aiello and J. Hastad},
title =        {Statistical Zero Knowledge Can Be Recognized in Two
               Rounds},
journal =      JCSS,
volume =       42,
year =         1991,
pages =        {327--345}
}


@inproceedings{Akl84,
author =       {Selim G. Akl},
title =        {On the Security of Compressed Encodings},
pages =        {209--230},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}


@inproceedings{AklMe85,
author =       {Selim G. Akl and Henk Meijer},
title =        {A Fast Pseudo Random Permutation Generator with Applications
               to Cryptology},
pages =        {269--275},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}


@inproceedings{AklTa83,
author =       {Selim G. Akl and Peter D. Taylor},
title =        {Cryptographic Solution to a Multilevel Security Problem},
pages =        {237--249},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}

@inproceedings{AlexiChGoSc84,
author =       {W. B. Alexi and B. Chor and O. Goldreich and C. P.
               Schnorr},
title =        {{RSA/Rabin} bits are ${1/2} + {1/{poly(\log(N))}}$
               Secure},
pages =        {449--457},
booktitle =    FOCS84,
address =      {Singer Island},
publisher =    IEEE,
year =         1984
}

@article{AlexiChGoSc88,
author =       {W. B. Alexi and B. Chor and O. Goldreich and C. P.
               Schnorr},
title =        {{RSA}/{Rabin} functions: certain parts are as hard
               as the whole},
pages =        {194--209},
journal =      {SIAM J. Computing},
year =         1988,
month =        Apr,
volume =       17,
number =       2
}

@INPROCEEDINGS{Alagar90,
author =       {V.S. Alagar},
title =        {Range Equations and Range Matrices: A Study in Statistical
               Database Security},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {360--385}
}


@inproceedings{AlonGaYu,
author =       {N. Alon and Z. Galil and M. Yung},
year =         1995,
title =        {Verifiable secret sharing and achieving simultaneity
               in the presence of faults},
booktitle =    {Proc.\ 3rd Annual European Symposium on Algorithmns},
series =       {Lecture Notes in Computer Science 979},
volume =       {ESA 95},
publisher =    {Springer Verlag},
pages =        {523--537}
}

@article{AlonGoHaPe92,
author =       {N. Alon and O. Goldreich and J. Hastad and R. Peralta},
title =        {Simple Constructions of Almost $k-$wise Independent
               Random Variables},
journal =      {Journal of Random Structures and Algorithms},
volume =       3,
number =       3,
year =         1992,
pages =        {289--304}
}

@article{AlpernSc83,
author =       {B. Alpern and F. B. Schneider},
title =        {Key exchange using `Keyless Cryptography'},
journal =      {Information Processing Letters},
volume =       16,
year =         1983,
pages =        {79--81}
}

@Article{AmaKan95,
        Author =        "E. Amaldi and V. Kann",
        Title =         "The complexity and approximability of finding
                         maximum feasible subsystems of linear relations",
        Journal =       "Theoret. Comput. Sci.",
        Volume =        "147",
        Year =          "1995",
        Pages =         "181--210"
}

@manual{AmeritechMob93,
newtag =       {AmeritechMob93},
author =       {{Ameritech Mobile Communications {\em et al}}},
year =         {1993},
title =        {Cellular Digital Packet Data System Specifications:
               Part 406: Airlink Security}
}



@article{AmesGaSc83, 
author = 	{S. Ames and M. Gasser and R. Schell}, 
title = 	{Security Kernel Design and Implementation; An Introduction}, 
journal = 	{IEEE Computer},
volume = 	16,
number = 	7,
year = 		1983
}


@INPROCEEDINGS{Ames90,
author =       {M. Ames},
title =        {Secure Cryptographic Initialization},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {451--462}
}


@inproceedings{AmiraziziHe82,
author =       {Hamid Amirazizi and Martin E. Hellman},
title =        {Time-Memory-Processor Tradeoffs},
pages =        {7-9},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}

@inproceedings{AmiraziziKaRe82,
author =       {Hamid Amirazizi and Ehud Karnin and Justin Reyneri},
title =        {A Polynomial Time Solution for Compact Knapsacks},
pages =        {17--19},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}

@techreport{Anderson72, 
author = 	{J.P. Anderson}, 
title = 	{Computer Security Technology Planning Study}, 
institution = 	{Hanscom AFB}, 
number = 	{ESD--TR--73--51}, 
month = 	{October}, 
year = 		1972
}
% note: not in class file cabinet yet


@article{Anderson93,
author =       {Ross Anderson},
year =         1993,
title =        {A Practical {RSA} Trapdoor},
journal =      {Electronics Letters},
volume =       29,
number =       11,
month =        {27 May},
pages =        995
}

@article{Anderson94,
author =       {Ross J. Anderson},
title =        {Why Cryptosystems Fail},
journal =      {Communications of the ACM},
month =        Nov,
year =         1994,
volume =       37,
number =       11,
pages =        {32--41}
}

@inproceedings{AndersonBi96,
author =       {Ross Anderson and Eli Biham},
title =        {Two Practical and Probably Secure Block Ciphers:
                {BEAR} and {LION}},
pages =        {114--120},
booktitle =    {Fast Software Encryption},
editor =       {Dieter Gollman},
publisher =    {Springer},
year =         1996,
note =         {(Proceedings Third International Workshop,
                Feb.\ 1996, Cambridge, UK)}
}

@misc{AndersonMaSu95,
author =       {Ross Anderson and Harry Manifavas and Chris Sutherland},
title =        {A Practical Electronic Cash System},
institution =  {Computer Laboratory, Pembroke Street, Cambridge {CB2 3QG},
                U.K.},
year =         1995,
note =         {Available from author: {\tt Ross.Anderson@cl.cam.ac.uk}}
}

@book{Andrews76,
title =        {The Theory of Partitions},
author =       {George E. Andrews},
publisher =    {Addison-Wesley},
year =         1976,
volume =       2,
series =       {Encyclopedia of Mathematics and its Applications}
}

@techreport{Angluin82,
author =       {D. Angluin},
title =        {Lecture notes on the complexity of some problems in
               number theory},
institution =  {Yale University Computer Science Department},
year =         1982,
month =        Aug,
number =       {TR-243}
}

@techreport{AngluinLi83,
author =       {D. Angluin and D. Lichtenstein},
title =        {Provable Security of Cryptosystems: A Survey},
institution =  {Yale University Department of Computer Science},
month =        Oct,
year =         1983,
number =       {TR-288}
}

@INPROCEEDINGS{AnthonyMaSeWi90,
author =       {M.H.G. Anthony and K.M. Martin and J. Seberry and P.
               Wild},
title =        {Some Remarks on Authentication Systems},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {122--139}
}

@book{Anton91,
author =       {H. Anton},
title =        {Elementary Linear Algebra (Sixth Edition)},
publisher =    {John Wiley and Sons},
year =         1991
}

@book{Apostol76,
author =       {Tom M. Apostol},
title =        {Introduction to Analytic Number Theory},
publisher =    {Springer-Verlag},
year =         1976
}

@techreport{AokiOhArMa94,
author =       {Aoki, K. and Ohta, K. and Araki, S. and Matsui, M.},
year =         {1994},
title =        {Linear Cryptanalysis of {FEAL-8} (Experimentation Report)},
institution =  {IEICE},
number =       {ISEC 94-6 (1994-05)}
}

@InProceedings{AroraLuMoSuSz91,
author =       {Sanjeev Arora and Carsten Lund and Rajeev Motwani and
               Madhu Sudan and Mario Szegedy},
title =        {Proof Verification and Hardness of Approximation Problems},
month =        {October},
year =         {1991},
booktitle =    {Proc.\ 33rd IEEE Foundations of Computer Science},
pages =        {14--23}
}

@article{AsmuthBl81,
author =       {C. A. Asmuth and G. R. Blakley},
title =        {An efficient algorithm for constructing a cryptosystem
               which is harder to break than two other cryptosystems},
journal =      {Comp.\ and Maths.\ with Appls.},
year =         1981,
volume =       7,
pages =        {447--450}
}

@inproceedings{AumannFe94,
author =       {Yonatan Aumann and Uriel Feige},
title =        {On message proof systems with known space verifiers},
pages =        {85--99},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}

@inproceedings{AvisTa83,
author =       {G.M. Avis and S.E. Tavares},
title =        {Using Data Uncertainty to Increase the Crypto-Complexity
               of Simple Private Key Enciphering Schemes},
pages =        {139--143},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}

@inproceedings{AwerbuchChGoMi86,
author =       {Awerbuch, B. and Chor, B. and Goldwasser, S. and Micali,
               S.},
year =         1986,
title =        {Verifiable secret sharing and achieving simultaneity
               in the presence of faults},
booktitle =    {Proc.\ 26th Annual IEEE Symp.\ of Foundations of Computer
               Science},
publisher =    {IEEE},
address =      {New York},
pages =        {383--395}
}

@inproceedings{Bach83,
author =       {Eric Bach},
title =        {How to generate factored random numbers},
pages =        {184--188},
booktitle =    Stoc83,
publisher =    Acm,
address =      {Boston},
year =         1983
}

@Article{Bach88,
author =       {Eric Bach},
title =        {How to generate factored random numbers},
pages =        {179--193},
journal =      {SIAM J. Computing},
year =         1988,
month =        Apr,
volume =       17,
number =       2
}

@inproceedings{Bach88a,
author =       {Eric Bach},
title =        {Intractable Problems in Number Theory},
pages =        {77--93},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No. 403 },
publisher =    {Springer-Verlag},
year =         1988
}

@incollection{Bach90,
author =       {Eric Bach},
title =        {Number-Theoretic Algorithms},
booktitle =    {Annual Review of Computer Science},
publisher =    {Annual Reviews, Inc.},
addr =         {Palo Alto},
year =         1990,
volume =       4,
pages =        {119--172}
}

@article{Bach91,
author =       {Eric Bach},
title =        {Toward a Theory of {Pollard's Rho} Method},
journal =      {Information and Computation},
volume =       90,
year =         1991,
number =       2,
month =        Feb,
pages =        {139--155},
comment =      {Rigorous approach, in contrast to usual heuristic analysis.
               Proves rigorously that for $n=pq$, with $p<q$, that
               the chance of successfully factoring $n$ in the first
               $\frac{1}{4}\lg(n)$ steps is at least $\Omega(\log^2(p))/p$.}
}

@article{BachMiSh86,
author =       {Eric Bach and Gary Miller and Jeffrey Shlalit},
title =        {Sums of Divisors, Perfect Numbers, and Factoring},
journal =      {{SIAM} Journal of Computing},
year =         1986,
month =        Nov,
volume =       15,
number =       4,
pages =        {1143--1154}
}

@techreport{Baldwin88, 
author = 	{Robert Baldwin}, 
title =		{Rule Based Analysis of Computer Security},
institution = 	{MIT Laboratory for Computer Science},
number = 	{TR--401},
month = 	{March},
year =		1988
}


@manual{Balenson93,
author =       {Balenson, D.},
year =         1993,
month =        {February},
title =        {{RFC} 1423: Privacy Enhancement for Internet Electronic
               Mail: Part {III} -- Algorithms, Modes, and Identifiers},
organization = {Internet Activities Board}
}


@book{Bamford82,
author =       {James Bamford},
title =        {The Puzzle Palace -- A Report on {NSA}, America's Most
               Secret Agency},
publisher =    {Houghton Miflin},
address =      {Boston},
year =         1982
}


@inproceedings{BaoIg95,
author =       {Feng Bao and Yoshihide Igarashi},
title =        {Break Finite Automata Public Key Cryptosystem},
booktitle =    {ICALP},
note =         {Lecture Notes in Computer Science},
year =         1995,
pages =        {147--158}
}


@inproceedings{BaritaudCaChGi92,
author =       {Thierry Baritaud and Mireille Campana and Pascal Chauvaud
               and Henri Gilbert},
title =        {On the Security of the Permuted Kernel Identification
               Scheme},
pages =        {305--311},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No. 740},
publisher =    {Springer-Verlag},
year =         1992
}

@inproceedings{BaritaudGiGi93,
author =       {Baritaud, T. and Gilbert, H. and Girault, M.},
year =         1993,
title =        {{FFT} Hashing is not Collision-free},
booktitle =    {Advances in Cryptology --- Eurocrypt '92},
editor =       {R.A. Rueppel},
pages =        {35--44},
publisher =    {Springer-Verlag},
address =      {Berlin}
}

@article{Barlow92,
author =       {Barlow, J.P.},
year =         1992,
month =        {July},
title =        {Decrypting the puzzle palace},
journal =      {Communications of the ACM},
volume =       35,
number =       7,
pages =        {25--31}
}

@inproceedings{Barrett87,
author =       {Paul Barrett},
title =        {Implementing the Rivest Shamir and Adleman public 
               key encryption algorithm on a standard digital signal
               processor},
pages =        {311--323},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@inproceedings{BarrettEi90,
author =       {Paul Barrett and Raymund Eisele},
title =        {The smart diskette -- a universal user token and personal
               crypto-engine},
pages =        {74--81},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{Bauer83,
author =       {Friedrich L. Bauer},
title =        {Cryptology - Methods and Maxims},
pages =        {31--48},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@inproceedings{BayerHaSt92,
author =       {Bayer, D. and Haber, S. and Stornetta, W.S.},
year =         {1992},
title =        {Improving the efficiency and reliablility of digital
               time-stamping},
booktitle =    {Sequences '91: Methods in Communication, Security,
               and Computer Science},
pages =        {329--334},
editor =       {Capocelli, R.M.},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@inproceedings{BeaucheminBr88,
author =       {Pierre Beauchemin and Gilles Brassard},
title =        {A generalization of Hellman's extension of Shannon's
               approach to cryptography},
pages =        {461--461},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{BeaucheminBrCr87,
author =       {Pierre Beauchemin and Gilles Brassard and Claude Cr\'epeau},
title =        {Two observations on probabilistic primality testing},
pages =        {443--450},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}

@article{BeaucheminBrCrGoPo88,
author =       {Pierre Beauchemin and Gilles Brassard and Claude Cr\'epeau
               and Claude Goutier and Carl Pomerance},
title =        {The Generation of Random Numbers That Are Probably
               Prime},
journal =      {Journal of Cryptology},
year =         1988,
volume =       1,
pages =        {53--64},
comment =      {Earlier version in CRYPTO 86 Proceedings.}
}

@inproceedings{Becker82,
author =       {H.J. Becker},
title =        {Nonlinear Feedback Shift Register Sequences},
pages =        {121--123},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@inproceedings{Beaver90,
author =       {Donald Beaver},
title =        {Multiparty protocols tolerating half faulty processors},
pages =        {560--572},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}

@inproceedings{Beaver92,
author =       {D. Beaver},
title =        {Foundations of secure interactive computing},
pages =        {377--391},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}


@inproceedings{Beaver92a,
author =       {D. Beaver},
title =        {Efficient multiparty protocols using circuit randomization},
pages =        {420--432},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}


@inproceedings{BeaverFeKiRo91,
author =       {D. Beaver and J. Feigenbaum and J. Kilian and P. Rogaway},
title =        {Security with Low Communication Overhead},
pages =        {62--76},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}


@techreport{BeaverFeOsSh93,
author = 	{Donald Beaver and Joan Feigenbaum and Rafail 
		 Ostrovsky and Victor Shoup},
title =		{Instance-Hiding Proof Systems},
institution = 	{DIMACS Center for Discrete Mathematics and
		 Theoretical Computer Science},
number = 	{TR--93-65},
month = 	Sep,
year =		1993
}



@inproceedings{BeaverFeSh91,
author =       {D. Beaver and J. Feigenbaum and V. Shoup},
title =        {Hiding Instances in Zero-Knowledge Proof Systems},
pages =        {326--338},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}

@inproceedings{BeaverGo90,
author =       {Donald Beaver and Shafi Goldwasser},
title =        {Multiparty computation with faulty majority},
pages =        {589--590},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{BeimelCh92,
author =       {Amos Beimel and Benny Chor},
title =        {Universally Ideal Secret Sharing Schemes},
pages =        {183--195},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}


@inproceedings{BeimelCh94,
author =       {Amos Beimel and Benny Chor},
title =        {Interaction in key distribution schemes},
pages =        {456--479},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}


@inproceedings{Beker83,
author =       {H.J. Beker},
title =        {Analogue Speech Security Systems},
pages =        {130--146},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@book{BekerPi82,
author =       {H. Beker and F. Piper},
title =        {Cipher Systems: The Protection of Communications},
publisher =    {Northwood},
address =      {London},
year =         1982
}

@inproceedings{BekerWa85,
author =       {Henry Beker and Michaell Walker},
title =        {Key Management for Secure Electronic Funds Transfer
               in a Retail Environment},
pages =        {401--410},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}


@techreport{BellLa73, 
author = 	{D. Bell and L. La{P}adula}, 
title = 	{Secure Computer Systems: Mathematical Foundations}, 
institution = 	{{MITRE} Corporation}, 
number = 	{ESD-TR-73-278}, 
year = 		1973
}



@techreport{BellareBaChGu94,
author =       {Mihir Bellare and Erol Basturk and Chee-Seng Chow and
               Roch Gu\'{e}rin},
title =        {Secure Transport Protocols for High Speed Networks},
institution =  {IBM},
number =       {RC 19981},
month =        Jan,
year =         1994
}


@inproceedings{BellareBeFeGo91,
author =       {Mihir Bellare and Richard Beigel and Joan Feigenbaum
               and Shafi Goldwasser},
title =        {Languages that are Easier than their Proofs},
pages =        {19--28},
booktitle =    FOCS91,
publisher =    IEEE,
address =      {San Juan},
year =         1991
}


@inproceedings{BellareCoGo90,
author =       {Mihir Bellare and Lenore Cowen and Shafi Goldwasser},
title =        {On the structure of secret key exchange protocols},
pages =        {604--606},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}

% This is the final version of what appears in your bib as BellareCoGo90.
% (The entry above is actually not a paper, just a one page "rump session
% abstract" in Crypto).

@inproceedings{BellareCoGo91,
author =       {Mihir Bellare and Lenore Cowen and Shafi Goldwasser},
title =        {On the structure of secret key exchange protocols},
pages =        {79--92},
booktitle =    {Distributed Computing and Cryptography},
editor =       {J.~Feigenbaum and M.~Merritt},
note =         {Dimacs Series in Discrete Mathematics and Theoretical
               Computer Science, Volume 2},
publisher =    {AMS/ACM},
year =         1991
}


@inproceedings{BellareFeKi95,
author =       {Mihir Bellare and Uri Feige and Joe Kilian},
title =        {On the Role of Shared Randomness in Two Prover Proof
               Systems},
pages =        {199--208},
booktitle =    {ISTCS95},
publisher =    {IEEE},
address =      {Tel Aviv},
year =         1995
}

@inproceedings{BellareGaHaHeKrStTsWa95,
author =	{M.~Bellare and J.~Garay and R.~Hauser and A.~Herzberg, 
		 H.~Krawczyk and M.~Steiner and G.~Tsudik and M.~Waidner},
title =        	{$i$KP -- A Family of Secure Electronic Payment Protocols},
pages =        {1--20},
booktitle =    {Proceedings of the Usenix Electronic Commerce Workshop},
year =         1995
}


@inproceedings{BellareGo90,
author =       {Mihir Bellare and Shafi Goldwasser},
title =        {New paradigms for digital signatures and message authentication
               based on non-interative zero knowledge proofs},
pages =        {194--211},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{BellareGo92,
author =       {Mihir Bellare and Oded Goldreich},
title =        {On Defining Proofs of Knowledge},
pages =        {390--420},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}


@article{BellareGo94,
author =       {Mihir Bellare and Shafi Goldwasser},
title =        {The complexity of decision versus search},
journal =      {SIAM Journal of Computing},
year =         1994,
month =        Feb,
volume =       23,
number =       1,
pages =        {97--119}
}


@techreport{BellareGo95,
author =       {Mihir Bellare and Shafi Goldwasser},
title =        {Verifiable Partial Key Escrow},
institution =  {Dept. of Computer Science and Engineering, U.C. San Diego},
number =       {CS95-447},
year =         1995,
month =        Oct
}

@inproceedings{BellareGoGo90,
author =       {Mihir Bellare and Oded Goldreich and Shafi Goldwasser},
title =        {Randomness in Interactive Proofs},
pages =        {563--573},
booktitle =    FOCS90,
publisher =    IEEE,
address =      {St.~Louis},
year =         1990
}

% Journal version of BellareGoGo90:

@article{BellareGoGo93,
author =       {Mihir Bellare and Oded Goldreich and Shafi Goldwasser},
title =        {Randmoness in Interactive Proofs},
journal =      {Computational Complexity},
volume =       4,
number =       4,
year =         1993,
pages =        {319--354}
}


@inproceedings{BellareGoGo94,
author =       {Mihir Bellare and Oded Goldreich and Shafi Goldwasser},
title =        {Incremental cryptography: the case of hashing and signing},
pages =        {216--233},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}


@inproceedings{BellareGoGo95,
author =       {Mihir Bellare and Oded Goldreich and Shafi Goldwasser},
title =        {Incremental Cryptography with Application to Virus
               Protection},
pages =        {45-56},
booktitle =    STOC95,
publisher =    ACM,
address =      {Las Vegas},
year =         1995
}



@techreport{BellareGuRo95,
author =       {Mihir Bellare and Roch Gu\'{e}rin and Phillip Rogaway},
title =        {{XOR MACs}: New Methods for Message Authentication
               Using Block Ciphers},
institution =  {IBM Research Report},
number =       {RC 19970},
month =        Mar,
year =         1995
}      

@inproceedings{BellareGuRo95b,
author =       {Mihir Bellare and Roch Gu\'{e}rin and Phillip Rogaway},
title =        {{XOR MACs}: New Methods for Message Authentication
               Using Finite Pseudorandom Functions},
pages =        {15--28},
booktitle =    CRYPTO95,
editor =       {Don Coppersmith},
note =         {Lecture Notes in Computer Science No.\ 963},
publisher =    {Springer},
year =         1995
}      

@inproceedings{BellareKiRo94,
author =       {Mihir Bellare and Joe Kilian and Phillip Rogaway},
title =        {The security of cipher block chaining},
pages =        {341--358},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}


@inproceedings{BellareMi88,
author =       {Mihir Bellare and Silvio Micali},
title =        {How to Sign Given Any Trapdoor Function},
pages =        {32--42},
booktitle =    STOC88,
publisher =    ACM,
address =      {Chicago},
year =         1988
}

@inproceedings{BellareMi88a,
author =       {Mihir Bellare and Silvio Micali},
title =        {How to Sign Given Any Trapdoor Function},
pages =        {200--215},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No. 403 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{BellareMi90a,
author =       {Mihir Bellare and Silvio Micali},
title =        {Non-interactive oblivious transfer and applications},
pages =        {547--559},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@article{BellareMi92,
author =       {Mihir Bellare and Silvio Micali},
title =        {How to Sign Given Any Trapdoor Permutation},
journal =      {Journal of the ACM},
volume =       39,
number =       1,
year =         1992,
month =        Jan,
pages =        {214--233}
}

@inproceedings{BellareMiOs90a,
author =       {Mihir Bellare and Silvio Micali and Rafail Ostrovsky},
title =        {Perfect Zero-Knowledge in Constant Rounds},
pages =        {482--493},
booktitle =    STOC90,
publisher =    ACM,
address =      {Baltimore},
year =         1990
}

@inproceedings{BellareMiOs90b,
author =       {Mihir Bellare and Silvio Micali and Rafail Ostrovsky},
title =        {The (True) Complexity of Statistical Zero-Knowledge},
pages =        {494--502},
booktitle =    STOC90,
publisher =    ACM,
address =      {Baltimore},
year =         1990
}


@inproceedings{BellarePe92,
author =       {Mihir Bellare and Erez Petrank},
title =        {Making Zero-Knowledge Provers Efficient},
pages =        {711--722},
booktitle =    STOC92,
publisher =    ACM,
address =      {Victoria},
year =         1992
}


@unpublished{BellareRiBe95,
author =       {Mihir Bellare and Ronald L. Rivest},
title =        {Translucent Cryptography},
year =         1995,
note =         {(To appear.)}
}


@inproceedings{BellareRo93,
author =       {Mihir Bellare and Phillip Rogaway},
title =        {Random Oracles are Practical: A Paradigm for Designing
               Efficient Protocols},
pages =        {62--73},
booktitle =    {First ACM Conference on Computer and Communications
               Security},
publisher =    ACM,
address =      {Fairfax},
year =         1993
}


@inproceedings{BellareRo94,
author =       {Mihir Bellare and Phillip Rogaway},
title =        {Entity authentication and key distribution},
pages =        {232--249},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}


@inproceedings{BellareRo94b,
author =       {Mihir Bellare and Phillip Rogaway},
title =        {Optimal Asymmetric Encryption}},
pages =        {92--111},
booktitle =    {EUROCRYPT94},
editor =       {Alfredo De Santis},
note =         {Lecture Notes in Computer Science No.\ 950},
publisher =    {Springer},
year =         1995
}


@inproceedings{BellareRo95,
author =       {Mihir Bellare and Phillip Rogaway},
title =        {Provably Secure Session Key Distribution-- The Three
               Party Case},
pages =        {57--66},
booktitle =    STOC95,
publisher =    ACM,
address =      {Las Vegas},
year =         1995
}


@inproceedings{BellareYu92,
author =       {Mihir Bellare and Moti Yung},
title =        {Certifying Cryptographic Tools: The Case of Trapdoor
               Permutations},
pages =        {442--460},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}


@techreport{BellOl78,
author =       {D. A. Bell and S. E. Olding},
title =        {An Annotated Bibliography of Cryptography},
institution =  {National Physical Laboratory},
year =         1978,
month =        Jan,
number =       {COM-100}
}


@article{BellovinCh94,
author =       {Steven M. Bellovin and William R. Cheswick},
title =        {Network Firewalls},
journal =      {IEEE Communications Magazine},
month =        Sep,
year =         1994,
volume =       32,
number =       9,
pages =        {50--57}
}


@inproceedings{Benaloh87,
author =       {J. Benaloh},
title =        {Secret Sharing Homomorphisms: Keeping Shares of A Secret
               Sharing},
booktitle =    CRYPTO86,
editor =       {A. M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263},
publisher =    {Springer},
year =         1987
}


@inproceedings{Benaloh87a,
author =       {Josh Cohen Benaloh},
title =        {Cryptographic capsules: A disjunctive primative for
               interactive protocols},
pages =        {213--222},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@inproceedings{BenalohLe88,
author =       {J. Benaloh and J. Leichter},
title =        {Generalized Secret Sharing and Monotone Functions},
pages =        {27--36},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No. 403 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{BenalohYu86,
author =       {J. Benaloh and M.Yung},
title =        {Distributing the power of government to enhance the
               power of voters},
pages =        {52--62},
booktitle =    PODC86,
publisher =    {ACM},
year =         1986
}

@inproceedings{Ben-AroyaBi94,
author =       {Ishai Ben-Aroya and Eli Biham},
title =        {Differtial cryptanalysis of Lucifer},
pages =        {187--199},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}



@article{BengioGrDeGoQu91,
author =       {Samy Bengio and Gilles Grassard and Yvo G. Desmedt
		and Claude Goutier and Jean-Jacques Quisquater},
title =        {Secure Implementation of Identification Systems},
journal =      {Journal of Cryptology},
year =         1991,
volume =       4,
pages =        {175--183}
}
	

@inproceedings{Ben-OrGo93,
author =       {Micahel Ben-Or, Ran Canetti and Oded Goldreich},
title =        {Asynchronous Secure Computation},
pages =        {52--61},
booktitle =    STOC93,
year =         1993
}

@article{Ben-DavidChGoLu92,
author =       {S. Ben-David and B. Chor and O. Goldreich and M. Luby},
title =        {On the Theory of Average Case Complexity},
journal =      {Journal of Computer and System Sciences},
volume =       44,
number =       2,
month =        Apr,
year =         1992,
pages =        {193--219}
}


@inproceedings{BenderCa90,
author =       {Andreas Bender and Guy Castagnoli},
title =        {On the implementation of elliptic curve cryptosystems},
pages =        {186--193},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{BennettBr85,
author =       {Charles H. Bennett and Gilles Brassard},
title =        {An Update on Quantum Cryptography},
pages =        {475--480},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}



@inproceedings{BennettBrBrWi83,
author =       {Charles H. Bennett and Gilles Brassard and Seth Breidbard
               and Stephen Wiesner},
title =        {Quantum Cryptography, or Unforgeable Subway Tokens},
pages =        {267--275},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@inproceedings{BennettBrCrMa94,
author =       {C.H. Bennett and Gilles Brassard and C. Cr\'epeau and
               U.M. Maurer},
title =        {Generalized privacy amplification},
booktitle =    {Proc. 1994 IEEE Internation Symp. of Information Theory},
year =         1994,
pages =        {350--350},
note =         {Trondheim, Norway, June 27-July1, 94}
}


@inproceedings{BennettBrCrSk92,
author =       {C. H. Bennett and G. Brassard and C. Cr\'epeau and
               M.-H. Skubiszewska},
title =        {Practical Quantum Oblivious Transfer},
pages =        {351--366},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}

@inproceedings{BennettBrRo86,
author =       {Charles H. Bennett and Gilles Brassard and Jean-Marc
               Robert},
title =        {How to Reduce Your Enemy's Information},
pages =        {468--476},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}


@article{BennettBrRo88,
author =       {C. H. Bennett and G. Brassard and J. Robert},
title =        {Privacy Amplification by Public Discussion},
journal =      {SIAM J. Computing},
volume =       17,
number =       2,
year =         1988,
month =        Apr,
pages =        {210--229}
}

@inproceedings{Ben-OrChSh83,
author =       {M. Ben-Or and B. Chor and A. Shamir},
title =        {On the Cryptographic Security of Single {RSA} bits},
pages =        {421--430},
booktitle =    STOC83,
publisher =    ACM,
address =      {Boston},
year =         1983
}


@inproceedings{Ben-OrGoGoHaKiMi88,
author =       {M. Ben-Or and S. Goldreich and S. Goldwasser and J.
               H{\aa}stad and J. Kilian and S. Micali and P. Rogaway},
title =        {Everything Provable is Provable in Zero-Knowledge},
pages =        {37--56},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No. 403 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{Ben-OrGoKiWi88,
author =       {Michael Ben-Or and Shafi Goldwasser and Joe Kilian
               and Avi Wigderson},
title =        {Multi-Prover Interactive Proofs: How to Remove Intractability
               Assumptions},
booktitle =    STOC88,
pages =        {113-132},
year =         1988
}

@inproceedings{Ben-OrGoKiWi90,
author =       {Michael Ben-Or and Shafi Goldwasser and Joe Kilian
               and Avi Wigderson},
title =        {Efficient identification schemes using two prover 
               interactive proofs},
pages =        {498--506},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{Ben-OrGoMiRi85,
author =       {M. Ben-Or and O. Goldreich and S. Micali and R. L.
               Rivest},
title =        {A Fair Protocol for Signing Contracts},
booktitle =    {ICALP},
note =         {Lecture Notes in Computer Science No. \ 194},
year =         1985,
pages =        {43--52}
}

@article{Ben-OrGoMiRi90,
author =       {Michael Ben-Or and Oded Goldreich and Silvio Micali
               and Ronald L. Rivest},
title =        {A Fair Protocol for Signing Contracts},
journal =      {IEEE Transactions on Information Theory},
year =         1990,
volume =       36,
number =       1,
pages =        {40--46}
}

@inproceedings{Ben-OrGoWi88,
author =       {M. Ben-Or and S. Goldwasser and A. Wigderson},
title =        {Completeness theorems for fault-tolerant distributed
               computing},
pages =        {1--10},
booktitle =    STOC88,
publisher =    ACM,
address =      {Chicago},
year =         1988
}


@inproceedings{BergerKaPe86,
author =       {Richard Berger and Sampath Kannan and Rene Peralta},
title =        {A Framework for the Study of Cryptographic Protocols},
pages =        {87--103},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}

@inproceedings{BergerPeTe85,
author =       {R. Berger and R. Peralta and T. Tedrick},
title =        {A Provably Secure Oblivious Transfer Protocol},
pages =        {379--386},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No. 209},
publisher =    {Springer-Verlag},
year =         1985
}


@article{Berkovits82,
author =       {Berkovits, Shimshon},
title =        {Factoring via Superencryption},
journal =      {Cryptologia},
year =         1982,
month =        Jul,
volume =       6,
number =       3,
pages =        {229--237}
}

@article{Berlekamp70,
author =       {E. Berlekamp},
title =        {Factoring polynomials over large finite fields},
journal =      {Math. Comp},
volume =       24,
year =         1970,
pages =        {713--735}
}



@inproceedings{Berson82,
author =       {Thomas Berson},
title =        {Local Network Cryptosystem Architecture},
pages =        {73--78},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@inproceedings{Berson83,
author =       {Thomas A. Berson},
title =        {Local Network Cryptosystem Architecture: Access Control},
pages =        {251--258},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@inproceedings{Berson83a,
author =       {Thomas A. Berson},
title =        {Long Key Variants of {DES}},
pages =        {311--313},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@inproceedings{Berson92,
author =       {Berson, T.A.},
year =         1992,
title =        {Differential cryptanalysis mod $2^{32}$ with applications
               to {MD5}},
booktitle =    {Advances in Cryptology --- Eurocrypt '92},
editor =       {R.A. Rueppel},
publisher =    {Springer-Verlag},
address =      {Berlin}
}



@article{Beth95,
author =       {Thomas Beth},
title =        {Confidential Communication on the Internet},
journal =      {Scientific American},
month =        Dec,
year =         1995,
pages =        {87--91}
}

@inproceedings{BethCoGo87,
author =       {T. Beth and B.M. Cook and D. Gollmann},
title =        {Architectures for exponentiation in GF$(2{^n})$},
pages =        {303--310},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No. 263 },
publisher =    {Springer-Verlag},
year =         1987
}

@inproceedings{BethDa90,
author =       {Beth, T. and Dai, Zong-duo},
year =         {1990},
title =        {On the Complexity of Pseudo-Random Sequences - or:
               {If} You Can Describe a Sequence It Can't be Random},
booktitle =    {Advances in Cryptology --- Eurocrypt '89},
editor =       {Quisquater, J.J. and Vandewalle, J.},
pages =        {533--543},
publisher =    {Springer-Verlag},
address =      {Berlin}
}

@inproceedings{BethDe91,
author =       {T. Beth and Y. Desmedt},
title =        {Identification Tokens - or: Solving the Chess Grandmaster
               Problem},
pages =        {169--177},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No. 537},
publisher =    {Springer-Verlag},
year =         1991
}

@book{BethFrSi92,
editor =       {Beth, T. and Frisch, M. and Simmons, G.J.},
year =         1992,
title =        {Public-key Cryptography, State of the Art and Future
               Directions},
series =       {Lecture Notes in Computer Science},
volume =       578,
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@book{BethJuLe85,
author =       {T.~Beth and D.~Jungnickel and H.~Lenz.},
title =        {Design Theory},
publisher =    {Bibliographisches Institut, Zurich},
year =         1985
}


@inproceedings{BethLaMa94,
author =       {T. Beth and D.E. Lazic and A. Mathias},
title =        {Cryptanalysis of cryptosystems based on remote chaos
               replication},
pages =        {318--331},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No. 839},
publisher =    {Springer},
year =         1994
}

@inproceedings{BethPi84,
author =       {Beth, T. and Piper, F.},
year =         1984,
title =        {The stop-and-go generator},
booktitle =    {Advances in Cryptology --- Eurocrypt '84},
editor =       {T. Beth and N. Cot and I. Ingemarsson},
pages =        {88--92},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@book{Beutelspacher94,
newtag =       {Beutelspacher94},
author =       {A.~Beutelspacher},
title =        {Cryptology},
publisher =    {Mathematical Association of America},
year =         1994
}


@techreport{Biba75, 
author = 	{K. Biba}, 
title = 	{Integrity Consideration for Secure Computer Systems}, 
institution = 	{{MITRE} Corporation}, 
number = 	{MTR-3153}, 
year = 		1975
}



@inproceedings{BiehlBuTh94,
author =       {Ingrid Biehl and Johannes Buchmann and Christoph Thiel},
title =        {Cryptographic protocols based on discrete logarithms
               in real-quadratic orders},
pages =        {56--60},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No. 839},
publisher =    {Springer},
year =         1994
}


@inproceedings{BierbrauerGoSt94,
author =       {J/"urgen Bierbrauer and K. Gopalakrishnan and D. R.
               Stinson},
title =        {Bounds for resilient functions and orthogonal arrays},
pages =        {247--256},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No. 839},
publisher =    {Springer},
year =         1994
}

@inproceedings{BierbrauerJoKaSm94,
author =       {J/"urgen Bierbrauer and Thomas Johansson and Gregory
               Katatianskii and Ben Smeets},
title =        {On families of hash functions via geometric codes and
               concatenation},
pages =        {331--342},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No. 773},
publisher =    {Springer},
year =         1994
}

@inproceedings{Biham94,
author =       {Biham, E.},
title =        {On Modes of Operation},
booktitle =    {Fast Software Encryption},
year =         {1994},
editor =       {R. Anderson},
publisher =    {Springer-Verlag},
series =       {Lecture Notes in Computer Science},
volume =       809,
pages =        {116--121},
address =      {Berlin}
}

@inproceedings{Biham94a,
author =       {Biham, E.},
year =         {1994},
title =        {New Types of Cryptanalytic Attacks Using Related Keys},
booktitle =    {Advances in Cryptology --- Eurocrypt'93},
editor =       {T. Helleseth},
publisher =    {Springer-Verlag},
series =       {Lecture Notes in Computer Science},
volume =       {765},
pages =        {398--409},
address =      {Berlin}
}

@inproceedings{Biham95,
author =       {Biham, Eli},
title =        {Cryptanalysis of Multiple Modes of Operation},
note =         {Pre-Proceedings of {ASIACRYPT '94}. 
                Submitted to J. Cryptology.},
year =         1995,
}

@inproceedings{BihamSh91,
author =       {E. Biham and A. Shamir},
title =        {Differential Cryptanalysis of {DES}-like Cryptosystems},
pages =        {2--21},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No. 537},
publisher =    {Springer-Verlag},
year =         1991
}

@article{BihamSh91a,
author =       {E. Biham and A. Shamir},
title =        {Differential Cryptanalysis of {DES}-like Cryptosystems},
journal =      {Journal of Cryptology},
year =         1991,
volume =       4,
pages =        {3--72}
}

@inproceedings{BihamSh91b,
author =       {Biham, E. and Shamir, A.},
year =         1991,
title =        {Differential cryptanalysis of {FEAL} and {N}-{H}ash},
booktitle =    {Advances in Cryptology --- Eurocrypt '91},
editor =       {D.W. Davies},
pages =        {1--16},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@inproceedings{BihamSh92,
author =       {E. Biham and A. Shamir},
title =        {Differential Cryptanalysis of {Snefru, Khafre, REDOC-II,
               LOKI and Lucifer}},
pages =        {156-171},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No. 576},
publisher =    {Springer},
year =         1992
}


@inproceedings{BihamSh92a,
author =       {Eli Biham and Adi Shamir},
title =        {Differential Cryptanalysis of the Full 16-Round {DES}},
pages =        {487--496},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No. 740},
publisher =    {Springer-Verlag},
year =         1992
}

@book{BihamSh93,
author =       {E. Biham and A. Shamir},
title =        {A Differential Cryptanalysis of the {D}ata {E}ncryption
               {S}tandard},
publisher =    {Springer-Verlag},
year =         1993
}


@inproceedings{BirdGoHeJaKuMo92,
author =       {R. Bird and I. Gopal and A. Herzberg and P. Janson
               and S. Kutten and R. Molva and M. Yung},
title =        {Systematic Design of Two-Party Authentication Protocols},
pages =        {44--61},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No. 576},
publisher =    {Springer},
year =         1992
}

@article{Bishop91,
author =       {Bishop, M.},
year =         1991,
title =        {Privacy-enhanced electronic mail},
journal =      {Internetworking: Research and Experience},
volume =       2,
pages =        {199--233}
}

@book{Blahut83,
author =       {Blahut, R.E.},
title =        {Theory and Practice of Error Control Codes},
publisher =    {Addison-Wesley},
year =         {1983}
}


@inproceedings{BlakeMuVa85,
author =       {I.F. Blake and R.C. Mullin and S.A. Vanstone},
title =        {Computing Logarithms in {GF}$(2{^n})$},
pages =        {73--82},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No. 196},
publisher =    {Springer},
year =         1985
}


@inproceedings{Blakley79,
author =       {G.~R. Blakley},
title =        {Safeguarding cryptographic keys},
booktitle =    {Proc.\ AFIPS 1979 National Computer Conference},
publisher =    AFIPS,
year =         1979,
pages =        {313--317}
}


@inproceedings{Blakley82,
newtag =       {Blakley82},
author =       {G.Robert Blakley},
title =        {Key Management from a Security Viewpoint},
pages =        {82--82},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@inproceedings{Blakley85,
author =       {G.R. Blakley},
title =        {Information Theory without the Finiteness Assumption,
               I: Cryptosystems as Group-Theoretic Objects},
pages =        {314--338},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No. 196},
publisher =    {Springer},
year =         1985
}


@inproceedings{Blakley86,
author =       {G.R. Blakley},
title =        {Information Theory Without the Finiteness Assumption,
               II Unfolding the {DES}},
pages =        {282--337},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No. 218},
publisher =    {Springer},
year =         1986
}

@inproceedings{BlakleyBlChMa92,
author =       {Bob Blakley and G.R. Blakley and Agnes H. Chan and
               James L. Massey},
title =        {Threshold Schemes with Disenrollment},
pages =        {540--548},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No. 740},
publisher =    {Springer-Verlag},
year =         1992
}

@inproceedings{BonehSh95,
author =       {Dan Boneh and James Shaw},
title =        {Collusion-Secure Fingerprinting for Digital Data},
pages =        {452-465},
booktitle =    CRYPTO95,
editor =       {Don Coppersmith},
note =         {Lecture Notes in Computer Science No.\ 963},
publisher =    {Springer},
year =         1995
}

@article{BlakleyBo79,
author =       {Blakley, G. R. and I. Borosh},
title =        {{Rivest-Shamir-Adleman} Public Key Cryptosystems do
               not always conceal messages},
journal =      {Computers \& Mathematics with Applications},
volume =       5,
number =       3,
year =         1979,
pages =        {169--178}
}


@inproceedings{BlakleyDi87,
author =       {G.R. Blakley and R.D. Dixon},
title =        {Smallest possible message expansion in threshold schemes},
pages =        {266--274},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No. 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@inproceedings{BlakleyMe85,
author =       {G.R. Blakley and Catherine Meadows},
title =        {Security of Ramp Schemes},
pages =        {242--268},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No. 196},
publisher =    {Springer},
year =         1985
}


@inproceedings{BlakleyMePu86,
author =       {G.R. Blakley and Catherine Meadows and G.B. Purdy},
title =        {Fingerprinting Long Forgiving Messages},
pages =        {180--189},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No. 218},
publisher =    {Springer},
year =         1986
}


@inproceedings{BlakleyRu88,
author =       {G.R. Blakley and William Rundell},
title =        {Cryptosystems based on an analog of heat flow},
pages =        {306--329},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No. 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{BlakleySw83,
author =       {G.R. Blakley and Laif Swanson},
title =        {Infinite Structures in Information Theory},
pages =        {39--50},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}

@misc{BlazeDiRiScShThWi96,
author =       {Matt Blaze and Whitfield Diffie and Ronald L. Rivest and
                Bruce Schneier and Tsutomu Shimomura and Eric Thompson and
                Michael Wiener},
title =        {Minimal Key Lengths for Symmetric Ciphers to Provide Adequate
                Commercial Security: A Report by an Ad Hoc Group of 
                Cryptographers and Computer Scientists},
year =         {1996},
month =        Jan,
note = 		{Available at {\tt http://www.bsa.org}.}
}

@inproceedings{BlazeFeLa96,
author =       {Matt Blaze and Joan Feigenbaum and Jack Lacy},
title =        {Decentralized Trust Management},
pages =        {(to appear)},
month =        {May},
year =         {1996},
booktitle =    {Proceedings 1996 IEEE Symposium on Security and Privacy}
}

@inproceedings{BleichenbacherMa94,
newtag =       {BleichenbacherMa94},
author =       {Daniel Bleichenbacher and Ueli M. Maurer},
title =        {Directed acyclic graphs, one-way functions and digital
               signatures},
pages =        {75--82},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No. 839},
publisher =    {Springer},
year =         1994
}


@inproceedings{Blom83,
author =       {Rolf Blom},
title =        {Non-Public Key Distribution},
pages =        {231--236},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@inproceedings{Blom85,
author =       {Rolf Blom},
title =        {An Optimal Class of Symmetric Key Generation Systems},
pages =        {335--338},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@misc{BluesteinCrDrJeSi85,
author =       {Bluestein, L. and Crandell, P. and Drake, D. and Jedynak,
               L. and Simpson, L.},
title =        {Two Level Encripting of {RF} Signals},
howpublished = {U.S. Patent No. 4,531,021},
month =        {July 23,},
year =         {1985}
}


@manual{Blum81,
author =       {Blum, M.},
title =        {Three applications of the oblivious transfer: Part
               I: Coin flipping by telephone; Part II: How to exchange
               secrets; Part III: How to send certified electronic
               mail},
organization = {Department of EECS},
address =      {University of California, Berkeley, CA},
year =         {1981}
}


@inproceedings{Blum82,
author =       {M. Blum},
title =        {Coin Flipping by Telephone},
booktitle =    {Proc. IEEE Spring COMPCOM},
year =         1982,
pages =        {133-137},
publisher =    IEEE,
comment =      {Suggests using p = q = 3(4).}
}


@inproceedings{Blum82a,
author =       {Manuel Blum},
title =        {Coin Flipping by Telephone},
pages =        {11-15},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@article{Blum83,
author =       {M. Blum},
title =        {How to exchange (secret) keys},
journal =      {Trans.\ Computer Systems},
volume =       1,
month =        May,
year =         1983,
pages =        {175--193},
publisher =    ACM,
note =         {(Previously published in ACM STOC '83 proceedings,
               pages 440--447.)}
}

@inproceedings{Blum84,
author =       {M. Blum},
title =        {Independent Unbiased Coin Flips from a Correlated Biased
               Source: A Finite State {Markov} Chain},
pages =        {425--433},
booktitle =    FOCS84,
address =      {Singer Island},
year =         1984,
publisher =    IEEE
}



@inproceedings{BlumBlSh83,
author =       {Lenore Blum and Manuel Blum and Michael Shub},
title =        {Comparison of Two Pseudo-Random Number Generators},
pages =        {61--78},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@article{BlumBlSh86,
author =       {L. Blum and M. Blum and M. Shub},
title =        {A Simple Unpredictable Pseudo-Random Number Generator},
journal =      SIAM,
volume =       15,
number =       2,
month =        May,
year =         1986,
pages =        {364--383},
comment =      {$x^2 \mod N$ generator, where $N$ is product $pq$,
               where $p\equiv q \equiv 3 \mod N$. Notes that this 
               permutes quadratic residues mod $N$.}
}


@article{BlumDeMiPe91,
author =       {M. Blum and A. De Santis and S. Micali and G. Persiano},
title =        {NonInteractive Zero-Knowledge},
journal =      {SIAM J. Computing},
year =         1991,
month =        Dec,
volume =       20,
number =       6,
pages =        {1084--1118}
}


@inproceedings{BlumFeMi88,
author =       {M. Blum and P. Feldman and S. Micali},
title =        {Proving Security Against Chosen Cyphertext Attacks},
pages =        {256--268},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No. 403 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{BlumFuKeLi94,
author =       {Avrim Blum and Merrick Furst and Michael Kearns and
               Richard J. Lipton},
title =        {Cryptographic primitives based on hard learning problems},
pages =        {278--291},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No. 773},
publisher =    {Springer},
year =         1994
}


@inproceedings{BlumGo85,
author =       {M. Blum and S. Goldwasser},
title =        {An efficient probabilistic public-key encryption scheme
               which hides all partial information},
pages =        {289--302},
booktitle =    CRYPTO84,
publisher =    {Springer},
editor =       {G. R. Blakley and D. C. Chaum},
year =         1985,
note =         {Lecture Notes in Computer Science No. 196}
}


@inproceedings{BlumGo85a,
newtag =       {BlumGo85a},
author =       {Manuel Blum and Shafi Goldwasser},
title =        {An Efficient Probalistic Public Key Encryption Scheme
               which Hides All Partial Information},
pages =        {289-299},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No. 196},
publisher =    {Springer},
year =         1985
}


@article{BlumMi84,
author =       {M. Blum and S. Micali},
title =        {How to generate cryptographically strong sequences
               of pseudo-random bits},
journal =      SIAM,
volume =       13,
number =       4,
month =        Nov,
year =         1984,
pages =        {850--863}
}


@inproceedings{BlumVaVa84,
author =       {Manuel Blum and Umesh V. Vazirani and Vijay V. Vazirani},
title =        {Reducibility Among Protocols},
pages =        {137--146},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}


@inproceedings{BlundoDeDiGaVa94,
author =       {Carlo Blundo and Alfredo De Santis and Giovanni Di
               Crescenzo and Antonio Giorgio Gaggia and Ugo Vaccaro},
title =        {Multi-secret sharing schemes},
pages =        {150--163},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No. 839},
publisher =    {Springer},
year =         1994
}


