Crypto Bibliography

E. Gabber, P. Gibbons, Y. Matias, and A. Mayer, How to Make Personalized Web Browsing Simple, Secure, and Anonymous, Proc. Financial Cryptography'97, Springer-Verlag LNCS 1318. [.ps.gz]

D. Bleichenbacher, E. Gabber, M. Jakobsson, Y. Matias, and A. Mayer, Curbing Junk E-mail via Secure Classification, Proc. Financial Cryptography'98, Springer-Verlag LNCS 1465. [.ps]

E. Gabber, P. Gibbons, D. Kristol, Y. Matias, and A. Mayer, Consistent yet Anonymous Web Access with LPWA, Communications of the ACM, February 1999. [.ps] [.ps.gz] [.ps.Z]

D. Bleichenbacher, E. Gabber, P. Gibbons, Y. Matias, and A. Mayer, On Secure and Pseudonymous Client Relationships with Multiple Servers, Proc. 3rd USENIX Workshop on Electronic Commerce, 1998. [.pdf]

A. De Santis, C. Blundo, G. Gaggia, and U. Vaccaro, New Bounds on the Information Rate of Secret Sharing Schemes, IEEE Transactions on Information Theory, v. 41, n. 2, 1995, 549-554. [.ps.gz]

P. Chodowiec and K. Gaj, Implementation of the Twofish Cipher Using FPGA Devices, Technical Report, Electrical and Computer Engineering, George Mason University, July 1999.

S. Blackburn, S. Blake-Wilson, M. Burmeister, and S. Galbraith, Shared generation of shared RSA Keys, Tech. Report CORR 98-19, University of Waterloo. [.ps]

Z. Galil and M. Yung, Eavesdropping games: a graph-theoretic approach to privacy in distributed systems, Journal of the ACM. Earlier version in Proc. 34th Annual Symposium on Foundations of Computer Science (FOCS 1993). [.ps]

M. Franklin, Z. Galil, and M. Yung, Eavesdropping games: a graph-theoretic approach to privacy in distributed systems, Proc. 34th Annual Symposium on Foundations of Computer Science (FOCS 1993). [.ps]

V. Gallo and A. Clark, Issue Authority, Second Nordic Conference on Information System Security, Stockholm, 1988. [.pdf]

M. Bellare, J. Garay, and T. Rabin, Fast batch verification for modular exponentiation and digital signatures; Extended abstract in Advances in Cryptology- Eurocrypt 98 Proceedings, Lecture Notes in Computer Science Vol. ??, K. Nyberg ed, Springer-Verlag, 1998.

M. Bellare, J. Garay, R. Hauser, A. Herzberg, H. Krawczyk, M. Steiner, G. Tsudik, and M. Waidner, iKP - A Family of Secure Electronic Payment Protocols, Proc. First USENIX Workshop on Electronic Commerce, New York City, July 1995.

R. Canetti, J. Garay, G. Itkis, D. Micciancio, M. Naor, and B. Pinkas, Multicast Security: A Taxonomy and Efficient Constructions, Proc. INFOCOM '99, Vol. 2, pp. 708-716, March 1999. [.ps]

M. Bellare, J. Garay, R. Hauser, A. Herzberg, H. Krawczyk, M. Steiner, G. Tsudik, E. Van Herreweghen, and M. Waidner, Design, Implementation and Deployment of the iKP Secure Electronic Payment System, IEEE Journal of Selected Areas in Communications. [.ps]

J. Garay, M. Jakobsson, and P. MacKenzie, Abuse-free Optimistic Contract Signing, Proc. Advances in Cryptology - CRYPTO '99, Michael Wiener (Ed.), LNCS (1666), Springer-Verlag, pp. 449-466, August 1999. [.ps]

J. Garay, R. Gennaro, C. Jutla, and T. Rabin, Secure Distributed Storage and Retrieval, Theoretical Computer Science. A preliminary version appeared in WDAG'97. [.ps]

P. Chen, J. Garay, A. Herzberg, and H. Krawczyk, A Security Architecture for the Internet Protocol, IBM Systems Journal 37, No. 1 (1998).

P. Cheng, J. Garay, A. Herzberg, and H. Krawczyk, Design and Implementation of Modular Key Management Protocol and IP Secure Tunnel on AIX, Proc. 5th USENIX UNIX Security Symposium, Salt Lake City, Utah, June 1995. [.ps]

J. Garay and Y. Moses, Fully Polynomial Byzantine Agreement for n>3t Processors in t+1 Rounds, SIAM J. of Computing, vol. 27, n. 2, 1998. [.ps]

M. Bellare, J. Garay, C. Jutla, and M. Yung, VarietyCash: A Multi-purpose Electronic Payment System, Proceedings of the 3rd Usenix Workshop on Electronic Commerce, Usenix, 1998.