@inproceedings{BlundoDeDiGaVa94a,
author =       {Carlo Blundo and Alfredo De Santis and Giovanni Di
               Crescenzo and Antonio Giorgio Gaggia and Ugo Vaccaro},
title =        {Fully dynamic secret sharing schemes},
pages =        {110--125},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No. 773},
publisher =    {Springer},
year =         1994
}


@inproceedings{BlundoDeHeKuVaYu92,
author =       {Carlo Blundo and Alfredo DeSantis and Amir Herzberg
               and Shay Kutten and Ugo Vaccaro and Moti Yung},
title =        {Perfectly-Secure Key Distribution for Dynamic Conferences},
pages =        {471--486},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No. 740},
publisher =    {Springer-Verlag},
year =         1992
}

@inproceedings{BlundoDeGaVa92,
author =       {Carlo Blundo and Alfredo De Santis and L. Gargano 
               and Ugo Vaccaro},
title =        {On the Information Rate of Secret Sharing Schemes},
pages =        {148--167},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No. 740},
publisher =    {Springer-Verlag},
year =         1992
}


@article{BoppanaHaZa87,
author =       {R. Boppana and J. Hastad and S. Zachos},
title =        {Does {co-NP} have Short Interactive Proofs?},
journal =      {Information Processing Letters},
volume =       25,
month =        May,
year =         1987,
pages =        {127--132}
}


@inproceedings{BosCh92,
author =       {Jurjen N.E. Bos and David Chaum},
title =        {Provable Unforgeable Signatures},
pages =        {1--14},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No. 740},
publisher =    {Springer-Verlag},
year =         1992
}


@inproceedings{BosCo90,
author =       {Jurjen Bos and Matthijs Coster},
title =        {Addition chain heuristics},
pages =        {400--407},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No. 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{BosselaersGoVa94,
author =       {Antoon Bosselaers and Ren\'e Govaerts and Joos Vandewalle},
title =        {Comparison of three modular reduction functions},
pages =        {175--186},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No. 773},
publisher =    {Springer},
year =         1994
}


@inproceedings{Bouckaert85,
author =       {A. Bouckaert},
title =        {Security of Transportable Computerized Files},
pages =        {416--425},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@article{Boyar89,
author =       {Joan Boyar},
title =        {Inferring Sequences Produced by Pseudo-Random Number
               Generators},
journal =      {Journal of the ACM},
volume =       36,
number =       1,
month =        Jan,
year =         1989,
pages =        {129--141},
publisher =    ACM
}


@inproceedings{BoyarChDaPe91,
author =       {J. Boyar and D. Chaum and I. Damg{\aa}rd and T. Pedersen},
title =        {Convertible Undeniable Signatures},
pages =        {189--205},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No. 537},
publisher =    {Springer-Verlag},
year =         1991
}

@article{BoyarFrLu91,
author =       {J. Boyar and K. Friedl and C. Lund},
title =        {Practical Zero-Knowledge Proofs: Giving Hints and Using
               Deficiencies},
journal =      {Journal of Cryptology},
year =         1991,
volume =       4,
pages =        {185--206}
}


@inproceedings{BoyarPe90,
author =       {Joan Boyar and Ren\'e Peralta},
title =        {On the concrete complexity of zero-knowledge proofs},
pages =        {507--525},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No. 435},
publisher =    {Springer-Verlag},
year =         1990
}



@inproceedings{Brand90,
author =       {Russell L. Brand},
title =        {Problems with the normal use of cryptography for providing
               security on unclassified networks},
pages =        {30--34},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No. 435},
publisher =    {Springer-Verlag},
year =         1990
}

@inproceedings{Brands94,
author =       {Stefan Brands},
title =        {Untraceable off-line cash in wallets with observers},
pages =        {302--318},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No. 773},
publisher =    {Springer},
year =         1994
}

@misc{Brands95a,
author =       {Stefan Brands},
title =        {Secret-Key Certificates},
year =         1995,
institution =  {CWI},
address =      {Amsterdam}
}

@misc{Brands95b,
author =       {Stefan Brands},
title =        {Restrictive Blinding of Secret-Key Certificates},
year =         1995,
institution =  {CWI},
address =      {Amsterdam}
}


@inproceedings{BrandtDa92,
author =       {J\"orgen Brandt and Ivan Damg{\aa}rd},
title =        {On Generation of Probable Primes By Incremental Search},
pages =        {358--370},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No. 740},
publisher =    {Springer-Verlag},
year =         1992
}


@inproceedings{BrandtDaLaPe88,
author =       {J. Brandt and Ivan Damg{\aa}rd and P. Landrock and
               T. Pedersen},
title =        {Zero-Knowledge Authentication Scheme with Secret Key
               Exchange},
pages =        {583--588},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No. 403 },
publisher =    {Springer-Verlag},
year =         1988
}

@techreport{BranstadGaKa77,
author =       {Branstad, D.K. and Gait, J. and Katzke, S.},
year =         {1977},
title =        {Report of the {W}orkshop on {C}ryptography in {S}upport
               of {C}omputer {S}ecurity},
institution =  {National {B}ureau of {S}tandards},
number =       {NBSIR 77-1291},
month =        {September}
}


@inproceedings{Brassard79,
author =       {G. Brassard},
title =        {Relativized Cryptography},
booktitle =    FOCS79,
address =      {San Juan, Puerto Rico},
publisher =    IEEE,
year =         1979,
pages =        {383--391}
}


@inproceedings{Brassard82,
author =       {Gilles Brassard},
title =        {An Optimally Secure Relativized Cryptosystem},
pages =        {54--58},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}

@inproceedings{Brassard83,
author =       {Gilles Brassard},
title =        {On Computationally Secure Authentication Tags Requiring
               Short Secret Shared Keys},
pages =        {79--86},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@techreport{Brassard87,
newtag =       {Brassard87},
author =       {G. Brassard},
title =        {Introduction to Modern Cryptology},
institution =  {D\'epartment d'informatique et de recherche op\'erationelle},
number =       {606},
year =         1987
}


@inproceedings{Brassard87a,
author =       {Gilles Brassard},
title =        {Cryptology in Academia: A Ten Year Retrospective},
booktitle =    {Proc. IEEE Spring COMPCOM},
year =         1987,
month =		Feb,
pages =        {222--226},
publisher =    IEEE
}



@book{Brassard88,
author =       {Brassard, Gilles},
title =        {Modern Cryptology},
year =         1988,
publisher =    {Springer-Verlag},
note =         {Lecture Notes in Computer Science Number 325}
}
@book{BrassardBr88,
author =       {Gilles Brassard and Paul Bratley},
title =        {Algorithmics, Theory and Practice},
year =         1988,
publisher =    {Prentice Hall}
}


@article{BrassardChCr88,
author =       {G. Brassard and D. Chaum and C. Cr\'{e}peau},
title =        {Minimum Disclosure Proofs of Knowledge},
journal =      JCSS,
volume =       37,
number =       2,
year =         1988,
pages =        {156--189}
}


@inproceedings{BrassardCr86,
author =       {G. Brassard and C. Cr\'{e}peau},
title =        {Nontransitive Transfer of Confidence: A Perfect Zero-Knowledge
               Interactive Protocol for {SAT} and Beyond},
pages =        {188--195},
booktitle =    FOCS86,
publisher =    IEEE,
address =      {Toronto},
year =         1986
}

@inproceedings{BrassardCr87,
author =       {Gilles Brassard and Claude Cr\'{e}peau},
title =        {Zero-knowledge simulation of Boolean circuits},
pages =        {223--233},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No. 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@inproceedings{BrassardCr91,
author =       {G. Brassard and C. Cr\'{e}peau},
title =        {Quantum Bit Commitment and Coin Tossing Protocols},
pages =        {49--61},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No. 537},
publisher =    {Springer-Verlag},
year =         1991
}


@inproceedings{BrassardCrRo87,
author =       {G. Brassard and C. Cr\'{e}peau and Jean-Marc Robert},
title =        {All-or-nothing disclosure of secrets},
pages =        {234--238},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No. 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@article{BrassardCrYu91,
author =       {G. Brassard and C. Cr\'{e}peau and M. Yung},
title =        {Perfect Zero-Knowledge Computationally Convincing 
               Proofs for {NP} in Constant Rounds},
journal =      {Theoretical Computer Science},
volume =       84,
number =       1,
year =         1991,
pages =        {23--52}
}


@inproceedings{BrassardDa88,
author =       {G. Brassard and I.B. Damg{\aa}rd},
title =        {``Practical IP'' $subseteq$ MA},
pages =        {580--582},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No. 403 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{BrassardYu91,
author =       {G. Brassard and M. Yung},
title =        {One-Way Group Actions},
pages =        {94--108},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No. 537},
publisher =    {Springer-Verlag},
year =         1991
}


@article{Brent80,
author =       {Richard P. Brent},
title =        {An Improved {M}onte {C}arlo Factorization Algorithm},
journal =      {BIT},
volume =       20,
number =       2,
year =         1980,
pages =        {176--184}
}

@incollection{Brent76,
author =       {R.P. Brent},
year =         1976,
title =        {Analysis of the binary {Euclidean} algorithm},
booktitle =    {Algorithms and Complexity},
editor =       {J.F. Traub},
pages =        {321-355},
publisher =    {Academic Press}
}

@book{Bressoud89,
author =       {Bressoud, D.M.},
year =         1989,
title =        {Factorization and Primality Testing},
publisher =    {Springer-Verlag},
series =       {Undergraduate Texts in Mathematics},
address =      {New York}
}



@inproceedings{Brickell83,
author =       {Ernest F. Brickell},
title =        {A Fast Modular Multiplication Algorithm With Application
               To Two Key Cryptography},
pages =        {51--60},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@inproceedings{Brickell84a,
author =       {E. F. Brickell},
title =        {Solving Low Density Knapsacks},
pages =        {25--37},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}


@inproceedings{Brickell85,
author =       {E. F. Brickell},
title =        {Breaking Iterated Knapsacks},
booktitle =    CRYPTO84,
publisher =    {Springer},
editor =       {G. R. Blakley and D. C. Chaum},
year =         1985,
note =         {Lecture Notes in Computer Science No. 196},
pages =        {342--358}
}

@inproceedings{Brickell85a,
author =       {Ernest F. Brickell},
title =        {Dependence of Output on Input in {DES}: Small Avalanche
               Characteristics},
pages =        {342--358},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No. 196},
publisher =    {Springer},
year =         1985
}


@article{Brickell88,
author =       {E.~F. Brickell},
title =        {Some ideal secret sharing schemes},
journal =      {Journal of Computer and Systems Science},
volume =       37,
year =         1988,
pages =        {156--189}
}


@inproceedings{Brickell90,
author =       {Ernest F. Brickell},
title =        {A survey of hardware implementation of {RSA}},
pages =        {368--370},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No. 435},
publisher =    {Springer-Verlag},
year =         1990
}

@inproceedings{BrickellChDaVa88,
author =       {Ernest F. Brickell and David Chaum and Ivan B. Damg{\aa}rd
               and J. van de Graaf},
title =        {Gradual and verifiable release of a secret},
pages =        {156--166},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No. 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{BrickellDa90,
author =       {Ernest F. Brickell and Daniel M. Davenport},
title =        {On the classification of idea secret sharing schemes},
pages =        {278--285},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No. 435},
publisher =    {Springer-Verlag},
year =         1990
}

@inproceedings{BrickellDaSi83,
author =       {Ernest F. Brickell and J.A. Davis and G.J. Simmons},
title =        {A Preliminary Report on the Cryptanalysis of {M}erkle-{H}ellman
               Knapsack Cryptosystems},
pages =        {289--301},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}

@inproceedings{BrickellDe86,
author =       {Ernest F. Brickell and John M. DeLaurentis},
title =        {An Attack on a Signature Scheme Proposed by {Okamoto}
               and {Shiraishi}},
pages =        {28--32},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No. 218},
publisher =    {Springer},
year =         1986
}


@manual{BrickellDeKeMaTu93,
author =       {Brickell, E.F. and Denning, D.E. and Kent, S.T. and
               Maher, D.P. and Tuchman, W.},
year =         1993,
title =        {Skipjack Review, Interim Report: {The Skipjack Algorithm}},
month =        {July 28,}
}

@inproceedings{BrickellGoMcWi92,
author =       {Brickell, E.F. and Gordon, D.M. and McCurley, K.S.
               and Wilson, D.B.},
year =         1992,
title =        {Fast exponentiation with precomputation},
booktitle =    {Advances in Cryptology --- Eurocrypt '92},
editor =       {R.A. Rueppel},
publisher =    {Springer-Verlag},
address =      {New York},
pages =        {200--207}
}


@inproceedings{BrickellLaOd84,
author =       {E.F. Brickell and J.C. Largarias and A.M. Odlyzko},
title =        {Evaluation of the Adleman Attack on Multiply Iterated
               Knapsack Cryptosystems},
pages =        {39--42},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}


@inproceedings{BrickellLeYa88,
author =       {E.F. Brickell and P.J. Lee and Y. Yacobi},
title =        {Secure audio teleconference},
pages =        {418--426},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No. 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@article{BrickellMc91,
author =       {Ernest F. Brickell and Kevin S. McCurley},
title =        {Interactive Identification and Digital Signatures},
journal =      {AT\&T Journal},
month =        {Nov/Dec},
year =         1991
}

@article{BrickellMc92,
author =       {Brickell, E.F. and McCurley, K.S.},
year =         1992,
month =        {},
title =        {An Interactive Identification Scheme Based on Discrete
               Logarithms and Factoring},
journal =      {Journal of Cryptology},
volume =       5,
number =       1,
pages =        {29--39}
}


@inproceedings{BrickellMo83,
author =       {Ernest F. Brickell and J.H. Moore},
title =        {Some Remarks on the {Herlestam-Johannesson} Algorithm
               for Computing Logarithms over $GF(2^p)$},
pages =        {15--19},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@inproceedings{BrickellMoPu87,
author =       {E.F. Brickell and J.H. Moore and M.R. Purtill},
title =        {Structure in the $S$-boxes of the {DES}},
pages =        {3-8},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No. 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@article{BrickellOd88,
author =       {Brickell, E.F. and Odlyzko, A.M.},
year =         1988,
title =        {Cryptanalysis: {A} survey of recent results},
journal =      {Proc.\ IEEE},
volume =       76,
pages =        {578--593}
}

@incollection{BrickellOd92,
author =       {E.~F. Brickell and A.~M. Odlyzko},
year =         1992,
title =        {Cryptanalysis, a survey of recent results},
booktitle =    {Contemporary Cryptology, The Science of Information
               Integrity},
editor =       {G.J. Simmons},
publisher =    {IEEE Press},
pages =        {501--540}
}

@inproceedings{BrickellSt88,
author =       {E.F. Brickell and D.R. Stinson},
title =        {The Detection of Cheaters in Threshold Schemes},
pages =        {564--577},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No. 403 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{BrickellSt91,
newtag =       {BrickellSt91},
author =       {Ernest F. Brickell and D.R. Stinson},
title =        {Some Improved Bounds on the Information Rate of Perfect
               Secret Sharing Schemes},
pages =        {242--252},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No. 537},
publisher =    {Springer-Verlag},
year =         1991
}


@article{BrickellSt92,
author =       {E.~F. Brickell and D.~R. Stinson},
title =        {Some improved bounds on the information rate of perfect
               secret sharing schemes},
journal =      {Journal of Cryptology},
year =         1992,
volume =       5,
pages =        {153--166}
}


@book{BrillhartLeSeTuWa88,
author =       {Brillhart, J. and Lehmer, D. and Selfridge, J. and
               Tuckerman, B. and Wagstaff Jr, S.},
year =         1988,
title =        {Factorizations of $b^n \pm 1$, $b=2,3,5,6,7,10,11,12$
               up to High Powers},
publisher =    {American Mathematical Society},
address =      {Providence, Rhode Island},
volume =       22,
series =       {Contemporary Mathematics},
edition =      {2nd}
}

@incollection{Brittanica89,
author =       {Brittanica},
title =        {Geometry},
booktitle =    {The New Encyclop{\ae}dia Brittanica},
publisher =    {Encyclop{\ae}dia Brittanica},
year =         1989,
pages =        {927--1000},
note =         {(Volume 19)}
}

@inproceedings{BrosciusSm92,
author =       {A.G. Broscius and J.M. Smith},
title =        {Exploiting parallelism in hardware implementations
               of the {DES}},
pages =        {367--376},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No. 576},
publisher =    {Springer},
year =         1992
}

@article{Brown94,
author =       {Patrick W. Brown},
title =        {Digital Signature: Are They Legal for Electronic Commerce},
journal =      {IEEE Communications Magazine},
month =        Sep,
year =         1994,
volume =       32,
number =       9,
pages =        {76--80}
}


@inproceedings{BrownPiSe90,
author =       {Brown, L. and Pieprzyl, J. and Seberry, J.},
title =        {{LOKI}: A Cryptographic Primitive for Authentication
               and Secrecy Applications},
year =         {1990},
booktitle =    {Advances in Cryptology --- Auscrypt '90},
editor =       {Seberry, J. and Pieprzyk, J.},
publisher =    {Springer Verlag},
address =      {Berlin},
pages =        {229--236}
}

@INPROCEEDINGS{BrownSe90,
author =       {L. Brown and J. Seberry},
title =        {Key Scheduling in {DES} type Cryptosystems},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {221--228}
}


@inproceedings{BrugiaImWo85,
author =       {Odoardo Brugia and Salvatore Improta and William Wolfowicz},
title =        {An Encryption and Authentication Procedure for Tele-surveillance
               Systems},
pages =        {437--445},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@inproceedings{Brynielsson86,
author =       {Brynielsson, L.},
year =         {1986},
title =        {On the Linear Complexity of Combined Shift Register
               Sequences},
booktitle =    {Advances in Cryptology --- Eurocrypt '85},
editor =       {Pichler, F.},
publisher =    {Springer-Verlag},
address =      {Berlin},
pages =        {156--166}
}


@inproceedings{BuchmannDu91,
author =       {J. Buchmann and S. D\"{u}llmann},
title =        {On the Computation of Discrete Logarithms in Class
               Groups},
pages =        {134--149},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No. 537},
publisher =    {Springer-Verlag},
year =         1991
}

@inproceedings{BuchmannLoZa94,
author =       {J. Buchmann and J. Loho and J. Zayer},
title =        {An implementation of the general number field sieve},
pages =        {159--165 },
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No. 773},
publisher =    {Springer},
year =         1994
}


@inproceedings{BuchmannWi90,
author =       {Johannes A. Buchmann and Hugh C. Williams},
title =        {A key exchange system based on real quadratic fields},
pages =        {335--343},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No. 435},
publisher =    {Springer-Verlag},
year =         1990
}


@article{Buell87,
author =       {Duncan A. Buell},
title =        {Factoring: Algorithms, Computations, and Computers},
journal =      {Journal of Supercomputing},
year =         1987,
volume =       1,
pages =        {191--216},
comment =      {Good discussion of elliptic curve methods, p-1, and
               others.}
}


@book{BuhlerLePo94,
author =       {J.P. Buhler and H.W. Lenstra and Carl Pomerance},
title =        {The development of the number field sieve},
year =         1994,
publisher =    {Springer-Verlag},
series =       {Lecture Notes in Mathematics},
volume =       1554
}


@misc{Bura75,
author =       {Michael Craig Bura},
title =        {Increasing the Pick Resisteance of the Pin-Tumbler
               Cylinder Lock},
note =         {Bachelor of Science Thesis},
month =        Jun,
year =         1975,
institution =  {MIT}
}

@article{Burmester89,
author =       {Mike Burmester},
title =        {Remarks on Soundness of proofs},
journal =      {Electronics Letters},
volume =       25,
number =       22,
year =         1989,
month =        Oct,
pages =        {1509--1510}
}


@article{Burmester92,
author =       {Mike Burmester},
title =        {An almost-constant round interactive zero-knowledge proof},
journal =      {Information Processing Letters},
volume =       42,
month =        May,
year =         1992,
pages =        {81--87}
}

@inproceedings{Burmester94,
author =       {Mike Burmester},
title =        {On the risk of opening distributed keys},
pages =        {308--317},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No. 839},
publisher =    {Springer},
year =         1994
}

@article{BurmesterDeBe92,
author =       {Burmester, M.V.D. and Desmedt, Y.G. and Beth, T.},
year =         1992,
title =        {Efficient zero-knowledge identification schemes for
               smart cards},
journal =      {Computer Journal},
volume =       35,
pages =        {21--29}
}

@unpublished{BurmesterRiSh96,
author =       {Mike Burmester and Ronald L. Rivest and Adi Shamir},
title =        {Geometric Cryptography},
}

@article{BurrowsAbNe90,
author =       {Michael Burrows and Martin Abadi and Roger Needham},
title =        {A Logic of Authentication},
journal =      {ACM Transactions on Computer Systems},
volume =       8,
number =       1,
year =         1990,
month =        Feb,
pages =        {18--36}
}

@inproceedings{Cade87,
author =       {John J. Cade},
title =        {A modification of a broken public-key cipher},
pages =        {64--83},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No. 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@inproceedings{CamionCaChSe92,
author =       {P. Camion and C. Carlet and P. Charpin and N. Sendrier},
title =        {On Correlation-Immune Functions},
pages =        {86--100},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No. 576},
publisher =    {Springer},
year =         1992
}


@inproceedings{CampbellWi92,
author =       {Keith W. Campbell and Michael J. Wiener},
title =        {{DES} is not a Group},
pages =        {512--520},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No. 740},
publisher =    {Springer-Verlag},
year =         1992
}


@article{CanettiGo93,
author =       {R. Canetti and O. Goldreich},
title =        {Bounds on Tradeoffs between Randmoness and Communication
               Complexity},
journal =      {Computational Complexity},
volume =       3,
year =         1993,
pages =        {141--167}
}


@inproceedings{CanettiHe94,
author =       {Ran Canetti and Amir Herzberg},
title =        {Maintaining security in the presence of transient faults},
pages =        {425--438},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No. 839},
publisher =    {Springer},
year =         1994
}

@inproceedings{CanettiRa93,
author =       {Ran Canetti and Tal Rabin},
title =        {Fast Asynchronous Byzantine Agreement with Optimal
               Resilience},
pages =        {42--51},
booktitle =    STOC93,
year =         1993
}

@article{CanfieldErPo83,
author =       {Canfield, E.R. and Erd\"{o}s, P. and Pomerance, C.},
year =         1983,
title =        {On a problem of {Oppenheim} concerning {`Factorisatio
               Numerorum'}},
journal =      {J. Number Theory},
volume =       17,
pages =        {1--28}
}


@inproceedings{CapocelliDeGaVa92,
author =       {R.M. Capocelli and A. De Santis and L. Gargano and
               U. Vaccaro},
title =        {On the size of shares for secret sharing schemes},
pages =        {101--113},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No. 576},
publisher =    {Springer},
year =         1992
}

@article{CapocelliDeGaVa93,
author =       {R.~M. Capocelli and A.~{De Santis} and L.~Gargano 
               and U.~Vaccaro},
title =        {On the size of shares for secret sharing schemes},
journal =      {Journal of Cryptology},
year =         1993,
volume =       6,
pages =        {157--167}
}


@inproceedings{Carlet92,
author =       {Claude Carlet},
title =        {Partially-Bent Functions},
pages =        {280--291},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No. 740},
publisher =    {Springer-Verlag},
year =         1992
}

@INPROCEEDINGS{Carroll90,
author =       {J.M. Carroll},
title =        {The Three Faces of Information Security},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {433--450}
}

@phdthesis{Carter89,
author =       {Carter, G.D.},
title =        {Aspects of local linear complexity},
school =       {University of London},
year =         {1989}
}

@manual{CaseFeScDa90,
author =       {Case, J. and M. Fedor and M. Schoffstall and J. Davin},
year =         1990,
month =        {May},
title =        {{RFC} 1157: The Simple Network Management Protocol},
organization = {Internet Activities Board}
}

@manual{CCITT-X.40088,
newtag =       {CCITT-X.40088},
author =       {{CCITT}},
year =         1988,
title =        {Recommendation $X.400$: Message Handling System and
               Service Overview}
}

@manual{CCITT-X.41188,
newtag =       {CCITT-X.41188},
author =       {{CCITT (Consultative Committee on International Telegraphy
               and Telephony)}},
year =         1988,
title =        {Recommendation $X.411$: Message Handling Systems: Message
               Transfer System: Abstract Service Definition and Procedures}
}

@manual{CCITT-X.43591,
newtag =       {CCITT-X.43591},
author =       {{CCITT (Consultative Committee on International Telegraphy
               and Telephony)}},
year =         {1991},
title =        {Recommendation $X.435$: Message Handling Systems: EDI
               Messaging System}
}

@manual{CCITTConsult88a,
oldtag =       {CCITT-X.500},
author =       {{CCITT (Consultative Committee on International Telegraphy
               and Telephony)}},
year =         1988,
title =        {Recommendation $X.500$: The Directory --- Overview
               of Concepts, Models and Services}
}

@manual{CCITTConsult88b,
oldtag =       {CCITT-X.509},
author =       {{CCITT (Consultative Committee on International Telegraphy
               and Telephony)}},
year =         1988,
title =        {Recommendation $X.509$: The Directory---Authentication
               Framework}
}

@manual{CCITTConsult91a,
oldtag =       {CCITT-X.800},
author =       {{CCITT (Consultative Committee on International Telegraphy
               and Telephony)}},
year =         {1991},
title =        {Recommendation $X.800$: Security Architecture for Open
               Systems Interconnection for CCITT Applications}
}


@book{Chaitin87,
author =       {Chaitin, G.J.},
title =        {Information, Randomness and Incompleteness},
publisher =    {World Scientific Publishing},
address =      {Singapore},
year =         {1987}
}

@article{Chaitin66,
author =       {Chaitin, G.J.},
year =         1966,
title =        {On the length of programs for computing finite binary
               sequences},
journal =      {J. {ACM}},
month =        {October},
volume =       13,
number =       {4},
pages =        {547--569}
}


@inproceedings{ChanGa87,
author =       {Agnes Hui Chan and Richard A. Games},
title =        {On the linear span of binary sequences obtained from
               finite geometries},
pages =        {405--417},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No. 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@article{ChanGaKe82,
author =       {Chan, A.H. and Games, R.A. and Key, E.L.},
year =         1982,
title =        {On the Complexities of de {B}ruijn Sequences},
journal =      {J. Comb. Theory},
series =       {A},
volume =       33,
pages =        {233--246}
}


@inproceedings{ChanGa90,
author =       {Agnes H. Chan and Richard A. Games},
title =        {On the quadratic spans of periodic sequences},
pages =        {82--89},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No. 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{ChanGaRu94,
author =       {Chan, A.H. and Games, R.A. and Rushanan, J.},
year =         {1994},
title =        {On Quadratic $M$-sequences},
booktitle =    {Fast Software Encryption},
editor =       {R. Anderson},
publisher =    {Springer-Verlag},
series =       {Lecture Notes in Computer Science},
volume =       809,
address =      {Berlin},
pages =        {166--173}
}


@inproceedings{ChaoTaTs94,
author =       {Jinhui Chao and Kazuo Tanada and Shigeo Tsujii},
title =        {Design of elliptic curves with controllable lower boundary
               of extension degree for reduction attacks},
pages =        {50--55},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No. 839},
publisher =    {Springer},
year =         1994
}


@article{Chaum81,
author =       {D. Chaum},
title =        {Untraceable electronic mail, return addresses, and
               digital pseudonyms},
journal =      CACM,
volume =       24,
month =        Feb,
year =         1981,
pages =        {84--88}
}


@inproceedings{Chaum82,
author =       {David L. Chaum},
title =        {Verification by Anonymous Monitors},
pages =        {138--139},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@inproceedings{Chaum83,
author =       {David Chaum},
title =        {Blind Signatures for Untraceable Payments},
pages =        {199--203},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@inproceedings{Chaum84,
author =       {David Chaum},
title =        {Blind Signature System},
pages =        {153--153},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}


@inproceedings{Chaum84a,
author =       {David Chaum},
title =        {Design Concepts for Tamper Responding Systems},
pages =        {387--392},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}


@inproceedings{Chaum85,
author =       {David Chaum},
title =        {New Secret Codes Can Prevent a Computerized Big Brother},
pages =        {432--433},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No. 196},
publisher =    {Springer},
year =         1985
}

@inproceedings{Chaum85a,
author =       {David Chaum},
title =        {How to Keep a Secret Alive: Extensible Partial Key,
               Key Safeguarding, and Threshold Systems},
pages =        {481--485},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No. 196},
publisher =    {Springer},
year =         1985
}


@article{Chaum85b,
author =       {David Chaum},
title =        {Security Without Identification: Transaction
		Systems to Make Big Brother Obsolete},
year =         1985,
month =        {Oct},
journal =      {Communications of the ACM},
volume =       28,
number =       10,
pages =        {1030--1044}
}

@inproceedings{Chaum87,
author =       {David Chaum},
title =        {Demonstrating that a public predicate can be satisfied
               without revealing any information about how},
pages =        {195--199},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No. 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@article{Chaum88,
author =       {David Chaum},
title =        {The Dining Cryptographers Problem: Unconditional
		Sender and Recipient Untraceability},
journal =      {Journal of Cryptology},
year =         1988,
volume =       1,
pages =        {65-75}
}


@misc{Chaum88a,
author =       {David Chaum},
title =        {Blind unanticipated signature systems},
howpublished = {U.S. Patent No. 4,759,064},
year =         {1988}
}


@misc{Chaum88b,
author =       {David Chaum},
title =        {Blind signature systems},
howpublished = {U.S. Patent No. 4,759,063},
year =         {1988}
}


@inproceedings{Chaum95,
author =       {David Chaum},
title =        {Designated Confirmer Signatures},
pages =        {~},
booktitle =    {Proceedings EUROCRYPT 94 (to appear)},
year =         1995,
publisher =    {Springer-Verlag}
}

@inproceedings{ChaumEv86,
author =       {Chaum, D. and Evertse, J.},
year =         1986,
title =        {Crytanalysis of {DES} with a reduced number of rounds,
               sequences of linear factors in block ciphers},
booktitle =    {Advances in Cryptology --- Crypto '85},
editor =       {H.C. Williams},
publisher =    {Springer-Verlag},
address =      {New York},
pages =        {192--211}
}


@inproceedings{ChaumEv86a,
author =       {David Chaum and Jan-Hendrik Evertse},
title =        {Cryptanalysis of {DES} with a Reduced Number of Rounds},
pages =        {192--211},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No. 218},
publisher =    {Springer},
year =         1986
}

@inproceedings{Chaum90,
author =       {David Chaum},
title =        {The Spymasters double-agent problem: Multiparty computations
               secure unconditionally from minorities and cryptographically
               from majorities},
pages =        {591--603},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No. 435},
publisher =    {Springer-Verlag},
year =         1990
}

@INPROCEEDINGS{Chaum90a,
author =       {D. Chaum},
title =        {Showing Credentials Without Identification: Transferring
               Signatures Between Unconditionally Unlinkable Pseudonyms},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {246--264}
}

@article{Chaum92,
author =       {D. Chaum},
title =        {Achieving Electronic Privacy},
journal =      {Scientific American},
volume =       267,
number =       2,
month =        Aug,
year =         1992,
pages =        {96--101}
}


@inproceedings{ChaumCrDa88,
author =       {David Chaum and Claude Cr\'epeau and Ivan {Damg{\aa}rd}},
title =        {Multiparty unconditionally secure protocols},
pages =        {462--462},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No. 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{ChaumCrDa88a,
author =       {D. Chaum and C. Crepeau and I. {Damg{\aa}rd}},
title =        {Multi-party unconditionally secure protocols},
booktitle =    STOC88,
publisher =    ACM,
address =      {Chicago},
year =         1988
}


@inproceedings{ChaumDaVa88,
author =       {David Chaum and Ivan B. Damg{\aa}rd and Jeroen van
               de Graaf},
title =        {Multiparty computations ensuring privacy of each party's
               input and correctness of the result},
pages =        {87--119},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No. 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{ChaumEv87,
author =       {David Chaum and Jan-Hendrik Evertse},
title =        {A secure and privacy-protecting protocol for transmitting
               personal information between organizations},
pages =        {118--167},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No. 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@inproceedings{ChaumEvVaPe87,
author =       {David Chaum and Jan-Hendrik Evertse and Jeroen van
               de Graaf and Ren\'e Peralta},
title =        {Demonstrating possession of a discrete logarithm without
               revealing it},
pages =        {200--212},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No. 263 },
publisher =    {Springer-Verlag},
year =         1987
}

@inproceedings{ChaumFiNa88,
author =       {D. Chaum and A. Fiat and M. Naor},
title =        {Untraceable Electronic Cash},
pages =        {319--327},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No. 403 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{ChaumVaPf92,
author =       {D. Chaum and E. van Heijst and B. Pfitzmann},
title =        {Cryptographically strong undeniable signatures, unconditionally
               secure for the signer},
pages =        {470--484},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No. 576},
publisher =    {Springer},
year =         1992
}


@inproceedings{ChaumPe92,
author =       {David Chaum and Torben Pryds Pedersen},
title =        {Wallet Databases with Observers},
pages =        {89--105},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No. 740},
publisher =    {Springer-Verlag},
year =         1992
}


@inproceedings{ChaumRo91,
author =       {D. Chaum and S. Roijakkers},
title =        {Unconditionally Secure Digital Signatures},
pages =        {206--215},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No. 537},
publisher =    {Springer-Verlag},
year =         1991
}


@inproceedings{ChaumVa90,
author =       {David Chaum and Hans Van Antwerpen},
title =        {Undeniable signatures},
pages =        {212--217},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No. 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{CheeJoSt92,
author =       {Y.M. Chee and A. Joux and J. Stern},
title =        {The cryptoanalysis of a new public-key cryptosystem
               based on modular knapsacks},
pages =        {204--212},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No. 576},
publisher =    {Springer},
year =         1992
}

@article{CheheylGaHuMi81, 
author = 	{M.H. Cheyel and M. Gasser and G.A. Huff and J.K. Millen},
title = 	{Verifying Security}, 
journal = 	{ACM Computing Surveys}, 
volume = 	13, 
number = 	3, 
pages = 	{279--339},
year =		1981
}


@inproceedings{Chen85,
author =       {Su-shing Chen},
title =        {On Rotation Group and Encryption of Analog Signals},
pages =        {95--100},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No. 196},
publisher =    {Springer},
year =         1985
}

@unpublished{Chen94,
author =       {Kefei Chen},
title =        {Improved {Girault} Identification Scheme},
month =        Dec,
year =         1994,
note =         {no note}
}


@phdthesis{Cheng81,
author =       {Cheng, U.},
title =        {Properties of Sequences},
school =       {University of Southern California},
year =         {1981}
}

@inproceedings{ChepyzhovSm91,
author =       {Chepyzhov, V. and Smeets, B.},
year =         1991,
title =        {On a Fast Correlation Attack on Certain Stream Ciphers},
booktitle =    {Advances in Cryptology --- Eurocrypt '91},
editor =       {D.W. Davies},
pages =        {176--185},
publisher =    {Springer-Verlag},
address =      {Berlin}
}

@inproceedings{ChickTa90,
author =       {Gerald C. Chick and Stafford E. Tavares},
title =        {Flexible access control with master keys},
pages =        {316--323},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No. 435},
publisher =    {Springer-Verlag},
year =         1990
}


@article{Chokhani94,
author =       {Santosh Chokhani},
title =        {Toward a National Public Key Infrastructure},
journal =      {IEEE Communications Magazine},
month =        Sep,
year =         1994,
volume =       32,
number =       9,
pages =        {70--74}
}


@inproceedings{ChorFiNa94,
author =       {Benny Chor and Amos Fiat and Moni Naor},
title =        {Tracing traitors},
pages =        {257--270},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No. 839},
publisher =    {Springer},
year =         1994
}


@inproceedings{ChorGo85,
author =       {Benny Chor and Oded Goldreich},
title =        {{RSA}/Rabin Least Significant Bits are $\frac{1}{2}
               + 1/$ {\em poly(log $N$)} Secure},
pages =        {303-313},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No. 196},
publisher =    {Springer},
year =         1985
}


@inproceedings{ChorGo85a,
author =       {B. Chor and O. Goldreich},
title =        {Unbiased Bits from Sources of Weak Randomness and 
               Probabilistic Communication Complexity},
booktitle =    FOCS85,
address =      {Portland},
publisher =    IEEE,
pages =        {429--442},
year =         1985
}


@article{ChorGo88,
author =       {B. Chor and O. Goldreich},
title =        {Unbiased bits from sources of weak randomness and 
               probabilistic communication complexity},
journal =      {SIAM J. Computing},
year =         1988,
month =        Apr,
volume =       17,
number =       2,
pages =        {230--261}
}


@article{ChorGo90,
author =       {B. Chor and O. Goldreich},
title =        {An Improved Parallel Algorithm for Integer {GCD}},
journal =      {Algorithmica},
volume =       5,
year =         1990,
pages =        {1--10}
}


@inproceedings{ChorGoGo86,
author =       {Benny Chor and Oded Goldreich and Shafi Goldwasser},
title =        {The Bit Security of Modular Squaring Given Partial
               Factorization of the Modulos},
pages =        {448--457},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No. 218},
publisher =    {Springer},
year =         1986
}



@inproceedings{ChorGoMiAw85,
author =       {B. Chor and S. Goldwasser and S. Micali and B. Awerbuch},
title =        {Verifiable secret sharing and achieving simultaneity
               in the presence of faults},
booktitle =    FOCS85,
address =      {Portland},
year =         1985,
pages =        {383--395},
publisher =    IEEE
}


@inproceedings{ChorKu89,
author =       {B. Chor and E. Kushilevitz},
title =        {A Zero-One Law for {Boolean} Privacy},
booktitle =    STOC89,
publisher =    ACM,
address =      {Seattle},
year =         1989,
pages =        {62--72},
comment =      {See ChorKu91 for the journal version.}
}

@article{ChorKu91,
author =       {B. Chor and E. Kushilevitz},
title =        {A Zero-One Law for {Boolean} Privacy},
journal =      {SIAM J. Disc. Math.},
year =         1991,
volume =       4,
pages =        {36--47}
}

@inproceedings{ChorKu90,
author =       {Benny Chor and Eyal Kushilevitz},
title =        {Secret sharing over infinite domains},
pages =        {299--306},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No. 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{ChorRa87,
author =       {Benny Chor and Michael Rabin},
title =        {Achieving independence in logarithmic number of rounds},
pages =        {260--268},
booktitle =    PODC87,
publisher =    {ACM},
year =         1987
}


@article{ChorRi88,
author =       {B. Chor and R. L. Rivest},
title =        {A knapsack type public-key cryptosystem based on arithmetic
               in finite fields},
pages =        {901--909},
journal =      {IEEE Trans.\ Inform.\ Theory},
volume =       34,
number =       5,
month =        Sep,
year =         1988
}

@inproceedings{ChorRi85,
author =       {B. Chor and R. L. Rivest},
title =        {A knapsack type public-key cryptosystem based on arithmetic
               in finite fields},
pages =        {54--65},
booktitle =    CRYPTO84,
publisher =    {Springer},
editor =       {G. R. Blakley and D. C. Chaum},
year =         1985,
note =         {Lecture Notes in Computer Science No. 196, This article
               appeared in IEEE Trans. Inform. Theory (1988).}
}


@inproceedings{ChuangDu91,
author =       {C.C. Chuang and J.G. Dunham},
title =        {Matrix Extensions of the {RSA} Algorithm},
pages =        {140--155},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No. 537},
publisher =    {Springer-Verlag},
year =         1991
}

@article{ClarkHo94,
author =       {Paul C. Clark and Lance J. Hoffman},
title =        {{BITS}: A Smartcard Protected Operating System},
journal =      {Communications of the ACM},
month =        Nov,
year =         1994,
volume =       37,
number =       11,
pages =        {66--70}
}


@inproceedings{ClarkWi87, 
author = 	{D. Clark and D. Wilson}, 
title = 	{A Comparison of Commercial and Military Computer 
			Security Policies}, 	
booktitle = 	{IEEE Security Privacy}, 
year = 		1987
}


@inproceedings{Cleve86,
author =       {R. Cleve},
title =        {Limits on the Security of Coin Flips When Half the
               Processors are Faulty},
pages =        {364--369},
booktitle =    STOC86,
publisher =    ACM,
address =      {Berkeley},
year =         1986
}


@inproceedings{Cleve90,
author =       {Richard Cleve},
title =        {Controlled gradual disclosure schemes for random bits
               and their applications},
pages =        {573--588},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No. 435},
publisher =    {Springer-Verlag},
year =         1990
}

@inproceedings{Cleve91,
author =       {R. Cleve},
title =        {Complexity Theoretic Issues Concerning Block Ciphers
               Related to {D.E.S.}},
pages =        {530--544},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No. 537},
publisher =    {Springer-Verlag},
year =         1991
}

@techreport{Cohen89,
author =       {Cohen, Danny},
title =        {Electronic Commerce},
institution =  {Information Sciences Institute},
number =       {ISI/RR-89-244},
month =        Oct,
year =         1989
}

@inproceedings{CohenFi85,
author =       {J. D. Cohen and M. J. Fischer},
title =        {A robust and verifiable cryptographically secure election
               scheme},
booktitle =    FOCS85,
address =      {Portland},
publisher =    IEEE,
year =         1985,
pages =        {372--382}
}

@article{CohenLe84,
author =       {H. Cohen and Lenstra, Jr., H. W.},
title =        {Primality Testing and {Jacobi} Sums},
journal =      {Mathematics of Computation},
year =         {1984},
volume =       42,
number =       165,
mon =          jan,
pages =        {297--330}
}


@article{Colossus97,
author =       {Barry Fox and Jeremy Webb},
title =        {A Colossal adventure},
journal =      {New Scientist},
volume =       154,
number =       2081,
mon =          May,
year =         1997,
pages =        {38--43}
}



@article{Comba90,
author =       {P. G. Comba},
title =        {Exponentiation Cryptosystems on the {IBM PC}},
journal =      {IBM Systems Journal},
year =         1990,
volume =       29,
number =       4,
pages =        {526--538}
}

@manual{ComiteFranca89,
oldtag =       {ComiteFdONoBa89},
author =       {{Comit\'{e} Fran\c{c}ais d'Organisation et de Normalisation
               Bancaire}},
year =         1989,
title =        {Echanges T\'{e}l\'ematiques entre les Banques et leurs
               Clients, Standard {ETEBAC} 5, v1.1},
address =      {Paris}
}


@manual{ComptrollerG91,
newtag =       {ComptrollerG91},
author =       {{Comptroller General of the United States}},
year =         1991,
month =        {December 13,},
title =        {Matter of {National Institute of Standards and Technology}
               --- {Use} of Electronic Data Interchange Technology
               to Create Valid Obligations},
note =         {File B-245714}
}

@INPROCEEDINGS{CooperPa90,
author =       {R.H. Cooper and W. Patterson},
title =        {{RSA} as a Benchmark for Multiprocessor Machines},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {356--359}
}


@inproceedings{Coppersmith84,
author =       {D. Coppersmith},
title =        {Evaluating Logarithms in {$GF(2^n)$}},
booktitle =    STOC84,
pages =        {201--207},
address =      {Washington, D.C.},
year =         1984,
publisher =    ACM
}

@article{Coppersmith84b,
author =       {D. Coppersmith},
title =        {Fast evaluation of logarithms in fields of characterstic
               two.},
journal =      {IEEE Trans. Inform. Theory},
volume =       {IT-30},
year =         1984,
pages =        {587--594}
}


@inproceedings{Coppersmith86,
author =       {Coppersmith, D.},
year =         1986,
title =        {The real reason for {R}ivest's phenomenon},
booktitle =    {Advances in Cryptology --- Crypto '85},
editor =       {H.C. Williams},
publisher =    {Springer-Verlag},
address =      {New York},
pages =        {535--536}
}


@inproceedings{Coppersmith86a,
author =       {D. Coppersmith},
title =        {Cheating at Mental Poker},
pages =        {104--107},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No. 218},
publisher =    {Springer},
year =         1986
}


@inproceedings{Coppersmith86b,
newtag =       {Coppersmith86b},
author =       {Don Coppersmith},
title =        {Another Birthday Attack},
pages =        {14--17},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No. 218},
publisher =    {Springer},
year =         1986
}


@article{Coppersmith87,
author =       {Coppersmith, D.},
title =        {Cryptography},
journal =      {IBM J. Res. Dev.},
volume =       31,
number =       2,
year =         1987,
pages =        {244-248}
}

@misc{Coppersmith89,
author =       {D. Coppersmith},
title =        {{Analysis of {ISO/CCITT} Document X.509 Annex {D}}},
howpublished = {Internal Memo, IBM T.J. Watson Center},
month =        {June 11,},
year =         {1989}
}

@techreport{Coppersmith92,
author =       {Don Coppersmith},
title =        {The Data Encryption Standard ({DES}) and its Strength
               Against Attacks},
institution =  {IBM T.J. Watson Research Center},
year =         1992,
month =        Dec,
number =       {RC 18613(81421)}
}

@inproceedings{Coppersmith94,
author =       {Don Coppersmith},
title =        {Attack on the cryptographic scheme {NIKS-TAS}},
pages =        {294--307},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No. 839},
publisher =    {Springer},
year =         1994
}

@techreport{CoppersmithFrPaRe96,
author =       {Don Coppersmith and Matthew Franklin and Jacques Patarin
               and Michael Reiter},
title =        {Low-Exponent {RSA} with Related Messages},
institution =  {IBM T.J. Watson Research Lab},
number =       {IBM RC 20318},
month =        {December 27,},
year =         1995,
note =         {(To appear in Eurocrypt '96)}
}

@article{CoppersmithGr75,
author =       {Don Coppersmith and E. Grossman},
title =        {Generators for certain alternating groups with applications
               to cryptology},
journal =      {SIAM Journal on Applied Mathematics},
year =         1975,
volume =       29,
pages =        {624--627}
}


@inproceedings{CoppersmithKrMa94,
author =       {Don Coppersmith and Hugo Krawczyk and Yishay Mansour},
title =        {The shrinking generator},
pages =        {22--39},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No. 773},
publisher =    {Springer},
year =         1994
}


@article{CoppersmithOdSc86,
author =       {D. Coppersmith and A. M. Odlyzko and R. Schroeppel},
title =        {Discrete Logarithms in {$GF(p)$}},
journal =      {Algorithmica},
volume =       1,
number =       1,
year =         1986,
pages =        {1--16}
}

@misc{CoppersmithPiMeMaHyOsBrSc90,
newtag =       {CoppersmithPiMeMaHyOsBrSc90},
author =       {D. Coppersmith and S. Pilpel and C.H. Meyer and S.M.
               Matyas and M.M. Hyden and J. Oseas and B. Brachtl and
               M. Schilling},
title =        {Data authentication using modification dectection codes
               based on a public one way encryption function},
howpublished = {U.S. Patent No. 4,908,861},
month =        {March 13,},
year =         {1990}
}


@inproceedings{CoppersmithStVa94,
author =       {Don Coppersmith and Jacques Stern and Serge Vaudenay},
title =        {Attacks on the birational permutation signature schemes},
pages =        {435--443},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No. 773},
publisher =    {Springer},
year =         1994
}


@book{CormenLeRi90,
author =       {Thomas H. Cormen and Charles E. Leiserson and Ronald
               L. Rivest},
title =        {Introduction to Algorithms},
year =         1990,
publisher =    {MIT Press/McGraw-Hill}
}



@manual{Cramer95,
author =       {R.J.F. Cramer},
year =         {1995},
title =        {On shared randomness and the size of secure signatures},
month =        {April},
organization = {Centrum voor Wiskunde en Informatica},
note =         {Report {CS}-{R}9530}
}


@inproceedings{CramerDaSc94,
author =       {Ronald Cramer and Ivan {Damg{\aa}rd} and Berry 
		Schoenmakers},
title =        {Proofs of partial knowledge and simplified design of
               witness hiding protocols},
pages =        {174--187},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No. 839},
publisher =    {Springer},
year =         1994
}


@inproceedings{Crepeau86,
author =       {Claude Cr\'epeau},
title =        {A Secure Poker Protocol that Minimizes the Effect 
               of Player Coalitions},
pages =        {73--86},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No. 218},
publisher =    {Springer},
year =         1986
}


@inproceedings{Crepeau87,
newtag =       {Crepeau87},
author =       {Claude Cr\'epeau},
title =        {A zero-knowledge poker protocol that achieves confidentiality
               of the players' strategy or how to achieve an electronic
               poker face},
pages =        {239--247},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No. 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@inproceedings{Crepeau88,
author =       {Claude Cr\'epeau},
title =        {Equivalence between two flavours of oblivious transfers},
pages =        {350--354},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No. 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{CrepeauKi88,
author =       {Claude Cr\'epeau and Joe Kilian},
title =        {Weakening Security Assumptions and Oblivious Transfer},
pages =        {2--7},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No. 403 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{CrepeauKi94,
author =       {Claude Cr\'epeau and Joe Kilian},
title =        {Discreet solitary games},
pages =        {319--330},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No. 773},
publisher =    {Springer},
year =         1994
}


@article{Cullyer89,
author =	{W. Cullyer},
title = 	{Implementing high integrity systems: 
			the Viper microprocessor}, 
journal = 	{IEEE AES Magazine},
month = 	{May},
year =		1989
}
% note: not in class file cabinet yet