A. Iyengar, R. Cahn, C. Jutla, and J. Garay, Design and Implementation of a Secure Distributed Data Repository, IFIP Security, 1998. [.ps]

J. Garay and P. MacKenzie, Abuse-free Multi-party Contract Signing, Proc. 13th International Symposium on Distributed Computing (DISC '99), Prasad Jayanti (Ed.), LNCS (1693), Springer-Verlag, pp. 151-165, Bratislava, September 1999. [.ps]

M. Franklin, H. Buhrman, J. Garay, J. Hoepman, J. Tromp, and P. Vitanyi, Mutual search, Proc. 9th ACM Symposium on Discrete Algorithms (SODA 1998). [.ps]

M. Bellare, J. Garay, and T. Rabin, Distributed Pseudo-Random Bit Generators - A New Way to Speed Up Shared Coin Tossing, Proc. 15th Annual Symp. on Principles of Distributed Computing pp. 191-200, Philadelphia, May 1996. [.ps]

A. De Santis, C. Blundo, L. Gargano, and U. Vaccaro, On the Information Rate of Secret Sharing Schemes, Theoretical Computer Science, v. 154, 1996, pp. 283-306. [.ps.gz]

A. De Santis, C. Blundo, L. Gargano, and U. Vaccaro, Secret Sharing Schemes with Veto Capabilities, Proceedings of French-Israeli Workshop in Algebraic Coding, G. Cohen, S. Litsyn, A. Lobstein, and G. Zemor, (Eds), Lectures Notes in Computer Science v. 781, Springer-Verlag, 1994, pp. 82-89. [.ps.gz]

A. De Santis, R. M. Capocelli, L. Gargano, and U. Vaccaro, On the Sizes of Shares for Secret Sharing Schemes, Journal of Cryptology, v. 6, 1993, pp. 157-167. [.ps.gz]

H. Luiijf, A. Dey, J. Watson, C. Muckenhirn , and M. Garnsey, Fortezza-enabled Multi-level Sensitive Simulations, The 1998 Spring Simulation Interoperability Workshop, Position Papers, Volume I, March 9-13, 1998, pp. 119-132. [.doc]

G. Gaskell, P. Ashley, M. Vandenwauver, and J. Claessens, Intranet Security Technologies - SESAME or SSL?, Proceedings of the Australian Unix and Open Systems User Group National Conference (AUUG98), 1998, pp. 133-142. [.ps.gz]

M. Abadi, S. Glassman, M. Manasse, P. Gauthier, and P. Sobalvarro, The Millicent Protocol for Inexpensive Electronic Commerce, World Wide Web Journal -- Fourth International World Wide Web Conference Proceedings, O'Reilly & Associates, Inc. (December 1995), 603-618.

D. Geer and D. Davis, Token-Mediated Certification and Electronic Commerce, Proc. 2nd USENIX Workshop on Electronic Commerce, (Oakland, CA, 1996), pp. 13-22. [.ps]

D. Davis, D. Geer, and T. Y. Ts'o, Kerberos With Clocks Adrift: History, Protocols, and Implementation, USENIX Computing Systems 9:1 (Jan. '96). [.pdf] [.ps]

R. Gennaro, H. Krawczyk, and T. Rabin, RSA-Based Undeniable Signatures, Proceedings of CRYPTO'97. [.ps]

R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin, Robust Threshold DSS Signatures, Proceedings of EUROCRYPT'96, Springer Verlag, LNCS 1070, pp. 354-371. [.ps]

D. Catalano and R. Gennaro, New and Efficient Protocols for Verifiable Signature Sharing and Other Applications, CRYPTO '98. [.ps]

R. Cramer, R. Gennaro, and B. Schoemakers, A Secure and Optimally Efficient Multi-Authority Election Scheme, Proceedings of EUROCRYPT '97, Springer-Verlag, LNCS 1233, pp.103-118. Also in European Transactions on Telecommunications. [.ps]

C. Burwick, D. Coppersmith, E. D'Avignon, R. Gennaro, S. Halevi, C. Jutla, S. Matyas Jr., L. O'Connor, M. Peyravian, D. Safford, and N. Zunic, MARS - a candidate cipher for AES, First AES conference, 1998. [.pdf] [.ps]

R. Gennaro, Achieving Independence Efficiently and Securely, 1995 ACM Conference on Principles of Distributed Computing Systems (PODC95). [.ps.Z]

R. Cramer, R. Gennaro, and B. Schoenmakers, A Secure and Optimally Efficient Multi-Authority Election Scheme; Appears in European Transactions of Telecommunications Vol.8, No.5. A preliminary version appears at EUROCRYPT'97. [.ps]

R. Gennaro and P. Rohatgi, How to Sign Digital Streams, Proceedings of CRYPTO'97. [.ps]

R. Gennaro, Theory and Practice of Verifiable Secret Sharing; Ph.D. Thesis MIT EECS Department. [.ps.Z]

R. Canetti, R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin, Adaptive Security for Threshold Cryptosystems, Proc. Advances in Cryptology - CRYPTO '99, Michael Wiener (Ed.), LNCS (1666), Springer-Verlag, August 1999. (This is an extended version.) [.ps.gz]

R. Gennaro, M. Rabin, and T. Rabin, Simplified VSS and Fast-track Multiparty Computations with Applications to Threshold Cryptography, Proceedings of the 1998 ACM Symposium on Principles of Distributed Computing. [.ps]

R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin, Robust and Efficient Sharing of RSA Functions, Proceedings of CRYPTO'96. [.ps]

R. Gennaro and S. Micali, Verifiable Secret Sharing as Secure Computation, EUROCRYPT 1995. [.ps.Z]

R. Gennaro, D. Micciancio, and T. Rabin, An Efficient Non-Interactive Statistical Zero-Knowledge Proof System for Quasi-Safe Prime Products, Proceedings of the Fifth ACM Conference on Computer and Communications Security, 1998. [.ps]

R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin, Secure Distributed Key Generation for Discrete-Log Based Cryptosystems, Proceedings Eurocrypt '99, Lecture Notes in Computer Science, Vol. 1592, Springer-Verlag, 1999. (This version has an appendix added.) [.ps.gz]