@techreport{Curry90,
author =       {Curry, David A.},
year =         1990,
title =        {Improving the Security of Your {UNIX} System},
institution =  {{SRI} International},
number =       {ITSTD-721-FR-90-21},
address =      {Menlo Park, CA},
month =        {April}
}


@inproceedings{Cusick91,
author =       {Cusick, T.W.},
year =         1991,
title =        {The {REDOC-II} Cryptosystem},
booktitle =    {Advances in Cryptology --- Crypto '90},
editor =       {Menezes, A.J. and Vanstone, S.A.},
publisher =    {Springer-Verlag},
address =      {New York},
pages =        {545--563}
}

@inproceedings{Cusick94,
author =       {Cusick, T.W.},
year =         1994,
title =        {{B}oolean functions satisfying a higher order strict
               avalanche criterion},
booktitle =    {Advances in Cryptology --- Eurocrypt '93},
editor =       {T. Helleseth},
publisher =    {Springer-Verlag},
series =       {Lecture Notes in Computer Science},
volume =       {765},
pages =        {102--117},
address =      {Berlin}
}

@inproceedings{CusickWo91,
author =       {T.W. Cusick and M.C. Wood},
title =        {The {REDOC II} Cryptosystem},
pages =        {545-563},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No. 537},
publisher =    {Springer-Verlag},
year =         1991
}

@inproceedings{DaemenGoVa93,
author =       {Daemen, J. and Govaerts, R. and Vandewalle, J.},
year =         1993,
title =        {Block ciphers based on Modular Arithmetic},
booktitle =    {State and {P}rogress in the {R}esearch of {C}ryptography,
               1993},
pages =        {80--89}
}


@inproceedings{DaemenGoVa93a,
author =       {Daemen, J. and Govaerts, R. and Vandewalle, J.},
year =         1993,
title =        {Cryptanalysis of {MUX-LFSR} Based Scramblers},
booktitle =    {State and {P}rogress in the {R}esearch of {C}ryptography,
               1993},
pages =        {55--61}
}


@inproceedings{DaemenGoVa94,
author =       {Joan Daemen and Ren\'e Govaerts and Joos Vandewalle},
title =        {Weak keys for {IDEA}},
pages =        {224--231},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No. 773},
publisher =    {Springer},
year =         1994
}

@article{Dai86,
author =       {Dai, Zong-duo},
year =         1986,
title =        {Proof of {R}ueppel's linear complexity conjecture},
journal =      {IEEE Transactions on Information Theory},
volume =       {IT-32},
pages =        {440--443}
}

@INPROCEEDINGS{DaiZe90,
author =       {Z. Dai and K. Zeng},
title =        {Continued Fractions and {Berlekamp-Massey} Algorithm},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {24--31}
}

@inproceedings{Damgard88,
author =       {I.B. Damg{\aa}rd},
title =        {On the Randomness of {Legendre and Jacobi} Sequences},
pages =        {163--172},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No. 403 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{Damgard88a,
author =       {I.B. Damg{\aa}rd},
title =        {Payment Systems and Credential Mechanisms with Provable
               Security Against Abuse by Individuals},
pages =        {328--335},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No. 403 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{Damgard90b,
author =       {Ivan Damg{\aa}rd},
title =        {On the existence of a bit commitment schemes and zero-knowledge
               proofs},
pages =        {17--29},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No. 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{Damgard90c,
author =       {Ivan Damg{\aa}rd},
title =        {A Design principle for hash functions},
pages =        {416--427},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No. 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{Damgard92,
author =       {I. Damg{\aa}rd},
title =        {Towards practical public key systems secure against
               chosen ciphertext attacks},
pages =        {445--456},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No. 576},
publisher =    {Springer},
year =         1992
}


@inproceedings{DamgardBj90,
newtag =       {DamgardBj90},
author =       {I. Damg{\aa}rd and Ivan Bjerre},
title =        {A Design Principle for Hash Functions},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No. 435},
publisher =    {Springer},
year =         1990,
pages =        {416--427}
}


@article{DamgardLaPo93,
author =       {Ivan Damg{\aa}rd and Peter Landrock and Carl Pomerance},
title =        {Average case error estimates for the strong probable
               prime test},
journal =      {Mathematics of Computation},
year =         {1993},
volume =       61,
number =       203,
mon =          jul,
pages =        {177--194}
}

@inproceedings{DamgardLaPo94,
author =       {Ivan Damg{\aa}rd and Peter Landrock and Carl Pomerance},
title =        {Interactive hashing can simplify zero-knowledge protocol
               design without computational assumptions},
pages =        {100--109},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No. 773},
publisher =    {Springer},
year =         1994
}


@inproceedings{DamgardPePf94,
author =       {Damg{\aa}rd and Torben P. Pedersen and Birgit Pfitzmann},
title =        {On the existence of statistically hiding bit commitment
               schemes and fail-stop signatures},
pages =        {250--265},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No. 773},
publisher =    {Springer},
year =         1994
}

@techreport{Davida82,
author =       {Davida, G.},
year =         1982,
title =        {Chosen signature cryptanalysis of the {RSA} public
               key cryptosystem},
number =       {TR-CS-82-2},
institution =  {Dept of EECS, University of Wisconsin, Milwaukee}
}

@inproceedings{DavidaDa88,
author =       {George I. Davida and Frank B. Dancs},
title =        {A crypto-engine},
pages =        {257--268},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No. 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{DavidaMa88,
author =       {George I. Davida and Brian J. Matt},
title =        {Arbitration in tamper proof systems (If {DES} $\approx$
               {RSA} then what's the difference between true signature
               and arbitrated signature schemes?)},
pages =        {216--222},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No. 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@book{Davies81,
editor =       {D. W. Davies},
title =        {Tutorial: The Security of Data in Networks},
publisher =    IEEE,
year =         1981,
note =         {IEEE Computer Society Order \#366}
}


@inproceedings{Davies82,
author =       {Donald W. Davies},
title =        {Some Regular Properties of the {DES}},
pages =        {41--41},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@inproceedings{Davies83,
author =       {Donald W. Davies},
title =        {Some Regular Properties of the `{D}ata {E}ncryption
               {S}tandard' Algorithm},
pages =        {89--96},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@inproceedings{Davies84,
author =       {Donald W. Davies},
title =        {Use of the `Signature Token' to Create a Negotiable
               Document},
pages =        {377--382},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}

@inproceedings{Davies85,
author =       {Donald Watts Davies},
title =        {A Message Authenticator Algorithm},
pages =        {393--400},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No. 196},
publisher =    {Springer},
year =         1985
}


@inproceedings{DaviesPa83,
author =       {Davies, D.W. and Parkin, G.I.P.},
year =         1983,
title =        {The average cycle size of the key stream in output
               feedback encipherment},
booktitle =    {Advances in Cryptology --- Crypto '82},
publisher =    {Plenum Press},
address =      {New York},
pages =        {97--98}
}

%Same paper, dif source

@inproceedings{DaviesPa83a,
author =       {D.W. Davies and G.I.P. Parkin},
title =        {The average cycle size of the key stream in output
               feedback encipherment},
pages =        {263--279},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}



@techreport{DaviesPr79,
author =       {D. W. Davies and W. L. Price},
title =        {A Protocol for Secure Communication},
institution =  {National Physical Laboratory},
year =         1979,
month =        Jan,
number =       {NACS 21/79}
}


@inproceedings{DaviesPr80,
author =       {D. W. Davies and W. L. Price},
title =        {The Application of Digital Signatures Based on Public-Key
               Cryptosystems},
booktitle =    {Proc.\ Fifth Intl.\ Computer Communications Conference},
year =         1980,
month =        Oct,
pages =        {525--530}
}

@techreport{DaviesPr80a,
author =       {Davies, D.W. and Price, W.L.},
year =         1980,
title =        {Selected papers in cryptography and data security},
institution =  {National Physical Laboratory},
number =       {DNACS 38/80},
month =        {November}
}

@book{DaviesPr84,
author =       {D. W. Davies and W. L. Price},
title =        {Security for Computer Networks: An Introduction to
               Data Security in Teleprocessing and Electronic Funds
               Transfer},
publisher =    {John Wiley and Sons},
address =      {New York},
year =         1984
}


@inproceedings{DavioDeGoHoQu85,
author =       {Marc Davio and Yvo Desmedt and Jo Goubert and Frank
               Hoornaert and Jean-Jacques Quisquater},
title =        {Efficient Hardware and Software Implementations for
               the {DES}},
pages =        {144-146},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No. 196},
publisher =    {Springer},
year =         1985
}


@inproceedings{DavioDeFoGoHuNePiQuVaWo84,
newwtag =      {DavioDeFoGoHuNePiQuVaWo84},
author =       {Marc Davio and Yvo Desmedt and Marc Foss\'eprez and
               Ren\'e Govaerts and Jan Hulsbosch and Patrik Neutjens
               and Philippe Piret and Jean-Jacques Quisquater and 
               Joos Vandewalle and Pascal Wouters},
year =         1984,
title =        {Analytical Characteristics of the {DES}},
booktitle =    {Advances in Cryptology --- Crypto '83},
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
pages =        {171--202}
}


@inproceedings{DavioDeQu85,
author =       {Marc Davio and Yvo Desmedt and Jean-Jacques Quisquater},
title =        {Propagation Characteristics of the {DES}},
pages =        {62--73},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@inproceedings{DavioGoQu83,
author =       {M. Davio and J-M. Goethals and J.-J. Quisquater},
title =        {Authentication Procedures},
pages =        {283--288},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@article{Davis78,
author =       {Davis, R.},
year =         {1978},
title =        {The {D}ata {E}ncryption {S}tandard in Perspective},
journal =      {{IEEE} Comms. Soc. Mag.},
volume =       16,
number =       6,
pages =        {5--10}
}



@inproceedings{DavisHo84,
author =       {J.A. Davis and D.B. Holdridge},
title =        {Factorization Using the Quadratic Sieve Algorithm},
pages =        {103--113},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}


@inproceedings{DavisHo85,
author =       {J.A. Davis and D.B. Holdridge},
title =        {An Update on Factorization at Sandia National Laboratories},
pages =        {114--114},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}

@inproceedings{DavisHoSi85,
author =       {James A. Davis and Diane B. Holdridge and Gustavus
               J. Simmons},
title =        {Status Report on Factoring (At the {Sandia National
               Laboratories}},
pages =        {183--215},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No. 209},
publisher =    {Springer},
address =      {Paris},
year =         1985
}


@inproceedings{DavisIhFe94,
author =       {Don Davis and Ross Ihaka and Philip Fenstermacher},
title =        {Cryptographic randomness from air turbulence in disk
               drives},
pages =        {114-120},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No. 839},
publisher =    {Springer},
year =         1994
}

@INPROCEEDINGS{DawsonGo90,
author =       {E. Dawson and B. Goldburg},
title =        {Universal Logic Sequences},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {426--432}
}



@inproceedings{DawsonTa91,
author =       {Dawson, M.H. and Tavares, S.E.},
year =         1991,
title =        {An Expanded set of {S}-box design Criteria based on
               information theory and its relation to DIfferential-like
               attacks},
booktitle =    {Advances in Cryptology --- Eurocrypt '91},
editor =       {D.W. Davies},
publisher =    {Springer-Verlag},
address =      {Berlin},
pages =        {352--367}
}


@inproceedings{DawsonTa91a,
author =       {Dawson, M.H. and Tavares, S.E.},
title =        {An Expanded Set of Design Criteria for Substitution
               Boxes and their Use in Strengthening {DES-like} Cryptosystems},
pages =        {191-195},
booktitle =    {IEEE Pacific Rim Conference on Communications, Computers,
               and Signal Processing},
publisher =    {IEEE},
year =         1991
}


@techreport{DeanWa95,
author =	{Drew Dean and Dan S. Wallach},
title = 	{Security Flaws in the HotJava Web Browser},
institution =   {Princeton University},
month =         Nov,
year =          1995
}


@article{DeBruijn46,
author =       {de Bruijn, N.G.},
year =         {1946},
title =        {A Combinatorial Problem},
journal =      {Nederl. Akad. Wetensch. Proc.},
volume =       49,
pages =        {758--764}
}



@inproceedings{DeJongeCh86,
author =       {Wiebren de Jonge and David Chaum},
title =        {Attacks on Some {RSA} Signatures},
pages =        {18--27},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No. 218},
publisher =    {Springer},
year =         1986
}


@inproceedings{DeJongeCh87,
author =       {Wiebren de Jonge and David Chaum},
title =        {Some Variations on {RSA} Signatures and Their Security},
pages =        {49--59},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No. 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@article{DeLaurentis84,
author =       {J.~M. DeLaurentis},
title =        {A further weakness in the common modulus protocol 
               for the {RSA} cryptosystem},
journal =      {Cryptologia},
year =         1984,
volume =       8,
pages =        {253--259}
}


@inproceedings{DeLaurentis88,
author =       {J.M. DeLaurentis},
title =        {Components and cycles of a random function},
pages =        {231--242},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No. 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{DelosQu94,
author =       {Olivier Delos and Jean-Jacques Quisquater},
title =        {An identity-based signature scheme with bounded life-span},
pages =        {83--94},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No. 839},
publisher =    {Springer},
year =         1994
}


@inproceedings{DelsarteDeOdPi85,
author =       {P. Delsarte and Y. Desmedt and A. Odlyzko and P. Piret},
title =        {Fast Cryptanalysis of the {Matsumoto-Imai} Public 
               Key Scheme},
pages =        {142--149},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@book{DeMilloDoJoLi78,
editor =       {R. A. DeMillo and D. P. Dobkin and A. Jones and R.
               J. Lipton},
title =        {Foundations of Secure Computation},
publisher =    {Academic Press},
address =      {New York},
year =         1978
}

@inproceedings{DeMilloLyMe82,
author =       {R. A. DeMillo and N. Lynch and M. J. Merritt},
title =        {Cryptographic Protocols},
pages =        {383--400},
booktitle =    STOC82,
publisher =    ACM,
address =      {San Francisco},
year =         1982
}


@inproceedings{DeMilloLyMe82a,
author =       {Richard deMillo and Nancy Lynch and Michael J. Merritt},
title =        {The Design and Analysis of Cryptographic Protocols},
pages =        {71--72},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@inproceedings{DenBoer88,
author =       {denBoer, B.},
year =         1988,
title =        {Cryptanalysis of {FEAL}},
booktitle =    {Advances in Cryptology --- Eurocrypt '88},
editor =       {C.G. {G\"{u}nther}},
publisher =    {Springer-Verlag},
address =      {Berlin},
pages =        {293--300}
}


@inproceedings{DenBoer88a,
author =       {B. denBoer},
title =        {{Diffie-Hillman} is as Strong as Discrete Log for Certain
               Primes},
pages =        {530--539},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No. 403 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{DenBoerBo92,
author =       {denBoer, B. and A. Bosselaers},
title =        {An attack on the last two rounds of {MD4}},
pages =        {194--203},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No. 576},
publisher =    {Springer},
year =         1992
}


@inproceedings{DenBoerBo94,
author =       {denBoer, B. and Bosselaers, A.},
year =         1994,
title =        {Collisions for the compression function of {MD5}},
booktitle =    {Advances in Cryptology --- Eurocrypt '93},
editor =       {T. Helleseth},
publisher =    {Springer-Verlag},
series =       {Lecture Notes in Computer Science},
volume =       {765},
pages =        {293--304},
address =      {Berlin}
}



@article{Denning76,
author = 	{D. Denning},
title = 	{A Lattice Model of Secure Information Flow},
journal =	{Communications of the ACM},
volume = 	19,
number =	5,
pages = 	{236--243},
year = 		1976
}


@book{Denning83,
author =       {D. E. Denning},
title =        {Cryptography and Data Security},
publisher =    {Addison-Wesley},
address =      {Reading, Mass.},
year =         {1982}
}


@inproceedings{Denning84,
author =       {Dorothy E. Denning},
title =        {Field Encryption and Authentication},
pages =        {231--247},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}

@inproceedings{Denning86, 
author = 	{D. Denning}, 
title = 	{An Intrusion Detection Model}, 
booktitle = 	{IEEE Security and Privacy}, 
year = 		1986
}


@article{Denning93,
author =       {Denning, D.E.},
year =         {1993},
title =        {The {Clipper} Encryption System},
journal =      {American Scientist},
volume =       81,
number =       4,
month =        {July--August},
pages =        {319--323}
}


@article{Denning94,
author =       {Dorothy E. Denning},
title =        {Key Escrowing Today},
journal =      {IEEE Communications Magazine},
month =        Sep,
year =         1994,
volume =       32,
number =       9,
pages =        {58--68}
}

@article{Denning95,
author = 	{Dorothy E. Denning},
title = 	{Resolving the Encryption Dilemma: The Case for the 
		{Clipper Chip}},
journal =	{Technology Review},
month = 	Jul,
year = 		1995,
pages = 	{48--55}
}

@article{Denning96,
author = 	{Dorothy E. Denning},
title = 	{A Taxonomy for Key Escrow Encryption Sytstems},
journal =	{Communications of the ACM},
volume = 	39,
number =	3,
pages = 	{34--40},
year = 		1996
}


@article{DenningDe79,
author =       {D. E. Denning and P. J. Denning},
title =        {Data Security},
journal =      {ACM Computing Surveys},
volume =       11,
month =        Sep,
year =         1979,
pages =        {227--249}
}


@inproceedings{DennyDoLeMa94,
author =       {T. Denny and B. Dodson and A.K. Lenstra and M.S. Manasse},
title =        {On the factorization of {RSA}-120},
pages =        {166--174},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No. 773},
publisher =    {Springer},
year =         1994
}


@inproceedings{DeSantisDeFrYu94,
author =       {Alredo De Santis and Yvo Desmedt and Yair Frankel 
               and Moti Yung},
title =        {How to Share a Function Securely},
booktitle =    STOC94,
publisher =    ACM,
address =      {Montreal, Canada},
year =         1994,
pages =        {522--533}
}

@inproceedings{DeSantisDiPe94,
author =       {A. De Santis and G. Di Crescenzo and G. Persiano},
title =        {Secret sharing and perfect zero-knowledge},
pages =        {73--84},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No. 773},
publisher =    {Springer},
year =         1994
}

@inproceedings{DeSantisDePe94,
author =       {Alfredo De Santis and Giovanni De Crescenzo and Giuseppe
               Persiano},
title =        {On Monotone Formula Closure of {SZK}},
booktitle =    STOC94,
publisher =    ACM,
address =      {Montreal, Canada},
year =         1994,
pages =        {454--465}
}


@inproceedings{DeSantisMiPe88,
author =       {Alfredo De Santis and Silvio Micali and Giuseppe Persiano},
title =        {Non-interactive zero-knowledge proof systems},
pages =        {52--72},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No. 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{DeSantisYu91,
author =       {A. De Santis and M. Yung},
title =        {Crptograpic Applications of the Non-Interactive Metaproof
               and Many-Prover Systems},
pages =        {366--377},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No. 537},
publisher =    {Springer-Verlag},
year =         1991
}


@inproceedings{Desmedt86,
author =       {Yvo Desmedt},
title =        {Unconditionally Secure Authentication Schemes and 
               Practical and Theoretical Consequences},
pages =        {42--55},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No. 218},
publisher =    {Springer},
year =         1986
}


@inproceedings{Desmedt87,
author =       {Yvo Desmedt},
title =        {Is there an ultimate use of cryptography?},
pages =        {459--463},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No. 263 },
publisher =    {Springer-Verlag},
year =         1987
}

@inproceedings{Desmedt88,
author =       {Yvo Desmedt},
title =        {Society and group oriented cryptography: A new concept},
pages =        {120--127},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No. 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{Desmedt88a,
author =       {Y. Desmedt},
title =        {Abuses in Cryptography and How to Fight Them},
pages =        {375--389},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No. 403 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{Desmedt90,
author =       {Yvo G. Desmedt},
title =        {Making conditionally secure cryptosystems unconditionally
               abuse-free in a general context},
pages =        {6--16},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No. 435},
publisher =    {Springer-Verlag},
year =         1990
}


@article{Desmedt94,
author =       {Yvo G. Desmedt},
title =        {Threshold Cryptography},
journal =      {European Transactions on Telecommunications},
volume =       5,
number =       4,
month =        Jul,
year =         1994,
pages =        {449--457}
}


@inproceedings{DesmedtFr90,
author =       {Yvo Desmedt and Yair Frankel},
title =        {Threshold cryptosystems},
pages =        {307--315},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No. 435},
publisher =    {Springer-Verlag},
year =         1990
}

@inproceedings{DesmedtFr92,
author =       {Y. Desmedt and Y. Frankel},
title =        {Shared generation of authenticators and signatures},
pages =        {457--469},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No. 576},
publisher =    {Springer},
year =         1992
}

@techreport{DesmedtFr92a,
author =       {Desmedt, Y.G. and Frankel, Y.},
year =         1992,
title =        {Parallel reliable threshold multisignature},
institution =  {Department of E.E. and C.S., University of Wisconsin-Milwaukee},
number =       {TR-92-04-02},
month =        {April}
}


@techreport{DesmedtFr92b,
author =       {Yvo Desmedt and Yair Frankel},
year =         1992,
title =        {Homomorphic Zero-knowledge threshold schemes over
		any finite {Abelian} group},
institution =  {Department of E.E. and C.S., University of 
		Wisconsin-Milwaukee},
number =       {TR-91-6-02},
month =        {Feb}
}


@inproceedings{DesmedtGoBe88,
author =       {Yvo Desmedt and Claude Goutier and Samy Bengio},
title =        {Special uses and abuses of the {Fiat-Shamir} passport
               protocol},
pages =        {21--39},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No. 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{DesmedtOd86,
author =       {Y. Desmedt and A. M. Odlyzko},
title =        {A chosen text attack on the {RSA} cryptosystem and
               some discrete logarithm schemes},
pages =        {516--522},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
publisher =    {Springer},
year =         1986,
note =         {Lecture Notes in Computer Science No. 218}
}


@inproceedings{DesmedtQu87,
author =       {Yvo Desmedt and Jean-Jacques Quisquater},
title =        {Public-key systems based on the difficulty of tampering
               (Is there a difference between {DES} and {RSA}?)},
pages =        {111--117},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No. 263 },
publisher =    {Springer-Verlag},
year =         1987
}

@inproceedings{DesmedtQuDa85,
author =       {Desmedt, Y.G. and Quisquater, J.J. and Davio, M.},
year =         1985,
title =        {Dependence of Output on Input in {DES}: Small Avalanche
               Characteristics},
booktitle =    {Advances in Cryptology --- Crypto '84},
editor =       {Blakley, G.R. and Chaum, D.},
publisher =    {Springer-Verlag},
address =      {New York},
pages =        {359--376}
}


@inproceedings{DesmedtQuDa85a,
author =       {Yvo Desmedt and Jean-Jacques Quisquater and Marc Davio},
title =        {Dependence of Output on Input in {DES}: Small Avalanche
               Characteristics},
pages =        {359--376},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No. 196},
publisher =    {Springer},
year =         1985
}


@inproceedings{DesmedtYu91,
author =       {Y. Desmedt and M. Yung},
title =        {Abritrated Unconditionally Secure Authentication Can
               Be Unconditionally Protected Against Arbiter's Attacks},
pages =        {177--188},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No. 537},
publisher =    {Springer-Verlag},
year =         1991
}


@inproceedings{DeSoete88,
author =       {M. DeSoete},
title =        {Bounds and Constructions for Authentication-Secrecy
               Codes with Splitting},
pages =        {311--318},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No. 403 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{DeSoeteQuVe90,
author =       {Marijke DeSoete and Jean-Jacques Quisquater and Klaus
               Vedder},
title =        {A signature with shared verification scheme},
pages =        {253--262},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No. 435},
publisher =    {Springer-Verlag},
year =         1990
}

@inproceedings{DeWaleffeQu91,
author =       {D. deWaleffe and J.J. Quisquater},
title =        {{CORSAIR}: A {SMART} Card for Public Key Cryptosystems},
pages =        {502--514},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No. 537},
publisher =    {Springer-Verlag},
year =         1991
}

@inbook{DeWaleffeQu91a,
author =       {D. de~Waleffe and J.-J.~Quisquater},
title =        {Better login protocols for computer networks},
publisher =    {Lecture Notes in Computer Science, 1993, No.\ 741},
note =         {Computer Security and Industrial Cryptography, State
               of the Art and Evolution, ESAT Course},
month =        May,
year =         1991,
pages =        {50--70}
}

@book{Dickson19,
author =       {Dickson, L.},
title =        {History of the Theory of Numbers},
publisher =    {Chelsea Pub. Co.},
year =         {1919},
address =      {London}
}


@inproceedings{Diffie82,
author =       {Whitfield Diffie},
title =        {Cryptography, the Next Two Decades},
pages =        {84--108},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}

@inproceedings{Diffie86,
author =       {Whitfield Diffie},
title =        {Security for the {DoD} Transmission Control Protocol},
pages =        {108--127},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}


%% Following needs to be checked against original

@article{Diffie88,
author =       {W. Diffie},
title =        {The First Ten Years of Public-Key Cryptography},
journal =      {Proc. IEEE},
month =        May,
year =         1988,
volume =       {76},
number =       {5},
pages =        {560-577},
note =         {Reprinted in Simmons' collection}
}

@inproceedings{DiffieHe76a,
author =       {W. Diffie and M. E. Hellman},
title =        {Multiuser Cryptographic Techniques},
booktitle =    {Proc.\ AFIPS 1976 National Computer Conference},
publisher =    AFIPS,
address =      {Montvale, N.J.},
year =         1976,
pages =        {109--112}
}

@article{DiffieHe76b,
author =       {W. Diffie and M. E. Hellman},
title =        {New Directions in Cryptography},
journal =      {IEEE Trans.\ Inform.\ Theory},
volume =       {IT-22},
month =        Nov,
year =         1976,
pages =        {644--654}
}

@article{DiffieHe77,
author =       {W. Diffie and M. E. Hellman},
title =        {Exhaustive Cryptanalysis of the {NBS} Data Encryption
               Standard},
journal =      {Computer},
volume =       10,
year =         1977,
month =        Jun,
pages =        {74--84}
}

@article{DiffieHe79,
author =       {W. Diffie and M. E. Hellman},
title =        {Privacy and Authentication: An Introduction to Cryptography},
journal =      {Proc.\ IEEE},
volume =       67,
year =         1979,
month =        Mar,
pages =        {397--429}
}

@incollection{DiffieHe84,
author =       {W. Diffie and M. E. Hellman},
title =        {An Introduction to Cryptography},
booktitle =    {Advances in Data Communication Management},
chapter =      4,
pages =        {44-134},
editor =       {Slonim and Unger and Fisher},
publisher =    {Wiley},
year =         1984
}


@inproceedings{DiffieKlDeGlSm82,
author =       {Whitfield Diffie and Melville Klein and Michael L.
               Dertouzos and Andrew Gleason and Dean Smith},
title =        {National Security and Commercial Security: Division
               of Responsibility},
pages =        {154--156},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04, transcription of panel discussion},
year =         1982
}


@article{DiffieVaWi92,
newtag =       {DiffieVaWi92},
author =       {Whitfield~Diffie and Paul C. Van Oorschot and Michael
               J. Wiener},
title =        {Authentication and authenticated key exchanges},
journal =      {Designs, Codes, and Cryptography},
volume =       2,
number =       2,
month =        Jun,
year =         1992,
pages =        {107--125}
}

@INPROCEEDINGS{Ding90,
author =       {C. Ding},
title =        {Lower Bounds on the Weight Complexities of Cascaded
               Binary Sequences},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {39--43}
}

@article{Dixon84,
author =       {John D. Dixon},
title =        {Factorization and Primality Tests},
journal =      {The American Mathematical Monthly},
year =         1984,
month =        {June-July},
volume =       91,
number =       6,
pages =        {333--352}
}

@inproceedings{DixonLe93,
author =       {Dixon, B. and Lenstra, A.K.},
year =         1993,
title =        {Massively parallel elliptic curve factoring},
booktitle =    {Advances in Cryptology --- Eurocrypt '92},
editor =       {R.A. Rueppel},
pages =        {183--193},
publisher =    {Springer-Verlag},
address =      {Berlin}
}

@manual{Dod85,
newtag =       {Dod85},
author =       {{Department of Defense}},
title =        {{CSC-STD-002-85}: Department of Defense ({DoD}) Password
               Management Guidelines},
year =         1985
}


@manual{Dod85a,
newtag =       {Dod85a},
author =       {{Department of Defense}},
title =        {{DoD 5200.28-STD}: Department of Defense ({DoD}) Trusted
               Computer System Evaluation Criteria ({TCSEC})},
year =         1985
}


@inproceedings{DolevDwNa91,
author =       {D. Dolev and C. Dwork and M. Naor},
title =        {Non-malleable cryptography},
booktitle =    STOC91,
publisher =    ACM,
year =         1991,
pages =        {542--552}
}


@inproceedings{DolevEvKa83,
author =       {D. Dolev and S. Even and R. M. Karp},
title =        {On the Security of Ping-Pong Protocols},
pages =        {177--186},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@inproceedings{DolevWi83,
author =       {Danny Dolev and Avi Wigderson},
title =        {On the Security of Multi-Party Protocols in Distributed
               Systems},
pages =        {167--175},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}



@inproceedings{DolevYa81,
author =       {D. Dolev and A. C. Yao},
title =        {On the Security of Public Key Protocols},
pages =        {350--357},
booktitle =    FOCS81,
publisher =    IEEE,
year =         1981,
address =      {Nashville}
}

@article{Domingo-FerrerHu90,
newtag =       {Domingo-FerrerHu90},
author =       {Josep Domingo-Ferrer and LLorenc Huguet-Rotger},
title =        {Secure Network Bootstrapping: An algorithm for authentic
               key exchange and digital signatures},
journal =      {Computers and Security},
year =         1990,
month =        Apr,
volume =       9,
number =       2,
pages =        {145--152},
comment =      {Like commutative encryption and El Gamal combined,
               sort of.}
}

@book{Drake67,
author =       {Drake, A.W.},
year =         1967,
title =        {Fundamentals of Applied Probability Theory},
publisher =    {McGraw-Hill Book Company},
address =      {New York}
}

@article{Duff89, 
author = 	{Tom Duff},
title = 	{Experience with viruses on UNIX systems},
journal = 	{Computing Systems},
volume = 	2,
number =	2,
pages = 	{155--171},
year = 		1989
}


@inproceedings{DusseKa90,
author =       {Stephen R. Duss\'e and Burton S. {Kaliski Jr.}},
year =         1990,
title =        {A cryptographic library for the {Motorola} {DSP56000}},
booktitle =    {Advances in Cryptology --- Eurocrypt '90},
editor =       {I.B. Damg{\aa}rd},
pages =        {230--244},
publisher =    {Springer-Verlag},
address =      {New York}
}


@inproceedings{DworkFeKiNaSa92,
author =       {Cynthia Dwork and Uri Feige and Joe Kilian and Moni
               Naor and Muli Safra},
title =        {Low sommunication 2-Prover Zero-Knowledge Proofs for
               {\em NP}},
pages =        {215--227},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}


@inproceedings{Dwork92,
author =       {Cynthia Dwork},
title =        {On verification in secret sharing},
pages =        {114--128},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}



@inproceedings{DworkNa92,
author =       {Cynthia Dwork and Moni Naor},
title =        {Pricing via Processing or Combatting Junk Mail},
pages =        {139--147},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}


@inproceedings{DworkNa94,
author =       {Cynthia Dwork and Moni Naor},
title =        {An efficient existentially unforgeable signature scheme
               and its applications},
pages =        {234--246},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}


@inproceedings{DworkSt88,
author =       {C. Dwork and L. Stockmeyer},
title =        {Zero-Knowledge with Finite State Verifiers},
pages =        {71--76},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No. 403 },
publisher =    {Springer-Verlag},
year =         1988
}


@manual{EastlakeKa96,
author =       {Donald E. Eastlake, 3rd and Charles W. Kaufman},
title =        {{D}omain {N}ame {S}ystem Security Extensions},
year =         1996,
month =        {January 30,},
organization = {Internet DNS Security Working Group},
note =         {(Available at:\hfill
                {\tt ftp://ftp.isi.edu/draft-ietf-dnssec-secext-09.txt})}
}

@inproceedings{Eberle92,
author =       {Hans Eberle},
title =        {A High-Speed {DES} Implementation for Network Applications},
pages =        {521--539},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}


@inproceedings{Ecker83,
author =       {A. Ecker},
title =        {Finite Semigroups and the {RSA}-Cryptosystem},
pages =        {353--369},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@inproceedings{Ecker85,
author =       {A. Ecker},
title =        {Time-division Multiplexing Scramblers: Selecting Permutations
               and Testing the Systems},
pages =        {399--415},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@inproceedings{EichinRo89,
author = 	{M.W. Eichin and J.A. Rochlis},
title = 	{With Microscope and Tweezers: An Analysis of 
			the Internet Virus of November 1988},
booktitle = 	{IEEE Security and Privacy},
pages = 	{326--343},
year =		1989
}



@inproceedings{EierLa83,
author =       {R. Eier and Dipl.-Ing. H. Lagger},
title =        {Trapdoors in Knapsack Cryptosystems},
pages =        {316--322},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@inproceedings{ElGamal84,
author =       {Taher ElGamal},
title =        {A Subexponential-Time Algorithm for Computing Discrete
               Logarithms over $GF(p^{2})$},
pages =        {275--292},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}

@article{ElGamal85,
author =       {T. El Gamal},
title =        {A Public Key Cryptosystem and a Signature Scheme Based
               on Discrete Logarithms},
journal =      {IEEE Trans.\ Inform.\ Theory},
volume =       31,
year =         1985,
pages =        {469--472}
}

%same paper, different source

@inproceedings{ElGamal85a,
author =       {Taher El Gamal},
title =        {A Public Key Cryptosystem and a Signature Scheme Based
               on Discrete Logarithms},
pages =        {10--18},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}


@article{ElGamal85b,
author =       {ElGamal, T.},
year =         1985,
title =        {A subexponential-time algorithm for computing discrete
               logarithms over {$GF(p^2)$}},
journal =      {IEEE Transactions on Information Theory},
volume =       {IT-31},
pages =        {473--481}
}


@inproceedings{ElGamal86,
author =       {Taher ElGamal},
title =        {On Computing Logarithms Over Finite Fields},
pages =        {396--402},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}


@article{Elias72,
author =       {P. Elias},
title =        {The efficient construction of an unbiased random sequence},
journal =      {Ann.\ Math.\ Statist.},
volume =       43,
number =       3,
year =         1972,
pages =        {865--870}
}

@misc{Ellison97,
author = 	{Ellison, Carl M.},
title = 	{A Simple Public-Key Infrastructure},
year = 		{1997},
howpublished =  {(See {\tt http://www.clark.net/pub/cme/html/spki.html})}
}

@mastersthesis{Erdmann92,
author =       {Erdmann, E.D.},
year =         1992,
title =        {Empirical Tests of Binary Keystreams},
school =       {University of London}
}
  
@article{ErdosPo86,
author =       {Paul Erd\"{o}s and Carl Pomerance},
title =        {On the Number of False Witnesses for a Composite Number},
journal =      {Mathematics of Computation},
year =         1986,
month =        Jan,
volume =       46,
number =       173,
pages =        {259--279}
}


@inproceedings{EstesAdKoMcMi86,
author =       {Dennis Estes and Leonard M. Adleman and Kireeti Kompella
               and Kevin S. McCurley and Gary L. Miller},
title =        {Breaking the {Ong-Schnorr-Shamir} Signature Scheme
               for Quadratic Number Fields},
pages =        {3--13},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}


@article{EvansKaWe74,
author =       {A. Evans and W. Kantrowitz and E. Weiss},
title =        {A user authentication scheme not requiring secrecy
               in the computer},
journal =      {CACM},
volume =       17,
month =        Aug,
year =         1974,
pages =        {437--442}
}

@inproceedings{Even82,
author =       {Shimon Even},
title =        {Protocol for Signing Contracts},
pages =        {148--153},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@inproceedings{Even91,
author =       {S. Even},
title =        {Systolic Modular Multiplication},
pages =        {619--624},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}


@article{EvenGo81,
author =       {S. Even and O. Goldreich},
title =        {The Minimum Length Generator Sequence in {NP-Hard}},
journal =      {Journal of Algorithms},
year =         1981,
volume =       2,
pages =        {311--313}
}


@inproceedings{EvenGo83,
author =       {S. Even and O. Goldreich},
title =        {On the Security of Multi-Party Ping-Pong Protocols},
booktitle =    FOCS83,
publisher =    IEEE,
year =         1983,
address =      {Tucson},
pages =        {34--39}
}


@inproceedings{EvenGo83a,
author =       {Shimon Even and Oded Goldreich},
title =        {On the Security of Multi-Party Ping-Pong Protocols},
pages =        {315--315},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983,
comment =      {Abstract of their FOCS '83 paper}
}


@article{EvenGo83b,
author =       {Even, S. and Goldreich, O.},
title =        {DES-like functions can generate the Alternating Group},
journal =      {IEEE Trans. on Information Theory},
volume =       {IT-29},
number =       {6},
year =         1983,
pages =        {863--865}
}


@inproceedings{EvenGo84,
author =       {S. Even and O. Goldreich},
title =        {On the power of cascade ciphers},
pages =        {43--50},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}


@inproceedings{EvenGo84a,
author =       {Shimon Even and Oded Goldreich},
title =        {Electronic Wallet},
pages =        {383--386},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}


@article{EvenGo85,
author =       {S. Even and O. Goldreich},
title =        {On the power of cascade ciphers},
journal =      {ACM Tras.\ Computer Systems},
volume =       3,
month =        May,
year =         1985,
pages =        {108--116}
}

@inproceedings{EvenGoLe83,
author =       {S. Even and O. Goldreich and A. Lempel},
title =        {A Randomized Protocol for Signing Contracts},
pages =        {205--210},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@article{EvenGoLe85,
author =       {S. Even and O. Goldreich and A. Lempel},
title =        {A Randomized Protocol for Signing Contracts},
journal =      {Communications of the ACM},
year =         1985,
volume =       28,
pages =        {637--647}
}


@inproceedings{EvenGoMi90,
author =       {Shimon Even and Oded Goldreich and Silvio Micali},
title =        {On-line/off-line digital signatures},
pages =        {263--277},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{EvenGoSh86,
author =       {Shimon Even and Oded Goldreich and Adi Shamir},
title =        {On the Security of Ping-Pong Protocols When Implemented
               Using the {RSA}},
pages =        {58--72},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}


@techreport{EvenYa80,
author =       {S. Even and Y. Yacobi},
title =        {An Observation Concerning the Complexity of Problems
               with Few Solutions and its Application to Cryptography},
institution =  {Technion C. S. Dept},
year =         1980,
number =       {TR-167}
}

@techreport{EvenYa80a,
author =       {S. Even and Y. Yacobi},
title =        {Cryptocomplexity and {NP}-Completeness},
institution =  {Technion C. S. Dept},
year =         1980,
number =       {TR-172}
}


@article{Fabry74,
author =       {R. Fabry},
title =        {Capability-Based Addressing},
journal =      {Communications of the ACM},
volume =       17,
number =       7,
year =         1974,
month =        {July},
pages =        {403--412}
}


@article{FaginNaWi96,
author = 	{Ronald Fagin and Moni Naor and Peter Winkler},
title = 	{Comparing Information Without Leaking It},
journal =	{Communications of the ACM},
volume = 	39,
number =	5,
pages = 	{77--85},
month =         May,
year = 		1996
}


@manual{Fahn93,
author =       {Fahn, P.},
year =         1993,
title =        {{Answers to Frequently Asked Questions About Today's
               Cryptography}},
organization = {RSA Laboratories},
month =        {September},
note =         {Version 2.0}
}

@techreport{FahnRo94,
author =       {Fahn, P. and Robshaw, M.J.B.},
institution =  {RSA Laboratories},
year =         1994,
month =        {February},
title =        {Results from the {RSA} {F}actoring {C}hallenge},
number =       {TR - 501},
note =         {Revised June, 1994}
}

@inproceedings{FairfieldMaPl85,
author =       {R.C. Fairfield and A. Matusevich and J. Plany},
title =        {An {LSI} Digital Encryption Processor {DEP}},
pages =        {115-143},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}


@inproceedings{FairfieldMoCo85,
author =       {R.C. Fairfield and R.L. Mortenson and K.B. Coulthart},
title =        {An {LSI} Random Number Generator ({RNG})},
pages =        {203--230},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}


@inproceedings{Fam84,
author =       {Bahaa W. Fam},
title =        {Improving the Security of Exponential Key Exchange},
pages =        {359--368},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}


@InProceedings{FeigeFiSh87,
author =       {Uriel Feige and Amos Fiat and Adi Shamir},
title =        {Zero Knowledge Proofs of Identity},
year =         1987,
pages =        {210-217},
booktitle =    {Proc.\ 19th ACM Symp. on Theory of Computing},
month =        {May}
}

@article{FeigeFiSh88,
author =       {U. Feige and A. Fiat and A. Shamir},
title =        {Zero knowledge proofs of identity},
journal =      {Journal of Cryptology},
year =         1988,
volume =       1,
number =       2,
pages =        {77-94}
}


@unpublished{FeigeGoLoSaSz91,
author =       {U. Feige and and S. Goldwasser and L. Lovasz and S.
               Safra and M. Szegedi},
title =        {The Difficulty of Approximating Clique},
booktitle =    FOCS91,
note =	       {no note},
publisher =    IEEE,
year =         1991,
pages =        {2-13}
}


@inproceedings{FeigeGoLoSaSz91a,
author =       {U. Feige and S. Goldwasser and L. Lovasz and S. Safra
               and M. Szegedi},
title =        {Approximating the Clique is Almost {NP}-Complete},
booktitle =    FOCS91,
publisher =    IEEE,
year =         1991,
pages =        {34--39}
}

@inproceedings{FeigeSh90,
author =       {Uriel Feige and Adi Shamir},
title =        {Zero knowledge proofs of knowledge in two rounds},
pages =        {526--545},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}

@InProceedings{FeigeSh90a,
author =       {U. Feige and A. Shamir},
title =        {Witness Indistinguishable and Witness Hiding Protocols},
year =         1990,
pages =        {416--426},
booktitle =    {Proc.\ 22nd ACM Symp. on Theory of Computing},
month =        {May}
}

@inproceedings{FeigeShTe88,
author =       {U. Feige and A. Shamir and M. Tennenholtz},
title =        {The Noisy Oracle Problem},
pages =        {284--286},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{Feigenbaum86,
author =       {Joan Feigenbaum},
title =        {Encrypting Problem Instances: Or...Can You Take Advantage
               of Someone Without Having to Trust Him?},
pages =        {477--488},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}


@article{Feigenbaum93,
author =       {Joan Feigenbaum},
title =        {Locally random reductions in interactive complexity theory},
journal =      {DIMACS Series in Discrete Mathematics and Theoretical 
		Computer Science},
year =         1993,
volume =       13,
pages =        {73--98}
}


@article{FeigenbaumFo93,
author =       {Joan Feigenbaum and Lance Fortnow},
title =        {Random-self-reducibility of complete sets},
journal =      {SIAM Journal of Computing},
year =         1993,
volume =       22,
number =       5,
pages =        {994--1005}
}


@article{FeigenbaumLiWr91,
author =       {Joan Feigenbaum and Mark Y. Liberman and Rebecca N. Wright},
title =        {Cryptograpphic protection of databases and software},
journal =      {DIMACS Series in Discrete Mathematics and Theoretical 
		Computer Science},
year =         1991,
volume =       2,
pages =        {161--172}
}

@article{Feistel73,
author =       {H. Feistel},
title =        {Cryptography and Computer Privacy},
journal =      {Scientific American},
volume =       228,
month =        May,
year =         1973,
pages =        {15--23}
}

@misc{Feistel74,
author =       {Feistel, H.},
title =        {Block cipher cryptographic system},
howpublished = {U.S. Patent No. 3,798,359},
year =         {1974}
}


@article{FeistelNoSm75,
author =       {Horst Feistel and William A. Notz and J. Lynn Smith},
title =        {Some Cryptographic Techniques for Machine-to-Machine
               Data Communications},
journal =      {Proc.\ IEEE},
volume =       63,
number =       11,
year =         1975,
month =        Nov,
pages =        {1545--1554}
}

@inproceedings{Feldman88,
author =       {Frank A. Feldman},
title =        {Fast spectral tests for measuring nonrandomness and
               the {DES}},
pages =        {243--254},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{Feldman87,
author =       {P. Feldman},
title =        {A practical scheme for non-interactive verifiable 
               secret sharing},
pages =        {427--438},
booktitle =    FOCS87,
publisher =    IEEE,
address =      {Los Angeles},
year =         1987
}

@inproceedings{FeldmanMi85,
author =       {P. Feldman and S. Micali},
title =        {Byzantine Agreement in Constant Expected Time (and
               Trusting No One)},
pages =        {267--276},
booktitle =    FOCS85,
address =      {Portland},
publisher =    IEEE,
year =         1985
}


@inproceedings{FeldmeirerKa90,
author =       {David C. Feldmeirer and Philip R. Karn},
title =        {{UNIX} password security - Ten years later},
pages =        {44--63},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{FellDi86,
author =       {Harriet Fell and Whitfield Diffie},
title =        {Analysis of a Public Key Approach Based on Polynomial
               Substitution},
pages =        {340--349},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}


@inproceedings{FellowsKo92,
author =       {Michael Fellows and Neal Koblitz},
title =        {{Kid Krypto}},
pages =        {371--389},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}


@inproceedings{Ferguson94,
author =       {Niels Ferguson},
title =        {Extensions of single-term coins},
pages =        {292--301},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}


@INPROCEEDINGS{Ferreira90,
author =       {R. Ferreira},
title =        {The Practical Application of State of the Art Security
               in Real Environments},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {334--355}
}

@inproceedings{Fiat90,
author =       {Amos Fiat},
title =        {Batch {RSA}},
pages =        {175--185},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{FiatNa91,
author =       {Amos Fiat and Moni Naor},
title =        {Rigorous time/space trade-offs for inverting functions},
booktitle =    STOC91,
publisher =    ACM,
year =         1991,
pages =        {534--541}
}

@inproceedings{FiatNa94,
author =       {Amos Fiat and Moni Naor},
title =        {Broadcast encryption},
pages =        {480--491},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}



@inproceedings{FiatSh87,
author =       {A. Fiat and A. Shamir},
title =        {How to prove yourself: practical solutions to identification
               and signature problems},
pages =        {186--194},
booktitle =    CRYPTO86,
editor =       {A. M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263},
publisher =    {Springer},
year =         1987
}

@inproceedings{FiatSh87a,
author =       {Amos Fiat and Adi Shamir},
title =        {How to prove yourself: Practical solutions to identification
               and signature problems},
pages =        {186--194},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@inproceedings{FindlayJo90,
author =       {Paul A. Findlay and Brian A. Johnson},
title =        {Modular exponentiation using recursive sums of residues},
pages =        {371--386},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{FischerWr92,
author =       {M.J. Fischer and R.N. Wright},
title =        {Multiparty secret key exchange using a random deal
               of cards},
pages =        {141--155},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}


@inproceedings{Forre88,
author =       {R. Forr\'e},
title =        {The Strict Avalanche Criterion: Spectral Properties
               of Boolean Functions and an Extended Definition},
pages =        {450--468},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}



@inproceedings{FortuneMe85,
author =       {Steven Fortune and Michael Merritt},
title =        {Poker Protocols},
pages =        {454-464},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}


@techreport{FrankelDe92,
author =       {Yair Frankel and Yvo Desmedt},
year =         1992,
title =        {Distributed reliable threshold multisignature},
institution =  {Department of E.E. and C.S., University of 
		Wisconsin-Milwaukee},
number =       {TR-92-04-02},
month =        {Apr}
}


@inproceedings{FrankelDeBu92,
author =       {Yair Frankel and Yvo Desmedt and Mike Burmester},
title =        {Non-Existence of Homomorphic General Sharing Schemes
               for Some Key Spaces},
pages =        {549--557},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}

@inproceedings{FranklinHa94,
author =       {Matthew Franklin and Stuart Haber},
title =        {Joint encryption and message-efficient secure computation},
pages =        {266--277},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}


@article{FranklinRe96,
author =       {Matthew K. Franklin and Michael K. Reiter},
title = 	{The Design and Implementation of a Secure Auction Service},
journal = 	{IEEE Transactions onSoftware Engineering},
note = 		{to appear},
year =		1996
}

@article{FriezeHaKaLaSh88,
newtag =       {FriezeHaKaLaSh88},
author =       {A. M. Frieze and J. Hastad and R. Kannan and J. C.
               Lagarias and A. Shamir},
title =        {Reconstructing Truncated Integer Variables Satisfying
               Linear Congruences},
journal =      {SIAM J. Computing},
year =         1988,
month =        Apr,
volume =       17,
number =       2,
pages =        {262--280}
}


@inproceedings{Fumy88,
author =       {Walter Fumy},
title =        {On the F-function of {FEAL}},
pages =        {434--437},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{FumyMu91,
author =       {W. Fumy and M. Munzert},
title =        {A Modular Approach to Key Distribution},
pages =        {274--284},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}


@inbook{FurerGoMaSiZa89,
author =       {M. Furer and O. Goldreich and Y. Mansour and M. Sipser
               and S. Zachos},
title =        {On Completeness and Soundness in Interactive Proof
               Systems},
publisher =    {JAI Press},
note =         {Advances in computing research Vol 5: Randomness and
               computation},
year =         1989,
pages =        {429--442}
}


@INPROCEEDINGS{GaarderSn90,
author =       {K. Gaarder and E. Snekkenes},
title =        {On the Formal Analysis of {PKCS} Authentication Protocols},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {106--121}
}


@book{Gaines56,
author =       {H. F. Gaines},
title =        {Cryptanalysis: A Study of Ciphers and Their Solutions},
publisher =    {Dover},
year =         1956
}

@inproceedings{GalilHaYu85,
author =       {Z. Galil and S. Haber and M. Yung},
title =        {A private interactive test of a Boolean predicate and
               minimum-knowledge public-key cryptosystems},
pages =        {360--371},
booktitle =    FOCS85,
publisher =    IEEE,
address =      {Portland},
year =         1985
}

@inproceedings{GalilHaYu86,
author =       {Zvi Galil and Stuart Haber and Moti Yung},
title =        {Symmetric Public-Key Encryption},
pages =        {128--137},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}


@inproceedings{GalilHaYu88,
author =       {Zvi Galil and Stuart Haber and Moti Yung},
title =        {Cryptographic computation: Secure faut-tolerant protocols
               and the public-key model},
pages =        {135--155},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@article{GalilMa91,
author =       {Zvi Galil and Oded Margalit},
title =        {An Almost Linear-Time Algorithm for the Dense Subset-Sum
               Problem},
journal =      {SIAM J. Comput.},
year =         1991,
month =        Dec,
volume =       20,
number =       6,
pages =        {1157--1189},
comment =      {Algorithm runs in time O(L log L), where L is upper
               bound on input numbers}
}



@inproceedings{GanderMa94,
author =       {M.J. Gander and U.M. Maurer},
title =        {On the secret-key rate of binary random variables},
booktitle =    {Proc. 1994 IEEE Internation Symp. of Information Theory},
year =         1994,
pages =        {351--351},
note =         {Trondheim, Norway, June 27-July1, 94}
}


@article{Ganesan96,
author = 	{Ravi Ganesan},
title = 	{The Yaksha Security System},
journal =	{Communications of the ACM},
volume = 	39,
number =	3,
pages = 	{55--60},
month =		March,
year = 		1996
}


@article{Gardner77,
author =       {Martin Gardner},
title =        {Mathematical Games},
journal =      {Scientific American},
volume =       237,
number =       2,
year =         1977,
pages =        {120--124},
comment =      {Gives RSA challenge cipher.}
}

@book{GareyJo79,
author =       {M. Garey and D. S. Johnson},
title =        {Computers and Intractability: A Guide to the Theory
               of {NP}-Completeness},
publisher =    {Freeman},
year =         1979
}


@book{Garlinski79,
author =       {J. Garl{i\'ns}ki},
title =        {Intercept: The Enigma War},
publisher =    {Dent},
address =      {London},
year =         1979
}


@inproceedings{Gasser82,
author =       {Morrie Gasser},
title =        {Limitations on the Use of Encryption to Enforce Mandatory
               Security},
pages =        {130--134},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@book{Gauss65,
author =       {Gauss, Carl Friedrich},
title =        {Disquisitiones {A}rithmeticae},
year =         1965,
publisher =    {Yale University Press},
note =         {Translated from the 1801 Latin original by A. Clarke.}
}


@inproceedings{Gehrmann94,
author =       {Christian Gehrmann},
title =        {Cryptanalysis of the {Gemmell and Naor} multiround
               authentication protocol},
pages =        {121-128},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}

@INPROCEEDINGS{GeiselmannGo90,
author =       {W. Geiselmann and D. Gollmann},
title =        {{VLSI} Design for Exponentiation in {$GF(2^{n})$}},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {398--405}
}


@inproceedings{GemmellNa94,
author =       {Pete Gemmell and Moni Naor},
title =        {Codes for interactive authentication},
pages =        {355--367},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}


@inproceedings{Gennaro95,
author =       {Gennaro, Rosario},
title =        {Achieving Independence Efficiently and Securely},
booktitle =    PODC95,
pages =        {130--136},
publisher =    ACM,
year =         1995
}


@unpublished{Gennaro95a,
author =       	{Gennaro, Rosario},
title = 	{A receipt-free election scheme tolerating a dynamic
		 coercer (with applications to key escrow}, 
note = 		{Unpublished Manuscript},
month =		Nov,
year =		1995
}


@book{GerhardtDi77,
editor =       {L. A. Gerhardt and R. C. Dixon},
title =        {Spread Spectrum Communications},
publisher =    IEEE,
note =         {Special issue of IEEE Trans. Comm.},
volume =       {COM25},
month =        Aug,
year =         1977
}

@unpublished{Gertner95,
author =       {Yael Gertner},
title =        {Analysis of the Pollard-Rho Factoring Algorithm},
note =         {6.915 course paper},
month =        Dec,
year =         1995
}



@unpublished{GertnerMa96,
author =       {Yael Gertner and Tal Malkin}, 
title =        {Private Information Retrieval Protecting the 
		User and the Database},
note =         {TR to come},
month =        Dec,
year =         1996
}


@unpublished{Gibson87,
author =       {Gibson, J. K.},
title =        {A Generalization of {Brickell's} Algorithm for Fast
               Modular Multiplication},
note =         {Submitted to BIT},
month =        Sep,
year =         1987
}


@article{Gibson91,
author =       {J.K. Gibson},
title =        {Discrete logarithm hash function that is collision
               free and one way},
pages =        {407--410},
journal =      {IEE Proceedings-E},
note =         {No. 138},
publisher =    {Springer-Verlag},
year =         1991
}


@inproceedings{GilbertCh91,
author =       {H. Gilbert and G. Chass{\'e}},
title =        {A Statistical Attack of the {FEAL}-8 Cryptosystem},
pages =        {22--33},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}

@inproceedings{GilbertCh94,
author =       {Henri Gilbert and Pascal Chauvaud},
title =        {A chosen plaintext attack of the 16-round {Khufu} cryptosystem},
pages =        {359--368},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}

				   
@article{GilbertMaSl74,
author =       {E. N. Gilbert and F. J. MacWilliams and N. J. A. Sloane},
title =        {Codes which detect deception},
journal =      {Bell System Tech.\ J.},
volume =       53,
year =         1974,
pages =        {405--424}
}

@article{Gill77,
author =       {J. Gill},
title =        {Computational complexity of probabilistic {T}uring
               machines},
journal =      SIAM,
volume =       6,
month =        Dec,
year =         1977,
pages =        {675--695}
}


@article{GillmanMoRi96,
author =       {Gillman, David W. and Mojdeh Mohtashemi and Ronald L. Rivest},
title =        {On Breaking a Huffman Code},
journal =      {IEEE Trans. Info. Theory},
volume =       {42},
number =       {3},
month =        {May},
year =         {1996},
pages =        {972--976}
}

@inproceedings{Giradot85,
author =       {Yves Giradot},
title =        {Bull {CP8} Smart Card Uses in Cryptology},
page =         {464--469},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}

@INPROCEEDINGS{Girault90,
author =       {M. Girault},
title =        {A (Non-Practical) Three-Pass Identification Protocol
               Using Coding Theory},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {265--272}
}


@inproceedings{GiraultSt94,
author =       {Marc Girault and Jacquess Stern},
title =        {On the length of cryptographic hash-values used in
               identification schemes},
pages =        {202--215},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}


@inproceedings{GiraultToVa88,
oldtag =       {GiraultToVa90},
author =       {M. Girault and P. Toffin and B. Vall\'ee},
title =        {Computation of Approximate $L-th$ Roots Modulo $n$
               and Application to Cryptography},
pages =        {100--118},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}



@article{Gligor79,
author =       {V.D. Gligor},
year =         1979,
title =        {Review and Revocation of Access Privileges Distributed
		Through Capabilities},
journal =      {IEEE Transactions on Software Engineering},
volume =       {SE-5/6},
pages =        {575--586}
}


@inproceedings{Gligor83,
author = 	{V. Gligor}, 
title = 	{A Note on the Denial of Service Problem}, 
booktitle = 	{IEEE Security and Privacy}, 
year = 		1983
}


@inproceedings{GodlewskiCo86,
author =       {Philippe Godlewski and Gerard D. Cohen},
title =        {Some Cryptographic Aspects of {Womcodes}},
pages =        {458--467},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}


@inproceedings{GoguenMe82,
author = 	{J. Goguen and J. Meseguer}, 
title = 	{Security Policies and Security Models}, 
booktitle = 	{IEEESecPriv}, 
year = 	1982
}


@book{GoldiePi91,
editor =       {C.M. ~Goldie and R.G.E. ~Pinch},
title =        {Communication Theory},
publisher =    {Cambridge University Press},
year =         1991
}

@mastersthesis{Goldreich82,
author =       {Oded Goldreich},
title =        {On the Complexity of Some Edge Testing Problems},
school =       {Computer Science Dept, Technion, Haifa, Israel},
year =         1982
}


@phdthesis{Goldreich83a,
author =       {Oded Goldreich},
title =        {On the Security of Cryptographic Protocols and Cyptosystems},
school =       {Computer Science Dept, Technion, Haifa, Israel},
year =         1983
}


@techreport{Goldreich83b,
author =       {Oded Goldreich},
title =        {On Concurrent Identification Protocols},
institution =  {MIT Laboratory for Computer Science},
number =       {MIT/LCS/TM-250},
month =        Dec,
year =         1983,
note =         {Some more content than Eurocrypt '84 version.}
}

@inproceedings{Goldreich84,
author =       {Oded Goldreich},
title =        {A Simple Protocol for Signing Contracts},
pages =        {133--136},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}


@inproceedings{Goldreich85,
author =       {Oded Goldreich},
title =        {On the Number of Close-and-equal Pairs of Bits in a
               String},
pages =        {127--141},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@inproceedings{Goldreich85a,
author =       {Oded Goldreich},
title =        {On Concurrent Identification Protocols},
pages =        {387--396},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@techreport{Goldreich86,
author =       {O. Goldreich},
title =        {Two remarks concerning the {Goldwasser-Micali-Rivest}
               signature scheme},
institution =  {MIT Laboratory for Computer Science},
number =       {MIT/LCS/TM-315},
month =        Sep,
year =         1986
}

@inproceedings{Goldreich87,
author =       {Oded Goldreich},
title =        {Two Remarks Concerning the {Goldwasser-Micali-Rivest}
               Signature Scheme},
pages =        {104--110},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@inproceedings{Goldreich87a,
author =       {Oded Goldreich},
title =        {Towards a Theory of Software Protection},
pages =        {426--439},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@inbook{Goldreich88,
author =       {Oded Goldreich},
title =        {Randomness, Interaction, Proofs and Zero-Knowledge},
publisher =    {Oxford University Press},
note =         {booktitle: The Universal Turing Machine: A Half-Century
               Survey},
year =         1988,
pages =        {377--406}
}


@article{Goldreich90,
author =       {Oded Goldreich},
title =        {A Note on Computational Indistinguishability},
journal =      {Information Processing Letters},
volume =       34,
month =        May,
year =         1990,
pages =        {277--281}
}


@article{Goldreich93,
author =       {Oded Goldreich},
title =        {A Uniform Complexity Treatment of Encryption and Zero-Knowledge},
journal =      {Journal of Cryptology},
year =         1993,
volume =       6,
number =       1,
pages =        {21--53}
}


@article{Goldreich93a,
author =       {Oded Goldreich},
title =        {A Taxonomy of Proof Systems (Part 1)},
journal =      {ACM SIGACT News},
volume =       24,
number =       4,
year =         1993,
month =        Dec,
pages =        {2--13}
}


@article{Goldreich94,
author =       {Oded Goldreich},
title =        {A Taxonomy of Proof Systems (Part 2)},
journal =      {ACM SIGACT News},
volume =       25,
number =       1,
year =         1994,
month =        Mar,
pages =        {22--30}
}


@inproceedings{GoldreichGoLi91,
author =       {O. Goldreich and S. Goldwasser and N. Linial},
title =        {Fault Tolerant Computation in the Full Information
               Model},
booktitle =    FOCS91,
publisher =    IEEE,
year =         1991,
pages =        {447-457}
}



@inproceedings{GoldreichGoMi84,
author =       {O. Goldreich and S. Goldwasser and S. Micali},
title =        {How to Construct Random Functions},
pages =        {464--479},
booktitle =    FOCS84,
publisher =    IEEE,
address =      {Singer Island},
year =         1984
}


@article{GoldreichGoMi84a,
author =       {O. Goldreich and S. Goldwasser and S. Micali},
title =        {How to Construct Random Functions},
journal =      {Journal of the ACM},
volume =       33,
number =       4,
year =         1984,
month =        Oct,
pages =        {792--807}
}

@inproceedings{GoldreichGoMi85,
author =       {Oded Goldreich and Shafi Goldwasser and Silvio Micali},
title =        {On the Cryptographic Applications of Random Functions},
pages =        {276--288},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}

@inproceedings{GoldreichKr86,
author =       {Oded Goldreich and Hugo Krawczyk},
title =        {On the Composition of Zero-Knowledge Proof Systems},
booktitle =    {ICALP},
year =         1986,
pages =        {174--187}
}


@inproceedings{GoldreichKr90,
author =       {Oded Goldreich and Hugo Krawczyk},
title =        {Sparse pseudorandom distributions},
pages =        {113--127},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@article{GoldreichKr92,
author =       {Oded Goldreich and Hugo Krawczyk},
title =        {On Sparse Pseudorandom Ensembles},
journal =      {Random Structures and Algorithms},
volume =       3,
number =       2,
year =         1992,
pages =        {163--174}
}


@article{GoldreichKr93,
author =       {Oded Goldreich and Hugo Krawczyk},
title =        {On the Existence of Pseudorandom Generators},
journal =      {SIAM J. Computing},
year =         1993,
month =        Dec,
volume =       22,
number =       6,
pages =        {1163--1175}
}


@inproceedings{GoldreichKrLu88,
oldtag =       {GoldreichKrLu90},
author =       {O. Goldreich and H. Krawczyk and M. Luby},
title =        {On the Existence of Pseudorandom Generators},
pages =        {146--162},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{GoldreichKu88,
author =       {O. Goldreich and E. Kushilevitz},
title =        {A Perfect Zero-Knowledge Proof for a Problem Equivalent
               to Discrete Logarithm},
pages =        {57--70},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}


@article{GoldreichKu93,
author =       {O. Goldreich and E. Kushilevitz},
title =        {A Perfect Zero-Knowledge Proof for a Problem Equivalent
               to Discrete Logarithm},
journal =      {Journal of Cryptology},
year =         1993,
volume =       6,
number =       2,
pages =        {97--116}
}


@unpublished{GoldreichLe89,
author =       {O. Goldreich and L. Levin},
title =        {A Hard-core predicate for all one-way functions},
year =         1989,
note =         {To appear in STOC '89}
}


@inproceedings{GoldreichMi87,
author =       {O. Goldreich and S. Micali},
title =        {Zero Knowledge and the Design of Secure Protocols},
pages =        {??--??},
booktitle =    {Proceedings IEEE Globecom '87},
publisher =    IEEE,
year =         1987
}


@inproceedings{GoldreichMiWi86,
author =       {O. Goldreich and S. Micali and A. Wigderson},
title =        {Proofs that yield nothing but their validity and a
               methodology of cryptographic protocol design},
pages =        {174--187},
booktitle =    FOCS86,
publisher =    IEEE,
address =      {Toronto},
year =         1986
}


@inproceedings{GoldreichMiWi87,
author =       {Oded Goldreich and Silvio Micali and Avi Wigderson},
title =        {rea a methodology of cryptographic protocol design},
pages =        {171--185},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@article{GoldreichMiWi91,
author =       {Oded Goldreich and Silvio Micali and Avi Wigderson},
title =        {Proofs that Yield Nothing but their Validity or All
               Languages in {NP} Have Zero-Knowledge Proof Systems},
journal =      {Journal of the ACM},
volume =       38,
number =       1,
year =         1991,
pages =        {691--729}
}


@article{GoldreichOr94,
author =       {O. Goldreich and Y. Oren},
title =        {Definitions and Properties of Zero-Knowledge Proof
               Systems},
journal =      {Journal of Cryptology},
year =         1994,
volume =       7,
number =       1,
pages =        {1--32}
}

@inproceedings{GoldreichVa88,
author =       {Oded Goldreich and Ronen Vainish},
title =        {How to solve any protocol problem - an efficiency improvement},
pages =        {73--86},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{Goldwasser89,
author =       {Shafi Goldwasser},
title =        {Interactive Proof Systems Computational Complexity
               Theory},
booktitle =    {Proceedings of Symposia in Applied Mathematics},
note =         {volume 38},
year =         1989,
pages =        {108-128}
}


@incollection{Goldwasser90,
author =       {Shafi Goldwasser},
title =        {The Search for Provably Secure Cryptosystems},
booktitle =    {Proc.\ AMS Symposia in Applied Mathematics: Computational
               Number Theory and Cryptography},
publisher =    {American Mathematical Society},
year =         {1990},
pages =        {89--113}
}

@inproceedings{Goldwasser90a,
author =       {Shafi Goldwasser},
title =        {Interactive Proofs and Applications},
pages =        {??--??},
booktitle =    {Proceedings of the International Congress of Mathematicians},
volume =       2,
note =         {Lecture Notes in Computer Science No.\ 740},
year =         1990
}

@inproceedings{GoldwasserLe91,
author =       {S. Goldwasser and L. Levin},
title =        {Fair Computation of General Functions in Presence of
               Immoral Majority},
pages =        {77--93},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}

@inproceedings{GoldwasserKi86,
author =       {S. Goldwasser and J. Kilian},
title =        {Almost all primes can be quickly certified},
pages =        {316--329},
booktitle =    STOC86,
publisher =    ACM,
address =      {Berkeley},
year =         1986
}

@inproceedings{GoldwasserMi82,
author =       {S. Goldwasser and S. Micali},
title =        {Probabilistic Encryption and How to Play Mental Poker
               Keeping Secret All Partial Information},
pages =        {365--377},
booktitle =    STOC82,
publisher =    ACM,
address =      {San Francisco},
year =         1982
}

@article{GoldwasserMi84,
author =       {S. Goldwasser and S. Micali},
title =        {Probabilistic Encryption},
journal =      JCSS,
volume =       28,
number =       2,
month =        Apr,
year =         1984,
pages =        {270--299}
}

@inproceedings{GoldwasserMiRa85,
author =       {S. Goldwasser and S. Micali and C. Rackoff},
title =        {The knowledge complexity of interactive proof-systems},
booktitle =    STOC85,
publisher =    ACM,
address =      {Providence},
year =         1985,
pages =        {291--304}
}

@article{GoldwasserMiRa89,
author =       {S. Goldwasser and S. Micali and C. Rackoff},
title =        {The knowledge complexity of interactive proof-systems},
journal =      {SIAM. J. Computing},
year =         1989,
volume =       18,
number =       1,
month =        Feb,
pages =        {186--208}
}

@inproceedings{GoldwasserMiRi84,
author =       {S. Goldwasser and S. Micali and R. Rivest},
title =        {A Paradoxical Solution to the Signature Problem},
pages =        {441-448},
booktitle =    FOCS84,
publisher =    IEEE,
address =      {Singer Island},
year =         1984
}

@inproceedings{GoldwasserMiRi85,
author =       {Shafi Goldwasser and Silvio Micali and Ronald L. Rivest},
title =        {A `Paradoxical' Solution to the Signature Problem},
pages =        {467--467},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}


@article{GoldwasserMiRi88,
author =       {Goldwasser, Shafi and Silvio Micali and Ronald L. Rivest},
title =        {A Digital Signature Scheme Secure Against Adaptive
               Chosen-Message Attacks},
journal =      SIAM,
volume =       17,
number =       2,
year =         1988,
month =        Apr,
pages =        {281--308}
}

@inproceedings{GoldwasserMiTo82,
author =       {S. Goldwasser and S. Micali and P. Tong},
title =        {Why and How to Establish a Private Code on a Public
               Network},
pages =        {134--144},
booktitle =    FOCS82,
publisher =    IEEE,
address =      {Chicago},
year =         1982
}


@inproceedings{GoldwasserMiYa83,
author =       {S. Goldwasser and S. Micali and A. Yao},
title =        {Strong Signature Schemes},
pages =        {431--439},
booktitle =    STOC83,
publisher =    ACM,
address =      {Boston},
year =         1983
}


@inproceedings{GoldwasserMiYa83a,
author =       {Shafi Goldwasser and Silvio Micali and Andy Yao},
title =        {On Signatures and Authentication},
pages =        {211--215},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}

@inproceedings{GoldwasserOs92,
author =       {S. Goldwasser and Rafail Ostrovsky},
title =        {Invariant Signatures and Non-Interactive Zero-Knowledge
               Proofs are Equivalent},
pages =        {228--244},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}


@misc{GoldwasserRa84,
newtag =       {GoldwasserRa84},
author =       {S. Goldwasser and C. Rackoff},
title =        {On Using the {XOR} operator as a Security Amplifier:
               Applications to Factoring Based Encryption},
year =         1984,
note =         {Presented at Eurocrypt '84, April, Paris}
}


@inproceedings{GoldwasserSi86,
author =       {S. Goldwasser and M. Sipser},
title =        {Private Coins versus Public Coins in Interactive Proof
               Systems},
pages =        {59--68},
booktitle =    STOC86,
publisher =    ACM,
address =      {Berkeley},
year =         1986
}


@inproceedings{Gollmann85,
author =       {Dieter Gollmann},
title =        {Pseudo Random Properties of Cascade Connections of
               Clock Controlled Shift Registers},
pages =        {93--98},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@book{Golomb82,
author =       {S. W. Golomb},
title =        {Shift Register Sequences},
publisher =    {Aegean Park Press},
address =      {Laguna Hills},
year =         1982,
note =         {Revised edition}
}


@inproceedings{GoodmanMc85,
author =       {R.M.F. Goodman and A.J. McAuley},
title =        {A New Trapdoor Knapsack Public-Key Cryptosystem},
pages =        {150--158},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@book{GoosHa83,
editor =       {G. Goos and J. Hartmanis},
title =        {Cryptography: Proc.\ of the Workshop on Cryptography},
year =         1983,
address =      {Burg Feuerstein},
note =         {Lecture Notes in Computer Science No.\ 149},
publisher =    {Springer}
}


@inproceedings{Gordon82,
author =       {J.A. Gordon},
title =        {Towards a Design Procedure for Cryptosecure Substitution
               Boxes},
pages =        {53--53},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}



@article{Gordon84,
author =       {J. Gordon},
title =        {Strong {RSA} Keys},
journal =      {Electronics Letters},
volume =       20,
number =       12,
year =         1984,
month =        Jun,
pages =        {514--516}
}

@inproceedings{Gordon85,
author =       {John Gordon},
title =        {Strong Primes are Easy to Find},
pages =        {216--223},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer},
address =      {Paris},
year =         1985
}

@article{Gordon93,
author =       {Gordon, Daniel M.},
title =        {Discrete Logarithms in {GF(p)} Using the Number Field
               Sieve},
journal =      {SIAM J. Disc. Math.},
year =         1993,
month =        Feb,
volume =       6,
number =       1,
pages =        {124--138}
}


@inproceedings{Gordon92,
author =       {Daniel M. Gordon},
title =        {Designing and Detecting Trapdoors for Discrete Log
               Cryptosystems},
pages =        {66--75},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}


@inproceedings{GordonMc92,
author =       {Daniel M. Gordon and Kevin S. McCurley},
title =        {Massively Parallel Computation of Discrete Logarithms},
pages =        {312--323},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}

@inproceedings{GordonRe83,
author =       {J.A. Gordon and H. Retkin},
title =        {Are Big {S-B}oxes Best?},
pages =        {257--262},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}

@inproceedings{Gosler86,
author =       {James R. Gosler},
title =        {Software Protection: Myth or Reality?},
pages =        {140--157},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}


@inproceedings{Goutay85,
author =       {Jean Goutay},
title =        {Smart Card Applications in Security and Data Protection},
page =         {459--463},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}



@article{GramppMo84, 
author = 	{F. Grampp and R. Morris}, 
title = 	{UNIX Operating System Security}, 
journal = 	{Bell System Technical Journal}, 
volume = 	62, 
number = 	8, 
year = 		1984
}


@inproceedings{GrollmanSe84,
author =       {J. Grollman and A. L. Selman},
title =        {Complexity Measures for Public-Key Cryptosystems},
pages =        {495--515},
booktitle =    FOCS84,
publisher =    IEEE,
address =      {Singer Island},
year =         1984
}

@article{GrollmanSe88,
author =       {J. Grollman and A. L. Selman},
title =        {Complexity Measures for Public-Key Cryptosystems},
journal =      {SIAM J. Computing},
year =         1988,
month =        Apr,
volume =       17,
number =       2,
pages =        {309--335}
}

@inproceedings{Groscot85,
author =       {H. Groscot},
title =        {Estimation of Some Encryption Functions Implemented
               into Smart Cards},
page =         {470--479},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}

@techreport{GrossmanCo74,
author =       {Edna Grossman and Don Coppersmith},
title =        {Generators for Certain Alternating Groups with Applications
               to Cryptography},
institution =  {IBM T.J. Watson Research},
number =       {RC 4741},
month =        Feb,
year =         1974
}

@techreport{GrossmanTu77,
author =       {Edna K. Grossman and Bryant Tuckerman},
title =        {Analysis of a Feistel-Like Cipher Weakened by having
               no Rotating Key},
institution =  {IBM T.J. Watson Research},
number =       {RC 6375},
month =        Jan,
year =         1977
}


@INPROCEEDINGS{Guang90,
author =       {G. Guang},
title =        {Nonlinear Generators of Binary Sequences with Controllable
               Complexity and Double Key},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {32--36}
}

@inproceedings{Guillou85,
author =       {Louis C. Guillou},
title =        {Smart Cards and Conditional Access},
page =         {480--489},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@inproceedings{GuillouQu88,
author =       {Louis Guillou and Jean-Jacques Quisquater},
title =        {Efficient digital public-key signature with shadow},
pages =        {223--223},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{GuillouQu88a,
oldtag =       {GuillouQu90},
author =       {L.C. Guillou and J.-J. Quisquater},
title =        {A ``Paradoxical'' Indentity-Based Signature Scheme
               Resulting from Zero-Knowledge},
pages =        {216--231},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{GuillouUg87,
author =       {Louiss C. Guillou and Michel Ugon},
title =        {Smart Card, a highly reliable and portable security
               device},
pages =        {464--479},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}

@INPROCEEDINGS{GustafsonDaCa90,
author =       {H. Gustafson and E. Dawson and B. Caelli},
title =        {Comparison of Block Ciphers},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {208--220}
}


@inproceedings{Guy75,
author =       {Richard K. Guy},
title =        {How to Factor a Number},
year =         1975,
booktitle =    {Proc.\ Fifth Manitoba Conference on Numerical Mathematics},
pages =        {49--89}
}



@inproceedings{GyoerySe87,
author =       {Ralph Gyoery and Jennifer Seberry},
title =        {Electronic Funds Transfer Point of Sale in {Australia}},
pages =        {347--377},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@inproceedings{GyorfiKe83,
author =       {Laszlo Gyorfi and Istvan Kerekes},
title =        {Analysis of Multiple Access Channel Using Multiple
               Level {FSK}},
pages =        {165--172},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@inproceedings{HaberSt91,
author =       {S. Haber and W.S. Stornetta},
title =        {How to Time-Stamp a Digital Document},
pages =        {437--455},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}

@article{HaberSt91a,
author =       {S. Haber and W.S. Stornetta},
title =        {How to Time-Stamp a Digital Document},
journal =      {Journal of Cryptology},
year =         1991,
volume =       3,
pages =        {99--111}
}


@inproceedings{Haemers86,
author =       {Willem Haemers},
title =        {Access Control at the {Netherlands} Postal and Telecommunications
               Services},
pages =        {543--544},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}


@misc{Hallam-Baker95,
author = 	{Phillip Hallam-Baker},
title = 	{{W3C} Payments Resources},
note = 		{{\tt http://www.w3.org/hypertext/WWW/Payments/overview.html}},
year = 		1995,
}

@inproceedings{Haller94,
author =       {Neil M. Haller},
title =        {The {S/KEY} One-Time Password System},
booktitle = 	{ISOC},
year = 		1994
}

@inproceedings{Harari85,
author =       {S. Harari},
title =        {Non-Linear, Non-Commutative Functions for Data Integrity},
pages =        {25--32},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@book{HardyWr75,
author =       {G. H. Hardy and E. M. Wright},
title =        {An Introduction to the Theory of Numbers},
publisher =    {Oxford Clarendon Press},
year =         1975,
edition =      {Fourth}
}

@INPROCEEDINGS{Hardjono90,
author =       {T. Hardjono},
title =        {Record Encryption in Distributed Databases},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {386--395}
}


@inproceedings{HarnLi92,
author =       {Lein Harn and Hung-Yu Lin},
title =        {An $l$-Span Generalized Secret Sharing Scheme},
pages =        {558--565},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}


@article{HarrisonRuUl76, 
author = 	{M. Harrison and W. Ruzzo and J. Ullman}, 
title = 	{Protection in Operating Systems}, 
journal = 	{Communications of the ACM}, 
volume = 	19, 
number = 	8,
year = 		1976
}


@article{Hart94,
author =       {George W. Hart},
title =        {To Decode Short Cryptograms},
journal =      {Communications of the ACM},
month =        Sep,
year =         1994,
volume =       37,
number =       9,
pages =        {102--108}
}


@inproceedings{Hastad86,
oldtag =       {Hastad85},
author =       {J. Hastad},
title =        {On using {RSA} with low exponent in a public key network},
pages =        {403--408},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
publisher =    {Springer},
year =         1986,
note =         {Lecture Notes in Computer Science No.\ 218}
}

@article{Hastad88,
author =       {J. Hastad},
title =        {Solving Simultaneous Modular Equations of Low Degree},
journal =      {SIAM J. Computing},
year =         1988,
month =        Apr,
volume =       17,
number =       2,
pages =        {336--341}
}


@article{HastadScSh93,
author =       {J. Hastad and A.W. Schrift and A. Shamir},
title =        {The discrete logarithm modulo a composite hides $O(n)$
               bits},
journal =      {Journal of Computer and Systems Sciences},
volume =       47,
year =         1993,
pages =        {376--404}
}


@inproceedings{HastadSh85,
author =       {J. Hastad and A. Shamir},
title =        {The Cryptographic Security of Truncated Linearly Related
               Variables},
pages =        {356--362},
booktitle =    STOC85,
publisher =    ACM,
address =      {Providence},
year =         1985
}

@article{Hauser94,
author =       {Ralf C. Hauser},
title =        {Does Licensing Require New Access Control Techniques},
journal =      {Communications of the ACM},
month =        Nov,
year =         1994,
volume =       37,
number =       11,
pages =        {48--55}
}

@misc{HauserStWa95,
author =       {Ralf Hauser and Michael Steiner and Michael Waidner},
title =        {Micro-{P}ayments based on {iKP}},
year =         1995,
month =        {December 17,},
note =         {Available from authors. {\tt sti@zurich.ibm.com}}
}

@INPROCEEDINGS{Hayes90,
author =       {B. Hayes},
title =        {Anonymous One-Time Signatures and Flexible Untraceable
               Electronic Cash},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {294--305}
}


@inproceedings{VanHeijstPePf92,
oldtag =       {HeijstPePf92},
author =       {Eug\'ene van Heijst and Torben P. Pedersen and Birgit
               Pfitzmann},
title =        {New Constructions of Fail-Stop Signatures and Lower
               Bounds},
pages =        {15--30},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}


@article{Hellman77,
author =       {M. E. Hellman},
title =        {An extension of the {Shannon} theory approach to cryptography},
journal =      {IEEE Trans.\ Inform.\ Theory},
volume =       {IT-23},
year =         1977,
pages =        {289--294}
}

@article{Hellman79,
author =       {M. E. Hellman},
title =        {The Mathematics of Public Key Cryptography},
journal =      {Scientific American},
volume =       241,
month =        Feb,
year =         1979,
pages =        {146--157}
}

@article{Hellman80,
author =       {M. E. Hellman},
title =        {A cryptanalytic time-memory trade off},
journal =      {IEEE Trans. Inform. Theory},
volume =       {IT-26},
year =         1980,
pages =        {401--406}
}

@misc{HellmanBa86,
author =       {Martin E. Hellman and Carl E[ric] Bach},
title =        {Method and Apparatus for Use in Public-Key Data Encryption
               System},
howpublished = {U.S. Patent 4,633,036},
month =        Dec,
year =         1986,
note =         {(Filed May 31, 1984)}
}


@inproceedings{HellmanKaRe82,
author =       {Martin E. Hellman and Ehud Karnin and Justin Reyneri},
title =        {On the Necessity of Exhaustive Search for System-Invariant
               Cryptanalysis},
pages =        {2-6},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@techreport{HellmanMeScWaDiPo76a,
oldtag =       {HellmanMeScWaDiPoSc76},
author =       {M. E. Hellman and R. Merkle and R. Schroeppel and 
               L. Washington and W. Diffie and S. Pohlig and P. Schweitzer},
title =        {Results of an initial attempt to cryptanalyze the {NBS}
               Data Encryption Standard},
institution =  {Stanford University},
number =       {SEL 76--042},
year =         1976
}


@inproceedings{HellmanRe83a,
oldtag =       {HellmanRe83},
author =       {Martin E. Hellman and Justin M. Reyneri},
title =        {Fast Computation of Discrete Logarithms in {GF}($q$)},
pages =        {3--13},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@inproceedings{HellmanRe83aa,
oldtag =       {HellmanRe83a},
author =       {Martin E. Hellman and Justin M. Reyneri},
title =        {Drainage and the {DES}},
pages =        {129--131},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@inproceedings{HendessiAr93,
author =       {Faramarz Hendessi and Mohammad R. Aref},
title =        {A Successful Attack Against the {DES}},
pages =        {78--90},
booktitle =    {Information Theory and Applications Proceedings, Third
               Canadian Workshop},
editor =       {T. Aaron Gulliver and Norman P. Secord},
note =         {Lecture Notes in Computer Science No.\ 793 },
publisher =    {Springer-Verlag},
month =        May,
year =         1993
}


@inproceedings{HenryNa82,
author =       {Paul S. henry and R.D. Nash},
title =        {High-Speed Hardware Implementation of the Knapsack
               Cipher},
pages =        {16--16},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@inproceedings{Henze82,
author =       {Ernst Henze},
title =        {A General Public Key System},
pages =        {140--141},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@inproceedings{Herbison88,
oldtag =       {Herbison90},
author =       {B.J. Herbison},
title =        {Developing Ethernet Enhanced-Security System},
pages =        {507--519},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}


@article{Herlestam78,
author =       {Tore Herlestam},
title =        {Some critical remarks on public-key cryptosystems},
journal =      {BIT},
volume =       18,
year =         1978,
pages =        {493--496},
comment =      {Generalization of repeated encryption attack of SimmonsNo77}
}


@inproceedings{Herlestam82,
author =       {Tore Herlestam},
title =        {Discussion of Adleman's Subexponential Algorithm for
               Computing Discrete Logarithms},
pages =        {142--147},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}

@inproceedings{Herlestam83,
author =       {Tore Herlestam},
title =        {On Using Prime Polynomials in Crypto Generators},
pages =        {207--216},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@inproceedings{HerlihyTy88,
author =       {Maurice P. Herlihy and J.D. Tygar},
title =        {How to make replicated data secure},
pages =        {379--391},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}

@unpublished{HerzbergJaKrYu95,
author =       {Amir Herzberg and Stanislaw Jarecki and Hugo Krawczyk
               and Moti Yung},
title =        {Proactive Secret Sharing, or: How to Cope with Perpetual
               Leakage},
month =        Feb,
year =         1995,
note =         {IBM T.J. Watson Research Center}
}

@inproceedings{HerzbergLu92,
author =       {Amir Herzberg and Michael Luby},
title =        {Pubic Randomness in Cryptography},
pages =        {421--432},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}


@inproceedings{HerzbergPi86,
author =       {Amir Herzberg and Shlomit S. Pinter},
title =        {Public Protection of Software},
pages =        {158--179},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}


@inproceedings{HessWi83,
author =       {Peter Hess and Klaus Wirl},
title =        {A Voice Scrambling System for Testing and Demonstration},
pages =        {147--156},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}

@unpublished{HeysTa94,
author =       {H.M. Heys and S.E. Tavares},
title =        {On the Security of the {CAST} Encryption Algorithm},
month =        Sep,
year =         1994,
note =         {preprint of the Canadian Conf. on Elect. \& Computer
               Eng}
}


@article{Hill29,
author =       {L.S. Hill},
title =        {Cryptography in an algebraic alphabet},
journal =      {The American Mathematical Monthly},
year =         1929,
volume =       36,
pages =        {306--312}
}


@article{Hiramatsu93,
author =       {Tsuyoshi Hiramatsu},
title =        {Protecting Telecommunications Privacy in Japan},
journal =      {Communications of the ACM},
month =        Aug,
year =         1993,
volume =       36,
number =       8,
pages =        {74--77}
}


@inproceedings{Hirschfeld92,
author =       {Rafael Hirschfeld},
title =        {Making Electronic Refunds Safer},
pages =        {106--112},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}


@inproceedings{Hoffman86,
author =       {L. Hoffman},
title =        {Risk Analysis and Computer Security: Bridging
		the Cultural Gaps},
booktitle =    {Proceedings of the 9th National Computer 
	       Security Conference},
pages =        {unknown},
year =         1986
}

@inproceedings{Hoffman86a,
author =       {Lance J. Hoffman},
title =        {A general purpose computer shell for risk analysis},
pages =        {unknown},
booktitle =    {Proceedings of the 1986 Conference of the Society for Risk Analysis},
note =		{SRA},
month =		{Nov},
year =         1986
}


@techreport{Hoffman87,
author =       {Lance J. Hoffman},
institution =  {The George Washington University},
year =         1987,
month =        {Nov},
title =        {Smoking out the bad actors: Risk analysis in the
		age of the microcomputer},
number =       {GWU TR 87-16}
}

@techreport{Hoffman95,
author =       {Lance J. Hoffman},
institution =  {The George Washington University},
year =         1995,
month =        {Aug},
title =        {Balanced Key Escrow},
number =       {GWU-ICTSP-95-04}
}


@book{Hoffman95a,
editor =       {Lance J. Hoffman},
title =        {Building in Big Brother: The Cryptographic Policy Debate},
publisher =    {Springer-Verlag},
year =         1995
}

@article{HoffmanAlHeHu94,
author =       {Lance J. Hoffman and Faraz A. Ali and Steven L. Heckler
               and Ann Huybrechts},
title =        {Cryptography Policy},
journal =      {Communications of the ACM},
month =        Sep,
year =         1994,
volume =       37,
number =       9,
pages =        {109--117}
}


@book{HoffmanLeLiRoWa91,
oldtag =       {HoffmanLeLiPhRoWa91},
author =       {D.G. Hoffman and D.A. Leonard and C.C. Lindner, K.T.
               Phelps and C.A. Rodger and J.R. Wall},
title =        {Coding Theory, The Essentials},
publisher =    {Marcel Dekker},
year =         1991
}


@inproceedings{HohlLaMeWa94,
author =       {Walter Hohl and Xuejia Lai and Thomas Meier and Christian
               Waldvogel},
title =        {Security of iterated hash functions based on block
               ciphers},
pages =        {379--390},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}


@techreport{HolmesMaWr90, 
author = 	{J.P. Holmes and R.L. Maxwell and L.J. Wright},
title = 	{A performance evaluation of biometric 
		 identification devices},
institution =	{Sandia National Laboratories},
month =		{July},
year = 		1990
}


@techreport{Honeywell88,
author = 	{Honeywell Secure Computing Technology Center},
title = 	{LOCK: Selected Papers},
institution = 	{Honeywell},
year = 		{1985--1988}
}


@incollection{Hoogendoorn82a,
oldtag =       {Hoogendoorn82},
author =       {P. J. Hoogendoorn},
title =        {On a Secure Public-Key Cryptosystem},
booktitle =    {Computational Methods in Number Theory},
publisher =    {Mathematical Centre Tracs 154},
address =      {Amsterdam},
editor =       {Lenstra, Jr., H. W. and R. Tijdeman},
year =         1982,
pages =        {159--168}
}


@inproceedings{HoornaertGoDe85,
author =       {Frank Hoornaert and Jo Goubert and Yvo Desmedt},
title =        {Efficient Hardware Implementation of the {DES}},
pages =        {147--173},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}


@inproceedings{Horbach83,
author =       {Lothar Horbach},
title =        {Privacy and Data Protection in Medicine},
pages =        {228--232},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@inproceedings{HorvathMaVa94,
oldtag =       {HorvathMaTr94},
author =       {Tam\'as Horv\'ath and Spyros S. Magliveras and Tran
               van Trung},
title =        {A parallel permutation multiplier for a {PGM} crypto-chip},
pages =        {108-113},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}



@book{HsiaoKeMa79,
author =       {David K. Hsiao and Douglas S. Kerr and Stuart E. Madnick},
title =        {Computer Security},
publisher =    {Academic Press},
year =         1979
}


@inproceedings{HuangTe88,
oldtag =       {HuangTe90},
author =       {M.-D.A. Huang and S.-H. Teng},
title =        {A Universal Problem in Secure and Verifiable Distributed
               Computation},
pages =        {336--353},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}


@article{HuleMu88,
author =       {Harald Hule and Winfried B. M\"{u}ller},
title =        {On the {RSA}-Cryptosystem with Wrong Keys},
journal =      {Contributions to General Algebra},
year =         1988,
volume =       6,
pages =        {103--109}
}


@inproceedings{HwangRa88,
oldtag =       {HwangRa90},
author =       {T. Hwang and T.R.N. Rao},
title =        {Secret Error-Correcing Codes},
pages =        {540--563},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}

@manual{IEEE92,
author =       {{IEEE}},
year =         {1992},
title =        {{IEEE} Standard for Interoperable Local Area Network
               ({LAN}) Security: Part C --- Key Management Proposal},
month =        {April 10},
note =         {Draft}
}

@book{ImaiRiEd93,
oldtag =       {ImaiRiMa93},
author =       {H. Imai and R.L. Rivest and T. Matsumoto (Eds)},
title =        {Advances in Cryptology -- ASIACRYPT '91 Proceedings},
series =       {International Conference on the Theory and Application
               of Cryptology},
publisher =    {Springer-Verlag},
year =         {1993},
note =         {Lecture Notes in Computer Science, vol. 739}
}


@inproceedings{ImpagliazzoLeLu89,
author =       {Impagliazzo, Russell and Leonid A. Levin and Michael
               Luby},
title =        {Pseudo-random generation from one-way functions},
booktitle =    STOC89,
publisher =    {ACM},
address =      {Seattle},
year =         {1989},
pages =        {12--24}
}


@inproceedings{ImpagliazzoRu88,
oldtag =       {ImpagliazzoRu90},
author =       {R. Impagliazzo and S. Rudich},
title =        {Limits on the Provable consequences of One-Way Permutations},
pages =        {8--26},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{ImmpagliazzoYu88,
oldtag =       {ImpagliazzoYu88},
author =       {Russell Immpagliazzo and Moti Yung},
title =        {Direct minimum-knowledge computations},
pages =        {40--51},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{Ingemarsson82,
author =       {Ingemar Ingemarsson},
title =        {Some Comments on the Kanpsack Problem},
pages =        {20--24},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@inproceedings{Ingemarsson83,
author =       {I. Ingemarsson},
title =        {A New Algorithm for the Solution of the Knapsack Problem},
pages =        {309--315},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@manual{ISOIEC88,
oldtag =       {ISO-IEC88},
author =       {{{ISO}/{IEC}}},
year =         {1988},
title =        {International Standard $9594-8$: Information Processing
               Systems \_ Open Systems Interconnection \_ The Directory
               \_ Authentication Framework}
}


@manual{ISOIEC88a,
oldtag =       {ISO-IEC88a},
author =       {{{ISO}/{IEC}}},
year =         {1988},
title =        {International Standard 10021-1: Information Processing
               Systems, Text Communcation, {MOTIS}, Message Handling:
               System and Service Overview}
}

@manual{SC90,
oldtag =       {ISO-IEC90},
author =       {ISO/IEC JTC1/SC6},
year =         {1990},
title =        {$N6285$: Draft Transport Layer Security Protocol},
month =        {November}
}

@manual{SC90a,
oldtag =       {ISO-IEC90a},
author =       {ISO/IEC JTC1/SC6},
year =         {1990},
title =        {N2559: Draft Network Layer Security Protocol},
month =        {September}
}


@manual{ISOIEC91,
oldtag =       {ISO-IEC91},
author =       {{{ISO}/{IEC}}},
year =         {1991},
title =        {International Standard 9796: Information Technology,
               Security Techniques: Digital Signature Scheme Giving
               Message Recovery}
}

@manual{ISOIEC91a,
oldtag =       {ISO-IEC91a},
author =       {{{ISO}/{IEC}}},
year =         {1991},
title =        {International Standard 9797: Data integrity mechanism
               using a cryptographic check function employing a block
               cipher algorithm},
address =      {Geneva, Switzerland}
}

@manual{IEC92,
oldtag =       {ISO-IEC92},
author =       {ISO/IEC},
year =         {1992},
title =        {{ISO DIS 10118}: Information technology - Security
               techniques - Hash-functions, Part 1: General and Part
               2: Hash-functions using an n-bit block cipher algorithm}
}

@manual{ISO92,
oldtag =       {ISO-IEC92a},
author =       {ISO},
year =         {1992},
title =        {{ISO CD 11166-1}, Banking --- Key Management by Means
               of Asymmetric Algorithms --- Part 1: Principles, Procedures
               and Formats},
note =         {TC68/SC2/N346}
}

@manual{ISO92a,
oldtag =       {ISO-IEC92b},
author =       {ISO},
year =         {1992},
title =        {{ISO CD 11166-2}, Banking --- Key Management by Means
               of Asymmetric Algorithms --- Part 2: Approved Algorithms
               using the {RSA} Cryptosystem},
note =         {TC68/SC2/N304}
}



@manual{IEC93,
oldtag =       {ISO-IEC93},
author =       {ISO/IEC},
year =         {1993},
title =        {{ISO DIS 11586}: Generic Upper Layers Security}
}



@inproceedings{ItohOhSh94,
author =       {Toshiya Itoh and Yuji Ohta and Hiroki Shizuya},
title =        {Language dependent secure bit commitment},
pages =        {188--201},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}


@inproceedings{ItohHoTs94,
author =       {Toshiya Itoh and Masafumi Hoshi and Shigeo Tsujii},
title =        {A low communication competitive interactive proof system
               for promised quadratic residuosity},
pages =        {61--72},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}


@inproceedings{ItoSaNi87,
oldtag =       {ItohSaNi87},
author =       {M. Ito and A. Saito and T. Nishizeki},
title =        {Secret sharing scheme realizing general access structure},
pages =        {99--102},
booktitle =    {Proceedings IEEE Globecom '87},
publisher =    IEEE,
year =         1987
}


@article{Jablon96,
author	 =	{David P. Jablon},
title =		{Strong Password-Only Authenticated Key Exchange},
journal =      {Computer Communication Review, ACM},
year =		1996,
month = 	Oct,
volume =        26,
number =         5,
month =          oct,
pages =        {5--26}
}



@inproceedings{JacksonMaOK94b,
oldtag =       {JacksonMaOK94},
author =       {Wen-Ai Jackson and Keith M. Martin and Christine M.
               O'Keefe},
title =        {Multisecret threshold schemes},
pages =        {126--135},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}


@inproceedings{JamesLiNi87,
author =       {N.S. James and R. Lidl and H. Niederreiter},
title =        {Breaking the {Cade} cipher},
pages =        {60--63},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@article{Jamnig88,
author =       {Jamnig, Peter},
title =        {Securing the {RSA}-Cryptosystem Against Cycling Attacks},
journal =      {Cryptologia},
month =        jul,
year =         1988,
volume =       {XII},
number =       3,
pages =        {159--164}
}



@inproceedings{JanardanLa83,
author =       {Ravi Janardan and K.B. Lakshmanan},
title =        {A Public-Key Cryptosystem Based on the Matrix Cover
               {NP}-Complete Problem},
pages =        {21--37},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@inproceedings{JansenBo90,
author =       {Cees J.A. Jansen and Dick E. Boekee},
title =        {The shortest feedback shift register that can generate
               a given sequence},
pages =        {90--99},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}

@INPROCEEDINGS{JansenBo90a,
author =       {C.J. Jansen and D.E. Boekee},
title =        {A Binary Sequence Generator Based on {Ziv-Lempel} Source
               Coding},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {156--164}
}

@INPROCEEDINGS{JansenBo90b,
author =       {C.J. Jansen and D.E. Boekee},
title =        {On the Significance of the Directed Acyclic Word Graph
               in Cryptology},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {318--326}
}


@inproceedings{Jennings83,
author =       {S.M. Jennings},
title =        {Multiplexed Sequences: Some Properties of the Minimum
               Polynomial},
pages =        {189--206},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@inproceedings{Johansson94,
author =       {Thomas Johansson},
title =        {On the construction of perfect authentication codes
               that permit arbitration},
pages =        {343--354},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}