R. Canetti and R. Gennaro, Incoercible Multiparty Computation, 1996 IEEE Symposium on the Foundations of Computer Science (FOCS 96). [.ps.Z]

V. Shoup and R. Gennaro, Securing Threshold Cryptosystems against Chosen Ciphertext Attack, Proceedings of EUROCRYPT'98, Springer-Verlag LNCS 1403, pp.1-16. [.ps]

J. Garay, R. Gennaro, C. Jutla, and T. Rabin, Secure Distributed Storage and Retrieval, Theoretical Computer Science. A preliminary version appeared in WDAG'97. [.ps]

L. Claesen, J. Daemen, M. Genoe, and G. Peeters, Subterranean: a 600 Mbit/sec cryptographic VLSI chip, Proceedings of ICCD '93: VLSI in Computers and Processors, R. Camposano, A. Domic, Eds., IEEE Computer Society Press, 1993, pp. 610-613. [.ps.gz]

E. Gerck, Overview of Certification Systems: X.509, CA, PGP and SKIP , published on the Internet by MCG 1997/98. [.pdf]

U. Jendricke and D. Gerd tom Markotten, Usability meets Security - The Identity-Manager as your Personal Security Assistant for the Internet, Proceedings of the 16th Annual Computer Security Applications Conference, December 2000. ISBN 0-7695-0859-6. [.pdf]

B. Chor, M. Gereb-Graus, and E. Kushilevitz, On the Structure of the Privacy Hierarchy, J. Cryptology 7(1), 1994, pp. 53-60. [.ps.Z]

B. Chor, M. Gereb-Graus, and E. Kushilevitz, Private Computations Over the Integers, SICOMP 24(2), 1995, pp. 376-386. [.ps.Z]

Y. Gertner, Y. Ishai, E. Kushilevitz, and T. Malkin, Protecting Data Privacy in Private Information Retrieval Schemes, STOC 98. [.ps.Z]

D. Bleichenbacher, E. Gabber, P. Gibbons, Y. Matias, and A. Mayer, On Secure and Pseudonymous Client Relationships with Multiple Servers, Proc. 3rd USENIX Workshop on Electronic Commerce, 1998. [.pdf]

E. Gabber, P. Gibbons, D. Kristol, Y. Matias, and A. Mayer, Consistent yet Anonymous Web Access with LPWA, Communications of the ACM, February 1999. [.ps] [.ps.gz] [.ps.Z]

E. Gabber, P. Gibbons, Y. Matias, and A. Mayer, How to Make Personalized Web Browsing Simple, Secure, and Anonymous, Proc. Financial Cryptography'97, Springer-Verlag LNCS 1318. [.ps.gz]

H. Gilbert, D. Gupta, A. Odlyzko, and J.-J. Quisquater, Attacks on Shamir's 'RSA for paranoids', Information Processing Letters (1998), to appear. [.pdf] [.ps]

O. Baudron, H. Gilbert, L. Granboulan, H. Handschuh, A. Joux, P. Nguyen, F. Noilhan, D. Pointcheval, T. Pornin, G. Poupard, J. Stern, and S. Vaudenay, Report on the AES Candidates, Proceedings of the Second AES Candidate Conference, Rome, Italy, 1999. [.pdf]

D. Gillman and R. Rivest, Complete Variable-Length `FixFree' Codes; Designs, Codes, and Cryptography 5,2 (March 1995), 109--114. [.ps]

T. Gilmont, J.-D. Legat, and J.-J. Quisquater, An Architecture of Security Management Unit for Safe Hosting of Multiple Agents, International Workshop on Intelligent Communications and Multimedia Terminals (COST#254), Ljubljana, pp. 79-82, Nov. 1998. [.pdf]

T. Gilmont, J.-D. Legat, and J.-J. Quisquater, Enhancing the Security in the Memory Management Unit, Proceedings of the 25th EuroMicro Conference, Milan, Vol. I, pp. 449-456, Sept. 1999. [.pdf]

H. Abelson, R. Anderson, S. Bellovin, J. Benaloh, M. Blaze, W. Diffie, J. Gilmore, P. Neumann, R. Rivest, J. Schiller, and B. Schneier, The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption [PDF]. An earlier version appeared in World Wide Web Journal, v.2, n.3, 1997, pp. 241-257.

C. Blundo, A. Giorgio Gaggia, and D. Stinson, On the dealer's randomness required in secret sharing schemes; Designs, Codes and Cryptography 11 (1997), 235-259. [Preliminary version appeared in Lecture Notes in Computer Science 950 (1995), 35-46 (Advances in Cryptology - EUROCRYPT '94).] [.ps]

M. Abadi, S. Glassman, M. Manasse, P. Gauthier, and P. Sobalvarro, The Millicent Protocol for Inexpensive Electronic Commerce, World Wide Web Journal -- Fourth International World Wide Web Conference Proceedings, O'Reilly & Associates, Inc. (December 1995), 603-618.