@article{Johansson94a,
author =       {Thomas Johansson},
year =         1994,
title =        {A Shift Register Construction of Unconditionally
		 Secure Authentication Codes},
journal =      {Designs, Codes and Cryptography},
volume =       {4},
pages =        {69--81}
}


@article{Johnson88,
author =       {D.S. Johnson},
title =        {The NP-completeness column: an ongoing guide},
journal =      {Journal of Algorithms},
year =         1988,
volume =       9,
pages =        {426--444}
}

@article{JohnsonDoKeLeMa91,
author =       {D.B. Johnson and G.M. Dolan and M.J. Kelly and A.V.
               Le and S.M. Matyas},
title =        {Common Cryptographic Architecture Cryptographic Application
               Programming Interface},
journal =      {IBM Systems Journal},
year =         1991,
volume =       30,
number =       2,
pages =        {130--150}
}

@inproceedings{JohnsonMaLeWi94,
author =       {D. B. Johnson and S. M. Matyas and A. V. Le and J. D.
                Wilkins},
title =        {Design of the Commercial Data Masking Facility Data Privacy
               Algorithm},
pages =        {93--96},
booktitle =    {First ACM Conference on Computer and Communications
               Security},
publisher =    ACM,
address =      {Fairfax},
year =         1994
}

@inproceedings{Jones85,
author =       {R.W. Jones},
title =        {User Functions for the Generation and Distribution
               of Encipherment Keys},
pages =        {317--334},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@inproceedings{Jordan82,
author =       {John P. Jordan},
title =        {Variant of a Public Key Cryptosystem based on {Goppa}
               codes},
pages =        {25--30},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@inproceedings{Jueneman83,
author =       {Robert R. Jueneman},
title =        {Analysis of Certain Aspects of Output Feedback Mode},
pages =        {99--127},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}

@inproceedings{Jueneman87a,
oldtag =       {Jueneman87},
author =       {Robert R. Jueneman},
title =        {A high speed manipulation detection code},
pages =        {327--346},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@inproceedings{JurgensenMa84,
author =       {H. J\"{u}rgensen and D.E. Matthew},
title =        {Some Results on the Information Theoretic Analysis
               of Cryptosystems},
pages =        {303--356},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}

@book{Kahn67,
author =       {D. Kahn},
title =        {The Codebreakers},
publisher =    {Macmillian},
address =      {New York},
year =         1967
}


@inproceedings{Kahn90,
author =       {D. Kahn},
title =        {Keying the {German Navy's} Enigma},
pages =        {2--5},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}

@inproceedings{Kak82,
author =       {Subhash C. Kak},
title =        {Scrambling and Randomization},
pages =        {59--63},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@inproceedings{Kaliski85,
author =       {Kaliski, Jr., Burton S.},
title =        {Wyner's Analog Encryption Scheme: Results of a Simulation},
pages =        {83--94},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}

@inproceedings{Kaliski87,
author =       {Kaliski, Jr., Burton S.},
title =        {A Pseudo-Random Bit Generator Based on Elliptic Logarithms},
pages =        {84--103},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@phdthesis{Kaliski88,
author =       {Kaliski, Jr., Burton S.},
title =        {Elliptic Curves and Cryptography: A Pseudorandom Bit
               Generator and Other Tools},
school =       {MIT EECS Dept.},
year =         1988,
month =        Jan,
note =         {Published as MIT LCS Technical Report MIT/LCS/TR-411
               (Jan. 1988)}
}

@techreport{Kaliski91,
author =       {Kaliski, Jr., Burton S.},
title =        {An Overview of the {PKCS} Standards},
institution =  {RSA Data Security, Inc.},
year =         1991,
month =        Jun
}

@article{Kaliski91a,
author =       {Kaliski, Jr., Burton S.},
year =         1991,
title =        {One-Way Permutations on Elliptic Curves},
journal =      {Journal of Cryptology},
volume =       3,
pages =        {187--199}
}

@manual{Kaliski92,
author =       {Kaliski, Jr., B.S.},
year =         1992,
month =        {April},
title =        {{RFC} 1319: The {MD2 Message-Digest Algorithm}},
organization = {Internet Activities Board}
}

@book{Kaliski93,
author =       {Kaliski, Jr., B.S.},
year =         1993,
title =        {A survey of encryption standards},
month =        {September 2,},
publisher =    {RSA Data Security, Inc.}
}


@article{Kaliski93a,
author =       {Kaliski, Jr., B.S.},
year =         1993,
month =        {September},
title =        {The {Z80180} and big-number arithmetic},
journal =      {Dr. Dobb's Journal},
volume =       18,
number =       9,
pages =        {50--58}
}


@manual{Kaliski94,
author =       {Kaliski, Jr., B.S.},
month =        {January},
year =         1994,
title =        {{On the Security and Performance of Several Triple-{DES}
               Modes}},
organization = {{RSA Laboratories}}
}

@manual{Kaliski94a,
author =       {Kaliski, Jr., B.S.},
month =        {July},
year =         1994,
note =         {Technical note},
title =        {{Performance Estimates for {RSA} Operations}},
organization = {{RSA Laboratories}}
}

@article{KaliskiRo95,
author =       {Burt Kaliski and Matt Robshaw},
title =        {Message Authentication with {MD5}},
journal =      {{CryptoBytes}},
volume =       {1},
number =       {1},
month =        {Spring},
year =         {1995},
pages =        {5--8}
}

@inproceedings{KaliskiRiSh86,
oldtag =       {KaliskiRiSh85},
author =       {Kaliski, Jr., Burton S. and Ronald L. Rivest and Alan
               Sherman},
title =        {Is {DES} a pure cipher? (Results of more cycling experiments
               on {DES})},
pages =        {212--226},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
publisher =    {Springer},
year =         1986,
note =         {Lecture Notes in Computer Science No.\ 218}
}

@article{KaliksiRiSh88,
oldtag =       {KaliskiRiSh88},
author =       {Kaliksi, Jr., Burton S. and Ronald L. Rivest and Alan
               T. Sherman},
title =        {Is the {D}ata {E}ncryption {S}tandard a Group?},
journal =      {Journal of Cryptology},
volume =       1,
number =       1,
year =         1988,
pages =        {3--36}
}


@inproceedings{KaliskiRo94,
author =       {Kaliski, Jr., Burton S. and M. J. B. Robshaw},
title =        {Linear cryptanalysis using multiple approximations},
pages =        {26--39},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}


@inproceedings{KannanLeLo84,
author =       {R. Kannan and A. Lenstra and L. {Lov\'asz}},
title =        {Polynomial Factorization and Non-Randomness of Bits
               of Algebraic and Some Transcendental Numbers},
pages =        {191--200},
booktitle =    STOC84,
publisher =    ACM,
address =      {Washington, D.C.},
year =         1984
}

@inproceedings{Kemmerer88,
author =       {Richard A. Kemmerer},
title =        {Analyzing encryption protocols using formal verification
               authentication schemes},
pages =        {289--305},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}

@article{Kemmerer89, 
author = 	{R.A. Kemmerer},
title = 	{Analyzing Encryption Protocols using Formal 
			Verification Techniques},
journal = 	{IEEE Transactions onSoftware Engineering},
volume =	7,
number =	4,
pages =		{448--457},
year =		1989
}

@techreport{Kent76,
author = 	{Stephen Kent},
title = 	{Encryption-based protection protocols for interactive 
			user-computer communication},
institution =	{MIT Laboratory for Computer Science},
number = 	{TR--162},
month = 	{May},
year =		1976
}


@techreport{Kent81,
author = 	{Stephen Kent},
title = 	{Protecting Externally Supplied Software in Small Computers},
institution =	{MIT Laboratory for Computer Science},
number = 	{TR--255},
year =		1981
}

@inproceedings{Kent82,
author =       {Stephen T. Kent},
title =        {Some Cryptographic Techniques for File Protection},
pages =        {80--80},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@manual{KentLi89,
oldtag =       {Kent89},
author =       {Kent, S. and J. Linn},
year =         1989,
month =        {August},
title =        {RFC 1114: Privacy Enhancement for Internet Electronic
               Mail: Part {II} -- Certificate-Based Key Management},
organization = {Internet Activities Board}
}


% The following has been checked with original for pages and accuracy

@article{Kent93,
author =       {Stephen T. Kent},
title =        {Internet Privacy Enhanced Mail},
journal =      {Communications of the ACM},
month =        Aug,
year =         1993,
volume =       36,
number =       8,
pages =        {48--60}
}

@manual{Kent93a,
author =       {Kent, S.},
year =         1993,
month =        {February},
title =        {{RFC} 1422: Privacy Enhancement for Internet Electronic
               Mail, Part {II}: Certificate-Based Key Management},
organization = {Internet Activities Board}
}

@article{Key76,
author =       {Key, E.L.},
year =         1976,
title =        {An Analysis of the Structure and Complexity of Nonlinear
               Binary Sequence Generators},
journal =      {IEEE Transactions on Information Theory},
volume =       {IT-22},
number =       6,
pages =        {732--736}
}

@article{Khachaturian93,
author =       {Khachaturian, L.H.},
year =         1993,
title =        {The Lower Bound of the Quadratic Spans of de {B}ruijn
               Sequences},
journal =      {Designs, Codes and Cryptography},
volume =       {3},
pages =        {29--32}
}


@inproceedings{Kilian88,
author =       {J. Kilian},
title =        {Founding cryptography on oblivious transfer},
pages =        {20--31},
booktitle =    STOC88,
publisher =    ACM,
address =      {Chicago},
year =         1988
}


@inproceedings{Kilian91,
author =       {J. Kilian},
title =        {Achieving Zero-Knowledge Robustly},
pages =        {313--325},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}


@inproceedings{Kilian91a,
author =       {J. Kilian},
title =        {Interactive Proofs with Provable Security Against 
               Honest Verifiers},
pages =        {378--393},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}


@inproceedings{Kilian94,
author =       {Joe Kilian},
title =        {On the Complexity of Bounded-Interaction and Noninteractive
               Zero-Knowledge Proofs},
booktitle =    STOC94,
address =      {Montreal, Canada},
publisher =    ACM,
year =         1994,
pages =        {466--477}
}


@inproceedings{KilianMiOs90,
author =       {Joe Kilian and Silvio Micali and Rafail Ostrovsky},
title =        {Minimum resource zero-knowledge proofs},
pages =        {545--546},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}

@misc{KilianRogaway96,
author =       {Joe Kilian and Phillip Rogaway},
title =        {How to Protect {DES} against exhaustive key search},
year =         1996,
note =         {(manuscript from authors)}
}

@inproceedings{Kim93,
author =       {K. Kim},
title =        {Construction of {DES}-like {S}-boxes Based on
     		Boolean Functions Satisfying the {SAC}},
booktitle =    ASIACRYPT91,
year =         1993,
editor =       {H. Imai and R.L. Rivest and T. Matsumoto},
series =       {Lecture Notes in Computer Science},
volume =       739,
publisher =    {Springer-Verlag},
pages =        {59-72}
}


@inproceedings{KimMaIm91,
author =       {K. Kim and T. Matsumoto and H. Imai},
title =        {A Recursive Construction Method of S-boxes Satisfying
               Strict Avalanche Criterion},
pages =        {564--575},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}

@article{KimPo89,
author =       {Su Hee Kim and Carl Pomerance},
title =        {The Probability that a Random Probable Prime is Composite},
journal =      {Mathematics of Computation},
volume =       53,
number =       188,
year =         1989,
month =        Oct,
pages =        {721--741}
}

@inproceedings{KimSp94,
author = 	{G.H. Kim and E.H. Spafford},
title = 	{The Design and Implementation of TripWire:
			A File System Integrity Checker},
booktitle = 	{2ACMConfSec},
year = 		1994
}


@article{Klapper94,
author =       {Klapper, A.},
year =         1994,
title =        {The Vulnerability of Geometric Sequences Based on Fields
               of Odd Characteristic},
journal =      {Journal of Cryptology},
volume =       {7},
number =       {1},
pages =        {33--52}
}

@inproceedings{KlapperGo94,
oldtag =       {Klapper94a},
author =       {Klapper, A. and Goresky, M.},
year =         {1994},
title =        {2-adic Shift Registers},
booktitle =    {Fast Software Encryption},
editor =       {R. Anderson},
series =       {Lecture Notes in Computer Science},
volume =       809,
publisher =    {Springer-Verlag},
address =      {Berlin},
pages =        {174--178}
}


@article{Kluepfel94,
author =       {Henry M. Kluepfel},
title =        {Securing a Global Village and its Resources},
journal =      {IEEE Communications Magazine},
month =        Sep,
year =         1994,
volume =       32,
number =       9,
pages =        {82--89}
}


@INPROCEEDINGS{Knapskog90,
author =       {S.J. Knapskog},
title =        {Formal Specification and Verification of Secure Communication
               Protocols},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {58--73}
}



@inproceedings{Knudsen92,
author =       {Lars R. Knudsen},
title =        {Iterative Characteristics of {DES} and $S^2$DES},
pages =        {497--511},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}

@inproceedings{Knudsen93,
author =       {Knudsen, L.R.},
year =         {1993},
title =        {Cryptanalysis of {LOKI}91},
booktitle =    {Advances in Cryptology --- Auscrypt '92},
editor =       {J. Seberry and Y. Zheng},
publisher =    {Springer-Verlag},
address =      {Berlin},
pages =        {196--208}
}

@inproceedings{Knudsen94,
author =       {Knudsen, L.R.},
year =         {1994},
title =        {Practically secure {F}eistel Ciphers},
booktitle =    {Fast Software Encryption},
editor =       {R. Anderson},
series =       {Lecture Notes in Computer Science},
volume =       809,
publisher =    {Springer-Verlag},
pages =        {211--222},
address =      {Berlin}
}

@misc{Knudsen94a,
author =       {Knudsen, L.R.},
year =         {1994},
month =        {May},
title =        {New potentially `weak' keys for {DES} and {LOKI}},
note =         {Presented at rump session, Eurocrypt '94}
}

@misc{KnudsenLa94,
oldtag =       {Knudsen94b},
author =       {Knudsen, L.R. and Lai, X.},
year =         {1994},
month =        {May},
title =        {New attacks on all double block length hash functions
               of hash rate 1, including the {Parallel-DM}},
note =         {Presented at rump session, Eurocrypt '94}
}


@book{Knuth69,
author =       {Donald E. Knuth},
title =        {Seminumerical Algorithms},
series =       {The Art of Computer Programming},
publisher =    {Addison-Wesley},
year =         1969,
volume =       2,
note =         {Second edition, 1981.}
}

@article{Knuth85,
author =       {Donald E. Knuth},
title =        {Deciphering a Linear Congruential Encryption},
journal =      {IEEE Transactions on Information Theory},
year =         1985,
month =        Jan,
volume =       {IT-31},
number =       1,
pages =        {49--52}
}


@book{Knuth81,
oldtag =       {Knuth89},
author =       {Knuth, D.E.},
year =         1981,
title =        {The Art of Computer Programming},
edition =      {2nd},
volume =       2,
publisher =    {Addison-Wesley},
address =      {Reading, Mass.}
}


@article{KnuthPa76,
author =       {Knuth, Donald E. and Luis Trabb Pardo},
title =        {Analysis of a Simple Factorization Algorithm},
journal =      {Theoretical Computer Science},
year =         1976,
month =        Dec,
volume =       3,
number =       3,
pages =        {321--348},
comment =      {Previously appeared as Stanford CS tech report STAN-CS-76-538
               (Jan 1976).}
}

@book{Koblitz87,
author =       {Koblitz, N.},
year =         1987,
title =        {A Course in Number Theory and Cryptography},
publisher =    {Springer-Verlag},
address =      {New York}
}

@article{Koblitz87a,
author =       {N. Koblitz},
title =        {Elliptic Curve Cryptosytems},
journal =      {Mathematics of Computation},
year =         1987,
volume =       48,
number =       177,
pages =        {203--209}
}


@inproceedings{Koblitz88,
oldtag =       {Koblitz90},
author =       {N. Koblitz},
title =        {A Family of {Jacobians} Suitable for Discrete Log Cryptosystems},
pages =        {94--99},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{Koblitz91,
author =       {N. Koblitz},
title =        {Constructing Elliptic Curve Cryptosystems in Characteristic
               2},
pages =        {156--168},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}


@inproceedings{Koblitz92,
author =       {N. Koblitz},
title =        {{CM}-Curves with Good Cryptographic Properties},
pages =        {279--287},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}


@article{Koc87,
author =       {Ko\c{c}, \c{C}. K.},
year =         1987,
title =        {High-radix and bit recoding techniques for modular
               exponentiation},
journal =      {International Journal of Computer Mathematics},
volume =       40,
number =       {3+4},
pages =        {139--156}
}



@inproceedings{Kochanski86,
author =       {Martin Kochanski},
title =        {Developing an {RSA} Chip},
pages =        {350--357},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}

@inproceedings{Kohl90,
author =       {John T. Kohl},
title =        {The use of encryption in {Kerberos} for network authentication},
pages =        {35--43},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@misc{KohlNe93,
author =       {J. Kohl and C. Neuman},
title =        {The Kerboros Network Authentication Service},
note =         {Network Working Group Request for Comments: 1510},
month =        {Sept},
year =         1993
}

@unpublished{Kohnfelder78,
author =       {Kohnfelder, Loren M.},
title =        {Towards a Practical Public-Key Cryptosystem},
year =         1978,
month =        May,
note =         {B.S. Thesis, supervised by L. Adleman}
}

@unpublished{KollerPf95,
oldtag =       {KollerPfe95},
author =       {Koller, D. and Pfeffer, A.},
title =        {Generating and Solving General Information Games},
year =         1995,
note =         {In Preparation}
}

@article{Kolmogorov65,
author =       {Kolmogorov, A.N.},
year =         1965,
title =        {Three approaches to the definition of the concept `quantity
               of information'},
journal =      {Problemy Peredachi Informatsii},
volume =       1,
pages =        {3--11},
note =         {In Russian}
}


@inproceedings{KompellaAd91,
author =       {K. Kompella and L. Adleman},
title =        {Fast Checkers for Cryptography},
pages =        {515--529},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}

@book{Konheim81a,
author =       {A. G. Konheim},
title =        {Cryptography: A Primer},
publisher =    {Wiley},
year =         1981
}

@techreport{Konheim81b,
author =       {A. G. Konheim},
title =        {A One-Way Sequence for Transaction Verification},
institution =  {IBM T.J. Watson Research Center},
year =         1981,
month =        Nov,
number =       {RC 9147(40034)}
}


@inproceedings{Konheim82,
author =       {Alan Konheim},
title =        {One-way Sequence for Transaction Verification},
pages =        {38--38},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@inproceedings{Konheim83,
author =       {Alan G. Konheim},
title =        {Cryptanalysis of a Kryha Machine},
pages =        {49--64},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@inproceedings{Konheim85,
author =       {Alan G. Konheim},
title =        {Cryptanalysis of {ADFGVX} Encipherment Systems},
pages =        {339--341},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}


@article{KornerupMa83,
oldtag =       {Kornerup83},
author =       {P. Kornerup and D.W. Matula},
year =         1983,
title =        {Finite Precision Rational Arithmetic: An Arithmetic
               Unit},
journal =      {IEEE Transactions on Computers},
volume =       {C-32},
number =       {4},
pages =        {378--388},
month =        {April}
}


@inproceedings{Kothari85,
author =       {S.C. Kothari},
title =        {Generalized Linear Threshold Scheme},
pages =        {231--241},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}

@inproceedings{Koyama90,
author =       {K. Koyama},
title =        {Direct Demonstration of the Power To Break Public-Key
               Cryptosystems},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {14--21}
}

@inproceedings{KoyamaMaOkVa92,
author =       {K. Koyama and U.M. Maurer and T. Okamoto and S.A. Vanstone},
title =        {New public-key schemes based on elliptic curves over
               the Ring $Z_n$},
pages =        {252--266},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}


@inproceedings{KoyamaOh88,
author =       {Kenji Koyama and Kazuo Ohta},
title =        {Identity-based conference key distribution systems},
pages =        {175--184},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{KoyamaTe91,
author =       {K. Koyama and R. Terada},
title =        {Nonlinear Parity Circuits and their Cryptographic 
               Applications},
pages =        {582--600},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}


@inproceedings{KoyamaTs92,
author =       {Kenji Koyama and Yukio Tsuruoka},
title =        {Speeding up Elliptic Cryptosystems by Using a Signed
               Binary Window Method},
pages =        {345--357},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}

@book{Kranakis86,
author =       {Kranakis, E.},
title =        {Primality and Cryptography},
year =         1986,
publisher =    {Wiley-Teubner Series in Computer Science}
}


@inproceedings{Krawczyk90,
author =       {Hugo Krawczyk},
title =        {How to predict congruential generators},
pages =        {138--153},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}

@article{Krawczyk92,
author =       {Hugo Krawczyk},
title =        {How to predict congruential generators},
journal =      {Journal of Algorithms},
year =         1992,
volume =       13,
pages =        {527--545}
}


@inproceedings{Krawczyk93,
author =       {Hugo Krawczyk},
title =        {Secret sharing made short},
pages =        {136-146},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
publisher =    {Spring-Verlag},
year =         1993
}

@inproceedings{Krawczyk94,
author =       {Hugo Krawczyk},
title =        {{LFSR}-based hashing and authentication},
pages =        {129--139},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}


@inproceedings{Krawczyk94a,
author =       {Hugo Krawczyk},
title =        {Secret sharing made short},
pages =        {136--146},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}

@misc{Krawczyk95,
author =       {Hugo Krawczyk},
title =        {Keyed-{MD5} for Message authentication},
note =         {Internet Draft 
                {\tt draft-krawczyk-keyed-md5-01.txt}},
month =        {Nov. 28,},
year =         1995
}

@book{Krol92,
author =       {Ed Krol},
title =        {The Whole Internet User's Guide and Catalog},
year =         1992,
publisher =    {O'Reilly \& Associates, Inc.}
}


@article{KruskalGr91,
author =       {J.B. Kruskal and A.G. Greenberg},
title =        {A flexible way of counting large numbers 
		approximately in small registers},
journal =      {Algorithmica},
volume =       6,
number =       4,
year =         1991,
pages =        {590--596}
}



@article{Kukihara85,
author =       {Kenmei Kukihara},
title =        {An algorithm of {Euclidean} type for Multiplication
		Modulo $P$},
journal =      {Journal of Information Processing},
volume =       9,
number =	1,
year =         1985,
pages =        {14--16}
}



@book{Kullback76,
author =       {Kullback, Solomon},
title =        {Statistical Methods in Cryptanalysis},
year =         1976,
publisher =    {Aegean Park Press}
}


@inproceedings{Kurosawa94,
author =       {Kaoru Kurosawa},
title =        {New bound on authentication code with arbitration},
pages =        {140--149},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}


@article{KurosawaItTa88,
author =       {Kaoru Kurosawa and Toshiya Ito and Masashi Takeuchi},
title =        {Public Key Cryptosystem Using a Reciprocal Number with the
		 Same Intractability as Factoring a Large Number},
journal =      {Cryptologia},
month =        Oct,
year =         1988,
volume =       {XII},
number =       4,
pages =        {225--233}
}


@inproceedings{KurosawaTs91,
author =       {Kaoru Kurosawa and S. Tsujii},
title =        {Multi-Language Zero-Knowledge Interactive Proof Systems},
pages =        {339--352},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}


@inproceedings{KurtzMaRo88,
oldtag =       {KurtzMaRo90},
author =       {S.A. Kurtz and S.R. Mahaney and J.S. Royer},
title =        {On the Power of 1-way Functions},
pages =        {578--579},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{KushilevitzMiOs94,
author =       {Eyal Kushilevitz and Silvio Micali and Rafail Ostrovsky},
title =        {Reducibility and Completeness in Multi-Party Private
               Computations},
booktitle =    STOC94,
publisher =    ACM,
address =      {Montreal, Canada},
year =         1994,
pages =        {478--489}
}


@inproceedings{KushilevitzRo94,
author =       {Eyal Kushilevitz and Adi Ros\'en },
title =        {A randomnesss-rounds tradeoff in private computation},
pages =        {397--410},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}

@inproceedings{KwanPi93,
author =       {M. Kwan and J. Pieprzyk},
title =        {A General Purpose Technique for Locating Key 
		Scheduling Weakness in {DES}-like Cryptosystems},
booktitle =    ASIACRYPT91,
year =         1993,
editor =       {H. Imai and R.L. Rivest and T. Matsumoto},
series =       {Lecture Notes in Computer Science},
volume =       739,
publisher =    {Springer-Verlag},
pages =        {237-246}
}


@inproceedings{KwokBe88,
oldtag =       {KwokBe90},
author =       {R.T.C. Kwok and M. Beale},
title =        {Aperiodic Linear Complexities of de {Bruijn} Sequences},
pages =        {479--483},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{Lagarias84,
author =       {J.C. Lagarias},
year =         1984,
title =        {Knapsack public key cryptosystems and diophantine approximation},
booktitle =    {Advances in Cryptology: Proc.\ of CRYPTO '83},
editor =       {D. Chaum},
pages =        {3--23},
publisher =    {Plenum Press},
address =      {New York}
}

@incollection{Lagarias90,
author =       {J. C. Lagarias},
title =        {Pseudorandom Number Generators in Cryptography and
               Number Theory},
booktitle =    {Proc.\ of the AMS Symposia in Applied Mathematics:
               Computational Number Theory and Cryptography},
publisher =    {American Mathematical Society},
year =         {1990},
pages =        {115--143}
}

@inproceedings{LagariasOd83,
author =       {J. C. Lagarias and A. M. Odlyzko},
title =        {Solving Low-Density Subset Sum Problems},
pages =        {1--10},
booktitle =    FOCS83,
publisher =    IEEE,
address =      {Tucson},
year =         1983
}

@article{LagariasRe88,
author =       {J. C. Lagarias and J. A. Reeds},
title =        {Unique Extrapolation of Polynomial Recurrences},
journal =      {SIAM J. Computing},
volume =       17,
number =       2,
year =         1988,
month =        Apr,
pages =        {342--362}
}

@book{Lai92,
author =       {X. Lai},
title =        {On the Design and Security of Block Ciphers},
publisher =    {Konstanz},
address =      {Hartung-Gorre, Germany},
year =         1992
}


@inproceedings{LaihHaLeHw90,
author =       {Chi-Sung Laih and Lein Harn and Jau-Yien Lee and Tzonelih
               Hwang},
title =        {Dynamic threshold scheme based on the definition of
               cross-product in an N-dimentional linear space},
pages =        {286--298},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{LaiMa90,
author =       {X. Lai and J. Massey},
title =        {A Proposal for a New Block Encryption Standard},
booktitle =    EUROCRYPT90,
note =         {Lecture Notes in Computer Science No.\ 473},
editor =       {I.B. Damg{\aa}rd},
publisher =    {Springer-Verlag},
year =         1990,
pages =        {389--404},
comment =      {Original version of IDEA block cipher.}
}

@inproceedings{LaiMa91,
author =       {X. Lai and J. Massey},
title =        {Markov Ciphers and Differential Cryptanalysis},
booktitle =    EUROCRYPT91,
note =         {Lecture Notes in Computer Science No.\ ???},
editor =       {??},
publisher =    {Springer},
year =         1991,
pages =        {17--38},
comment =      {Revised version of IDEA block cipher.}
}

@inproceedings{LaiMa93,
oldtag =       {LaiMaHa93},
author =       {Lai, X. and Massey, J.L.},
year =         1993,
title =        {Hash Functions based on Block Ciphers},
booktitle =    {Advances in Cryptology --- Eurocrypt '92},
editor =       {R.A. Rueppel},
pages =        {55--70},
publisher =    {Springer-Verlag},
address =      {Berlin}
}

@misc{LaiMa93a,
oldtag =       {LaiMaHa93a},
author =       {Lai, X. and Massey, J.},
title =        {Device for the conversion of a digital block and use
               of same},
howpublished = {U.S. Patent No. 5,214,703},
year =         {1993}
}


@inproceedings{LaiRuWo93,
author =       {Lai, X. and Rueppel, R.A. and Woollven, J.},
year =         {1993},
title =        {A Fast Cryptographic Checksum Algorithm Based on Stream
               Ciphers},
booktitle =    {Advances in Cryptology --- Auscrypt '92},
editor =       {J. Seberry and Y. Zheng},
publisher =    {Springer-Verlag},
address =      {Berlin},
pages =        {339--348}
}


@inproceedings{LaMacchiaOd91,
author =       {B.A. LaMacchia and A.M. Odlyzko},
title =        {Solving Large Sparse Linear Systems over Finite Fields},
pages =        {109--133},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}


@inproceedings{LaMacchiaOd91a,
author =       {B.A. LaMacchia and A.M. Odlyzko},
title =        {Computation of Discrete Logarithms in Prime Fields},
pages =        {616--618},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}

@article{LaMacchiaOd91b,
author =       {B. A. LaMacchia and A. M. Odlyzko},
title =        {Computation of Discrete Logarithms in Prime Fields},
journal =      {Designs, Codes, and Cryptography},
volume =       1,
year =         1991,
pages =        {47--62}
}


@techreport{Lamport79,
author =       {L. Lamport},
title =        {Constructing Digital Signatures from a One-Way Function},
institution =  {SRI International},
month =        Oct,
year =         1979,
number =       {CSL-98}
}

@article{Lamport81,
author =       {Lamport, Leslie},
title =        {Password Authentication with Insecure Communication},
journal =      {Communications of the ACM},
month =        Nov,
year =         1981,
volume =       24,
number =       11,
pages =        {770--771}
}

@article{Lampson73,
author =	{B. Lampson}, 
title = 	{A note on the Confinement Problem}, 
journal = 	{Communications of the ACM}, 
volume = 	16, 
number = 	10, 
year =		1973
}


@article{LampsonAbBuWo92,
author =       {Butler Lampson and Mart\'in Abadi and Michael Burrows
               and and Edward Wobber},
title =        {Authentication in Distributed Systems: Theory and Practice},
journal =      {TOCS},
month =        Nov,
year =         1992,
volume =       10,
number =       4,
pages =        {265-310}
}


@article{LampsonSt76,
author =	{B. Lampson and H. Sturgis}, 
title = 	{Reflections on an Operating System Design},
journal = 	{
Communications of the ACM}, 
volume = 	19, 
number = 	5,
pages = 	{251--265}, 
year =		1976
}


@article{Landau88,
author =       {Landau, S.},
year =         1988,
title =        {Zero knowledge and the {Department of Defense}},
journal =      {Notices of the American Mathematical Society},
volume =       35,
pages =        {5--12}
}

@article{LandauKeBrChDeDiLaMiNeSo94,
author =       {Susan Landau and Stephen Kent Clint Brooks and 
		 Scott Charney and Dorothey Denning and Whitfield
		 Diffie and Anthony Lauk and Douglas Miller and
		 Peter Neumann and David Sobel},
title = 	{Crypto Policy Perspectives}, 
journal = 	{Communications of the ACM}, 
volume = 	37, 
number = 	8, 
month =		Aug,
year =		1994,
pages =        {115--121}
}


@book{LandauKeBrChDeDiLaMiNeSo94,
author =       {S. Landau and S. Kent and C. Brooks and S. Charney and 
		D. Denning and W.  Diffie and A. Lauck and D. Miller and 
		P. Neumann and D. Sobel},
title =        {Codes, Keys and Conflicts: Issues in U.S. Crypto Policy},
publisher =    {ACM Press},
year =         1994
}

%The following is a summary of the full report.  

@article{LandauKeBrChDeDiLaMiNeSo94a,
author =       {S. Landau and S. Kent and C. Brooks and S. Charney and 
		D. Denning and W.  Diffie and A. Lauck and D. Miller and 
		P. Neumann and D. Sobel},
title =        {Codes, Keys and Conflicts: Issues in U.S. Crypto Policy},
journal =      {Communications of the ACM},
month =        Aug,
year =         1994,
volume =       37,
pages =        {115--121}
}


@article{Landwehr81, 
author = 	{C. Landwehr},
title = 	{Formal Models for Computer Security}, 
journal = 	{ACM Computing Surveys}, 
volume = 	13, 
number = 	3, 
year =		1981
}


@inproceedings{LangfordHe94,
author =       {Susan K. Langford and Martin E. Hellman},
title =        {Differential-linear cryptanalysis},
pages =        {17--25},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}


@inproceedings{LangVa82,
author =       {Albert L. Lang and Janet T. Vasek},
title =        {Evaluating Relative Security of Commercial {ComSec}
               Devices},
pages =        {124--129},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@inproceedings{LapidotSh91,
author =       {D. Lapidot and A. Shamir},
title =        {Publicly Veribiable Non-Interactive Zero-Knowledge
               Proofs},
pages =        {353--365},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}


@inproceedings{LauMc82,
author =       {Y. Alfred Lau and Tom McPherson},
title =        {Implementation of a Hybrid {RSA/DES} Key Management
               System},
pages =        {83--83},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@article{LaurichesseBl91,
author =       {D. Laurichesse and L. Blain},
year =         1991,
title =        {Optimized implementation of {RSA} cryptosystem},
journal =      {Computers \& Security},
volume =       10,
number =       3,
month =        {May},
pages =        {263--267}
}


@unpublished{LawSaSo96,
author =       {Laurie Law and Susan Sabett and Jerry Solinas},
title =        {How to Make a Mint: the Cryptography of Anonymous
                Electronic Cash},
note =	       {National Security Agency, Office of Information Security
                Research and Technology, Cryptology Division},
month =        {June},
year =         1996
}


@INPROCEEDINGS{Lee90,
author =       {P.J. Lee},
title =        {Secure User Access Control for Public Networks},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {46--57}
}


@inproceedings{LeeCh82,
author =       {L. Lee and G. Chow},
title =        {Results on Sampling-based Scrambling for Secure Speech
               Communication},
pages =        {115--119},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}

@inproceedings{LeightonMa85,
author =       {Tom Leighton and Stephen M. Matyas},
title =        {The History of Book Ciphers},
pages =        {101-113},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}


@inproceedings{LeightonMi94,
author =       {Tom Leighton and Silvio Micali},
title =        {Secret-key agreement without public-key cryptography},
pages =        {456--479},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}


@article{Lempel79a,
oldtag =       {Lempel79},
author =       {A. Lempel},
title =        {Cryptology in transition: a survey},
journal =      {Computing Surveys},
volume =       11,
month =        Dec,
year =         1979,
pages =        {285--304}
}

@article{Lenstra87,
author =       {Lenstra, Jr., H. W.},
title =        {Factoring Integers with Elliptic Curves},
journal =      {Annals of Mathematics},
volume =       126,
year =         1987,
pages =        {649--673}
}

@incollection{Lenstra90,
author =       {Arjen K. Lenstra},
title =        {Primality Testing},
booktitle =    {Proc.\ of the AMS Symposia in Applied Mathematics:
               Computational Number Theory and Cryptography},
publisher =    {American Mathematical Society},
year =         {1990},
pages =        {13--25}
}

@misc{Lenstra92,
author =       {Lenstra, A.K.},
year =         1992,
title =        {Massively parallel computing and factoring}
}

 
@incollection{LenstraLe90,
author =       {A. K. Lenstra and Lenstra, Jr., H. W.},
title =        {Algorithms in Number Theory},
booktitle =    {Handbook of Theoretical Computer Science (Volume A:
               Algorithms and Complexity)},
publisher =    {Elsevier and MIT Press},
year =         1990,
editor =       {Jan van Leeuwen},
pages =        {673--715},
chapter =      {12}
}

@article{LenstraLeLo82b,
oldtag =       {LenstraLeLo82},
author =       {A. K. Lenstra and Lenstra, Jr., H. W. and L. {Lov\'asz}},
title =        {Factoring polynomials with rational coefficients},
journal =      {Mathematische Ann.},
volume =       261,
year =         1982,
pages =        {513--534}
}


@inproceedings{LenstraLeMaPo90,
author =       {Lenstra, A. K. and Lenstra, Jr., H. W. and M. S. Manasse
               and J. M. Pollard},
title =        {The number field sieve},
pages =        {564--572},
booktitle =    STOC90,
publisher =    ACM,
address =      {Baltimore, Maryland},
year =         1990
}

@article{LenstraLeMaPo93,
author =       {Lenstra, A.K. and Lenstra Jr., H.W. and Manasse, M.S.
               and Pollard, J.M.},
year =         1993,
title =        {The factorization of the ninth {Fermat} number},
journal =      {Mathematics of {C}omputation},
volume =       61,
number =       203,
pages =        {319--349}
}


@inproceedings{LenstraMa91,
oldtag =       {LenstraMA91},
author =       {Lenstra, A.K. and Manasse, M.S.},
year =         1991,
title =        {Factoring with two large primes},
booktitle =    {Advances in Cryptology --- Eurocrypt '90},
editor =       {I.B. Damg{\aa}rd},
pages =        {72--82},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@inproceedings{LeungTa85,
author =       {A.K. Leung and S.E. Tavares},
title =        {Sequence Complexity as a Test for Cryptographic Systems},
pages =        {468--474},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}


@book{LeVeque77,
author =       {W. J. LeVeque},
title =        {Fundamentals of Number Theory},
publisher =    {Addison-Wesley},
year =         1977
}

@inproceedings{Levin84,
author =       {L. A. Levin},
title =        {Problems, complete in `average' instance},
pages =        {465},
booktitle =    STOC84,
publisher =    ACM,
address =      {Washington, D.C.},
year =         1984
}


@inproceedings{Levin85,
author =       {L. A. Levin},
title =        {One-Way Functions and Pseudorandom Generators},
pages =        {363--365},
booktitle =    STOC85,
publisher =    ACM,
address =      {Providence},
year =         1985
}

@techreport{LexarCorpora76,
oldtag =       {Lexar76},
author =       {{Lexar {C}orporation}},
title =        {An Evaluation of the {NBS} {D}ata {E}ncryption {S}tandard},
year =         {1976},
institution =  {Lexar {C}orporation, 11611 {S}an {V}icente {B}lvd.,
               Los Angeles}
}


@inproceedings{Lidl85,
author =       {R. Lidl},
title =        {On Cryptosystems Based on Polynomials and Finite Fields},
pages =        {10--15},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@inproceedings{LidlMu84a,
oldtag =       {LidlMu84},
author =       {Rudolf Lidl and Winfried B. M\"{u}ller},
title =        {Permutation Polynomials in {RSA}-Cryptosystems},
pages =        {293--301},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}

@INPROCEEDINGS{LidlMu90,
author =       {R. Lidl and W.B. {M\"{u}ller}},
title =        {A Note on Strong {Fibonacci} Pseudoprimes},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {311--317}
}


@book{LidlNi83,
author =       {R. Lidl and H. Niederreiter},
title =        {Finite Fields},
publisher =    {Addison-Wesley},
year =         1983
}


@article{Lieberherr81,
author =       {K. Lieberherr},
title =        {Uniform Complexity and Digital Signatures},
journal =      {Theoretical Computer Science},
volume =       16,
number =       1,
month =        Oct,
year =         1981,
pages =        {99-110}
}


@inproceedings{LiHwLe94,
author =       {Chuan-Ming Li and Tzonelih Hwang and Narn-Yih Lee},
title =        {Remark on the threshold {RSA} signature scheme},
pages =        {413--420},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}


@inproceedings{LimLe94,
author =       {Chae Hoon Lim and Pil Joong Lee},
title =        {Another method for attaining security against adaptively
               chosen ciphertext attacks},
pages =        {420--434},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}

@inproceedings{LimLe94a,
author =       {Chae Hoon Lim and Pil Joong Lee},
title =        {More flexible exponentiation with precomputation},
pages =        {95--107},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}

@manual{Linn89,
author =       {J. Linn},
year =         1989,
month =        {August},
title =        {{RFC} 1115: Privacy Enhancement for Internet Electronic
               Mail: Part {III} -- Algorithms, Modes, and Identifiers},
organization = {Internet Activities Board}
}

@manual{Linn89a,
author =       {Linn, J.},
year =         1989,
month =        {August},
title =        {{RFC} 1113: Privacy Enhancement for Internet Electronic
               Mail: Part {I} -- Message Encipherment and Authentication
               Procedures},
organization = {Internet Activities Board}
}

@manual{Linn93a,
oldtag =       {Linn93},
author =       {Linn, J.},
year =         1993,
month =        {February},
title =        {{RFC} 1421: Privacy Enhancement for Internet Electronic
               Mail: Part {I} -- Message Encipherment and Authentication
               Procedures},
organization = {Internet Activities Board}
}



@inproceedings{Lipton81,
author =       {R. Lipton},
title =        {How to cheat at Mental Poker},
booktitle =    {Proc.\ AMS Short Course on Cryptography},
year =         1981
}

@article{Lloyd92b,
oldtag =       {Lloyd92},
author =       {Lloyd, S.},
year =         1992,
title =        {Counting binary functions with certain cryptographic
               properties},
journal =      {Journal of Cryptology},
volume =       {5},
number =       {2},
pages =        {107--131}
}


@unpublished{Lo96,
author =       	{Lo, Hoi-Kwong},
title = 	{Insecurity of Quantum Secure Computations}, 
note = 		{Inst. for Theoret. Physics, UCSB},
month =		Nov,
year =		1996
}

@book{Lobel86,
author =       {J. Lobel},
year =         1986,
title =        {Foiling the System Breakers:  Computer Security \& Access
		Control},
publisher =    {McGraw-Hill}
}


@book{Longo83,
editor =       {G. Longo},
title =        {Secure Digital Communications},
publisher =    {Springer},
year =         1983,
note =         {CISM Courses and Lectures No. 279}
}

@inproceedings{Longpre83,
author =       {Luc Longpr\`e},
title =        {The Use of Public-Key Cryptography for Signing Checks},
pages =        {187--197},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}

@inproceedings{LongWi83,
author =       {D. L. Long and A. Wigderson},
title =        {How discreet is the the discrete log?},
pages =        {413--420},
booktitle =    STOC83,
publisher =    ACM,
address =      {Boston},
year =         1983
}

@article{LongWi88,
author =       {D. L. Long and A. Wigderson},
title =        {The Discrete Logarithm Problem Hides {$O(\log n)$}
               bits},
journal =      {SIAM J. Computing},
year =         1988,
month =        Apr,
volume =       17,
number =       2,
pages =        {363--372}
}


@inproceedings{Luby92,
author =       {M. Luby},
title =        {Pseudo-random generators from one-way functions},
pages =        {300},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}

@book{Luby96,
author =       {Michael Luby},
title =        {Pseudorandomness and Cryptographic Applications},
publisher =    {Princeton University Press},
year =         {1996}
}

@inproceedings{LubyMiRa83,
author =       {M. Luby and S. Micali and C. Rackoff},
title =        {How to Simultaneously Exchange a Secret Bit by Flipping
               a Symmetrically Biased Coin},
pages =        {11-22},
booktitle =    FOCS83,
publisher =    IEEE,
address =      {Tucson},
year =         1983
}

@inproceedings{LubyRa86,
author =       {M. Luby and C. Rackoff},
title =        {Pseudo-Random Permutation Generators and Cryptographic
               Composition},
pages =        {356--363},
booktitle =    STOC86,
publisher =    ACM,
address =      {Berkeley},
year =         1986
}

@inproceedings{LubyRa86a,
author =       {M. Luby and C. Rackoff},
title =        {How to Construct Pseudo-random Permutations from Pseudo-random
               Functions},
pages =        {447--447},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}

@inproceedings{LubyRa88,
author =       {Maurice P. Luby and C. Rackoff},
title =        {A study of password security},
pages =        {392--397},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@article{LubyRa88aa,
oldtag =       {LubyRa88a},
author =       {M. Luby and C. Rackoff},
title =        {How to Construct Pseudorandom Permutations and Pseudorandom
               Functions},
journal =      {SIAM J. Computing},
volume =       17,
number =       2,
year =         1988,
month =        Apr,
pages =        {373--386}
}

@inproceedings{Lucks88,
oldtag =       {Lucks90},
author =       {M. Lucks},
title =        {A Constraint Satisfaction Algorithm for the Automated
               Decryption of Simple Substitution Ciphers},
pages =        {132-145},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{Lunt88,
author = 	{T.F. Lunt},
title = 	{Automated Audit Trail Analysis and Intrusion Detection: 
			A Survey},
booktitle = 	{11NatSecConf},
year = 		1988
}

@article{Lunt93,
author = 	{T.F. Lunt},
title =        {A survey of intrusion detection techniques},
journal =      {Computers and Security},
year =         1993,
volume =       12,
pages =        {405--418}
}


@book{MacWilliamsSl77,
editor =       {F.J. MacWilliams and N.J.A. Sloane},
title =        {The Theory of Error-Correcting Codes},
publisher =    {North-Holland},
year =         1977,
note =         {CISM Courses and Lectures No. 279}
}


@inproceedings{Madryga84,
author =       {W. E. Madryga},
title =        {A High Performance Encryption Algorithm},
booktitle =    {Computer Security: A Global Challenge},
publisher =    {North Holland: Elsevier Science Publishers},
year =         1984,
pages =        {557--570}
}

@inproceedings{MagliverasMe90,
author =       {Spyros S. Magliveras and Nasir D. Memon},
title =        {Properties of cryptosystem PGM},
pages =        {447--460},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}

@misc{Manasse95,
author =       {Mark S. Manasse},
title =        {Millicent (electronic microcommerce)},
note = 	       {{\tt http://www.research.digital.com/SRC/personal/Mark\_Manasse/uncommon/ucom.html}},
year = 		1995
}

@inproceedings{MaoBo94,
author =       {Wenbo Mao and Colin Boyd},
title =        {Classification of Cryptographic Techniques in 
                Authentication Protocols},
booktitle =    {Proceedings 1994 Workshop on Selected Areas in Cryptography},
publisher =    {},
month =        May,
year =         1994,
note =         {(Kingston, Ontario, Canada)},
}

@book{MarcusMi64,
oldtag =       {Marcus64},
author =       {Marcus, M. and Minc, H.},
year =         1964,
title =        {A Survey of Matrix Theory and Matrix Inequalities},
publisher =    {Allyn and Bacon, Inc.},
address =      {Boston}
}

@article{Marsaglia68,
author =       {Marsaglia, G.},
year =         1968,
title =        {Random numbers fall mainly in the planes},
journal =      {Proc. N.A.S.},
volume =       {61},
pages =        {25--28}
}

@article{Martin-Lof66,
oldtag =       {Martin66},
author =       {Martin-{L\"{o}f}, P.},
year =         1966,
title =        {The definition of random sequences},
journal =      {Inform. Contr.},
volume =       {9},
pages =        {602--619}
}


@article{Massey69,
author =       {Massey, J.L.},
year =         1969,
title =        {Shift-register synthesis and {BCH} decoding},
journal =      {IEEE Transactions on Information Theory},
volume =       {IT-15},
pages =        {122--127}
}

@inproceedings{MasseyRu84,
oldtag =       {Massey84},
author =       {Massey, J. and Rueppel, R.A.},
year =         1984,
title =        {Linear ciphers and random sequence generators with
               multiple clocks},
booktitle =    {Advances in Cryptology --- Eurocrypt '84},
editor =       {T. Beth and N. Cot and I. Ingemarsson},
pages =        {74--87},
publisher =    {Springer-Verlag},
address =      {Berlin}
}
  
@book{Massey86,
author =       {J.L. Massey},
title =        {Cryptography -- a selective survey},
publisher =    {North-Holland},
year =         1986,
pages =        {3--21}
}

@inproceedings{Massey94,
author =       {Massey, J.},
year =         {1994},
title =        {{SAFER K-64: A Byte-Oriented Block-Ciphering Algorithm}},
booktitle =    {Fast Software Encryption},
editor =       {R. Anderson},
series =       {Lecture Notes in Computer Science},
volume =       809,
publisher =    {Springer Verlag},
pages =        {1--17},
address =      {Berlin}
}

@inproceedings{MasseyIn85,
author =       {Massey, J.L. and Ingemarsson, I.},
title =        {The {R}ip van {W}inkle cipher - a simple and provably
               computationally secure cipher with a finite key},
booktitle =    {Abstracts of papers, {IEEE} {I}nt. {S}ymp. {I}nform.
               {T}heory},
year =         {1985},
month =        {June},
address =      {Brighton, UK.}
}


@inproceedings{MasseyRu85,
author =       {James L. Massey and Rainer A. Rueppel},
title =        {Linear Ciphers and Random Sequence Generators with
               Multiple Clocks},
pages =        {74--87},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}

@inproceedings{MasseySe94,
author =       {James L. Massey and Shirlei Serconek},
title =        {A {Fourier} transform approach to the linear complexity
               of nonlinearly filtered sequences},
pages =        {332--340},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}


@inproceedings{MatiasSh88,
author =       {Yossi Matias and Adi Shamir},
title =        {A Video scrambling technique based on space filling
               curves},
pages =        {398--417},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{Matsui94,
author =       {Mitsuru Matsui},
title =        {The first experimental cryptanalysis of the Data Encryption
               Standard},
pages =        {1--11},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}

@inproceedings{Matsui94a,
author =       {Matsui, M.},
year =         1994,
title =        {Linear cryptanalysis method for {DES} cipher},
booktitle =    {Advances in Cryptology --- Eurocrypt '93},
editor =       {T. Helleseth},
publisher =    {Springer-Verlag},
series =       {Lecture Notes in Computer Science},
volume =       {765},
address =      {Berlin},
pages =        {386--397}
}