V. Gligor, R. Kailar, S. Stubblebine, and L. Gong, Logics for Cryptographic Protocols -- Virtues and Limitations, Proceedings of the IEEE Computer Security Foundations Workshop IV, Franconia, New Hampshire, June, 1991, pp. 219-226. [.ps.gz]

R. Kailar, V. Gligor, and L. Gong, On the Security Effectiveness of Cryptographic Protocols, Proceedings of the 4th IFIP Working Conference on Dependable Computing for Critical Applications, San Diego, California, January 1994, pp. 90-101. [.ps.gz]

I. Goldberg and D. Wagner, Randomness and the Netscape Browser, Dr. Dobb's Journal, January 1996.

I. Goldberg and D. Wagner, TAZ Servers and the Rewebber Network: Enabling Anonymous Publishing on the World Wide Web, First Monday vol 3 no 4, 1998.

I. Goldberg, D. Wagner, and E. Brewer, Privacy-enhancing technologies for the Internet, IEEE COMPCON '97, February 1997.

I. Goldberg, D. Wagner, R. Thomas, and E. Brewer, A secure environment for untrusted helper applications: confining the wily hacker; 1996 USENIX Security Symposium. [.pdf]

C. Hall, I. Goldberg, and B. Schneier, Reaction Attacks Against Several Public-Key Cryptosystems, Counterpane Systems Report, 1998.

O. Goldreich, Randomness, Interaction, Proofs and Zero-Knowledge (a survey); 1987. [.ps]
See a revised version of the part on Computational Randomness; 1987 (rev. 1997). [.ps]

O. Goldreich and D. Ron, Property Testing in Bounded-Degree Graphs; 1997. [.ps]

O. Goldreich, Three XOR-Lemmas - An Exposition; July 1991. [.ps]

M. Bellare, O. Goldreich, and S. Goldwasser, Incremental cryptography with application to virus protection. Proc. 27th Annual Symposium on the Theory of Computing, ACM, 1995.

R. Chang, B. Chor, O. Goldreich, J. Hartmanis, J. Hastad, D. Ranjan, and P. Rohatgi, The Random Oracle Hypothesis is False; July 1992. [.ps]

M. Bellare and O. Goldreich, Proving computational ability. Manuscript, August 1992.

O. Goldreich, A. Sahai, and S. Vadhan, Honest-Verifier Statistical Zero-Knowledge Equals General Statistical Zero-Knowledge; 1998. [.ps]

R. Canetti, O. Goldreich, and S. Halevi, The Random Oracle Methodology, Revisited, March 1998.

O. Goldreich and D. Zuckerman, Another proof that BPP subseteq PH (and more); September 1997. [.ps]

M. Bellare, O. Goldreich, and S. Goldwasser, Randomness in Interactive Proofs; August 1991. [.ps] Addendum, May 1997. [.ps]

M. Bellare and O. Goldreich, On defining proofs of knowledge. Extended abstract in Advances in Cryptology - Crypto 92 Proceedings, Lecture Notes in Computer Science Vol. 740, E. Brickell ed, Springer-Verlag, 1993. Full version available.

O. Goldreich and D. Ron, A Universal Learning Algorithm; June 1996. [.ps]

O. Goldreich, S. Goldwasser, and S. Halevi, Collision-Free Hashing from Lattice Problems; Available as Theory of Cryptography Library: Record 96-09. [.ps]

O. Goldreich and S. Micali, Increasing the Expansion of Pseudorandom Generators; 1984. [.ps]

M. Bellare, O. Goldreich, and H. Krawczyk, Stateless evaluation of pseudorandom functions: Security beyond the birthday barrier, Advances in Cryptology - Crypto 99 Proceedings, LNCS v. 1666, Springer-Verlag, 1999.

B. Chor and O. Goldreich, On the power of two-points based sampling; 1985. [.ps]

O. Goldreich, S. Goldwasser, and S. Halevi, Using Lattice Problems in Cryptography.

O. Goldreich, The Foundations of Cryptography -- An Essay; June 1997.

S. Decatur, O. Goldreich, and D. Ron, Computational Sample Complexity; April 1997. [.ps]

O. Goldreich and H. Krawczyk, On the Composition of Zero-Knowledge Proof Systems; revised 1994. [.ps]

S. Even and O. Goldreich, On the Security of Multi-Party Ping-Pong Protocols; (file contains only Abstract and Introduction), 1985. [.ps]

O. Goldreich and B. Meyer, Computational Indistinguishability -- Algorithms vs. Circuits; December 1996. [.ps]

G. Even, O. Goldreich, M. Luby, N. Nisan, and B. Velickovic, Approximations of General Independent Distributions, Proceedings of the twenty-fourth annual ACM symposium on Theory of Computing, 1992. [.pdf]

B. Chor and O. Goldreich, Unbiased Bits From Sources of Weak Randomness and Probabilistic Communication Complexity; (file contains only Abstract and Introduction), 1986. [.ps]

B. Chor, J. Freidmann, O. Goldreich, J. Hastad, S. Rudich, and R. Smolensky, The Bit Extraction Problem or t-Resilient Functions; 1985. [.ps]

O. Goldreich and R. Vainish, How to Solve any Protocol Problem - An Efficiency Improvement; 1987. [.ps]

S. Even, O. Goldreich, and S. Micali, On-Line/Off-Line Digital Signatures; revised 1994. [.ps]

O. Goldreich, The Graph Clustering Problem has a Perfect Zero-Knowledge Proof; October 1996. [.ps]

O. Goldreich and E. Kushilevitz, A Perfect Zero-Knowledge Proof System for a Problem Equivalent to the Discrete Logarithm, J. Cryptology 6(2), 1993, pp. 97-116. Early version: Crypto 88. [.ps.Z]

O. Goldreich and E. Petrank, Quantifying Knowledge Complexity; revised July 1996. [.ps]

O. Goldreich, A Uniform-Complexity Treatment of Encryption and Zero-Knowledge; July 1991. [.ps]

O. Goldreich, S. Goldwasser, and D. Ron, A Note on Testing Monotinicity; 1997. [.ps]

B. Awerbuch, O. Goldreich, D. Peleg, and R. Vainish, A Trade-off between Information and Communication in Broadcast Protocols; June 1989. [.ps]

O. Goldreich, A Computational Perspective on Sampling (survey); May 1997. [.ps]

O. Goldreich, N. Nisan, and A. Wigderson, On Yao's XOR-Lemma; March 1995. [.ps]

O. Goldreich and A. Kahan, How to Construct Constant-Round Zero-Knowledge Proof Systems for NP; March 1996. [.ps]

I. Damgård, O. Goldreich, and A. Wigderson, Information Theory versus Complexity Theory: Another Test Case; September 1995. [.ps]

R. Canetti, G. Even, and O. Goldreich, Lower Bounds for Sampling Algorithms for Estimating the Average; October 1994. [.ps]

N. Alon, O. Goldreich, J. Hastad, and R. Peralta, Simple Constructions of Almost $k$-wise Independent Random Variables; June 1992. [.ps] Addendum: [.ps]

O. Goldreich, S. Goldwasser, and N. Linial, Fault-tolerant Computation in the Full Information Model; revised October 1995. [.ps]

O. Goldreich and D. Ron, A Sublinear Bipartite Tester for Bounded Degree Graphs; 1997. [.ps]

O. Goldreich and E. Petrank, The Best of Both Worlds: Guaranteeing Termination in Fast Randomized Byzantine Agreement Protocols; October 1990. [.ps]

O. Goldreich, Probabilistic Proof Systems (survey), 1995. [.ps]

O. Goldreich, Two Remarks Concerning the Goldwasser-Micali-Rivest Signature Scheme; 1986. [.ps]

O. Goldreich, A. Herzberg, and A. Segall, A Quantitative Approach to Dynamic Networks; 1992. [.ps]

O. Goldreich, B. Pfitzmann, and R. Rivest, Self-Delegation with Controlled Propagation; September 1997. [.ps]

O. Goldreich and M. Sudan, Computational Indistinguishability: A Sample Hierarchy; March 1998. [.ps]

O. Goldreich and R. Ostrovsky, Software Protection and Simulation on Oblivious RAMs; revised October 1995. [.ps]

R. Canetti, U. Feige, O. Goldreich, and M. Naor, Adaptively Secure Multi-party Computation; TR-682, LCS/MIT, 1996. [.ps]

O. Goldreich, L. Levin, and N. Nisan, On Constructing 1-1 One-Way Functions; June 1995. [.ps]

O. Goldreich, S. Goldwasser, and S. Halevi, Eliminating Decryption Errors in the Ajtai-Dwork Cryptosystem, Proceedings of Crypto '97.

S. Ben-David, B. Chor, O. Goldreich, and M. Luby, On the Theory of Average Case Complexity; 1989. [.ps]

R. Canetti and O. Goldreich, Bounds on Tradeoffs between Randomness and Communication Complexity; August 1990. [.ps]

M. Bellare, O. Goldreich, and S. Goldwasser, Incremental cryptography: the case of hashing and signing, Advances in Cryptology - Crypto 94 Proceedings, Lecture Notes in Computer Science Vol. 839, Y. Desmedt ed, Springer-Verlag, 1994.

O. Goldreich, R. Rubinfeld, and M. Sudan, Learning polynomials with queries: the highly noisy case; FOCS95 version. [.ps]

O. Goldreich and A. Wigderson, On the Circuit Complexity of Perfect Hashing; July 1996. [.ps]

O. Goldreich and A. Wigderson, Tiny Families of Functions with Random Properties:A Quality-Size Trade-off for Hashing; revised January 1996. [.ps]

O. Goldreich, R. Ostrovsky, and E. Petrank, Computational Complexity and Knowledge Complexity; revised March 1995. [.ps]

O. Goldreich, B. Pfitzmann, and R. Rivest, Self-Delegation with Controlled Propagation -- or -- What If You Lose Your Laptop; Theory of Cryptography Library 97-12, September 1997.

O. Goldreich, S. Goldwasser, and S. Halevi, and Public-Key Cryptosystems from Lattice Reduction Problems, CRYPTO '97.

B. Chor, O. Goldreich, E. Kushilevitz, and M. Sudan, Private Information Retrieval, FOCS 95. [.ps.Z]

O. Goldreich, Combinatorial Property Testing -- A Survey; 1997. [.ps]

M. Blum and O. Goldreich, Towards a Computational Theory of Statistical Tests; 1992. [.ps]

O. Goldreich, A Note on Computational Indistinguishability; 1989. [.ps]

M. Bellare, O. Goldreich, and S. Goldwasser, Incremental Cryptography; 1995.

O. Goldreich, S. Goldwasser, and S. Halevi, Public-key Cryptosystems from Lattice Problems, Proceedings of CRYPTO'97.

O. Goldreich, R. Impagliazzo, L. Levin, R. Venkatesan, and D. Zuckerman, Security Preserving Amplification of Hardness; August 1990. [.ps]