@inproceedings{MatsuiYa92,
author =       {Matsui, M. and Yamagishi, A.},
year =         1992,
title =        {A New Method for Known Plaintext Attack of {FEAL} Cipher},
booktitle =    {Advances in Cryptology --- Eurocrypt '92},
editor =       {R.A. Rueppel},
publisher =    {Springer-Verlag},
volume =       {658},
address =      {Berlin},
pages =        {81--91}
}

@inproceedings{MatsumotoIm88,
author =       {Tsutomu Matsumoto and Hideki Imai},
title =        {On the key predistribution system: A practical solution
               to the key distribution problem},
pages =        {185--193},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{MatsumotoKaIm88,
oldtag =       {MatsumotoKaIm90},
author =       {T. Matsumoto and K. Kato and H. Imai},
title =        {Speeding Up Secret Computations with Insecure Auxiliary
               Devices},
pages =        {497--506},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}


@article{MatsumotoTaIm86,
author =       {T. Matsumoto and Y. Takashima and H. Imai},
title =        {On seeking smart public-key distribution systems},
journal =      {Transactions of the IECE (Japan)},
volume =       69,
year =         1986,
pages =        {99--106}
}



@inproceedings{Matyas87,
author =       {Stephen M. Matyas},
title =        {Public-key registration},
pages =        {451--458},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}

@article{Matyas91,
author =       {S.M. Matyas},
year =         1991,
title =        {Key handling with control vectors},
journal =      {IBM Systems Journal},
volume =       {30},
number =       {2},
pages =        {151--174}
}
 


@inproceedings{Maurer89,
author =       {Maurer, Ueli M.},
title =        {Fast Generation of Secure {RSA-Moduli} with almost
               Maximal Diversity},
pages =        {636--647},
booktitle =    {Advances in Cryptology - EUROCRYPT '89},
publisher =    {Springer-Verlag},
address =      {New York},
month =        Apr,
year =         1989
}

@techreport{MaurerMa90,
oldtag =       {Maurer90a},
author =       {Ueli M. Maurer and James L. Massey},
title =        {Cascade Ciphers: The Importance of Being First},
institution =  {Institute for Signal and Information Processing},
address =      {Z\"urich, Switzerland},
year =         1990,
month =        May
}

@unpublished{Maurer90b,
author =       {Maurer, Ueli M.},
title =        {Provably-secure Key Distribution Based on Independent
               Channels},
month =        Jun,
year =         1990,
note =         {presented at 90 IEEE Workshop in Info Theory}
}

@inproceedings{Maurer90c,
author =       {Maurer, Ueli M.},
title =        {A provably-secure strongly-randomized cipher},
pages =        {361--373},
booktitle =    {Advances in Cryptology - EUROCRYPT '90},
publisher =    {Springer-Verlag},
address =      {Berlin, Germany},
month =        Aug,
year =         1990
}


@inproceedings{Maurer91,
author =       {Maurer, Ueli M.},
title =        {A Universal Statistical Test for Random Bit Generators},
pages =        {409--420},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}

@inproceedings{Maurer91a,
author =       {Maurer, U.M.},
year =         1991,
title =        {New approaches to the design of self-synchronizing
               stream ciphers},
booktitle =    {Advances in Cryptology --- Eurocrypt '91},
editor =       {D.W. Davies},
pages =        {458--471},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@inproceedings{Maurer92,
author =       {Ueli M. Maurer},
title =        {Protocols for Secret Key Agreement by Public Discussion
               Based on Common Information},
pages =        {461--470},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}


@inbook{Maurer92a,
author =       {Ueli M. Maurer},
title =        {Some number-theoretic conjectures and their relation
               to the generation of cryptographic primes},
publisher =    {Oxford University Press},
note =         {Cryptography and Coding, II},
year =         1992,
pages =        {173--191}
}

@misc{Maurer92b,
author =       {U. Maurer},
title =        {Cryptographic system allowing encrypted communications
               between users with a secure mutual cipher key determined
               without user interaction},
howpublished = {U.S. Patent 5,150,411},
month =        Sep,
year =         1992,
note =         {European patent application pending}
}


@misc{Maurer92ca,
oldtag =       {Maurer92c},
author =       {U. Maurer},
title =        {Public-key cryptographic systems using elliptic curves
               over rings},
howpublished = {U.S. Patent 5,146,500},
month =        Sep,
year =         1992,
note =         {European patent application pending}
}


@misc{Maurer92d,
author =       {U. Maurer},
title =        {A cryptographic system based on information difference},
howpublished = {U.S. Patent 5,161,244},
year =         1992,
note =         {European patent application pending}
}

@article{Maurer93,
author =       {U.M. Maurer},
title =        {Secret Key Agreement by Public Discussion From Common
               Information},
journal =      {IEEE Transactions on Information Theory},
year =         1993,
volume =       {39},
pages =        {733--742}
}

@article{Maurer93a,
author =       {U.M. Maurer},
title =        {Practical perfect cryptographic security},
journal =      {Advances in Computational Complexity Theory},
year =         1993,
volume =       {13},
pages =        {135--153}
}

@inproceedings{Maurer94,
author =       {Maurer, Ueli M.},
title =        {Towards the equivalence of breaking the {Diffie-Hellman}
               protocol and computing discrete algorithms},
pages =        {271--281},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}

@inproceedings{MaurerMa90a,
oldtag =       {MaurerMa90},
author =       {Ueli M. Maurer and James L. Massey},
title =        {Perfect local randomness in pseudo-random sequences},
pages =        {100--112},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}

@inproceedings{MaurerMa90aa,
oldtag =       {MaurerMa90a},
author =       {U.M. Maurer and J. L. Massey},
title =        {On the secret-key rate of binary random variables},
booktitle =    {Proc. 1990 IEEE Internation Symp. of Information Theory},
year =         1990,
pages =        {118--118},
note =         {San Diego, CA, Jan 14-19, '90}
}


@misc{MaurerVi87,
author =       {U.M. Maurer and R. Viscardi},
title =        {On the linear complexity and correlation immunity 
               of the summation cipher},
note =         {IEEE Student Papers},
publisher =    {IEEE Publication Service},
year =         1987,
pages =        {160--168}
}

@misc{May93,
author = 	{Timothy C. May},
title = 	{Timed-release crypto},
year = 		{1993},
month = 	Feb,
note = 		{{\tt http://www.hks.net/cpunks/cpunks-0/1460.html}}
}

@inproceedings{McCullough87,
author = 	{D. McCullough}, 
title = 	{Specifications for Multi-Level Security and a 
			Hook-up Property},
booktitle = 	{IEEESecPriv},
year = 		1987
}


@incollection{McCurley90,
author =       {Kevin S. McCurley},
title =        {The Discrete Logarithm Problem},
booktitle =    {Proc.\ of the AMS Symposia in Applied Mathematics:
               Computational Number Theory and Cryptography},
publisher =    {American Mathematical Society},
year =         {1990},
pages =        {49--74}
}

@incollection{McCurley90a,
author =       {Kevin S. McCurley},
title =        {Odds and Ends from Cryptology and Computational Number
               Theory},
booktitle =    {Proc.\ of the AMS Symposia in Applied Mathematics:
               Computational Number Theory and Cryptography},
publisher =    {American Mathematical Society},
year =         {1990},
pages =        {145--166}
}

@inbook{McEliece78,
author =       {R. J. McEliece},
title =        {A Public-Key System Based on Algebraic Coding Theory},
publisher =    {Jet Propulsion Lab},
note =         {DSN Progress Report 44},
year =         1978,
pages =        {114-116}
}


@book{McEliece87,
editor =       {R. McEliece},
title =        {Finite Fields for Computer Scientists and Engineers},
publisher =    {Kluwer Academic Publishers},
year =         1987
}



@article{McIlroy89,
author = 	{M. McIlroy},
title = 	{Virology 101},
journal = 	{Computing Systems},
volume = 	2,
number =	2,
pages = 	{173--181},
year = 		1989
}


@inproceedings{McInnesPi91,
author =       {J.L. McInnes and B. Pinkas},
title =        {On the Impossibility of Private Key Cryptography with
               Weakly Random Keys},
pages =        {421--436},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}

@article{McLean90,
author = 	{J. McLean},
title = 	{The Specifications and Modeling of Computer Security},
journal = 	{IEEE Computer},
pages =		{missing},
volume = 	23,
number =	1,
year =		1990
}



@inproceedings{Meier94,
author =       {Meier, W.},
year =         1994,
title =        {On the security of the {IDEA} block cipher},
booktitle =    {Advances in Cryptology --- Eurocrypt '93},
editor =       {T. Helleseth},
publisher =    {Springer-Verlag},
series =       {Lecture Notes in Computer Science},
volume =       {765},
address =      {Berlin},
pages =        {371--385}
}

@article{MeierSt89,
author =       {Meier, W. and Staffelbach, O.},
year =         1989,
title =        {Fast Correlation Attacks on Certain Stream Ciphers},
journal =      {Journal of Cryptology},
volume =       1,
number =       3,
pages =        {159--176}
}


@inproceedings{MeierSt91,
author =       {Meier, W. and Staffelbach, O.},
year =         1991,
title =        {Correlation properties of combiners with memory in
               stream ciphers},
booktitle =    {Advances in Cryptology --- Eurocrypt '90},
editor =       {I.B. Damg{\aa}rd},
pages =        {549--562},
publisher =    {Springer-Verlag},
address =      {Berlin}
}

@inproceedings{MeierSt92,
author =       {Willi Meier and Othmar Staffelbach},
title =        {Efficient Multiplication on Certain Nonsupersingular
               Elliptic Curves},
pages =        {333-344},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}

@inproceedings{MeierSt92a,
author =       {Meier, W. and Staffelbach, O.},
year =         1992,
title =        {Analysis of Pseudo Random Sequences Generated by Cellular
               Automata},
booktitle =    {Advances in Cryptology --- Eurocrypt '91},
editor =       {D.W. Davies},
pages =        {186--199},
publisher =    {Springer-Verlag},
address =      {Berlin}
}

@article{MeierSt92b,
author =       {Meier, W. and Staffelbach, O.},
year =         1992,
title =        {Correlation properties of combiners with memory in
               stream ciphers},
journal =      {Journal of Cryptology},
volume =       5,
number =       1,
pages =        {67--86}
}


@inproceedings{MeijerAk82,
oldtag =       {MeijerAkl82},
author =       {H. Meijer and Selim Akl},
title =        {Digital Signature Scheme for Computer Communication
               Networks},
pages =        {65--70},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@book{Menezes93,
editor =       {A.J. Menezes},
title =        {Elliptic Curve Public Key Cryptosystems},
publisher =    {Kluwer Academic Publishers},
year =         1993
}

@book{MenezesBlGaMuVaYa93,
editor =       {A.J. Menezes and I.F. Blake and X. Gao and R.C. Mullin
               and S.A. Vanstone and T. Yaghoobian},
title =        {Applications of Finite Fields},
publisher =    {Kluwer Academic Publishers},
year =         1993
}


@article{MenezesOkVa94,
author =       {A.J. Menezes and T. Okamoto and S.A. Vanstone},
title =        {Reducing elliptic curve logarithms to logarithms in
               a finite field},
journal =      {IEEE Transactions on Information Theory},
year =         1994,
volume =       {39},
pages =        {1639--1646}
}


@INPROCEEDINGS{MenezesVa90,
author =       {A. Menezes and S.A. Vanstone},
title =        {The Implementation of Elliptic Curve Cryptosystems},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {2--13}
}

@article{MenezesVa93,
author =       {A.J. Menezes and S.A. Vanstone},
title =        {Elliptic curve cryptosystems and their implementation},
journal =      {Journal of Cryptology},
volume =       6,
year =         1993,
pages =        {209--224}
}


@article{Merkle78,
author =       {R. C. Merkle},
title =        {Secure Communications Over Insecure Channels},
journal =      CACM,
volume =       21,
month =        Apr,
year =         1978,
pages =        {294--299}
}

@techreport{Merkle79,
author =       {Ralph Charles Merkle},
title =        {Secrecy, Authentication, and Public Key Systems},
year =         1979,
month =        {Jun},
institution =  {Stanford University}
}

@inproceedings{Merkle88,
author =       {Merkle, Ralph C.},
title =        {A digital signature based on a conventional encryption
               function},
pages =        {369--378},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{Merkle90,
oldtag =       {Merkle89},
author =       {Merkle, Ralph C.},
title =        {One way hash functions and {DES}},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer},
year =         1990,
pages =        {428--446}
}

@article{Merkle89a,
author =       {Merkle, R.C.},
year =         {1989},
title =        {A Fast Software One-Way Hash Function},
journal =      {Journal of Cryptology},
volume =       3,
number =       1,
pages =        {43--58}
}


@inproceedings{Merkle90a,
oldtag =       {Merkle90},
author =       {Merkle, Ralph C.},
title =        {A certified digital signature},
pages =        {218--238},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990,
comment =      {References Winternitz's one-time signature scheme.}
}

@inproceedings{Merkle90aa,
oldtag =       {Merkle90a},
author =       {Merkle, Ralph C.},
title =        {One way hash functions and {DES}},
pages =        {428--446},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{Merkle91,
author =       {Merkle, Ralph C.},
title =        {Fast Software Encryption Functions},
pages =        {476--501},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}


@article{MerkleHe78,
author =       {R. Merkle and M. Hellman},
title =        {Hiding Information and Signatures in Trapdoor Knapsacks},
journal =      {IEEE Trans. Inform. Theory},
volume =       {IT-24},
month =        Sep,
year =         1978,
pages =        {525--530}
}

@article{MerkleHe81,
author =       {Merkle, R.C. and Hellman, M.E.},
year =         1981,
title =        {On the security of multiple encryption},
journal =      {Communications of the ACM},
volume =       24,
pages =        {465--467},
month =        {July}
}


@inproceedings{Merritt83,
author =       {Michael Merritt},
title =        {Key Reconstruction},
pages =        {321--322},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@article{Messmer92,
author =       {Messmer, E.},
year =         1992,
title =        {{NIST} stumbles on proposal for public-key encryption},
journal =      {Network World},
volume =       9,
number =       30,
month =        {July 27,}
}

@inproceedings{Meyer89,
author =       {Meyer, C.H.},
year =         {1989},
title =        {Cryptography - A state of the art review},
booktitle =    {COMPEURO'89, Proc.\ VLSI and Computer Peripherals},
publisher =    {3rd Annual Computer Conference},
address =      {Hamburg, Germany},
pages =        {150--154}
}


	
@book{MeyerMa82,
author =       {C. H. Meyer and S. M. Matyas},
title =        {Cryptography: A New Dimension in Computer Data Security},
publisher =    {John Wiley and Sons},
address =      {New York},
year =         1982
}

@inproceedings{MeyerSc88,
author =       {Meyer, C.H. and Schilling, M.},
year =         {1988},
title =        {Secure program load with manipulation detection code},
booktitle =    {SECURICOM'88},
publisher =    {Paris},
address =      {France},
pages =        {111--130}
}

@inproceedings{Micali92,
author =       {Silvio Micali},
title =        {Fair Public-Key Cryptosystems},
pages =        {113--138},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}

@inproceedings{Micali94,
author =       {Silvio Micali},
title =        {{CS (Computationally-Sound)} Proofs},
booktitle =    {STOC94},
publisher =    {ACM},
address =      {Montreal, Canada},
pages =        {436--453},
year =         1994
}


@techreport{Micali94a,
author =       {Silvio Micali},
title =        {A secure and efficient digital signature algorithm},
institution =  {MIT Laboratory for Computer Science},
number =       {MIT/LCS/TM-501},
month =        {Mar},
year =         1994
}

@techreport{Micali95,
author =       {Silvio Micali},
title =        {Guaranteed partial key escrow},
institution =  {MIT Laboratory for Computer Science},
number =       {MIT/LCS/TM-537},
month =        {Sep},
year =         1995
}

@techreport{Micali96,
author =       {Silvio Micali},
title =        {Efficient Certificate Revocation},
institution =  {MIT Laboratory for Computer Science},
number =       {TM-542b},
month =        {March 22,},
year =         1996
}

@inproceedings{MicaliRa91,
author =       {S. Micali and T. Rabin},
title =        {Collective Coin Tossing Without Assumptions Nor Broadcasting},
pages =        {253--267},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}

%MicaliRaSl88 is the final journal version of this paper
@inproceedings{MicaliRaSl87,
author =       {Silvio Micali and Charles Rackoff and Bob Sloan},
title =        {The Notion of Security for Probabilistic Cryptosystems},
pages =        {381--392},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}

@article{MicaliRaSl88,
author =       {S. Micali and C. Rackoff and R. H. Sloan},
title =        {The Notion of Security for Probabilistic Cryptosystems},
journal =      SIAM,
year =         1988,
volume =       17,
number =       2,
pages =        {412--426},
month =        Apr
}

@inproceedings{MicaliRo92,
author =       {S. Micali and P. Rogaway},
title =        {Secure computation},
pages =        {392--404},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}

@inproceedings{MicaliSc88,
oldtag =       {MicaliSc90},
author =       {S. Micali and C.P. Schnorr},
title =        {Efficient, Perfect Random Number Generators},
pages =        {173--199},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{MicaliSh88,
oldtag =       {MicaliSh90},
author =       {S. Micali and A. Shamir},
title =        {An Improvement of the {Fiat-Shamir} Identification
               and Signature Scheme},
pages =        {244-248},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{Mignotte83,
author =       {Maurice Mignotte},
title =        {How to Share A Secret},
pages =        {371--375},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}



@inproceedings{Mihailescu94,
author =       {Preda Mihailescu},
title =        {Fast Generation of provable primes using search in
               arithmetic progressions},
pages =        {282--293},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}

@inproceedings{MihaljevicGo90a,
oldtag =       {MihaljevicGo90},
author =       {Mihaljevi{\'c}, M.J. and Goli{\'c}, J.},
title =        {A Fast Iterative Algorithm for a Shift Register Initial
               State Reconstruction Given the Noisy Output Sequence},
year =         {1990},
editor =       {Seberry, J. and Pieprzyk, J.},
booktitle =    {Advances in Cryptology --- Auscrypt '90},
publisher =    {Springer Verlag},
address =      {Berlin},
pages =        {165--175}
}


@article{Millen76,
author = 	{J.K. Millen},
title = 	{Security Kernel Validation in Practice},
journal = 	{Communications of the ACM},
volume =	19,
number =	5,
pages =		{243-250},
year = 		1976
}


@article{Miller76,
author =       {Gary L. Miller},
title =        {Riemann's Hypothesis and Tests for Primality},
journal =      jcss,
year =         1976,
volume =       13,
number =       3,
mon =          dec,
pages =        {300--317}
}

@inproceedings{Miller86,
author =       {Miller, Victor S.},
title =        {Use of Elliptic Curves in Cryptography},
pages =        {417--426},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
publisher =    {Springer},
year =         1986,
note =         {Lecture Notes in Computer Science No.\ 218}
}



@incollection{MitchellPiWi92,
oldtag =       {Mitchell92},
author =       {Mitchell, C.J. and Piper, F. and Wild, P.},
year =         1992,
title =        {Digital Signatures},
booktitle =    {Contemporary Cryptology, The Science of Information
               Integrity},
editor =       {G.J. Simmons},
publisher =    {{IEEE Press}},
pages =        {325--378}
}

@techreport{Mitzenmacher81,
oldtag =       {Mitzenmacher91},
author =       {Michael Mitzenmacher},
title =        {Elliptic Curves in Computer Science: Primality Testing,
               Factoring, and Cryptography},
institution =  {Harvard University, Center for Research in Computing
               Technology},
number =       {TR-15-91},
year =         1981
}


@inproceedings{Miyaguchi90,
author =       {Shoji Miyaguchi},
title =        {The {FEAL}-8 cryptosystem and a call for attack},
pages =        {624--627},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}

@inproceedings{Miyaguchi91,
author =       {S. Miyaguchi},
title =        {The {FEAL} Cipher Family},
pages =        {627--638},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}

@inproceedings{MiyaguchiOhIw90,
author =       {Miyaguchi, S. and Ohta, K. and Iwata, M.},
year =         {1990},
title =        {128-bit hash function ({N}-{H}ash)},
booktitle =    {{SECURICOM} '90},
pages =        {123--137}
}

@article{MohanAd85,
author =       {S. Mohan and B. Adiga},
year =         1985,
month =        {August},
title =        {Fast algorithms for implementing {RSA} public key cryptosystems},
journal =      {Electronics Letters},
volume =       21,
number =       17,
pages =        {761}
}

@phdthesis{Monier80,
author =       {Louis Monier},
title =        {Algorithmes de Factorisation D'Entiers},
school =       {L'U\-ni\-ver\-sit\'e Paris-Sud},
address =      {Centre D'Orsay},
year =         1980,
mon =          may
}

@article{Monier80b,
author =       {Louis Monier},
title =        {Evaluation and Comparison of Two Efficient Probabilistic
               Primality Testing Algorithms},
journal =      tcs,
mon =          sep,
year =         1980,
volume =       12,
number =       1,
pages =        {97--108}
}

@article{Montgomery85,
author =       {P. Montgomery},
title =        {Modular multiplication without trial division},
journal =      {Mathematics of Computation},
year =         1985,
volume =       44,
pages =        {519--521}
}

@article{Montgomery87,
author =       {Peter L. Montgomery},
title =        {Speeding the {P}ollard and elliptic curve methods of
               factorization},
journal =      {Mathematics of Computation},
year =         1987,
month =        Jan,
volume =       48,
number =       177,
pages =        {243--264}
}

@article{MontgomerySi90,
author =       {Peter L. Montgomery and Robert D. Silverman},
title =        {An {FFT} extension to the {$p-1$} algorithm},
journal =      {Mathematics of Computation},
year =         1990,
month =        Apr,
volume =       54,
number =       190,
pages =        {839--854}
}

@book{MoodGrBo74,
author =       {Mood, A.M. and Graybill, F.A. and Boes, D.C.},
year =         1974,
title =        {Introduction to the Theory of Statistics},
edition =      {3rd},
publisher =    {McGraw-Hill}
}

@inproceedings{Moore88,
author =       {Judy H. Moore},
title =        {Strong practical protocols},
pages =        {167--172},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@incollection{Moore92,
author =       {J.H. Moore},
title =        {Protocol failures in cryptosystems},
booktitle =    {Contemporary Cryptology, The Science of Information
               Integrity},
publisher =    {IEEE Press},
year =         1992,
pages =        {541--558}
}


@inproceedings{MooreSi87,
author =       {Judy H. Moore and Gustavus J. Simmons},
title =        {Cycle Structures of the {DES} with Weak and Semi-Weak
               Keys},
pages =        {9--32},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@inproceedings{MooreTa86,
author =       {T.E. Moore and S.E. Tavares},
title =        {A Layered Approach to the Design of Private Key Cryptosystems},
pages =        {227--245},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}

@inproceedings{Morita90,
author =       {Hikaru Morita},
title =        {A fast modular-multiplication algorithm based on a
               higher radix},
pages =        {387--399},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@INPROCEEDINGS{Morita90a,
author =       {H. Morita},
title =        {A Fast Modular-Mulitplication Module for Smart Cards},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {406--409}
}


@inproceedings{MoritaOhMi92,
author =       {H. Morita and K. Ohta and S. Miyaguchi},
title =        {A switching closure test to analyze cryptosystems},
pages =        {183--193},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}


@article{MorrisTh79,
author =       {R. Morris and K. Thompson},
year =         1979,
title =        {Password Security: A Case History},
journal =      {Communications of the ACM},
volume =        22,
number = 	11,
pages =        {to add},
month =        {Nov}
}


@inproceedings{Morrison82,
author =       {Don R. Morrison},
title =        {Subtractive Encryptors -- Alternatives to the {DES}},
pages =        {42--52},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@article{MorrisonBr75,
author =       {M. A. Morrison and J. Brillhart},
title =        {A Method of Factoring and the Factorization of $F_7$},
journal =      {Mathematics of Computation},
volume =       29,
year =         1975,
pages =        {183--205}
}

@book{MotwaniRa95,
author =       {Rajeev Motwani and Prabhakar Raghavan},
title =        {Randomized Algorithms},
publisher =    {Cambridge University Press},
year =         {1995}
}

@inproceedings{Mueller-SchlWa83,
oldtag =       {Mueller-SchloerWa83},
author =       {Christian Mueller-Schloer and Neal R. Wagner},
title =        {Cryptographic Protection of Personal Data Cards},
pages =        {219--229},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@inbook{Mullen93,
author =       {Gary L. Mullen},
title =        {Permutation Polynomials over Finite Fields},
publisher =    {Shiue, Peter Jau-Shyong},
note =         {booktitle: Lecture Notes in Pure and Applied Mathematics,
               vol. 141},
year =         1993,
pages =        {131--151}
}


@inproceedings{Mund92,
author =       {Mund, S.},
year =         1992,
title =        {Ziv-{L}empel Complexity for Periodic Sequences and
               its Cryptographic Application},
booktitle =    {Advances in Cryptology --- Eurocrypt '91},
editor =       {D.W. Davies},
pages =        {114--126},
publisher =    {Springer-Verlag},
address =      {Berlin}
}

@article{Murphy90,
author =       {S. Murphy},
title =        {The Cryptoanalysis of {FEAL}-4 with 20 Chosen Plaintexts},
journal =      {Journal of Cryptology},
year =         1990,
volume =       2,
pages =        {145--154}
}


@inproceedings{Naor90,
author =       {Moni Naor},
title =        {Bit commitment using pseudo-randomness},
pages =        {128--137},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{NaorOsVeYu92,
author =       {M. Naor and R. Ostrovsky and R. Venkatesan and M. Yung},
title =        {Perfect Zero-Knowledge Arguments for {\em NP} Can Be
               Based on General Complexity Assumptions},
booktitle =    {CRYPTO92 Preliminary Proceedings},
year =         1992,
address =      {Santa Barbara, CA},
pages =        {51--58}
}


@inproceedings{NaorOsVeYu92a,
author =       {M. Naor and R. Ostrovsky and R. Venkatesan and M. Yung},
title =        {Perfect Zero-Knowledge Arguments for {\em NP} Can Be
               Based on General Complexity Assumptions},
pages =        {196--214},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}

@inproceedings{NaorYu89,
author =       {M. Naor and M. Yung},
title =        {Universal one-way hash functions and their cryptographic
               applications},
booktitle =    STOC89,
publisher =    ACM,
address =      {Seattle},
year =         1989,
pages =        {33--43}
}

@inproceedings{NaorYu90,
author =       {Moni Naor and Moti Yung},
title =        {Public-key Cryptosystems Provably Secure Against Chosen
               Ciphertext Attack},
booktitle =    {Proc.\ of the Twenty-Second Annual ACM Symposium on
               Theory of Computing},
year =         1990,
address =      {Baltimore, Maryland},
publisher =    {ACM},
pages =        {427--437}
}

@techreport{NationalBure76,
oldtag =       {NBS76},
author =       {{National Bureau of Standards}},
institution =  {{National Bureau of Standards}},
year =         1976,
title =        {Report of the workshop on estimation of significant
               advances in computer technology},
number =       {{NBSIR 76-1189}}
}

@techreport{Standards77,
oldtag =       {NBS77},
author =       {National Bureau of Standards},
title =        {Announcing the Data Encryption Standard},
institution =  {National Bureau of Standards},
number =       {FIPS Publication 46},
month =        Jan,
year =         1977
}

@techreport{Standards80,
oldtag =       {NBS80},
author =       {National Bureau of Standards},
title =        {{DES} modes of operation},
institution =  {National Bureau of Standards},
number =       {FIPS Publication 81},
year =         1980
}


@techreport{Standards81,
oldtag =       {NBS81},
author =       {National Bureau of Standards},
title =        {Guidelines for implementing and using the {NBS} data
               encryption standard},
institution =  {National Bureau of Standards},
number =       {FIPS Publication 74},
year =         1981
}


@techreport{Standards85b,
oldtag =       {NBS85},
author =       {National Bureau of Standards},
title =        {Computer data authentication},
institution =  {National Bureau of Standards},
number =       {FIPS Publication 113},
year =         1985
}


@techreport{Standards93,
oldtag =       {NBS93},
author =       {National Bureau of Standards},
title =        {Secure hash standard},
institution =  {National Bureau of Standards},
number =       {FIPS Publication 180},
year =         1993
}

@techreport{Standards94,
oldtag =       {NBS94},
author =       {National Bureau of Standards},
title =        {Digital Signature Standard},
institution =  {National Bureau of Standards},
number =       {FIPS Publication 186},
year =         1994
}


@article{Needham94,
author =       {Roger M. Needham},
title =        {Denial of Service: An Example},
journal =      {Communications of the ACM},
month =        Nov,
year =         1994,
volume =       37,
number =       11,
pages =        {42--47}
}


@article{NeedhamSc78,
author =       {R. M. Needham and M. D. Schroeder},
title =        {Using encryption for authentication in large networks
               of computers},
journal =      CACM,
volume =       21,
number =       12,
year =         1978,
month =        Dec,
pages =        {993--999}
}


@article{Nelson94,
author =       {Ruth Nelson},
title =        {What is a secret and what does it have 
		to do with computer security},
journal =      {New Security Paradigms Workshop},
year =         1994,
pages =        {74--79}
}


@inproceedings{NelsonHe90,
author =       {Ruth Nelson and John Heimann},
title =        {{SDNS} architecture and end-to-end encryption},
pages =        {356--367},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@misc{NetBill95,
title = 	{{The NetBill Electronic Commerce Project}},
year = 		1995,
note = 		{{\tt http://www.ini.cmu/NETBILL/home.html}}
}

@article{NeumanTs94,
author =       {B. Clifford Neuman and Theodore Ts'o},
title =        {Kerberos: An Authentication Service for Computer Networks},
journal =      {IEEE Communications Magazine},
month =        Sep,
year =         1994,
volume =       32,
number =       9,
pages =        {33--38}
}


@INPROCEEDINGS{Newberry90,
author =       {M. Newberry},
title =        {{Min\`{o}s}: Extended User Authentication},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {410--423}
}


@inproceedings{Nicolai83,
author =       {Carl Nicolai},
title =        {Nondeterministic Cryptography},
pages =        {323--326},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@inproceedings{Niederreiter91,
author =       {Niederreiter, H.},
year =         1991,
title =        {The linear complexity profile and the jump complexity
               of keystream sequences},
booktitle =    {Advances in Cryptology --- Eurocrypt '90},
editor =       {I.B. Damg{\aa}rd},
pages =        {174--188},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@manual{NationalInst77,
oldtag =       {NIST77},
author =       {{National Institute of Standards and Technology (NIST)}},
year =         1977,
month =        {January},
title =        {{FIPS} Publication 46: Announcing the {Data Encryption
               Standard}},
note =         {Originally issued by National Bureau of Standards}
}


@manual{NationalInst79,
oldtag =       {NIST79},
author =       {{National Institute of Standards and Technology (NIST)}},
year =         1979,
month =        {August},
title =        {{FIPS} Publication 65: Guideline for Automatic Data Processing
		Risk Analysis}
}


@manual{NationalInst80,
oldtag =       {NIST80},
author =       {{National Institute of Standards and Technology (NIST)}},
year =         1980,
title =        {{FIPS Publication} 81: {DES} Modes of Operation},
month =        {December 2,},
note =         {Originally issued by National Bureau of Standards}
}

@manual{NationalInst85a,
oldtag =       {NIST85},
author =       {{National Institute of Standards and Technology (NIST)}},
year =         1985,
title =        {{FIPS Publication 113: Computer Data Authentication}},
month =        {May 30,},
note =         {Originally issued by National Bureau of Standards}
}

@manual{NationalInst88,
oldtag =       {NIST88},
author =       {{National Institute of Standards and Technology (NIST)}},
year =         1988,
month =        {January 22,},
title =        {{FIPS Publication 46-1: Data Encryption Standard}},
note =         {Originally issued by National Bureau of Standards}
}


@article{StandardsTe91,
oldtag =       {NIST91},
author =       {National Institute for Standards and Technology},
title =        {{Digital Signature Standard (DSS)}},
journal =      {Federal Register},
volume =       56,
number =       169,
month =        {August 30},
year =         1991
}

@techreport{StandardsTe91a,
oldtag =       {NIST91a},
author =       {National Institute for Standards and Technology},
title =        {A Proposed Federal Information Processing Standard
               for Digital Signature Standard {(DSS)}},
institution =  {National Institute for Standards and Technology},
number =       {FIPS PUB XX},
month =        Aug,
year =         1991,
note =         {DRAFT}
}


@manual{NationalInst92,
oldtag =       {NIST92},
author =       {{National Institute of Standards and Technology (NIST)}},
year =         1992,
title =        {Special Publication 500-183: Stable Implementation
               Agreements for Open Systems Interconnection Protocols:
               Part 12 --- {OS}] Security},
month =        {June}
}


@article{NationalInst92a,
oldtag =       {NIST92a},
author =       {{National Institute of Standards and Technology (NIST)}},
year =         1992,
title =        {The {Digital Signature Standard}, proposal and discussion},
journal =      {Communications of the ACM},
volume =       35,
number =       7,
pages =        {36--54},
month =        {July}
}

@manual{NationalInst93,
oldtag =       {NIST93},
author =       {{National Institute of Standards and Technology (NIST)}},
year =         1993,
month =        {December 30,},
title =        {{FIPS} Publication 46-2: Data Encryption Standard}
}

@article{NationalInst93a,
oldtag =       {NIST93a},
author =       {{National Institute of Standards and Technology (NIST)}},
year =         1993,
title =        {Notice of Proposal for Grant of Exclusive Patent License},
journal =      {Federal Register},
volume =       58,
number =       108,
month =        {June 8,}
}

@manual{NationalInst93b,
oldtag =       {NIST93b},
author =       {{National Institute of Standards and Technology (NIST)}},
year =         1993,
month =        {May 11,},
title =        {{FIPS} Publication 180: Secure Hash Standard {(SHS)}}
}

@article{NationalInst93c,
oldtag =       {NIST93c},
author =       {{National Institute of Standards and Technology (NIST)}},
year =         1993,
title =        {A Proposed {Federal Information Processing Standard}
               for an {Escrowed Encryption Standard {(EES)}}},
journal =      {Federal Register},
volume =       58,
number =       145,
month =        {July 30,}
}

@article{NationalInst93d,
oldtag =       {NIST93d},
author =       {{National Institute of Standards and Technology (NIST)}},
year =         1993,
title =        {Opportunity To Join a Cooperative Research and Development
               Consortium To Develop Secure Software Encryption With
               Integrated Cryptographic Key Escrowing Techniques},
journal =      {Federal Register},
volume =       58,
number =       162,
month =        {August 24,}
}


@manual{NationalInst94,
oldtag =       {NIST94},
author =       {{National Institute of Standards and Technology (NIST)}},
year =         1994,
month =        {May 19,},
title =        {{FIPS} Publication 186: Digital Signature Standard}
}

@manual{NationalInst94a,
oldtag =       {NIST94a},
author =       {{National Institute of Standards and Technology (NIST)}},
year =         1994,
month =        {May},
title =        {Announcement of Weakness in the {Secure Hash Standard}
               (SHS)}
}

@manual{NationalInst94c,
author =       {{National Institute of Standards and Technology (NIST)}},
year =         1994,
month =        {February 9,},
title =        {{FIPS} Publication 185: Escrowed Encryption Standard}
}

@book{NivenZu72,
author =       {I. Niven and H. S. Zuckerman},
title =        {An Introduction to the Theory of Numbers},
publisher =    {Wiley},
year =         1972
}

@book{NivenZu80,
author =       {Ivan Niven and Herbert S. Zuckerman},
title =        {An Introduction to the Theory of Numbers},
publisher =    {John Wiley \& Sons},
edition =      {Fourth},
year =         1980
}

@book{NationalRese91,
oldtag =       {NRC91},
author =       {{National Research Council, System Security Study Committee
               and others}},
year =         1991,
title =        {Computers at Risk: {Safe} Computing in the Electronic
               Age},
publisher =    {National Academy Press},
address =      {Washington, DC},
note =         {David D. Clark, Chairman}
}

@inproceedings{Nyberg91,
author =       {Nyberg, K.},
year =         1991,
title =        {Perfect nonlinear {S}-boxes},
booktitle =    {Advances in Cryptology --- Eurocrypt '91},
editor =       {D.W. Davies},
publisher =    {Springer-Verlag},
address =      {Berlin},
pages =        {378--386}
}

@inproceedings{NybergKn92,
author =       {Kaisa Nyberg and Lars R. Knudsen},
title =        {Provable Security Against Differential Cryptanalysis},
pages =        {566--574},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}

@inproceedings{Nyberg93,
author =       {Nyberg, K.},
year =         1993,
title =        {On the construction of highly nonlinear permutations},
booktitle =    {Advances in Cryptology --- Eurocrypt '92},
editor =       {R.A. Rueppel},
publisher =    {Springer-Verlag},
address =      {Berlin},
pages =        {92--98}
}


@inproceedings{Nyberg94,
author =       {Nyberg, K.},
year =         {1994},
title =        {Differentially uniform mappings for cryptography},
booktitle =    {Advances in Cryptology --- Eurocrypt '93},
editor =       {T. Helleseth},
publisher =    {Springer-Verlag},
series =       {Lecture Notes in Computer Science},
volume =       {765},
address =      {Berlin},
pages =        {55--64}
}
  
@misc{Nyberg94a,
author =       {Nyberg, K.},
year =         {1994},
month =        {May},
title =        {Linear approximation of block ciphers},
note =         {Presented at rump session, Eurocrypt '94}
}


@inproceedings{Nye82,
author =       {J. Michael Nye},
title =        {Current Market: Products, Costs, Trends},
pages =        {110-114},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@inproceedings{Nye82a,
author =       {J. Michael Nye},
title =        {The Import/Export Dilemma},
pages =        {135-137},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@inproceedings{Oberman83,
author =       {M.R. Oberman},
title =        {Communications Security in Remote Controlled Computer
               Systems},
pages =        {219--227},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}

@inproceedings{OConnerSn93,
oldtag =       {Oconner93},
author =       {O'Conner, L. and Snider, T.},
year =         1993,
title =        {Suffix trees and string complexity},
booktitle =    {Advances in Cryptology --- Eurocrypt '92},
editor =       {R.A. Rueppel},
pages =        {138--152},
publisher =    {Springer-Verlag},
address =      {Berlin}
}

@inproceedings{OConnor94,
oldtag =       {O'Connor94},
author =       {Luke O'Connor},
title =        {On the distribution of characteristics in composite
               permutations},
pages =        {403--412},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}
@inproceedings{OConner94,
oldtag =       {Oconner94a},
author =       {O'Conner, L.},
year =         1994,
title =        {On the distribution of characteristics in bijective
               mappings},
booktitle =    {Advances in Cryptology --- Eurocrypt '93},
editor =       {T. Helleseth},
publisher =    {Springer-Verlag},
series =       {Lecture Notes in Computer Science},
volume =       {765},
address =      {Berlin},
pages =        {360--370}
}


@article{Odlyzko84a,
author =       {A. M. Odlyzko},
title =        {Cryptanalytic attacks on the multiplicative knapsack
               scheme and on {Shamir's} fast signature scheme},
journal =      {IEEE Trans.\ Inform.\ Theory},
volume =       {IT-30},
month =        Jul,
year =         1984,
pages =        {594--601}
}

@inproceedings{Odlyzko85,
oldtag =       {Odlyzko84b},
author =       {A. M. Odlyzko},
title =        {Discrete logarithms in finite fields and their cryptographic
               significance},
pages =        {224--314},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer},
address =      {Paris},
year =         1985
}

@incollection{Odlyzko90,
author =       {A. M. Odlyzko},
title =        {The Rise and Fall of the Knapsack Problem},
booktitle =    {Proc.\ of the AMS Symposia in Applied Mathematics:
               Computational Number Theory and Cryptography},
publisher =    {American Mathematical Society},
year =         {1990},
pages =        {75--88}
}


@article{Ogiwara90,
author =       {M. Ogiwara},
title =        {A Method for Generating Cryptographically strong primes},
journal =      {Transactions of the IEICE (Japan)},
volume =       {E73},
year =         1990,
pages =        {985--994}
}



@inproceedings{OhtaAo94,
author =       {Kazuo Ohta and Kazumaro Aoki},
title =        {Linear cryptanalysis of the Data Encryption Standard},
pages =        {12--16},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}

@INPROCEEDINGS{OhtaKo90,
author =       {K. Ohta and K. Koyama},
title =        {Meet-in-the-middle Attack on Digital Signature Schemes},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {140--154}
}


@inproceedings{OhtaMa94,
author =       {Kazuo Ohta and Mitsuru Matsui},
title =        {Differential attack on message authentication codes},
pages =        {200--211},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}


@inproceedings{OhtaOk88,
oldtag =       {OhtaOk90},
author =       {K. Ohta and T. Okamoto},
title =        {A modification of the {Fiat-Shamir} Scheme},
pages =        {232-243},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{Okamoto94,
author =       {Tatsuaki Okamoto},
title =        {Designated confirmer signatures and public-key encryption
               are equivalent},
pages =        {61--74},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}


@inproceedings{Okamoto92,
author =       {Tatsuaki Okamoto},
title =        {Provably Secure and Practical Identification Schemes
               and Corresponding Signature Schemes},
pages =        {31--53},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}


@inproceedings{Okamoto88b,
oldtag =       {Okamoto88},
author =       {Eiji Okamoto},
title =        {Key distribution systems based on identification information},
pages =        {194--202},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{OkamotoFuFu92,
author =       {Tatsuaki Okamoto and Atsushi Fujioka and Eiichiro Fujisaki},
title =        {An Efficient Digital Signature Scheme Based on an Elliptic
               Curve Over the Ring $Z_n$},
pages =        {54--65},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}


@inproceedings{OkamotoNa86,
author =       {E. Okamoto and K. Nakamura},
title =        {Lifetimes of Keys in Cryptographic Key Management Systems},
pages =        {246--259},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}


@inproceedings{OkamotoOh90,
author =       {Tatsuaki Okamoto and Kazuo Ohta},
title =        {Disposable zero-knowledge authentications and their
               applications to untraceable electronic cash},
pages =        {481--497},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{OkamotoOh91,
author =       {T. Okamoto and K. Ohta},
title =        {How to Utilize the Randomness of Zero-Knowledge Proofs},
pages =        {456--475},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}

@inproceedings{OkamotoOh92,
author =       {T. Okamoto and K. Ohta},
title =        {Universal Electronic Cash},
pages =        {324--337},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}

@inproceedings{OkamotoSa92,
author =       {Tatsuaki Okamoto and K. Sakurai},
title =        {Efficient algorithms for the construction of hyperelliptic
               cryptosystems},
pages =        {267--278},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}


@inproceedings{OngSc84,
author =       {H. Ong and C.P. Schnorr},
title =        {Signatures through Approximate Representation by Quadratic
               Forms},
pages =        {117-131},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}

@inproceedings{OngScSh84,
author =       {H. Ong and C.P. Schnorr and A. Shamir},
title =        {An Efficient Signature Scheme Based on Quadratic Equations},
pages =        {208--216},
booktitle =    STOC84,
publisher =    ACM,
address =      {Washington, D.C.},
year =         1984
}

@inproceedings{Ondrusch94,
author =       {Ondrusch, S.},
year =         1994,
title =        {Smallest and fastest implementations of various asymmetric
               cryptographic algorithms on chip cards},
booktitle =    {{CardTech/SecurTech 1994}},
pages =        {61--68}
}


@inproceedings{OngScSh85,
author =       {H. Ong and C.P. Schnorr and Adi Shamir},
title =        {Efficient Signature Schemes},
pages =        {37--46},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}


@incollection{Oorschot92,
author =       {Oorschot, P.C. van},
year =         {1992},
title =        {A Comparison of Practical Public Key Cryptosystems
               Based on Integer Factorization and Discrete Logarithms},
booktitle =    {Contemporary Cryptology, The Science of Information
               Integrity},
editor =       {G.J. Simmons},
publisher =    {{IEEE Press}},
pages =        {289--322}
}

@inproceedings{OorschotWi91,
author =       {Oorschot, P.C. van and Wiener, M.J.},
year =         1991,
title =        {A Known-plaintext attack on two-key triple encryption},
booktitle =    {Advances in Cryptology --- Eurocrypt '90},
editor =       {I.B. Damg{\aa}rd},
pages =        {318--325},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@article{Oppliger97,
author =       {Oppliger, Rolf},
year =         1997,
month =        {May},
title =        {Internet Security: Firewalls and Bey},
journal =      {Communications of the ACM},
volume =       40,
number =       5,
pages =        {92--101}
}


@book{OppenheimSc75,
author =       {Oppenheim, A.V. and Schafer, R.W.},
year =         1975,
title =        {Digital Signal Processing },
address =      {New {J}ersey},
publisher =    {Prentice-{H}all, {I}nc.}
}


@inproceedings{OrlitskyEl84,
author =       {A. Orlitsky and A. El Gamal},
title =        {Communication with Secrecy Constraints},
pages =        {217--229},
booktitle =    STOC84,
publisher =    ACM,
address =      {Washington, D.C.},
year =         1984
}


@inproceedings{OrtonRoScPeTa87,
author =       {G.A. Orton and M.P. Roy and P.A. Scott and L.E. Peppard
               and S.E. Tavares},
title =        {{VLSI} implementation of public-key encryption algorithms},
pages =        {277--301},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}

@manual{OSISOpenShop85,
oldtag =       {Osis85},
author =       {{OSIS (Open Shops for Information Services) European
               Working Group}},
year =         1985,
title =        {{OSIS Security Aspects}},
publisher =    {{OSIS}},
address =      {},
month =        {Oct.}
}


@inproceedings{Ostrovsky90,
author =       {Rafail Ostrovsky},
title =        {An efficient software protection scheme},
pages =        {610--611},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{OzarowWy85,
author =       {L.H. Ozarow and A.D. Wyner},
title =        {Wire-Tap Channel {II}},
pages =        {33--50},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@inproceedings{ParikhMa91,
author =       {Shrikant N. Parikh and David W. Matula},
year =         1991,
title =        {A Redundant Binary {Euclidean GCD} Algorithm},
booktitle =    {Proc.\ of the 10th IEEE Symp.\ on Computer Arithmetic},
pages =        {220--225}
}


@inproceedings{Patarin92,
author =       {Jacques Patarin},
title =        {New results on pseudorandom permutation generators
               based on the {DES} scheme},
pages =        {301--312},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}


@inproceedings{PatarinCh94,
author =       {Jacques Patarin and Pascal Chauvaud },
title =        {Improved algorithms for the permuted kernel problem},
pages =        {391--402},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}

@article{Patel8990,
oldtag =       {Patel90},
author =       {Patel, Ahmed},
year =         {1989/90},
title =        {Emerging network security standards in an {OSI} environment},
journal =      {Computer Standards \& Interfaces},
volume =       {9},
pages =        {239--247}
}



@book{Patterson87a,
oldtag =       {Patterson87},
author =       {W. Patterson},
title =        {Mathematical Cryptology for Computer Scientists and
               Mathematicians},
publisher =    {Rowman and Littlefield},
year =         1987
}


@inproceedings{Pedersen92,
author =       {T.P. Pedersen},
title =        {Non-interactive and information-theoretic secure verifiable
               secret sharing},
pages =        {129--140},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}

@techreport{Pedersen95,
author =       {Torben P. Pedersen},
year =         1995,
month =        Aug,
title =        {Electronic Payments of Small Amounts},
number =       {DAIMI PB-495},
institution =  {Aarhus University},
address =      {Computer Science Department, \AA{}rhus, Denmark}
}

@inproceedings{Peralta92,
author =       {Ren\'e Peralta},
title =        {A Quadratic Sieve on the $n$-Dimensional Cube},
pages =        {324--332},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}


@article{Peralta92a,
author =       {Ren\'e Peralta},
title =        {On the distribution of quadratic residues and nonresidues
               modulo a prime number},
journal =      {Mathematics of Computation},
volume =       58,
number =       197,
year =         1992,
pages =        {433--440}
}


@inproceedings{PfitzmannWa92,
author =       {B. Pfitzmann and M. Waidner},
title =        {How To Break And Repair A ``Provably Secure'' Untraceable
               Payment System},
pages =        {338--350},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}


@inproceedings{Pichler83,
author =       {Franz Pichler},
title =        {Analog Scrambling by the General Fast Fourier Transform},
pages =        {173--178},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}

@inproceedings{Pieprzyk85,
author =       {J.P. Pieprzyk},
title =        {Algebraical Structures of Cryptographic Transformations},
pages =        {16--24},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}

@INPROCEEDINGS{PieprzykZh90,
author =       {J. Pieprzyk and X.M. Zhang},
title =        {Permutation Generators of Alternating Groups},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {237--244}
}



@inproceedings{Piper83,
author =       {Fred Piper},
title =        {Stream Ciphers},
pages =        {181--188},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@article{PlackettBu45,
author =       {R.L. Plackett and J.P. Burman},
title =        {The design of optimum multi-factorial experiments},
journal =      {Biometrika},
year =         1945,
volume =       33,
pages =        {305--325}
}


@article{Pless77,
author =       {Pless, V.S.},
year =         {1977},
title =        {Encryption schemes for computer confidentiality},
journal =      {IEEE Transactions on Computers},
volume =       {C-26},
pages =        {1133--1136},
month =        {Nov.}
}