O. Goldreich and S. Safra, A Combinatorial Consistency Lemma with application to the PCP Theorem; 1996. [.ps]

M. Furer, O. Goldreich, Y. Mansour, M. Sipser, and S. Zachos, On Completeness and Soundness in Interactive Proof Systems, 1989. [.ps]

O. Goldreich and S. Goldwasser, On the Limits of Non-Approximability of Lattice Problems; Sept. 1997. [.ps]

R. Canetti, O. Goldreich, and S. Halevi, The Random Oracle Methodology, Revisited, March 1998.

M. Bellare, O. Goldreich, and M. Sudan, Free Bits, PCPs and Non-Approximability; 1995.

O. Goldreich, S. Goldwasser, and D. Ron, Property Testing and its connection to Learning and Approximation; 1996.

I. Damgård, O. Goldreich, T. Okamoto, and A. Wigderson, Honest Verifier vs Dishonest Verifier in Public Coin Zero-Knowledge Proofs; (Extended Abstract), September 1995. [.ps]
See also partial version by Damgård, Goldreich, and Wigderson, November 1994. [.ps]

O. Goldreich and S. Goldwasser, On the Limits of Non-Approximability of Lattice Problems; Sept. 1997. [.ps]

M. Bellare, O. Goldreich, and S. Goldwasser, Randomness in Interactive Proofs; August 1991. [.ps] Addendum, May 1997. [.ps]

M. Bellare, O. Goldreich, and S. Goldwasser, Incremental Cryptography; 1995.

M. Bellare, S. Goldwasser, and D. Micciancio, "Pseudo-Random" Number Generation within Cryptographic Algorithms: the DSS Case, Advances in Cryptology -- Crypto 97 Proceedings, Lecture Notes in Computer Science Vol. 1294, B. Kaliski ed, Springer-Verlag, 1997.

O. Goldreich, S. Goldwasser, and D. Ron, Property Testing and its connection to Learning and Approximation; 1996.

M. Bellare and S. Goldwasser, Verifiable partial key escrow, Proc. 4th ACM Conference on Computer and Communications Security, April 1997. Earlier version was Technical Report CS95-447, Department of Computer Science and Engineering, UCSD, October 1995.

O. Goldreich, S. Goldwasser, and D. Ron, A Note on Testing Monotinicity; 1997. [.ps]

O. Goldreich, S. Goldwasser, and N. Linial, Fault-tolerant Computation in the Full Information Model; revised October 1995. [.ps]

M. Bellare and S. Goldwasser, Encapsulated key escrow. Early version was MIT Laboratory for Computer Science Technical Report 688, April 1996.

O. Goldreich, S. Goldwasser, and S. Halevi, Eliminating Decryption Errors in the Ajtai-Dwork Cryptosystem, Proceedings of Crypto '97.

O. Goldreich, S. Goldwasser, and S. Halevi, Public-key Cryptosystems from Lattice Problems, Proceedings of CRYPTO'97.

S. Goldwasser, S. Micali, and R. Rivest, A Digital Signature Scheme Secure Against Adaptive Chosen Message Attacks; SIAM J. Computing 17,2 (April 1988), 281--308. [.pdf]
(Note.) [.txt]

D. Beaver and S. Goldwasser, Multiparty Computation with Faulty Majority, Advances in Cryptology: Crypto '89, ed. Gilles Brassard. [.pdf]

O. Goldreich, S. Goldwasser, and S. Halevi, Using Lattice Problems in Cryptography.

M. Bellare, O. Goldreich, and S. Goldwasser, Incremental cryptography with application to virus protection. Proc. 27th Annual Symposium on the Theory of Computing, ACM, 1995.

M. Bellare, O. Goldreich, and S. Goldwasser, Incremental cryptography: the case of hashing and signing, Advances in Cryptology - Crypto 94 Proceedings, Lecture Notes in Computer Science Vol. 839, Y. Desmedt ed, Springer-Verlag, 1994.

O. Goldreich, S. Goldwasser, and S. Halevi, Collision-Free Hashing from Lattice Problems; Available as Theory of Cryptography Library: Record 96-09. [.ps]

O. Goldreich, S. Goldwasser, and S. Halevi, and Public-Key Cryptosystems from Lattice Reduction Problems, CRYPTO '97.

M. Bellare and S. Goldwasser, Encapsulated key escrow; Early version was MIT Laboratory for Computer Science Technical Report 688, April 1996.

J. Zhou and D. Gollmann, Towards Verification of Non-repudiation Protocols, Proceedings of 1998 International Refinement Workshop and Formal Methods Pacific, pages 370--380, Canberra, Australia, September 1998, Springer. [.ps]

L. Gong, Handling Infeasible Specifications of Cryptographic Protocols, Proceedings of the IEEE Computer Security Foundations Workshop IV, Franconia, New Hampshire, June, 1991, pp. 99-102. [.ps.gz]

L. Gong and X. Qian, The Complexity and Composability of Secure Interoperation, Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, California, May 1994, pp.190-200.

L. Gong, Efficient Network Authentication Protocols: Lower Bounds and Optimal Implementations, Distributed Computing, 9(3):131--145, 1995. Springer-Verlag. [.ps.gz]

S. Foley, L. Gong, and X. Qian, A Security Model of Dynamic Labeling Providing a Tiered Approach to Verification, Proceedings of the IEEE Symposium on Security and Privacy, Oakland, California, May 1996, pp.142--153. [.ps.gz]

R. Deng, L. Gong, A. Lazar, and W. Wang, Authenticated Key Distribution and Secure Broadcast Using No Conventional Encryption: A Unified Approach Based on Block Codes, Proceedings of IEEE Globecom'95, Singapore, November 1995. [.ps.Z]

L. Gong, Lower Bounds on Messages and Rounds for Network Authentication Protocols, Proceedings of the 1st ACM Conference on Computer and Communications Security, Fairfax, Virginia, November, 1993, pp.26-37. [.ps.gz]

L. Gong, N. Shacham, Multicast Security and Its Extension to a Mobile Environment, ACM-Baltzer Journal of Wireless Networks, 1(3):281--295, October 1995. [.ps.gz]

L. Gong, R. Needham, and R. Yahalom, Reasoning about Belief in Cryptographic Protocols, Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, California, May, 1990, pp. 234-248. [.ps.gz]

L. Gong and D. Wheeler, A Matrix Key Distribution Scheme. Journal of Cryptology, Vol.2, No.2, Springer-Verlag, New York, 1990, pp.51-59. [.ps.gz]

R. Deng, L. Gong, and A. Lazar, Secure Data Transfer in Asynchronous Transfer Mode Networks, Proceedings of IEEE Globecom'95, Singapore, November 1995. [.ps.Z]

L. Gong, Enclaves: Enabling Secure Collaboration over the Internet, IEEE Journal on Selected Areas in Communications, 15(3):567--575, April 1997. [.ps.gz]

L. Gong, Optimal Authentication Protocols Resistant to Password Guessing Attacks, Proceedings of the 8th IEEE Computer Security Foundations Workshop, County Kerry, Ireland, June 1995, pp. 24-29. [.ps.gz]

L. Gong, P. Syverson, Fail-Stop Protocols: An Approach to Designing Secure Protocols, Proceedings of the 5th IFIP Working Conference on Dependable Computing for Critical Applications, Urbana-Champaign, Illinois, September 1995. [.ps.gz]

L. Gong, Collisionful Keyed Hash Functions with Selectable Collisions, Information Processing Letters, 55(3):167--170, August 1995. Elsevier Science B.V.

L. Gong and R. Schemers, Signing, Sealing, and Guarding Java Objects, Lecture Notes in Computer Science (LNCS), Vol.1419, Springer-Verlag, June 1998. [.ps.gz]

L. Gong and X. Qian, Enriching the Expressive Power of Security Labels, IEEE Transactions on Knowledge and Data Engineering, 7(5):839--841, October 1995.

R. Deng, L. Gong, A. Lazar, and W. Wang, Practical Protocols for Certified Electronic Mail, Journal of Network and Systems Management, 4(3):279--297, 1996. [.ps.gz]

L. Gong, A Security Risk of Depending on Synchronized Clocks, ACM Operating Systems Review, Vol.26, No.1, January, 1992, pp.49-53. [.ps.gz]

L. Gong, T. Lomas, R. Needham, and J. Saltzer, Protecting Poorly Chosen Secrets from Guessing Attacks, IEEE Journal on Selected Areas in Communications, Vol.11, No.5, June, 1993, pp.648-656. [.ps.gz]

J. Bull, L. Gong, and K. R. Sollins, Towards Security in an Open Systems Federation, Proceedings of the European Symposium on Research in Computer Security, Toulouse, France, November, 1992. Published as Lecture Notes in Computer Science, Vol.648, Springer-Verlag, 1992, pp. 3-20. [.ps.Z]

T. Lomas, L. Gong, J. Salzer, and R. Needham, Reducing Risks from Poorly Chosen Keys, Proceedings of the 12th ACM Symposium on Operating System Principles, Litchfield Park, Arizona, December, 1989. Published as ACM Operating Systems Review, Vol.23, No.5, pp.14-18. [.ps.gz]

L. Gong and N. Shacham, Elements of Trusted Multicasting, Proceedings of the IEEE International Conference on Network Protocols, Boston, Massachusetts, October, 1994, pp.23-30.

L. Gong, Using One-Way Functions for Authentication, ACM Computer Communication Review, Vol.19, No.5, October, 1989, pp. 8-11. [.ps.gz]

L. Gong, M. Mueller, H. Prafullchandra, and R. Schemers, Going Beyond the Sandbox: An Overview of the New Security Architecture in the Java Development Kit 1.2, Proceedings of the USENIX Symposium on Internet Technologies and Systems, Monterey, California, December 1997, pp. 103-112. [.ps.gz]

M. Morconi, X. Qian, R. A. Riemenschneider, and L. gong, Secure Software Architectures, Proceedings of the IEEE Symposium On Security And Privacy, Oakland, California, May 1997, pp.84--93. [.ps.gz]

M. Reiter, K. Birman, and L. Gong, Integrating Security in a Group-Oriented Distributed System, Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, California, May, 1992, pp.18-32. [.ps.gz]

L. Gong, P. Lincoln, and J. Rushby, Byzantine Agreement with Authentication: Observations and Applications in Tolerating Hybrid Faults, Proceedings of the 5th IFIP Working Conference on Dependable Computing for Critical Applications, Urbana-Champaign, Illinois, September 1995.

L. Gong, New Protocols for Third-Party-Based Authentication and Secure Broadcast, Proceedings of the 2nd ACM Conference on Computer and Communications Security, Fairfax, Virginia, November, 1994, pp.176-183.