@inproceedings{Plumstead82,
author =       {J. Plumstead},
title =        {Inferring a sequence generated by a linear congruence},
pages =        {153--159},
booktitle =    FOCS82,
publisher =    IEEE,
address =      {Chicago},
year =         1982
}


@inproceedings{Plumstead83b,
oldtag =       {Plumstead83},
author =       {Joan B. Plumstead},
title =        {Inferring a Sequence Produced by a Linear Congruence},
pages =        {317--319},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983,
comment =      {Abstract of the FOCS '82 paper}
}


@article{PohligHe78,
author =       {S. C. Pohlig and M. E. Hellman},
title =        {An improved algorithm for computing logarithms over
               {$GF(p)$} and its cryptographic significance},
journal =      {IEEE Trans.\ Inform.\ Theory},
volume =       {IT-24},
month =        Jan,
year =         1978,
pages =        {106--110}
}


% Following was previously miskeyed as Pollard71
@article{Pollard74,
author =       {J. M. Pollard},
title =        {Theorems on factorization and primality testing},
journal =      {Proc.\ Cambridge Philosophical Society},
volume =       76,
year =         1974,
pages =        {521--528},
comment =      {Contains $p-1$ method of factoring.}
}

@article{Pollard75,
author =       {J. M. Pollard},
title =        {A {Monte Carlo} Method for Factorization},
journal =      {BIT},
year =         1975,
volume =       15,
pages =        {331--334},
comment =      {Introduces ``rho'' heuristic for factorization.}
}

@article{Pomerance81,
author =       {Carl Pomerance},
title =        {On the Distribution of Pseudoprimes},
journal =      {Mathematics of Computation},
year =         1981,
volume =       37,
number =       156,
pages =        {587--593}
}

@incollection{Pomerance82,
author =       {C. Pomerance},
title =        {Analysis and comparison of some integer factoring 
               algorithms},
booktitle =    {Computational Methods in Number Theory},
editor =       {Lenstra, Jr., H. W. and R. Tijdeman},
publisher =    {Math.\ Centrum Tract 154},
address =      {Amsterdam},
year =         1982,
pages =        {89--139}
}

@article{Pomerance82b,
author =       {Carl Pomerance},
title =        {A New Lower Bound for the Pseudoprime Counting Function},
journal =      {Illinois Journal of Mathematics},
volume =       26,
number =       1,
year =         1982,
month =        {Spring},
pages =        {4--9}
}

@inproceedings{Pomerance84b,
oldtag =       {Pomerance84},
author =       {Carl Pomerance},
title =        {The Quadratic Sieve Factoring Algorithm},
booktitle =    {Advances in Cryptology},
series =       {Lecture Notes in Computer Science},
publisher =    {Springer-Verlag},
volume =       209,
year =         1984,
editor =       {T. Beth and N. Cot and I. Ingemarrson},
pages =        {169--182}
}


@inproceedings{Pomerance85,
author =       {Carl Pomerance},
title =        {The Quadratic Sieve Factoring Algorithm},
pages =        {169--182},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@article{Pomerance86a,
oldtag =       {Pomerance86},
author =       {Carl Pomerance},
title =        {On the Number of False Witnesses for a Composite Number},
journal =      {Mathematics of Computation},
volume =       46,
number =       173,
year =         1986,
month =        Jan,
pages =        {259--279}
}

@incollection{Pomerance87,
author =       {Pomerance, C.},
year =         1987,
title =        {Fast, rigorous factorization and discrete logarithm
               algorithms},
booktitle =    {Discrete Algorithms and Complexity},
publisher =    {Academic Press},
editor =       {Johnson, D.S. and Nishizeki, T. and Nozaki, A. and
               Wilf, H.S.},
pages =        {119--143},
address =      {Orlando, FL}
}


@incollection{Pomerance89,
author =       {Carl Pomerance},
title =        {Two Methods in Elementary Analytic Number Theory},
booktitle =    {Number Theory and Applications},
publisher =    {Kluwer Academic Publishers},
year =         1989,
editor =       {R. A. Mollin},
pages =        {135--161}
}

@book{Pomerance90a,
oldtag =       {Pomerance90},
editor =       {Carl Pomerance},
title =        {Proc.\ of the {AMS} Symposia in Applied Mathematics:
               Computational Number Theory and Cryptography},
publisher =    {American Mathematical Society},
year =         {1990}
}

@incollection{Pomerance90aa,
oldtag =       {Pomerance90a},
author =       {Carl Pomerance},
title =        {Cryptology and Computational Number Theory--An Introduction},
booktitle =    {Proc.\ of the AMS Symposia in Applied Mathematics:
               Computational Number Theory and Cryptography},
publisher =    {American Mathematical Society},
year =         {1990},
pages =        {1--12}
}

@incollection{Pomerance90b,
author =       {Carl Pomerance},
title =        {Factoring},
booktitle =    {Proc.\ of the AMS Symposia in Applied Mathematics:
               Computational Number Theory and Cryptography},
publisher =    {American Mathematical Society},
year =         {1990},
pages =        {27--47}
}

@article{CSeWa80,
oldtag =       {PomeranceSeWa80},
author =       {Pomerance C. and J. L. Selfridge and Wagstaff, Jr.,
               S.},
title =        {The pseudoprimes to $25\cdot 10^{9}$},
journal =      {Mathematics of Computation},
year =         1980,
month =        Jul,
volume =       35,
number =       151,
pages =        {1003--1026}
}

@article{PomeranceSmTu88,
author =       {C. Pomerance and J. W. Smith and R. Tuler},
title =        {A Pipeline Architecture for Factoring Large Integers
               with the Quadratic Sieve Algorithm},
journal =      {SIAM J. Computing},
volume =       17,
number =       2,
year =         1988,
month =        Apr,
pages =        {387--403}
}


@inproceedings{PomeranceSmWa84,
author =       {Carl Pomerance and J.W. Smith and S.S. Wagstaff, Jr.},
title =        {New Ideas for Factoring Large Integers},
pages =        {81--85},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}


@inproceedings{Porter82,
author =       {Sig Porter},
title =        {A Pasword Extension for Improved Human Factors},
pages =        {81--81},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@phdthesis{Preneel93,
author =       {Preneel, B.},
title =        {Analysis and design of cryptographic hash functions},
school =       {Katholieke Universiteit Leuven},
year =         {1993}
}


@inproceedings{PreneelBoGoVa90,
author =       {Bart Preneel and Antoon Bosselaers and Ren\'e Govaerts
               and Joos Vandewalle},
title =        {A chosen text attack on the modified cryptographic
               checksum algorithm of {Cohen and Huang}},
pages =        {154--163},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}

@inproceedings{PreneelGoVa93,
author =       {Preneel, B. and Govaerts, R. and Vandewalle, J.},
year =         {1993},
title =        {On the power of memory in the design of collision 
               resistant hash functions},
booktitle =    {Advances in Cryptology --- Auscrypt '92},
editor =       {J. Seberry and Y. Zheng},
publisher =    {Springer-Verlag},
address =      {Berlin},
pages =        {105--121}
}

@inbook{PreneelGoVa91,
oldtag =       {PreneelGoVa93a},
author =       {B. Preneel and R. Govaerts and J. Vandewalle},
title =        {Information authentication: hash functions and digital
               signatures},
publisher =    {Lecture Notes in Computer Science, 1993, No.\ 741},
note =         {Computer Security and Industrial Cryptography, State
               of the Art and Evolution, ESAT Course},
month =        May,
year =         1991,
pages =        {87--131}
}


@inproceedings{PreneelGoVa94,
author =       {Bart Preneel and Ren\'e Govaerts and Joos Vandewalle},
title =        {Hash functions based on block ciphers: a synthetic
               approach},
pages =        {368--378},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}

@inproceedings{PreneelLeLiGoVa91,
author =       {Preneel, B. and Leekwijck, W. Van and Linden, L. Van
               and Govaerts, R. and Vandewalle, J.},
year =         {1991},
title =        {Propagation characteristics of {B}oolean functions},
booktitle =    {Advances in Cryptology --- Eurocrypt '90},
editor =       {I.B. Damg{\aa}rd},
pages =        {161--173},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@inproceedings{PreneelNuRiBu94,
author =       {Bart Preneel and Marnix Nuttin and Vincent Rijmen 
               and Johan Buelens},
title =        {Cryptanalysis of the CFB mode of the DES with a reduced
               number of rounds},
pages =        {212--223},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}

@inproceedings{PreneelOo95,
author =       {Bart Preneel and Paul C. van Oorschot},
title =        {{MDx-MAC} and Building Fast {MAC}s from Hash Functions},
pages =        {1--14},
booktitle =    CRYPTO94,
editor =       {Don Coppersmith},
note =         {Lecture Notes in Computer Science No.\ 963},
publisher =    {Springer},
year =         1995
}

@misc{PreneelRi94,
author =       {Preneel, B. and Rijmen, V.},
year =         {1994},
month =        {May},
title =        {On using maximum likelihood to optimize recent cryptanalytic
               techniques},
note =         {Presented at rump session, Eurocrypt '94}
}


@article{PreparataVu90,
author =       {Franco P. Preparata and Jean E. Vuillemin},
title =        {Practical Cellular Dividers},
journal =      {IEEE Transactions on Computers},
volume =       39,
number =       5,
year =         1990,
month =        May,
pages =        {605--614}
}


@inproceedings{Presttun88,
author =       {K\'are Presttun},
title =        {Integrating cryptography in {ISDN}},
pages =        {9--18},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@misc{Price87,
author =       {W. L. Price},
title =        {Annontated bibliographies of cryptography},
note =         {Published as National Physical Laboratories technical
               reports since 1978},
address =      {Teddington, England}
}


@inproceedings{Price88,
author =       {Wyn L. Price},
title =        {Standards for data security - a change of direction},
pages =        {3--8},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{Price90,
author =       {Wyn L. Price},
title =        {Progress in data security standardization},
pages =        {620--623},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}

@inproceedings{Proctor85,
author =       {Proctor, N.},
title =        {A self-synchronizing cascaded cipher system with dynamic
               control of error-propagation},
pages =        {174--190},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}

@article{Purdy74,
author =       {Purdy, George B.},
title =        {A High Security Log-in Procedure},
journal =      CACM,
year =         1974,
month =        Aug,
volume =       17,
number =       8,
pages =        {442--445}
}


@inproceedings{PurdySiSt82,
author =       {George G. Purdy and Gus Simmons and James Studier},
title =        {Software Protection Using ``Communal Key Cryptosystems''},
pages =        {79--79},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@article{Qinn94,
author =       {Kathleen A.S. Quinn},
year =         1994,
title =        {Some Constructions for Key Distribution Patterns},
journal =      {Designs, Codes and Cryptography},
volume =       {4},
pages =        {177--191}
}

@article{QuisquaterDe91,
oldtag =       {Quisquater91},
author =       {Jean-Jacques Quisquater and Yvo G. Desmedt},
title =        {Chinese Lotto as an Exhaustive Code-Breaking Machine},
journal =      {Computer},
volume =       24,
number =       11,
year =         1991,
month =        Nov,
pages =        {14--22}
}

@inproceedings{Quisquater88,
author =       {Jean-Jacques Quisquater},
title =        {Secret distribution of keys for public-key systems},
pages =        {203--208},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}

@article{QuisquaterCo82,
author =       {Quisquater, J.-J. and Couvreur, C.},
title =        {Fast decipherment algorithm for {RSA} public-key cryptosystem},
journal =      {Electronics Letters},
volume =       18,
number =       21,
pages =        {905-907},
year =         1982
}

@inproceedings{QuisquaterDe88,
author =       {Jean-Jacques Quisquater and Jean-Paul Delescaille},
title =        {Other cycling tests for {DES}},
pages =        {255--256},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{QuisquaterDe90,
author =       {Jean-Jacques Quisquater and Jean-Paul Delescaille},
title =        {How easy is collision search. New results and applications
               to {DES}},
pages =        {408--415},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{QuisquaterDeDa86,
author =       {J.-J. Quisquater and Yvo Desmedt and Marc Davio},
title =        {The Importance of ``Good'' Key Scheduling Schemes 
               (How to Make a Secure {DES} Scheme with $\leq$ 48 Bit
               Keys)},
pages =        {537--542},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}


@inproceedings{QuisquaterGi90,
author =       {Quisquater, J.-J. and Girault, M.},
year =         {1990},
title =        {$2n-bit$ hash-functions using $n-bit$ symmetric block
               cipher algorithms},
booktitle =    {Advances in Cryptology --- Eurocrypt '89},
editor =       {Quisquater, J.J. and Vandewalle, J.},
pages =        {102--109},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@inproceedings{QuisquaterQuQuQuGuGu90,
oldtag =       {QuisquaterQuQuQuGuGuGuGuGuGuBe90},
author =       {Jean-Jacques Quisquater and Myriam Quisquater and Muriel
               Quisquater and Michael Quisquater and Louis Guillou
               and Marie Annick Guillou and Gaiid Guillou and Anna
               Guillou and Gwenol/'e Guillou and Soazig Guillou and
               Tom Berson},
title =        {How to explain zero-knowledge protocols to your children},
pages =        {628--631},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{Rabin78a,
oldtag =       {Rabin78},
author =       {M. O. Rabin},
title =        {Digitalized Signatures},
booktitle =    {Foundations of Secure Computation},
year =         1978,
publisher =    {Academic Press},
editor =       {Richard A. DeMillo and David P. Dobkin and Anita K.
               Jones and Richard J. Lipton},
pages =        {155--168}
}

@techreport{Rabin79,
author =       {M. Rabin},
title =        {Digitalized Signatures as Intractable as Factorization},
institution =  {MIT Laboratory for Computer Science},
number =       {MIT/LCS/TR-212},
month =        Jan,
year =         1979
}

@TechReport{Rabin79a,
author =       {Michael Rabin},
institution =  {Laboratory for Computer Science, Massachusetts Institute
               of Technology},
title =        {Digitalized Signatures and Public-Key Functions as
               Intractable as Factorization},
year =         1979,
month =        {January},
number =       {MIT/LCS/TR-212}
}

@article{Rabin80a,
author =       {M. Rabin},
title =        {Probabilistic Algorithms for Testing Primality},
journal =      {J. Number Theory},
volume =       12,
year =         1980,
pages =        {128--138}
}

@article{Rabin80b,
author =       {M. Rabin},
title =        {Probabilistic Algorithms in Finite Fields},
journal =      {SIAM J.\ Computing},
volume =       9,
month =        May,
year =         1980,
pages =        {273--280}
}

@techreport{Rabin81,
author =       {M. Rabin},
title =        {How to exchange secrets by oblivious transfer},
institution =  {Harvard Aiken Computation Laboratory},
number =       {TR-81},
year =         1981
}

@techreport{Rabin81b,
author =        {Michael O. Rabin},
title =         {Fingerprinting by Random Polynomials},
institution =   {Harvard Aiken Computation Laboratory},
number =        {TR-15-81},
year =          1981
}

@inproceedings{RabinTy89, 
author =	{M. Rabin and J.D. Tygar},
title = 	{An Integrated Toolkit for Operating System Security},
booktitle = 	{Third International Conference on Foundations of Data 
			Organization and Algorithms}, 
editor = 	{W. Litwin and H. J. Schek},
publisher = 	{Springer-Verlag}, 
pages = 	{2--15},
month = 	{June}, 
year = 		1989
}
% note: not in file cabinet yet


@inproceedings{Rackoff88,
oldtag =       {Rackoff90},
author =       {C. Rackoff},
title =        {A Basic Theory of Public and Private Cryptosystems},
pages =        {249--255},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{RackoffSi92,
author =       {C. Rackoff and D.R. Simon},
title =        {Non-interactive zero-knowledge proof of knowledge 
               and chosen ciphertext attack},
pages =        {433--444},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}


@inproceedings{Rankine87,
author =       {Gordon Rankine},
title =        {{THOMAS} - A complete single chip {RSA} device},
pages =        {480--487},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@inproceedings{Rao88,
author =       {T.R.N. Rao},
title =        {On {Struik-Tilburg} cryptanalysis of {Rao-Nam} scheme},
pages =        {458--460},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{RaoNa87,
author =       {T.R.N. Rao and Kil-Hyun Nam},
title =        {Private-Key Algebraic-Coded Cryptosystems},
pages =        {35--48},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@article{Reeds77,
author =       {Reeds, J.A.},
year =         1977,
title =        {{`Cracking'} a Random Number Generator},
journal =      {Cryptologia},
volume =       1,
month =        {January}
}


@inproceedings{ReedsMa85,
author =       {J.A. Reeds and J.L. Manferdelli},
title =        {{DES} Has No Per Round Linear Factors},
pages =        {377--389},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}



@inproceedings{ReedsSl84a,
oldtag =       {ReedsSl84},
author =       {J.A. Reeds and N.J.A. Sloane},
title =        {Shift-Register Synthesis (Modula $m$)},
pages =        {249--249},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}


@article{ReedsSl85,
author =       {Reeds, J.A. and Sloane, N.J.A. },
year =         1985,
title =        {Shift Register Synthesis (Modulo {\it m})},
journal =      {SIAM Journal on Computing},
volume =       14,
number =       3,
pages =        {505--513}
}


@inproceedings{ReifTy86,
author =       {J.H. Reif and J.D. Tygar},
title =        {Efficient Parallel Pseudo-Random Number Generation},
pages =        {433--446},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}


@article{ReifTy88,
author =       {J.H. Reif and J.D. Tygar},
title =        {Efficient Parallel Pseudorandom Number Generation},
journal =      {SIAM J. Computing},
year =         1988,
month =        Apr,
volume =       17,
number =       2,
pages =        {404--411}
}

@book{Riesel85,
author =       {Riesel, Hans},
title =        {Prime Numbers and Computer Methods for Factorization},
publisher =    {Birkh{\"{a}}user},
series =       {Progress in Mathematics},
year =         1985
}

@manual{RIPEConsorti93,
oldtag =       {RIPE93},
author =       {{RIPE Consortium}},
year =         {1993},
title =        {Final report of {RACE} 1040},
month =        {April},
organization = {Centrum voor Wiskunde en Informatica},
note =         {Report {CS}-{R}9324}
}


@article{Rivest78,
author =       {Rivest, Ronald L.},
title =        {Remarks on a Proposed Cryptanalytic Attack of the {M.I.T.}
               Public-Key Cryptosystem},
journal =      {Cryptologia},
volume =       2,
number =       1,
year =         1978,
month =        Jan,
pages =        {62-65}
}

@article{Rivest79,
author =       {Ronald L. Rivest},
title =        {Critical Remarks on `{S}ome Critical Remarks on Public-Key
               Cryptosystems' by {Herlestam}},
journal =      {BIT},
volume =       19,
year =         1979,
pages =        {274--275}
}

@inproceedings{Rivest83,
author =       {Ronald L. Rivest},
title =        {A Short Report on the {RSA} Chip},
pages =        {327--327},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@inproceedings{Rivest85a,
oldtag =       {Rivest85},
author =       {Ronald L. Rivest},
title =        {{RSA} Chips (Past/Present/Future)},
pages =        {159--165},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@incollection{Rivest90,
author =       {Ronald L. Rivest},
title =        {Cryptography},
booktitle =    {Handbook of Theoretical Computer Science (Volume A:
               Algorithms and Complexity)},
publisher =    {Elsevier and MIT Press},
year =         1990,
editor =       {Jan van Leeuwen},
pages =        {717--755},
chapter =      {13}
}

@techreport{Rivest90b,
author =       {Ronald L. Rivest},
title =        {The {MD4} Message Digest Algorithm},
institution =  {MIT Laboratory for Computer Science},
number =       {MIT/LCS/TM-434},
month =        Oct,
year =         1990
}

@misc{Rivest90c,
title =        {The {MD4} Message-Digest Algorithm},
author =       {Ronald L. Rivest},
howpublished = {Internet Request for Comments},
month =        Oct,
year =         1990,
note =         {RFC 1186; obsoleted by RFC 1320}
}

@inproceedings{Rivest91-4,
author =       {Ronald L. Rivest},
title =        {Finding Four Million Large Random Primes},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer},
year =         1991,
pages =        {625--626}
}

@inproceedings{Rivest91a,
author =       {Ronald L. Rivest},
title =        {The {MD4} Message Digest Algorithm},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer},
year =         1991,
pages =        {303--311}
}

@misc{Rivest91b,
author =       {Rivest, R.L.},
year =         {1991},
month =        {March},
title =        {The {RSA} Factoring Challenge},
note =         {Presented at {DIMACS}}
}

@inproceedings{Rivest93,
oldtag =       {Rivest91c},
author =       {R.L. Rivest},
title =        {Cryptography and machine learning},
booktitle =    ASIACRYPT91,
year =         1993,
editor =       {H. Imai and R.L. Rivest and T. Matsumoto},
series =       {Lecture Notes in Computer Science},
volume =       739,
publisher =    {Springer-Verlag},
pages =        {427--439}
}

@article{Rivest92a,
title =        {Responses to {NIST}'s Proposal},
author =       {Ronald L. Rivest},
journal =      {Communications of the ACM},
month =        Jul,
year =         1992,
volume =       35,
number =       7,
pages =        {41--47}
}

@misc{Rivest92b,
title =        {The {MD4} Message-Digest Algorithm},
author =       {Ronald L. Rivest},
howpublished = {Internet Request for Comments},
month =        Apr,
year =         1992,
note =         {RFC 1320; obsoletes RFC 1186}
}


@misc{Rivest92c,
title =        {The {MD5} Message-Digest Algorithm},
author =       {Ronald L. Rivest},
howpublished = {Internet Request for Comments},
month =        Apr,
year =         1992,
note =         {RFC 1321}
}

@manual{Rivest92d,
author =       {Rivest, R.L.},
year =         {1992},
title =        {The {RC2} Encryption Algorithm},
month =        {March 12,},
organization = {RSA Data Security, Inc.},
note =         {(Proprietary)}
}

@manual{Rivest92e,
author =       {Rivest, R.L.},
year =         {1992},
title =        {The {RC4} Encryption Algorithm},
month =        {March 12,},
organization = {RSA Data Security, Inc.},
note =         {(Proprietary)}
}

@manual{Rivest92f,
author =       {Rivest, R.L.},
year =         1992,
title =        {{RFC} 1320: The {MD4 Message-Digest Algorithm}},
month =        {April},
organization = {Internet Activities Board}
}


@unpublished{Rivest92g,
author =       {Rivest, R.L.},
year =         1992,
title =        {The difficulty of factoring},
month =        {January 9,},
note =         {RSA Data Security, Inc}
}


@inproceedings{Rivest95a,
author =       {Ronald L. Rivest},
title =        {The {RC5} Encryption algorithm},
pages =        {86--96},
booktitle =    {Fast Software Encryption},
editor =       {Bart Preneel},
publisher =    {Springer},
year =         1995,
note =         {(Proceedings Second International Workshop,
                 Dec.\ 1994, Leuven, Belgium)}
}

@unpublished{Rivest96a,
author =       {Ronald L. Rivest},
title =        {All-Or-Nothing Encryption},
year =         1996,
note =         {(Preliminary version posted on the Web by Rivest.)}
}

@unpublished{Rivest96b,
author =       {Ronald L. Rivest},
title =        {Multi-Grade Cryptography},
year =         1996,
note =         {(Preliminary version posted on the Web by Rivest.)}
}

@unpublished{RivestLa96,
author =       {Ronald L. Rivest and Butler Lampson},
title =        {SDSI--A Simple Distributed Security Infrastructure},
note =         {(see SDSI web page at
		{\tt http://theory.lcs.mit.edu/~cis/sdsi.html})}
}

@inproceedings{RivestSh83,
author =       {Ronald L. Rivest and Alan T. Sherman},
title =        {Randomized Encryption Techniques},
pages =        {145--163},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@article{RivestSh84,
author =       {R. L. Rivest and A. Shamir},
title =        {How to Expose an Eavesdropper},
journal =      CACM,
volume =       27,
month =        Apr,
year =         1984,
pages =        {393--395}
}


@unpublished{RivestSh95,
author =       {Ronald L. Rivest and Adi Shamir},
title =        {PayWord and MicroMint: Two simple micropayment schemes},
year =         1995,
note =         {(A preliminary version has appeared in CryptoBytes 3,1
                 (Spring 1996), pages 7--11.  The full version is posted
                 by Rivest on the Web.)}
}

@unpublished{RivestSh96,
author =       {Ronald L. Rivest and Adi Shamir and David A. Wagner},
title =        {Time-lock Puzzles and Timed-Release Cryptography},
note =         {(Preliminary version posted on the web by Rivest.)}
}

@article{RivestShAd78,
author =       {Ronald L. Rivest and Adi Shamir and Leonard M. Adleman},
title =        {A Method for Obtaining Digital Signatures and Public-Key
               Cryptosystems},
journal =      CACM,
year =         1978,
mon =          feb,
volume =       21,
number =       2,
pages =        {120--126}
}


@techreport{Robshaw93,
author =       {Robshaw, M.J.B.},
institution =  {RSA Laboratories},
year =         1993,
month =        {June},
version =      {2.0},
title =        {Implementation of the Search for Pseudo-Collisions
               in {MD5}},
number =       {TR - 103}
}


@techreport{Robshaw93a,
author =       {Robshaw, M.J.B.},
institution =  {RSA Laboratories},
year =         1993,
month =        {July},
title =        {The Final Report of {RACE} 1040: A Technical Summary},
number =       {TR - 9001}
}

@techreport{Robshaw93b,
author =       {Robshaw, M.J.B.},
institution =  {RSA Laboratories},
year =         1993,
month =        {October},
title =        {Recent proposals to implement {Fair Cryptography}},
number =       {TR - 301}
}

@techreport{Robshaw94,
author =       {Robshaw, M.J.B.},
institution =  {RSA Laboratories},
year =         1994,
version =      {3.0},
month =        {July},
title =        {{MD2, MD4, MD5, SHA} and other Hash Functions},
number =       {TR 101}
}

@techreport{Robshaw94a,
author =       {Robshaw, M.J.B.},
institution =  {RSA Laboratories},
year =         1994,
month =        {July},
version =      {1.1},
title =        {On Pseudo-Collisions in {MD5}},
number =       {TR - 102}
}

@techreport{Robshaw94b,
author =       {Robshaw, M.J.B.},
institution =  {RSA Laboratories},
year =         1994,
month =        {July},
title =        {Block Ciphers},
number =       {TR - 601}
}

@techreport{Robshaw94c,
author =       {Robshaw, M.J.B.},
institution =  {RSA Laboratories},
year =         1994,
month =        {July},
title =        {Stream Ciphers},
number =       {TR - 701}
}

@article{Robshaw94d,
author =       {Robshaw, M.J.B.},
year =         1994,
title =        {On Evaluating the Linear Complexity of a Sequence of
               Least Period $2^n$},
journal =      {Designs, Codes and Cryptography},
volume =       4,
pages =        {263--269}
}

@manual{Roe93,
author =       {Roe, Michael},
institution =  {Cambridge University},
year =         1993,
month =        {July},
title =        {New Modes of Operation for a $k$-bit Block Cipher},
note =         {Version 0.2}
}


@inproceedings{Roe94,
author =       {Roe, M.},
year =         {1994},
title =        {Performance of Symmetric Ciphers and One-Way Hash Functions},
booktitle =    {Fast Software Encryption},
editor =       {Ross Anderson},
series =       {Lecture Notes in Computer Science},
volume =       809,
publisher =    {Springer-Verlag},
address =      {Berlin},
pages =        {83--89}
}


@inproceedings{RogawayCo94,
author =       {Phillip Rogaway and Don Coppersmith},
title =        {A Software-Optimized Encryption Algorithm},
booktitle =    {Fast Software Encryption},
editor =       {Ross Anderson},
note =         {Lecture Notes in Computer Science 809},
comment =      {Proc.\ of the Cambridge Security Workshop, December
               9--11, 1993},
publisher =    {Springer-Verlag},
year =         1994,
pages =        {56--63}
}

@inproceedings{Rompel90,
author =       {Rompel, John},
title =        {One-Way Functions are Necessary and Sufficient for
               Secure Signatures},
booktitle =    STOC90,
publisher =    ACM,
address =      {Baltimore, Maryland},
year =         1990,
pages =        {387--394}
}

@book{Ronce84,
author =       {Ronce, C.A.},
year =         1984,
title =        {Feedback Shift Registers},
series =       {Lecture Notes in Computer Science},
volume =       169,
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@book{Rosen93,
author =       {K.H. Rosen},
title =        {Elementary Number Theory and its Applications, (Third
               Edition)},
publisher =    {Addison Wesley},
year =         1993
}


@article{Rotenberg93,
author =       {Marc Rotenberg},
title =        {Communications Privacy: Implications for Network Design},
journal =      {Communications of the ACM},
month =        Aug,
year =         1993,
volume =       36,
number =       8,
pages =        {61--68}
}

@article{Rothaus76,
author =       {Rothaus, O.S.},
year =         1976,
title =        {On bent functions},
journal =      {Journal of Combinatorial Theory},
volume =       {Series A, 20},
pages =        {300--305}
}


@manual{RSADataSecur91,
oldtag =       {RSADSI91},
author =       {{RSA Data Security, Inc.}},
year =         1991,
month =        {June},
title =        {{PKCS} \#1: {RSA} Encryption Standard},
note =         {Version 1.4}
}

@manual{RSADataSecur91a,
oldtag =       {RSADSI91a},
author =       {{RSA Data Security, Inc.}},
year =         1991,
month =        {June},
title =        {{PKCS} \#3: {Diffie-Hellman} Key Agreement Standard},
note =         {Version 1.3}
}

@manual{RSADataSecur91b,
oldtag =       {RSADSI91b},
author =       {{RSA Data Security, Inc.}},
year =         1991,
month =        {June},
title =        {{PKCS} \#5: Password-Based Encryption Standard},
note =         {Version 1.4}
}

@manual{RSADataSecur91c,
oldtag =       {RSADSI91c},
author =       {{RSA Data Security, Inc.}},
year =         1991,
month =        {June},
title =        {{PKCS} \#7: Cryptographic Message Syntax Standard},
note =         {Version 1.4}
}


@article{Rubin87,
author =       {Rubin, F.},
year =         1987,
title =        {Foiling an Exhaustive Key-Search Attack},
journal =      {Cryptologia},
volume =       11,
number =       2,
month =        {April},
pages =        {102--107}
}


@phdthesis{Rueppel84,
author =       {Rueppel, R.A.},
title =        {New Approaches to Stream Ciphers},
school =       {Swiss Federal Institute of Technology, Zurich},
year =         {1984}
}

@book{Rueppel86,
author =       {Rueppel, R.A.},
year =         1986,
title =        {Analysis and Design of Stream Ciphers},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@inproceedings{Rueppel86a,
author =       {Rainer A. Rueppel},
year =         {1986},
title =        {Correlation immunity and the summation generator},
booktitle =    {Advances in Cryptology --- Crypto '85},
editor =       {H.C. Williams},
pages =        {260--272},
publisher =    {Springer-Verlag},
address =      {New York}
}

@inproceedings{Rueppel88,
author =       {Rueppel, R.A.},
year =         1988,
title =        {When shift registers clock themselves},
booktitle =    {Advances in Cryptology --- Eurocrypt '87},
editor =       {Chaum, D. and Price, W.L.},
publisher =    {Springer-Verlag},
address =      {Berlin},
pages =        {53--64}
}


@article{RueppelSt87,
oldtag =       {Rueppelst87},
author =       {Rueppel, R.A. and Staffelbach, O.J.},
year =         1987,
title =        {Products of Linear Recurring Sequences with Maximum
               Complexity},
journal =      {IEEE Transactions on Information Theory},
volume =       {IT-33},
number =       {1},
pages =        {124--131}
}



@unpublished{RueppelVa94,
author =       {R.A. Rueppel and P.C. Van Oorschot},
title =        {Modern key agreement techniques},
year =         1994,
note =         {To appear in Computer Communications}
}


@inproceedings{Ruggiu85,
author =       {G. Ruggiu},
title =        {Cryptology and Complexity Theories},
pages =        {3--10},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}

@article{RushbyRa83,
author = 	{J. Rushby and B. Randall},
title = 	{A Distributed Secure System},
journal = 	{IEEE Computer},
volume =	16,
number =	7,
year =		1983
}


@inproceedings{Russell92,
author =       {Alexander C. Russell},
title =        {Necessary and Sufficient Conditions For Collision-Free
               Hashing},
pages =        {433-441},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}

@book{RussellSr91,
oldtag =       {RussellGa91},
author =       {Russell, Deborah and G.T. Gangemi Sr.},
year =         1991,
title =        {Computer Security Basics},
publisher =    {O'Reilly and Associates},
address =      {Sebastopol, CA}
}



@inproceedings{SachsBe84,
author =       {Joel E. Sachs and Shimshon Berkovits},
title =        {Probabilistic Analysis and Performance Modelling of
               the `Swedish' Algorithm and Modifications},
pages =        {253--273},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}


@INPROCEEDINGS{Safavi-Naini90,
oldtag =       {Safavi90},
author =       {R. Safavi-Naini},
title =        {Parallel Generation of Pseudo-Random Sequences},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {176--193}
}


@inproceedings{SakoKi94,
author =       {Kazue Sako and Joe Kilian},
title =        {Secure voting using partially compatible homomorphisms},
pages =        {411--424},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}


@inproceedings{SakuraiIt92,
author =       {Kouichi Sakurai and Toshiya Itoh},
title =        {On the Discrepancy between Serial and Parallel of Zero-Knowledge
               Protocols},
pages =        {246--259},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}


@book{Salomaa90,
author =       {Arto Salomaa},
title =        {Public-Key Cryptography},
publisher =    {Springer-Verlag},
year =         1990
}

@article{Saltzer74,
author =	{J.H. Saltzer},
title = 	{Protection and the Control of Information 
			Sharing in Multics},
journal = 	{Communications of the ACM},
volume = 	17,
number = 	7,
pages = 	{388--402},
year = 		1974
}


@article{SaltzerSc75,
author =	{J.H. Saltzer and M.D. Schroeder},
title = 	{The Protection of Iformation in Computer System},
journal = 	{Proceedings of the IEEE},
volume = 	63,
number =	9,
pages =		{1278--1308},
year =		1975
}



@article{Sanders81,
author =       {S. Sanders},
title =        {Data privacy: what {Washington} doesn't want you to
               know},
journal =      {Reason},
month =        Jan,
year =         1981,
pages =        {24--37}
}


@article{SandhuSa94,
author =       {Ravi S. Sandhu and Pierrangela Samarati},
title =        {Access Control: Principles and Practice},
journal =      {IEEE Communications Magazine},
month =        Sep,
year =         1994,
volume =       32,
number =       9,
pages =        {40--48}
}

@article{SandhuCoFeYo96,
author =       {Ravi S. Sandhu and Edward J. Coyne and 
                Hal L. Feinstein and Charles E. Youman},
title =        {Role-Based Access Control Models},
journal =      {IEEE Computer},
month =        Feb,
year =         1996,
volume =       29,
number =       2,
pages =        {38--47}
}

@inproceedings{SanthaVa84,
author =       {M. Santha and U. V. Vazirani},
title =        {Generating Quasi-Random Sequences from Slightly-Random
               Sources},
pages =        {434--440},
booktitle =    FOCS84,
publisher =    IEEE,
address =      {Singer Island},
year =         1984
}


@article{SanthaVa86,
author =       {M. Santha and U. V. Vazirani},
title =        {Generating quasi-random sequences from semi-random
               sources},
journal =      {Journal of Computer and Systems Sciences},
volume =       33,
year =         1986,
pages =        {75--87}
}


@inproceedings{SattlerSc83,
author =       {J. Sattler and C.P. Schnorr},
title =        {Ein Effizienzvergleich der Faktorisierungsverfahren
               von Morrison-Brillhart und Schroeppel},
pages =        {331--351},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@inproceedings{Sauerbrey93,
author =       {{J\"{o}rg} Sauerbrey},
title =        {A modular exponentation unit based on systolic arrays},
year =         1993,
booktitle =    {Advances in Cryptology --- Auscrypt '92},
editor =       {J. Seberry and Y. Zheng},
publisher =    {Springer-Verlag},
address =      {Berlin},
pages =        {505--516}
}



@inproceedings{SchanningKo82a,
oldtag =       {SchanningKo82},
author =       {Brian P. Schanning and J. Kowalchuk},
title =        {Memo: A Hybrid Approach to Encrypted Electronic Mail},
pages =        {64--64},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@inproceedings{Schaumuller-83,
oldtag =       {Schaumuller-bichl83},
author =       {Schaumuller-Bichl, I.},
year =         1983,
title =        {Cryptanalysis of the {D}ata {E}ncryption {S}tandard
               by a method of formal coding},
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
pages =        {235--255},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}

@techreport{Schaumuller-83a,
oldtag =       {Schaumuller-bichl83a},
author =       {Schaumuller-Bichl, I.},
year =         1983,
title =        {On the design and analysis of new cipher systems related
               to the {DES}},
institution =  {Linz {U}niversity}
}


@inproceedings{Schaumuller-Pi85,
oldtag =       {Schaumuller-bichlPi85},
author =       {Ingrid Schaumuller-bichl and Ernst Piller},
title =        {A Method of Software Protection Based on the Use of
               Smart Cards and Cryptographic Techniques},
pages =        {446--454},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}

@article{Schiller94,
author =       {J.I. Schiller},
title =        {Secure distributed computing},
journal =      {Scientific American},
volume =       271,
number =       5,
year =         1994,
pages =        {72--76}
}



@book{Schmucker84,
author =       {K.J. Schmucker},
title =        {Fuzzy Sets, Natural Language Computations, 
		and Risk Analysis},
publisher =    {Computer Science Press},
year =         1984
}


@article{Schneier91,
author =       {Bruce Schneier},
title =        {One-Way Hash Functions, Using cryptographic algorithms
               for hashing},
journal =      {Dr. Dobb's Journal},
year =         1991,
month =        Sep,
pages =        {148--151}
}

@article{Schneier92,
author =       {Bruce Schneier},
title =        {Untangling Public-Key Cryptography},
journal =      {Dr. Dobb's Journal},
year =         1992,
month =        May,
pages =        {16--28}
}

@book{Schneier93,
author =       {Schneier, B.},
year =         1993,
title =        {Applied Cryptography: Protocols, Algorithms, and Source
               Code in {C}},
publisher =    {John Wiley \& Sons},
address =      {New York}
}


@book{Schneier94,
author =       {Bruce Schneier},
title =        {Applied Cryptography},
publisher =    {John Wiley \& Sons},
year =         {1994}
}


@article{Schneier94a,
author =       {Bruce Schneier},
title =        {The Blowfish Encryption Algorithm},
journal =      {Dr. Dobb's Journal},
year =         1994,
month =        Apr,
pages =        {38--40}
}


@article{Schneier94b,
author =       {Bruce Schneier},
title =        {The Cambridge Algorithms Workshop},
journal =      {Dr. Dobb's Journal},
year =         1994,
month =        Apr,
pages =        {18--24}
}


@article{Schneier95,
author =       {Bruce Schneier},
title =        {The {GOST} Encryption Algorithm},
journal =      {Dr. Dobb's Journal},
year =         1995,
month =        Jan,
pages =        {123--124}
}

@book{Schneier96,
author =       {Bruce Schneier},
title =        {Applied Cryptography (Second Edition)},
publisher =    {John Wiley \& Sons},
year =         {1996}
}

@inproceedings{Schnorr83,
author =       {C.P. Schnorr},
title =        {Is the {RSA}-Scheme Safe?},
pages =        {325--329},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@inproceedings{Schnorr90,
author =       {C. P. Schnorr},
title =        {Efficient Identification and Signatures for Smart Cards},
pages =        {239--252},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer},
year =         1990
}

@article{Schnorr91,
author =       {C. P. Schnorr},
title =        {Efficient signature generation by smart cards},
journal =      {Journal of Cryptology},
year =         1991,
volume =       4,
pages =        {161--174}
}


@inproceedings{Schnorr92,
author =       {Schnorr, C.P.},
year =         1992,
title =        {{FFT}-Hashing, An Efficient Cryptographic Hash Function},
booktitle =    {Advances in Cryptology --- Crypto '91},
editor =       {J. Feigenbaum},
pages =        {Presented at Rump Session},
publisher =    {Springer-Verlag},
address =      {New York}
}

@inproceedings{Schnorr93,
author =       {Schnorr, C.P.},
year =         1993,
title =        {{FFT}-Hash {II}, Efficient Cryptographic Hashing},
booktitle =    {Advances in Cryptology --- Eurocrypt '92},
editor =       {R.A. Rueppel},
pages =        {45--54},
publisher =    {Springer-Verlag},
address =      {Berlin}
}



@inproceedings{SchnoorAl85,
oldtag =       {SchnorrAl85},
author =       {C.P. Schnoor and W. Alexi},
title =        {{RSA}-Bits are $0.5 + \epsilon$ Secure},
pages =        {113-126},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@article{SchnorrLe84,
author =       {Schnorr, C. P. and Lenstra, Jr., H. W.},
title =        {A {M}onte {C}arlo factoring algorithm with linear storage},
journal =      {Mathematics of Computation},
year =         1984,
volume =       43,
pages =        {289--312}
}

@inproceedings{SchnorrVa94,
author =       {C. P. Schnorr and S. Vaudenay},
title =        {Black Box Cryptanalysis of Hash Networks based on
                Multipermutations},
booktitle =    {EUROCRYPT94},
year =         1994
}


@inproceedings{SchnobiMa83,
oldtag =       {SchobiMa89},
author =       {P. Schnobi and J.L. Massey},
title =        {Fast Authentication in a Trapdoor-Knapsack Public Key
               Cryptosystem},
pages =        {289--306},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}

@inproceedings{SchriftSh91,
author =       {A.W. Schrift and A. Shamir},
title =        {On the Universality of the Next Bit Test},
pages =        {394--408},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}


@inproceedings{SchroeppelSh79,
author =       {R. Schroeppel and A. Shamir},
title =        {A {$T S^2 = O(2^n)$} time/space tradeoff for certain
               {NP}-complete problems},
pages =        {328--336},
booktitle =    FOCS79,
publisher =    IEEE,
address =      {San Juan, Puerto Rico},
year =         1979
}


@inproceedings{Schuchmann83,
author =       {H.-R. Schuchmann},
title =        {Enigma Variations},
pages =        {65--68},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}

@book{Schweitzer83,
author =       {Schweitzer, James A.},
year =         1983,
title =        {Protection Information in the Electronic Workplace:
               A Guide for Managers},
publisher =    {Prentice-Hall},
address =      {Reston, VA}
}


@book{SeberryPi89,
author =       {J. Seberry and J. Pieprzyk},
title =        {Cryptography: An Introduction to Computer Security},
publisher =    {Prentice-Hall},
year =         {1989}
}


@book{SeberryPi90,
author =       {J. Seberry and J. Pieprzyk},
title =        {Advances in Cryptology -- AUSCRYPT '90 Proceedings},
publisher =    {Springer-Verlag},
year =         1990,
note =         {Lecture Notes in Computer Science, vol. 453}
}


@book{SeberryZh93,
author =       {J. Seberry and Y. Zheng},
title =        {Advances in Cryptology -- AUSCRYPT '92 Proceedings},
publisher =    {Springer-Verlag},
year =         1993,
note =         {Lecture Notes in Computer Science, vol. 718}
}


@inproceedings{SeberryZhZh94,
author =       {Jennifer Seberry and Xian-Mo Zhang and Yuliang Zheng},
title =        {Pitfalls in designing substitution boxes},
pages =        {383--396},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}

@inproceedings{SeberryZhZh94a,
author =       {Jennifer Seberry and Xian-Mo Zhang and Yuliang Zheng},
title =        {Nonlinearly balanced boolean functions and their propagation
               characteristics},
pages =        {49--60},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}


@article{SedgewickSzYa82,
oldtag =       {SedgewickSzYa79},
author =       {R. Sedgewick and T. G. Szymanski and A. C. Yao},
title =        {The complexity of finding cycles in periodic functions},
journal =      SIAM,
volume =       11,
year =         1982,
pages =        {376--390}
}

@book{Selmer66,
author =       {Selmer, E.S.},
year =         1966,
title =        {Linear Recurrence Relations over Finite Fields},
publisher =    {University of Bergen},
address =      {Norway}
}



@inproceedings{SerpellBr85,
author =       {S.C. Serpell and C.B. Brookson},
title =        {Encryption and Key Manaagement for the {ECS} Satellite
               Service},
pages =        {426--436},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@inproceedings{SerpellBrCl85,
author =       {S.C. Serpell and C.B. Brookson and B.L. Clark},
title =        {A Prototype Encryption System Using Public Key},
pages =        {3--9},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}


@techreport{SerpetteVuHe89,
author =       {Bernard Serpette and Jean Vuillemin and Jean-Claude
               Herv\`{e}},
title =        {{BigNum}: A Portable and Efficient Package for Arbitrary-Precision
               Arithmetic},
year =         1989,
month =        May,
institution =  {DEC Paris Research Laboratory}
}


@inproceedings{Sgarro85,
author =       {Andrea Sgarro},
title =        {Equivolcations for Homophonic Ciphers},
pages =        {51--61},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@techreport{Shamir78,
author =       {Adi Shamir},
title =        {On the security of the {Merkle-Hellman} cryptographic
		scheme},
institution =  {MIT Laboratory for Computer Science},
number =       {MIT/LCS/TM-119},
month =        Dec,
year =         1978
}


@article{Shamir79a,
author =       {A. Shamir},
title =        {How to Share a Secret},
journal =      CACM,
volume =       22,
month =        Nov,
year =         1979,
pages =        {612--613}
}

@inproceedings{Shamir79b,
author =       {A. Shamir},
title =        {On the Cryptocomplexity of Knapsack Schemes},
pages =        {118--129},
booktitle =    STOC79,
publisher =    ACM,
address =      {Atlanta},
year =         1979
}

@inproceedings{Shamir81,
author =       {A. Shamir},
title =        {On the generation of cryptographically strong pseudo-random
               sequences},
booktitle =    {Proc.\ ICALP},
publisher =    {Springer},
year =         1981,
pages =        {544--550}
}

@inproceedings{Shamir82,
author =       {A. Shamir},
title =        {A polynomial-time algorithm for breaking the basic
               {Merkle-Hellman} cryptosystem},
pages =        {145--152},
booktitle =    FOCS82,
publisher =    IEEE,
address =      {Chicago},
year =         1982
}


@inproceedings{Shamir82a,
author =       {Adi Shamir},
title =        {The Generation of Cryptographically Strong Pseudo-Random
               Sequences},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982,
pages =        {1--1}
}

@inproceedings{Shamir83,
author =       {Adi Shamir},
title =        {A Polynomial Time Algorithm for Breaking the Basic
               {Merkle-Hellman} Cryptosystem},
pages =        {279--288},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}

@article{Shamir84,
author =       {Shamir, A.},
year =         1984,
title =        {A polynomial time algorithm for breaking the basic
               {Merkle-Hellman} cryptosystem},
journal =      {IEEE Transactions on Information Theory},
volume =       {IT-30},
number =       {5},
month =        {Sept.},
pages =        {699--704}
}



@inproceedings{Shamir85,
author =       {Adi Shamir},
title =        {Identity-Based Cryptosystems and Signature Schemes},
pages =        {47--53},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}


@inproceedings{Shamir86,
author =       {Shamir, A.},
year =         1986,
title =        {On the Security of {DES}},
booktitle =    {Advances in Cryptology --- Crypto '85},
editor =       {H.C. Williams},
publisher =    {Springer-Verlag},
address =      {New York},
note =         {280--281}
}

@InProceedings{Shamir90,
author =       {Adi Shamir},
title =        {{IP=PSPACE}},
year =         {1990},
pages =        {11--15},
booktitle =    {Proccedings of the Twenty Second Annual ACM Symposium
               on Theory of Computing},
month =        {May}
}

@inproceedings{Shamir94,
author =       {Adi Shamir},
title =        {Efficient signature schemes based on birational permutations},
pages =        {1--12},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}

@misc{Shamir95,
author =       {Adi Shamir},
title =        {Fast signature screening},
note =         {CRYPTO '95 rump session talk; to appear in RSA Laboratories'
               {\em CryptoBytes}.}
}

@misc{Shamir95a,
author =       {Adi Shamir},
title =        {Partial key escrow},
year =         1995,
note =         {Unpublished.}
}

@incollection{ShamirRiAd81,
author =       {A. Shamir and R. L. Rivest and L. M. Adleman},
title =        {Mental Poker},
pages =        {37--43},
booktitle =    {The Mathematical Gardner},
editor =       {D. Klarner},
publisher =    {Wadsworth},
address =      {Belmont, California},
year =         1981
}

@inproceedings{ShandVu93,
oldtag =       {Shand93},
author =       {M. Shand and J. Vuillemin},
year =         1993,
title =        {Fast implementations of {RSA} cryptography},
booktitle =    {Proc.\ of the 11th IEEE Symp.\ on Computer Arithmetic},
pages =        {252--259},
publisher =    {IEEE Computer Society Press},
address =      {Los Alamitos, CA}
}



@article{Shannon48,
author =       {C. E. Shannon},
title =        {A mathematical theory of communication},
journal =      {Bell Sys.\ Tech.\ J.},
volume =       27,
year =         1948,
pages =        {623--656}
}


@article{Shannon49,
author =       {C. E. Shannon},
title =        {Communication theory of secrecy systems},
journal =      {Bell Sys.\ Tech.\ J.},
volume =       28,
year =         1949,
pages =        {657--715}
}



@article{SheppLl66a,
oldtag =       {SheppLl66},
author =       {Shepp, L.A. and Lloyd, S.P.},
year =         1966,
title =        {Ordered cycle lengths in a random permutation},
journal =      {Transactions of the American Mathematical Society},
volume =       121,
pages =        {340--357}
}


@phdthesis{Sherman86,
author =       {A. Sherman},
title =        {Cryptology and {VLSI} (a two-part dissertation)},
month =        Oct,
year =         1986,
school =       {MIT EECS Dept},
note =         {Published as MIT Laboratory for Computer Science Technical
               Report MIT/LCS/TR-381 (Oct. 1986)}
}


@inproceedings{SherwoodGa88,
oldtag =       {SherwoodGa90},
author =       {J.R. Sherwood and V.A. Gallo},
title =        {The Application of Smart Cards for {RSA} Digital Signatures
               in a Network Comprising both Interactive and Store-and-Foreward
               Facilities},
pages =        {484--496},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}


@article{ShizuyaItSa91,
author =       {Hiroki Shizuya and Toshiya Itoh and Kouichi Sakurai},
title =        {On the Complexity of Hyperelliptic Discrete Logarithm
               Problem},
journal =      {IEEE Transactions on Computers},
volume =       {E 74},
number =       8,
year =         1991,
month =        Aug,
pages =        {2129--2135}
}

@inproceedings{ShimizuMi88,
author =       {Shimizu,A. and Miyaguchi, S.},
year =         1988,
title =        {Fast Data Encipherment Algorithm {FEAL}},
booktitle =    {Advances in Cryptology --- Eurocrypt '87},
editor =       {Chaum, D. and Price, W.L.},
publisher =    {Springer-Verlag},
address =      {Berlin},
pages =        {267--280}
}

@INPROCEEDINGS{ShizuyaKoIt90,
author =       {H. Shizuya and K. Koyama and T. Itoh},
title =        {Demonstrating Possession Without Revealing Factors
               and Its Application},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {273--293}
}


@inproceedings{Shor94,
author =       {Peter W. Shor},
title =        {Algorithms for Quantum Conputation: Discrete Logarithms
               and Factoring},
booktitle =    STOC94,
publisher =    {ACM},
address =      {Montreal, Canada},
year =         1994,
pages =        {124--134}
}


@article{Seigenthaler84,
oldtag =       {Siegenthaler84},
author =       {Seigenthaler, T.},
year =         {1984},
title =        {Correlation-immunity of nonlinear combining functions
               for cryptographic applications},
journal =      {IEEE Transactions on Information Theory},
volume =       {IT-30},
number =       {5},
month =        {Sept.},
pages =        {776--779}
}

@article{Seigenthaler85,
oldtag =       {Siegenthaler85},
author =       {Seigenthaler, T.},
year =         {1985},
title =        {Decrypting a class of stream ciphers using ciphertext
               only},
journal =      {IEEE Transactions on Computers},
volume =       {C-34},
number =       {1},
month =        {Jan.},
pages =        {81--85}
}

@inproceedings{Seigenthaler86,
oldtag =       {Siegenthaler86},
author =       {Seigenthaler, T.},
year =         {1986},
title =        {Cryptanalyst's representation of nonlinearity filtered
               {\it ml}-sequences},
booktitle =    {Advances in Cryptology --- Eurocrypt '85},
editor =       {Pichler, F.},
publisher =    {Springer-Verlag},
address =      {Berlin},
pages =        {103--110}
}



@inproceedings{Siegenthaler86a,
author =       {T. Siegenthaler},
title =        {Design of Combiners to Prevent Divide and Conquer 
               Attacks},
pages =        {273--279},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}


@article{Silverman87,
author =       {Silverman, R.D.},
year =         1987,
title =        {The multiple polynomial quadratic sieve},
journal =      {Mathematics of {C}omputation},
volume =       48,
pages =        {329--339}
}

@article{Silverman91,
author =       {Silverman, R.D.},
year =         1991,
title =        {Massively distributed computing and factoring large
               integers},
journal =      {Communications of the ACM},
volume =       34,
number =       11,
pages =        {95--103}
}



@article{SilvermanWa93,
oldtag =       {Silverman93},
author =       {Silverman, R.D. and Wagstaff, S.S.},
year =         1993,
title =        {A practical analysis of the elliptic curve factoring
               algorithm},
journal =      {Mathematics of {C}omputation},
volume =       61,
number =       203,
pages =        {445--462}
}


@book{SilvermanTa92,
author =       {J.H. Silverman and J. Tate},
title =        {Rational Points on Elliptic Curves},
publisher =    {Springer-Verlag},
year =         1992
}


@article{Simmons79,
author =       {G. J. Simmons},
title =        {Symmetric and asymmetric encryption},
journal =      {ACM Computing Surveys},
volume =       11,
year =         1979,
pages =        {305--330}
}

@book{Simmons82,
editor =       {G.J. Simmons},
title =        {Secure Communications and Asymmetric Cryptosystems},
publisher =    {AAAS},
series =       {Selected Symposia},
volume =       69,
year =         1982
}


@inproceedings{Simmons82a,
author =       {Gus Simmons},
title =        {A System for Point-of-Sale or Access User Authentication
               and Identification},
pages =        {31--37},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@inproceedings{Simmons84,
author =       {Gustavus J. Simmons},
title =        {The Prisoners' Problem and the Subliminal Channel},
pages =        {51--67},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}

@inproceedings{Simmons85,
author =       {Gustavus J. Simmons},
title =        {Authentication Theory/Coding Theory},
pages =        {411--431},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}


@inproceedings{Simmons85a,
author =       {Gustavus J. Simmons},
title =        {The Subliminal Channel and Digital Signature},
pages =        {364--378},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}


@inproceedings{Simmons86,
author =       {Gustavus J. Simmons},
title =        {A Secure Subliminal Channel (?)},
pages =        {33--41},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}

@inproceedings{Simmons88,
author =       {Gustavus J. Simmons},
title =        {An impersonation-proof identity verfication scheme},
pages =        {211--215},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{Simmons88a,
author =       {Gustavus J. Simmons},
title =        {A natural taxonomy for digital information authentication
               schemes},
pages =        {269--288},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{Simmons88b,
oldtag =       {Simmons90},
author =       {G.J. Simmons},
title =        {How to (Really) Share a Secret},
pages =        {390--449},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}

@incollection{Simmons89,
author =       {G. J. Simmons},
title =        {Cryptology},
booktitle =    {The New Encyclop{\ae}dia Brittanica},
publisher =    {Encyclop{\ae}dia Brittanica},
year =         1989,
pages =        {860--873},
note =         {(Volume 16)}
}


@inproceedings{Simmons91,
author =       {G.J. Simmons},
title =        {Geometric Shared Secret and/or Shared Control Schemes},
pages =        {216--241},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}


@incollection{Simmons92,
author =       {G.J. Simmons},
title =        {A survey of information authentication},
booktitle =    {Contemporary Cryptology, The Science of Information
               Integrity},
publisher =    {IEEE Press},
year =         1992,
pages =        {379--419}
}


@incollection{Simmons92a,
author =       {G.J. Simmons},
title =        {An introduction to shared secret and/or shared control
               schemes and their application},
booktitle =    {Contemporary Cryptology, The Science of Information
               Integrity},
publisher =    {IEEE Press},
year =         1992,
pages =        {441--497}
}


@book{Simmons92b,
editor =       {G.J. Simmons},
title =        {Contemporary Cryptology, The Science of Information
               Integrity},
publisher =    {IEEE Press},
year =         1992
}


@article{Simmons94,
author =       {Gustav J. Simmons},
title =        {Cryptanalysis and Protocol Failures},
journal =      {Communications of the ACM},
month =        Nov,
year =         1994,
volume =       37,
number =       11,
pages =        {56--65}
}


@article{SimmonsNo77,
author =       {Gustavus J. Simmons and Michael J. Norris},
title =        {Preliminary Comments on the {MIT} Public-Key Cryptosystem},
journal =      {Cryptologia},
year =         1977,
month =        Oct,
volume =       1,
number =       4,
pages =        {406--414}
}


@inproceedings{Simon94,
author =       {Daniel R. Simon},
title =        {On the Power of Quantum Computation},
booktitle =    STOC94,
publisher =    {ACM},
address =      {Montreal, Canada},
year =         1994,
pages =        {116--123}
}


@inproceedings{SivabalanTaPe92,
author =       {M. Sivabalan and Stafford Tavares and L.E. Peppard},
title =        {On the Design of {SP} Networks From an Information
               Theoretic Point of View},
pages =        {260--279},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}


@techreport{Sloan89,
author =       {Robert Sloan},
title =        {All Zero-Knowledge Proofs are Proofs of Language Membership},
institution =  {MIT Laboratory for Computer Science},
number =       {MIT/LCS/TM-385},
month =        Feb,
year =         1989
}


@incollection{Sloane81,
author =       {N. J. A. Sloane},
title =        {Error-Correcting Codes and Cryptography},
booktitle =    {The Mathematical Gardner},
editor =       {D. Klarner},
publisher =    {Wadsworth},
address =      {Belmont, California},
year =         1981,
pages =        {346--382}
}


@inproceedings{Sloane83,
author =       {N.J.A. Sloane},
title =        {Encrypting by Random Rotations},
pages =        {71--128},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@inproceedings{Smeets85,
author =       {B.J.M. Smeets},
title =        {On the Use of the Binary Multiplying Channel in a Private
               Communication System},
pages =        {339--348},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209},
publisher =    {Springer-Verlag},
year =         1985
}

@inproceedings{Smeets86,
author =       {Smeets, B.},
year =         {1986},
title =        {A note on sequences generated by clock-controlled shift
               registers},
booktitle =    {Advances in Cryptology --- Eurocrypt '85},
editor =       {Pichler, F.},
publisher =    {Springer-Verlag},
address =      {Berlin},
pages =        {40--42}
}


@inproceedings{Smid82,
author =       {Miles Smid},
title =        {{DES} '81: An Update},
pages =        {39--40},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@article{SmidBr88,
author =       {Smid, M.E. and Branstad, D.K.},
year =         1988,
title =        {The {Data Encryption Standard}: {Past} and future},
journal =      {Proc.\ of the IEEE},
volume =       76,
pages =        {550--559}
}


@incollection{SmidBr92,
author =       {M.E. Smid and D.K. Branstad},
title =        {The data encryption standard: past and future},
booktitle =    {Contemporary Cryptology, The Science of Information
               Integrity},
publisher =    {IEEE Press},
year =         1992,
pages =        {43--64}
}


@inproceedings{SmidBr92a,
author =       {Miles E. Smid and Dennis K. Branstad},
title =        {Response to Comments of the {NIST} Proposed Digital
               Signature Standard},
pages =        {76--88},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}

@inproceedings{Smith90,
author =       {Jonathan M. Smith},
title =        {Practical problems with a cryptographic protection
               scheme},
pages =        {64--73},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@article{SolmsNa92,
author =       {Sebastiaan von Solms and David Naccache},
title =        {On Bline Signatures and Perfect Crimes},
journal =      {Computers and Security},
year =         1992,
month = 	Oct,
volume =       11,
number =	6,
pages =        {581--583}
}


@article{SolovaySt77,
author =       {R. Solovay and V. Strassen},
title =        {A Fast {Monte-Carlo} Test for Primality},
journal =      SIAM,
volume =       6,
year =         1977,
pages =        {84-85}
}


@article{Sorenson94,
author =       {Jonathan Sorenson},
title =        {Polylog Depth Circuits for Integer Factoring and Discrete
               Logarithms},
journal =      {Information and Computation},
volume =       110,
year =         1994,
number =       1,
month =        Apr,
pages =        {1--18}
}

@techreport{Sorenson90,
author =       {Jonathan Sorenson},
title =        {The $k$-ary {GCD} algorithm},
institution =  {Computer Science Department, University of Wisconsin
               at Madison},
year =         1990,
month =        Nov,
number =       {Number 979}
}

@article{Sorkin84,
author =       {Sorkin, A.},
year =         1984,
title =        {Lucifer, a Cryptographic Algorithm},
journal =      {Cryptologia},
volume =       8,
number =       1,
pages =        {22--41},
note =         {Erratum: {\it ibid.} 7, p. 118, 1978.}
}


@techreport{Spafford88,
author =       {Eugene H. Spafford},
title =        {The Internet Worm Program: An Analysis},
institution =  {Purdue University Department of Computer Science},
year =         1988,
number =       {CSD-TR-823}
}


@article{Spafford89,
author =       {Eugene H. Spafford},
year =         1989,
title =        {The Internet Worm: Crisis and Aftermath},
journal =      {Communications of the ACM},
volume =       32,
number =       6,
pages =        {678--687}
}

@inproceedings{SpencerrTr84,
oldtag =       {SpencerTa84},
author =       {M.E. Spencerr and S.E. Travares},
title =        {A Layered Broadcast Cryptographic System},
pages =        {157--170},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}


@inproceedings{StaffelbachMe91,
author =       {O. Staffelbach and W. Meier},
title =        {Cryptographic Significance of the Carry for Ciphers
               Based on Integer Addition},
pages =        {601--615},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}


@book{Stallings95,
author =       {William Stallings},
title =        {Network and Internetwork Security Principles and Practice},
year =         1995,
publisher =    {Prentice Hall}
}

@manual{StandardsAss85,
oldtag =       {StandardsAA85},
author =       {{Standards Association of Australia}},
year =         {1985},
title =        {Australian Standard 2805.4-1985: Electronics Funds
               Transfer --- Requirements for Interfaces: Part 4 ---
               Message Authentication}
}

@manual{StandardsAss85a,
oldtag =       {StandardsAA85a},
author =       {{Standards Association of Australia}},
year =         {1985},
title =        {Australian Standard 2805.5-1985: Electronics Funds
               Transfer --- Requirements for Interfaces: Part 5 ---
               Data Encryption Algorithm}
}

@manual{StandardsAss90,
oldtag =       {StandardsAA90},
author =       {{Standards Association of Australia}},
year =         {1990},
title =        {Draft Australian Standard: Electronics Funds Transfer
               --- Requirements for Interfaces: Part 6.5.3 --- Key
               Management --- Terminal Initialisation --- Asymmetrical},
month =        {May}
}


@inproceedings{SteerStDiWi88,
oldtag =       {SteerStDiWi90},
author =       {D.G. Steer and L. Strawczynski and W. Diffie and M.
               Wiener},
title =        {A Secure Audio Teleconference System},
pages =        {520--529},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}

@article{Stein67,
author =       {J. Stein},
title =        {Computational problems associated with {Racah} algebra},
journal =      {J. Comp. Phys.},
volume =       1,
pages =        {397--405},
year =         1967
}

@inproceedings{SteinerNeSc88,
author =       {Steiner, J.G. and Neuman, B.C. and Schiller, J.I.},
year =         1988,
title =        {{Kerberos}: an authentication service for open network
               systems},
booktitle =    {Usenix Conference Proceedings},
address =      {Dallas, Texas},
month =        {February},
pages =        {191--202}
}


@inproceedings{Stephens86,
oldtag =       {Stephens85},
author =       {N. M. Stephens},
title =        {{Lenstra's} Factorization Method Based on Elliptic
               Curves},
pages =        {409--416},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
publisher =    {Springer},
year =         1986,
note =         {Lecture Notes in Computer Science No.\ 218}
}


@inproceedings{Stern94,
author =       {Jacques Stern},
title =        {Designing identification schemes with keys of short
               size},
pages =        {164--173},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}


@inproceedings{Stern94a,
author =       {Jacques Stern},
title =        {A new identification scheme based on syndrome decoding},
pages =        {13--21},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}



@article{StevensonHiBy95,
author =       {Daniel Stevenson and Nathan Hillery and Greg Byrd},
title =        {Secure Communications in ATM Networks},
journal =      CACM,
volume =       38,
number = 	2, 
month =        Feb,
year =         1995,
pages =        {45--52}
}

@inproceedings{Stinson87,
author =       {D.R. Stinson},
title =        {Some constructions and bounds for authentication codes},
pages =        {418--425},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@inproceedings{Stinson88,
author =       {D.R. Stinson},
title =        {A construction for authentication/secrecy codes from
               certain combinatorial designs},
pages =        {355--366},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@article{Stinson88a,
author =       {D.R. Stinson},
title =        {Some constructions and bounds for authentication codes},
journal =      {Journal of Cryptology},
year =         1988,
volume =       1,
pages =        {84--85}
}


@article{Stinson90,
author =       {D.R. Stinson},
title =        {The combinatorics of authentication and secrecy codes},
journal =      {Journal of Cryptology},
year =         1990,
volume =       2,
pages =        {37--51}
}


@inproceedings{Stinson92,
author =       {D.R. Stinson},
title =        {Combinatorial Characterizations of Authentication Codes},
pages =        {62--73},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}


@inproceedings{Stinson92a,
author =       {D.R. Stinson},
title =        {Universal Hashing and Authentication Codes},
pages =        {74--85},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}


@inproceedings{Stinson92b,
author =       {Doug R. Stinson},
title =        {New General Lower Bounds on the Information Rate of
               Secret Sharing Schemes},
pages =        {168--182},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}


@article{Stinson92c,
author =       {D.R. Stinson},
title =        {An explication of secret sharing schemes},
journal =      {Designs, Codes, and Cryptography},
volume =       2,
year =         1992,
pages =        {357--390}
}


@article{Stinson94,
author =       {D.R. Stinson},
title =        {Universal Hashing and Authentication Codes},
journal =      {Designs, Codes, and Cryptography},
volume =       4,
year =         1994,
pages =        {369--380}
}


@book{Stinson95,
author =       {Douglas R. Stinson},
title =        {Cryptography: Theory and Practice},
publisher =    {CRC Press},
year =         1995
}

@inproceedings{StinsonVa88,
author =       {D.R. Stinson and S.A. Vanstone},
title =        {A combinatorial approach to threshold schemes},
pages =        {330--339},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@article{Stoll88,
author = 	{C. Stoll}, 
title = 	{Stalking the Wily Hacker},
journal = 	{Communications of the ACM},
volume = 	31,
number =	5,
year =		1988
}


@book{Stoll89,
author =       {Stoll, Cliff},
year =         1989,
title =        {The Cuckoo's Egg: Tracing a Spy Through the Maze of
               Computer Espionage},
publisher =    {Doubleday},
address =      {New York}
}


@inproceedings{Struik88,
oldtag =       {StruikVa88},
author =       {Ren\'e Struik},
title =        {The Rao-Nam scheme is insecure against a chosen-plaintext
               attack},
pages =        {445--457},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@book{Summers93,
author =       {Anthony Summers},
title =        {Official and Confidential: The Secret Life of {J. Edgar
               Hoover}},
year =         1993,
publisher =    {Simon and Schuster (Pocket Books)}
}

@inproceedings{Sutherland86,
author = 	{D. Sutherland},
title = 	{A model of Inofrmation},
booktitle = 	{9NatSecConf},
year = 		1986
}



@inproceedings{Tanaka88,
author =       {Hatsukazu Tanaka},
title =        {A realization scheme for the identity-based cryptosystem},
pages =        {340--349},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{Tardy-CorfdiGi92,
oldtag =       {Tardy-CorfdirGi92},
author =       {A. Tardy-Corfdir and H. Gilbert},
title =        {A known plaintext attack of {FEAL}-4 and {FEAL}-6},
pages =        {172--181},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}

@inproceedings{TatebayashiMaNe90,
author =       {Makoto Tatebayashi and Ntsume Matsuzaki and David B.
               Newman, Jr.},
title =        {Key distribution protocol for digital mobile communication
               systems},
pages =        {324--334},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{Taylor94,
author =       {Richard Taylor},
title =        {An integrity check value algorithm for stream ciphers},
pages =        {40--48},
booktitle =    CRYPTO93,
editor =       {Douglas R. Stinson},
note =         {Lecture Notes in Computer Science No.\ 773},
publisher =    {Springer},
year =         1994
}


@inproceedings{Tedrick84,
author =       {Tom Tedrick},
title =        {How to Exchange Half a Bit},
pages =        {147--151},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}


@inproceedings{Tedrick85,
author =       {Tom Tedrick},
title =        {Fair Exchange of Secrets},
pages =        {434--438},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}


@article{Thompson84,
author = 	{K. Thompson},
title =		{Reflections on Trusting Trust},
journal = 	{Communications of the ACM},
volume =	27,
number = 	8,
year =		1984
}


@book{Tilborg88a,
oldtag =       {Tilborg88},
author =       {Tilborg, H.C.A. van},
year =         1988,
title =        {An Introduction to Cryptology},
publisher =    {Kluwer Academic Publishers},
address =      {Boston}
}

@inproceedings{TillichZe94,
author =       {Jean-Pierre Tillich and Gilles Z\'emor},
title =        {Hashing with $SL_{2}$},
pages =        {40--49},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}


@inproceedings{Timmann83,
author =       {Klaus-P. Timmann},
title =        {The Rating of Understanding in Secure Voice Communications
               Systems},
pages =        {157--163},
year =         1983,
booktitle =    {Cryptography, Proc. Burg Feuerstein 1982},
editor =       {T.Beth},
volume =       {149},
publisher =    {Springer-Verlag},
address =      {Berlin}
}



@inproceedings{TompaWo87,
author =       {Martin Tompa and Heather Woll},
title =        {How to Share a Secret with Cheaters},
pages =        {261--265},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}



@unpublished{Tool91,
author =       {Ted the Tool},
title =        {MIT Buide to Lock Picking},
month =        Sep,
year =         1991,
note =         {48 pages}
}

@inproceedings{Touch95,
author =       {Joseph D. Touch},
title =        {Performance Analysis of {MD5}},
booktitle =    {Proceedings {SIGCOMM}},
year =         {1995},
month =		Oct,
volume =	{25},
number =	{4},
pages =        {77--86},
note =         {Also at {\tt ftp://ftp.isi.edu/pub/hpcc-papers/touch/sigcomm95.ps.Z}}
}

@manual{Touch95b,
author =       {J. Touch},
year =         1995,
title =        {{RFC} 1810: Report on {MD5} Performance},
month =        {June},
organization = {Internet Activities Board}
}

@inproceedings{Toussaint92,
author =       {M.-J. Toussaint},
title =        {Deriving the complete knowledge of participants in
               cryptographic protocols},
pages =        {24--43},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}

@article{Tretter74a,
oldtag =       {Tretter74},
author =       {Tretter, S.A.},
year =         {1974},
title =        {Properties of {$PN^2$} Sequences},
journal =      {{IEEE} Transactions on Information Theory},
volume =       {IT-20},
month =        {March},
pages =        {295--297}
}


@article{Tsudik92,
author =       {Gene Tsudik},
title =        {Message Authentication with One-Way Hash Functions},
journal =      {ACM SIGCOMM, Computer Communication Review},
volume =       22,
number =       5,
month =        Oct,
year =         1992,
pages =        {29--38}
}

@inproceedings{TsujiiCh92,
author =       {S. Tsujii and J. Chao},
title =        {A New {ID}-Based Key Sharing System},
pages =        {288--299},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}


@inproceedings{TsunooOkUy94,
author =       {Yukiyasu Tsunoo and Eiji Okamoto and Tomohiko Uyematsu},
title =        {Ciphertext only attack for one-way function of the
               {MAP} using one ciphertext},
pages =        {369--382},
booktitle =    CRYPTO94,
editor =       {Yvo G. Desmedt},
note =         {Lecture Notes in Computer Science No.\ 839},
publisher =    {Springer},
year =         1994
}

@misc{Tuchman78,
author =       {Tuchman, W.L.},
year =         {1978},
month =        {June},
note =         {Talk presented at the {Nat. Computer Conf., Anaheim,
               C.A.}}
}

@article{Tuerkheimer93,
author =       {Frank M. Tuerkheimer},
title =        {The Underpinnings of Privacy Protection},
journal =      {Communications of the ACM},
month =        Aug,
year =         1993,
volume =       36,
number =       8,
pages =        {69--73}
}


@inproceedings{Turbat85,
author =       {Alain Turbat},
title =        {Introductory Remarks},
page =         {457--458},
booktitle =    EUROCRYPT84,
editor =       {T. Beth and N. Cot and I. Ingemarsson},
note =         {Lecture Notes in Computer Science No.\ 209, Session
               on Smart Cards},
publisher =    {Springer-Verlag},
year =         1985
}


@Inproceedings{TygarYe91,
author =       {J. D. Tygar and Bennet S. Yee},
title =        {Strongbox: A System for Self Securing Programs},
organization = {ACM},
booktitle =    {CMU Computer Science: 25th Anniversary Commemorative},
year =         1991
}


@article{Valiant84,
author =       {L. Valiant},
title =        {Short Monotone Formulae for the Majority Function},
journal =      {Journal of Algorithms},
year =         1984,
volume =       5,
pages =        {363--366}
}


@inproceedings{VanDeGraaafPe88,
oldtag =       {VandeGraafPe88},
author =       {Jeroen van de Graaaf and Ren\'e Peralta},
title =        {A simple and secure way to show the validity of your
               public key},
pages =        {128--134},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@misc{Upton93,
author =       {Jimmy Upton},
note =         {Unpublished comment made to Whit Diffie before Crypto 93, and
                mentioned by Diffie in the Crypto '93 rump session.}
}

@INPROCEEDINGS{LubbeBo90,
oldtag =       {VanderLubbeBo90},
author =       {J.C.A. van der Lubbe and D.E. Boekee},
title =        {{KEYMEX}: An Expert System for the Design of Key Management
               Schemes},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {96--103}
}



@inproceedings{VanOorschot91,
author =       {P.C. van Oorschot},
title =        {A Comparison of Practical Public Key Cryptosystems
               Based on Integer Factorization and Discrete Logarithms},
pages =        {576--581},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}


@book{VanstoneVa89,
author =       {S. A. Vanstone and P.C. VanOorschot},
title =        {An Introduction to Error Correcting Codes with Applications},
publisher =    {Kluwer Academic Publishers},
year =         1989
}


@book{VanTilborg88,
oldtag =       {vanTilborg88},
author =       {H.C.A. van Tilborg},
title =        {An Introduction to Cryptology},
publisher =    {Kluwer Academic Publishers},
year =         1988
}


@inproceedings{VanTilburg90,
oldtag =       {vanTilburg90},
author =       {J. van Tilburg},
title =        {On the {McEliece} Public-Key Cryptosystem},
pages =        {119--131},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1990
}


@inbook{VanTilburg91,
oldtag =       {vanTilburg93},
author =       {J. van Tilburg},
title =        {Secret-key exchange with authentication},
publisher =    {Lecture Notes in Computer Science, 1993, No.\ 741},
note =         {Computer Security and Industrial Cryptography, State
               of the Art and Evolution, ESAT Course},
month =        May,
year =         1991,
pages =        {71--86}
}


@book{VanTilburg94,
oldtag =       {vanTilburg94},
author =       {Johan van Tilburg},
title =        {Security -Analysis of a Class of Cryptosystems Based
               on Linear Error-Correcting Codes},
publisher =    {Royal PTT Nederlands},
year =         1994
}



@inproceedings{VanTilburgBo86,
oldtag =       {vanTilburgBo86},
author =       {J. van Tilburg and D.E. Boekee},
title =        {Divergence Bounds on Key Equivocation and Error Probability
               in Cryptanalysis},
pages =        {489--513},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}


@inproceedings{Varadharajan86,
author =       {V. Varadharajan},
title =        {Trapdoor Rings and Their Use in Cryptography},
pages =        {369--395},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}

@INPROCEEDINGS{Varadharajan90a,
oldtag =       {Varadharajan90},
author =       {V. Varadharajan},
title =        {Network Security Policy Models},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {74--95}
}


@inproceedings{Vaudenay92,
author =       {Serge Vaudenay},
title =        {{FFT-Hash-II} is not yet Collision-free},
pages =        {587--593},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}

@inproceedings{Vazirani85,
author =       {U. V. Vazirani},
title =        {Towards a Strong Communication Complexity Theory, or
               Generating Quasi-Random Sequences from Two Communicating
               Slightly-Random Sources},
pages =        {366-378},
booktitle =    STOC85,
publisher =    ACM,
address =      {Providence},
year =         1985
}

@inproceedings{VaziraniVa83,
author =       {U. V. Vazirani and V. V. Vazirani},
title =        {Trapdoor Pseudo-Random Number Generators, with Applications
               to Protocol Design},
pages =        {23--30},
booktitle =    FOCS83,
publisher =    IEEE,
address =      {Tucson},
year =         1983
}

@inproceedings{VaziraniVa84,
author =       {U.V. Vazirani and V.V. Vazirani},
title =        {Efficient and Secure Pseudo-Random Number Generation},
pages =        {458--463},
booktitle =    FOCS84,
publisher =    IEEE,
address =      {Singer Island},
year =         1984
}

@inproceedings{VaziraniVa84aa,
oldtag =       {VaziraniVa84a},
author =       {Umesh V. Vazirani and Vijay V. Vazirani},
title =        {{RSA} Bits are $732 + \epsilon$ Secure},
pages =        {369--375},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}


@inproceedings{VaziraniVa85,
author =       {U.V. Vazirani and V.V. Vazirani},
title =        {Efficient and Secure Pseudo-Random Number Generation},
pages =        {193--202},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}


@article{Vernam26,
author =       {Vernam, G.S.},
year =         1926,
title =        {Cipher printing telegraph systems for secret wire and
               radio telegraphic communications},
journal =      {J. Am. Inst. Elec. Eng.},
volume =       55,
pages =        {109--115}
}


@misc{VernonLaPe94,
author =       {Mary K. Vernon and Edward D. Lazowska and Stewart D.
               Personick},
title =        {{R\&D} for the {NII}: Technical Challenges},
howpublished = {EDUCOM},
month =        May,
year =         1994
}


@inproceedings{Vogel84,
author =       {Vogel, R.},
year =         1984,
title =        {On the linear complexity of cascaded sequences},
booktitle =    {Advances in Cryptology --- Eurocrypt '84},
editor =       {T. Beth and N. Cot and I. Ingemarsson},
pages =        {99--109},
publisher =    {Springer-Verlag},
address =      {Berlin}
}


@incollection{VonNeumann63,
oldtag =       {VonNeumann51},
author =       {J. {von Neumann}},
title =        {Various techniques for use in connection with random
               digits},
booktitle =    {von Neumann's Collected Works},
volume =       5,
publisher =    {Pergamon},
year =         {1963},
pages =        {768--770}
}



@inproceedings{WagnerMa85,
author =       {Neal R. Wagner and Marianne R. Magyarik},
title =        {A Public Key Cryptosystem Based on the Word Problem},
pages =        {19--36},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}

@inproceedings{WagnerPuCa87,
author =       {Neal R. Wagner and Paul S. Putter and Marianne R. Cain},
title =        {Large-scale randomization techniques},
pages =        {393--404},
booktitle =    CRYPTO86,
editor =       {A.M. Odlyzko},
note =         {Lecture Notes in Computer Science No.\ 263 },
publisher =    {Springer-Verlag},
year =         1987
}


@article{Walker90,
author =       {M. Walker},
title =        {Information-theoretic bounds for authentication systems},
journal =      {Journal of Cryptology},
year =         1990,
volume =       2,
pages =        {131--143}
}


@article{WalkerLiElBa96,
author =       {Stephen T. Walker and Steven B. Lipner and 
		Carl M. Ellison and David M. Balenson},
title =        {Commercial Key Recovery},
journal =      {Communications of the ACM},
month =        Mar,
year =         1996,
volume =       39,
number =       3,
pages =        {41--47}
}


@inproceedings{Walter92,
author =       {C.D. Walter},
title =        {Faster Modular Multiplication by Operand Scaling},
pages =        {313--323},
booktitle =    CRYPTO91,
editor =       {J. Feigenbaum},
note =         {Lecture Notes in Computer Science No.\ 576},
publisher =    {Springer},
year =         1992
}

@misc{WangMa86,
author =       {Wang, M.Z. and Massey, J.L.},
year =         1986,
title =        {The characteristics of all binary sequences with perfect
               linear complexity profiles},
note =         {Presented at Eurocrypt'86},
address =      {Linkoping, Sweden},
month =        {May 20--22}
}

@article{Ward33,
author =       {Ward, M.},
year =         1933,
title =        {The Arithmetic Theory of Linear Recurring Series},
journal =      {Trans. A.M.S.},
volume =       35,
pages =        {600--628}
}

@inproceedings{Wayner92,
author =       {Peter C. Wayner},
title =        {Content-Addressable Search Engines and {DES}-like Systems},
pages =        {575--586},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}

@book{Wayner96,
author = 	{Peter Wayner},
title = 	{Digital Cash: Commerce on the Net},
publisher = 	{Academic Press},
year = 		{1996}
}

@inproceedings{WebsterTa86,
author =       {Webster, A.F. and Tavares, S.E.},
year =         1986,
title =        {On the design of {S}-boxes},
booktitle =    {Advances in Cryptology --- Crypto '85},
editor =       {H.C. Williams},
publisher =    {Springer-Verlag},
address =      {New York},
pages =        {523--534}
}

@misc{WechselbergeBlJeDrSi85,
oldtag =       {WechselbergerBlJeDrSi85},
author =       {Wechselberger, A. and Bluestein, L. and Jedynak, L.
               and Drake, D. and Simpson, L.},
title =        {Multi-layer Encryption System for the Broadcast of
               Encrypted Information },
howpublished = {U.S. Patent No. 4,531,020},
month =        { July 23,},
year =         {1985}
}


@inproceedings{Weinstein82,
author =       {Stephen B. Weinstein},
title =        {Security Mechanisms in Electronic Cards},
pages =        {109--109},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}


@book{Welsh88,
author =       {D. Welsh},
title =        {Codes and Cryptography},
publisher =    {Oxford Science Publications},
year =         1988
}


@book{WesternMi68,
author =       {Western, A.E. and Miller, J.C.P.},
year =         1968,
title =        {Tables of Indices and Primitive Roots},
publisher =    {Cambridge University Press},
address =      {Cambridge},
volume =       9,
series =       {Royal Society Mathematical Tables}
}

@inproceedings{White90,
author =       {Steve R. White},
title =        {Covert distributed processing with computer viruses},
pages =        {616--619},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}

@manual{OfficeoftheP93,
oldtag =       {WhiteHouse93},
author =       {{Office of the Press Secretary}},
year =         1993,
title =        {Statement},
organization = {The White House},
month =        {April 16,}
}

@article{Wiedemann86,
author =       {Wiedemann, D. H.},
title =        {Solving sparse linear equations over finite fields},
journal =      {IEEE Trans. Inform. Theory},
volume =       32,
year =         1986,
pages =        {64--62}
}

@article{Wiener90,
author =       {Wiener, Michael J.},
title =        {Cryptanalysis of short {RSA} secret exponents},
journal =      {IEEE Transactions on Information Theory},
volume =       36,
number =       3,
year =         1990,
month =        May,
pages =        {553--558}
}

@unpublished{Wiener93,
author =       {Wiener, M.J.},
year =         1993,
title =        {Efficient {DES} Key Search},
month =        {August 20,},
note =         {Presented at Crypto '93 rump session}
}


@book{Wilkes75,
author =       {Wilkes, M. V.},
title =        {Time-sharing computer systems},
year =         1975,
publisher =    {Elsevier},
note =         {Third edition}
}


@techreport{Williams79,
author =       {H. C. Williams},
institution =  {The University of Manitoba, Dept. of Computer Science},
year =         1979,
month =        {Jul},
title =        {A modification of the {RSA} Public-Key Encryption Procedure},
number =       {Scientific Report \#92}
}



@article{Williams80,
author =       {H. C. Williams},
title =        {A Modification of the {RSA} Public-key Encryption Procedure},
journal =      {IEEE Transactions on Information Theory},
volume =       {IT-26},
number =       6,
year =         1980,
month =        Nov,
pages =        {726--729}
}

@article{Williams82,
author =       {H. C. Williams},
title =        {A $p+1$ method of factoring},
journal =      {Mathematics of Computation},
year =         1982,
month =        Jul,
volume =       39,
number =       159,
pages =        {225--234}
}

@inproceedings{Williams84,
author =       {H. C. Williams},
title =        {An Overview of Factoring},
pages =        {71--80},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}


@inproceedings{Williams85d,
oldtag =       {Williams85},
author =       {H. C. Williams},
title =        {Some Public Key Crypto-Functions as Intractable as
               Factorization},
pages =        {66-70},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}


@inproceedings{Williams86,
author =       {H.C. Williams},
title =        {An $M^3$ Public-Key Encryption Scheme},
pages =        {358--368},
booktitle =    CRYPTO85,
editor =       {H. C. Williams},
note =         {Lecture Notes in Computer Science No.\ 218},
publisher =    {Springer},
year =         1986
}


@article{Williams93,
author =       {Williams, H.C.},
year =         1993,
title =        {How was {$F_6$} factored?},
journal =      {Mathematics of {C}omputation},
volume =       61,
number =       203,
pages =        {463--474}
}

@article{WilliamsJu76,
author =       {H. C. Williams and J. S. Judd},
title =        {Determination of the Primality of $N$ by using Factors
               of $N^2\pm 1$},
journal =      {Mathematics of Computation},
year =         1976,
month =        Jan,
volume =       30,
number =       133,
pages =        {157--172}
}

@article{WilliamsSc79,
author =       {H. C. Williams and B. Schmid},
title =        {Some remarks concerning the {MIT} public-key cryptosystem},
journal =      {BIT},
year =         1979,
volume =       19,
pages =        {525--538},
comment =      {Discusses breaking RSA by repeated encryption; Motivates
               strong primes by $p+1$ and $p-1$ methods. Discusses
               building strong primes. Appeared earlier as University
               of Manitoba Computer Science Scientific Report 91}
}

@book{Winterbotham75,
author =       {F. W. Winterbotham},
title =        {The Ultra Secret},
publisher =    {Futura},
address =      {London},
year =         1975
}


@inproceedings{Winternitz83,
author =       {Robert S. Winternitz},
title =        {Security of a Keystream Cipher with Secret Initial
               Value},
pages =        {133--137},
booktitle =    CRYPTO82,
editor =       {R. L. Rivest and A. Sherman and D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1983
}


@inproceedings{Winternitz84,
author =       {Robert S. Winternitz},
title =        {Producing a One-Way Hash Function from {DES}},
pages =        {203--207},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}


@article{WobberAbBuLa94,
author =       {Edward Wobber and Mart\'in Abadi and Michael Burrows
               and Butler Lampson},
title =        {Authentication in Taos Operating System},
journal =      {TOCS},
month =        Feb,
year =         1994,
volume =       12,
number =       1,
pages =        {3--32}
}


@inproceedings{Wolfram86,
author =       {Wolfram, S.},
year =         1986,
title =        {Cryptography with cellular automata},
booktitle =    {Advances in Cryptology --- Crypto '85},
editor =       {H.C. Williams},
publisher =    {Springer-Verlag},
address =      {New York},
pages =        {429--432}
}



@techreport{Woll84,
author =       {Heather Woll},
title =        {Reductions among number theoretic problems},
institution =  {Department of Computer Science, University of Washington, Seattle},
year =         1984,
month =        Jun,
number =       {\#84-05--02}
}


@article{WooLa92,
author =       {Thomas Y.C. Woo and Simon S. Lam},
title =        {Authentication for Distributed Systems},
journal =      {Computer},
volume =       25,
number =       1,
year =         1992,
month =        Jan,
pages =        {39--52}
}



@article{Wright94,
author =       {Benjamin Wright},
title =        {Inside {RISKS}: The Verdict on Plaintext Signatures:
               They're Legal},
journal =      {Communications of the ACM},
month =        Oct,
year =         1994,
volume =       37,
number =       10,
pages =        {122--122}
}


@inproceedings{Wunderlich84,
author =       {Marvin C. Wunderlich},
title =        {Factoring Numbers on the Massively Parallel Computer},
pages =        {87--102},
booktitle =    CRYPTO83,
editor =       {D. Chaum},
publisher =    {Plenum Press},
address =      {New York},
year =         1984
}

@article{Wyner75,
author =       {A. D. Wyner},
title =        {The wire-tap channel},
journal =      {Bell Sys.\ Tech.\ J.},
volume =       {54},
year =         1975,
pages =        {1355--1387}
}

@article{Wyner79a,
author =       {A. D. Wyner},
title =        {An analog scrambling scheme which does not expand bandwidth,
               Part~1},
journal =      {IEEE Trans.\ Inform.\ Theory},
volume =       {IT-25},
number =       3,
year =         1979,
pages =        {261--274}
}

@article{Wyner79b,
author =       {A. D. Wyner},
title =        {An analog scrambling scheme which does not expand bandwidth,
               Part~2},
journal =      {IEEE Trans.\ Inform.\ Theory},
volume =       {IT-25},
number =       4,
year =         1979,
pages =        {415--425}
}


@inproceedings{Wyner82,
author =       {Aaron D. Wyner},
title =        {Some Thoughts on Speech Encryption},
pages =        {120--120},
booktitle =    CRYPTO81,
editor =       {Allen Gersho},
organization = {U.C. Santa Barbara Dept. of Elec. and Computer Eng.},
note =         {Tech Report 82-04},
year =         1982
}

@misc{ISO89,
oldtag =       {X509-89(E)},
author =       {ISO},
title =        {Annex {C} -- The {RSA} Public Key Cryptosystem, in
               {ISO/IEC} 9594-8:1989({E})},
howpublished = {Part of {ISO/IEC X.509} Draft Standard},
year =         {1989},
note =         {no note}
}

@INPROCEEDINGS{Xian90,
author =       {Y.Y. Xian},
title =        {{K-M} Sequence is Forwardly Predictable},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {37--38}
}

@INPROCEEDINGS{Xian90a,
author =       {Y.Y. Xian},
title =        {Dyadic Matrices and Their Potential Significance in
               Cryptography},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {308--310}
}

@inproceedings{Yacobi88,
author =       {Yacov Yacobi},
title =        {Attack on the {Koyama-Ohta} identity basedd key distribution
               scheme},
pages =        {429--433},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}


@inproceedings{Yacobi91,
author =       {Y. Yacobi},
title =        {A Key Distribution ``Paradox''},
pages =        {268--273},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}


@inproceedings{Yacobi91a,
author =       {Y. Yacobi},
title =        {Discrete-log wiith Compressible Exponents},
pages =        {639-643},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}

@inproceedings{YacobiSh90,
author =       {Yacov Yacobi and Zahava Shmuely},
title =        {On key distribution systems},
pages =        {344--355},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}

@misc{Yao??,
oldtag =       {Yao},
author =       {A. C. Yao},
title =        {On Secret Sharing},
note =         {private communication to Shafi Goldwasser}
}

@inproceedings{Yao82a,
author =       {A. C. Yao},
title =        {Theory and Application of Trapdoor Functions},
pages =        {80--91},
booktitle =    FOCS82,
publisher =    IEEE,
address =      {Chicago},
year =         1982
}


@inproceedings{Yao82b,
author =       {A.C. Yao},
title =        {Protocols for Secure Computations},
pages =        {160--164},
booktitle =    FOCS82,
publisher =    IEEE,
address =      {Chicago},
year =         1982
}

@inproceedings{Yao86,
author =       {A.C. Yao},
title =        {How to Generate and Exchange Secrets},
pages =        {162--167},
booktitle =    FOCS86,
publisher =    IEEE,
address =      {Toronto},
year =         1986
}


@article{YarlagaddaHe89,
author =       {R. Yarlagadda and J.E. Hershey},
title =        {Analysis and synthesis of bent sequences},
journal =      {IEE Proceedings},
volume =       {136},
year =         1989,
pages =        {112--123}
}



@phdthesis{Yee94,
author =       {Bennet Yee},
title =        {Using secure coprocessors},
school =       {Carnegie Mellon University},
month =	       {May},
note =	       {CMU-CS-94-149},
year =         {1994}
}



@inproceedings{Yung85,
author =       {Mordechai Yung},
title =        {Cryptoprotocols: Subscription to a Public Key, the
               Secret Blocking and the Multi-Player Mental Poker Game},
pages =        {439--453},
booktitle =    CRYPTO84,
editor =       {G. R. Blakley and D. C. Chaum},
note =         {Lecture Notes in Computer Science No.\ 196},
publisher =    {Springer},
year =         1985
}


@article{Yuval79,
author =       {G. Yuval},
title =        {How to Swindle {Rabin}},
journal =      {Cryptologia},
volume =       3,
month =        Jul,
year =         1979,
pages =        {187--189}
}


@inproceedings{ZengHu88,
oldtag =       {ZengHu90},
author =       {K. Zeng and M. Huang},
title =        {On the Linear Syndrome Method in Cryptoanalysis},
pages =        {469--478},
booktitle =    CRYPTO88,
editor =       {S. Goldwasser},
note =         {Lecture Notes in Computer Science No.\ 403 },
publisher =    {Springer-Verlag},
year =         1988
}

@INPROCEEDINGS{ZengHu90a,
author =       {K. Zeng and M. Huang},
title =        {Solving Equations in Sequences},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {327--332}
}

@inproceedings{ZengYaDa88,
author =       {K. Zeng and J.H. Yang and Z.T. Dai},
title =        {Patterns of entropy drop of the key in an S-box of
               the {DES}},
pages =        {438--444},
booktitle =    CRYPTO87,
editor =       {Carl Pomerance},
note =         {Lecture Notes in Computer Science No.\ 293 },
publisher =    {Springer-Verlag},
year =         1988
}

@inproceedings{ZengYaRa90,
author =       {Zeng, K. and Yang, C.H. and Rao, T.R.N.},
year =         {1990},
title =        {On the Linear Consistency Test in Cryptanalysis with
               Applications},
booktitle =    {Advances in Cryptology --- Crypto '89},
editor =       {G. Brassard},
pages =        {167--174},
publisher =    {Springer-Verlag},
address =      {New York}
}


@INPROCEEDINGS{ZengYaRa90a,
author =       {K. Zeng and C.H. Yang and T.R.N. Rao},
title =        {Large Primes in Stream Cipher Cryptography},
booktitle =    AUSCRYPT90,
year =         1990,
editor =       {J. Seberry and J. Pieprzyk},
series =       {Lecture Notes in Computer Science},
volume =       453,
publisher =    {Springer-Verlag},
pages =        {194--205}
}



@inproceedings{ZengYaRa91,
author =       {K. Zeng and C.H. Yang and T.R.N. Rao},
title =        {An Improved Linear Syndrome Algorithm in Cryptanalysis
               with Applications},
pages =        {34--48},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}

@article{ZengYaWeRa91,
author =       {Zeng, K. and Yang, C.H. and Wei, D.Y. and Rao, T.R.N.},
year =         {1991},
title =        {Pseudorandom Bit Generators in Stream-Cipher Cryptography},
journal =      {Computer},
volume =       {24},
number =       {2},
month =        {February},
pages =        {8--17}
}


@inproceedings{ZhengMaIm90,
author =       {Y. Zheng and T. Matsumoto and H. Imai},
title =        {On the construction of block ciphers provably secure
               and not relying on any unproved hypotheses},
pages =        {461--480},
booktitle =    CRYPTO89,
editor =       {G. Brassard},
note =         {Lecture Notes in Computer Science No.\ 435},
publisher =    {Springer-Verlag},
year =         1990
}


@inproceedings{ZhengMaIm91,
author =       {Y. Zheng and T. Matsumoto and H. Imai},
title =        {Structural Properties of One-way Hash Functions},
pages =        {285--302},
booktitle =    CRYPTO90,
editor =       {A.J. Menezes and S. A. Vanstone},
note =         {Lecture Notes in Computer Science No.\ 537},
publisher =    {Springer-Verlag},
year =         1991
}

@inproceedings{ZhengPiSe93,
author =       {Zheng, Y. and Pieprzyk, J. and Seberry, J.},
year =         1993,
title =        {{HAVAL} - A One-Way Hashing Algorithm with Variable
               Length of Output},
booktitle =    {Advances in Cryptology --- Auscrypt '92},
editor =       {J. Seberry and Y. Zheng},
publisher =    {Springer-Verlag},
address =      {Berlin},
pages =        {83--104}
}


@inproceedings{ZhengSe92,
author =       {Yulian Zheng and Jennifer Seberry},
title =        {Practical Approaches to Attaining Security Against
               Adaptively Chosen Ciphertext Attacks},
pages =        {292--304},
booktitle =    CRYPTO92,
editor =       {Ernest F. Brickell},
note =         {Lecture Notes in Computer Science No.\ 740},
publisher =    {Springer-Verlag},
year =         1992
}

@article{Zierler59,
author =       {Zierler, N.},
year =         1959,
title =        {Linear Recurring Sequences},
journal =      {{J}. {S}oc. {I}ndust. {A}ppl. {M}ath.},
volume =       7,
number =       1,
pages =        {31--48}
}

@article{ZierlerMi73,
author =       {Zierler, N. and Mills, W.H.},
year =         1973,
title =        {Products of Linear Recurring Sequences},
journal =      {Journal of Algebra},
volume =       27,
pages =        {147--157}
}

@article{ZivLe76a,
oldtag =       {ZivLe76},
author =       {Ziv, J. and Lempel, A.},
year =         1976,
title =        {On the complexity of finite sequences},
journal =      {IEEE Trans. Information Theory},
volume =       22,
pages =        {75--81}
}

@article{ZivLe77,
author =       {Ziv, J. and Lempel, A.},
year =         1977,
title =        {A universal algorithm for sequential data compression},
journal =      {IEEE Trans. Information Theory},
volume =       23,
number =       3,
pages =        {337--343}
}