L. Gong, Increasing Availability and Security of an Authentication Service, IEEE Journal on Selected Areas in Communications, Vol.11, No.5, June, 1993, pp.657-662. [.ps.gz]

L. Gong, Variations on the Themes of Message Freshness and Replay, Proceedings of the IEEE Computer Security Foundations Workshop VI, Franconia, New Hampshire, June, 1993, pp.131-136. [.ps.gz]

L. Gong, New Security Architectural Directions for Java (Extended Abstract), Proceedings of IEEE COMPCON, San Jose, California, February 1997, pp.97--102. [.ps.gz]

V. Gligor, R. Kailar, S. Stubblebine, and L. Gong, Logics for Cryptographic Protocols -- Virtues and Limitations, Proceedings of the IEEE Computer Security Foundations Workshop IV, Franconia, New Hampshire, June, 1991, pp. 219-226. [.ps.gz]

D. Balfanz and L. Gong, Experience with Secure Multi-Processing in Java, Proceedings of the 18th IEEE International Conference on Distributed Computing Systems (ICDCS), Amsterdam, Netherlands, May 1998. [.ps.gz]

R. Kailar, V. Gligor, and L. Gong, On the Security Effectiveness of Cryptographic Protocols, Proceedings of the 4th IFIP Working Conference on Dependable Computing for Critical Applications, San Diego, California, January 1994, pp. 90-101. [.ps.gz]

I. Agi and L. Gong, An Empirical Study of Secure MPEG Video Transmissions, Proceedings of the Internet Society Symposium on Network and Distributed System Security, pp.137--144, San Diego, California, February, 1996.

M. Reiter and L. Gong, Preventing Denial and Forgery of Causal Relationships in Distributed Systems, Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, California, May, 1993, pp.30-40. [.ps.gz]

L. Gong and X. Qian, Computational Issues in Secure Interoperation, IEEE Transactions on Software Engineering, 22(1):43--52, January, 1996. [.ps.gz]

L. Gong, A Secure Identity-Based Capability System, Proceedings of the IEEE Symposium on Security and Privacy, Oakland, California, May, 1989, pp.56-63. [.ps.gz]

L. Gong, A Note on Redundancy in Encrypted Messages, ACM Computer Communication Review, Vol.20, No.5, October, 1990, pp. 18-22. [.ps.gz]

M. Abadi, C. Fournet, and G. Gonthier, Secure Implementation of Channel Abstractions, Proceedings of the Thirteenth Annual IEEE Symposium on Logic in Computer Science (June 1998), 105-116. [.ps]

M. Abadi, C. Fournet, and G. Gonthier, Secure Communications Processing for Distributed Languages, Proceedings of the 1999 IEEE Symposium on Security and Privacy (May 1999), 74-88. [.ps]

K. Gopalakrishnan and D. Stinson, A simple analysis of the error probability of two-point based sampling; Information Processing Letters 60 (1996), 91-96. [.ps]

J. Bierbrauer, K. Gopalakrishnan, and D. Stinson, A note on the duality of linear programming bounds for orthogonal arrays and codes; Bulletin of the ICA 22 (1998), 17-24. [.ps]

J. Bierbrauer, K. Gopalakrishnan, and D. Stinson, Orthogonal arrays, resilient functions, error-correcting codes and linear programming bounds; SIAM J. Discrete Math 9 (1996), 424-452. [.ps]

K. Gopalakrishnan and D. Stinson, A short proof of the non-existence of certain cryptographic functions; J. Combin. Math. Combin. Comput. 20 (1996), 129-137. [.ps]

M. Abadi and A. Gordon, A Bisimulation Method for Cryptographic Protocols, Programming Languages and Systems: 7th European Symposium on Programming, ESOP '98 (April 1998), 12-26. [.ps]

M. Abadi and A. Gordon, A Bisimulation Method for Cryptographic Protocols, Nordic Journal of Computing 5, 4 (Winter 1998), 267-303. [.ps]

M. Abadi and A. Gordon, A Calculus for Cryptographic Protocols: The Spi Calculus, SRC Research Report 149 (January 1998). [.ps]

J. Patarin, L. Goubin, and N. Courtois, Improved Algorithms for Isomorphisms of Polynomials, Proceedings of EUROCRYPT'98, Springer, Lecture Notes in Computer Science, Vol. 1403, May 1998, pp. 184-200. [.pdf]

J. Patarin, L. Goubin, and N. Courtois, C*-+ and HM: Variations around two schemes of T. Matsumoto and H. Imai, Proceedings of ASIACRYPT'98, Springer, Lecture Notes in Computer Science, Vol. 1514, October 1998, pp. 35-49. [.pdf]

P. Beauchemin, G. Brassard, C. Crépeau, C. Goutier, and C. Pomerance, Two observations on probabilistic primality testing; In Advances in Cryptology: Proceedings of Crypto '86, volume 263 of Lecture Notes in Computer Science, pages 443-450. Springer-Verlag, 1987. [.ps.gz]

P. Beauchemin, G. Brassard, C. Crépeau, C. Goutier, and C. Pomerance, The generation of random numbers that are probably prime, Journal of Cryptology, 1(1):53-64, 1988. [.ps]

A. Bosselaers, R. Govaerts, and J. Vandewalle, Fast hashing on the Pentium, Advances in Cryptology, Proceedings Crypto'96, LNCS 1109, N. Koblitz, Ed., Springer-Verlag, 1996, pp. 298-312. [.pdf]

J. Daemen, R. Govaerts, and J. Vandewalle, A new approach towards block cipher design, Fast Software Encryption, LNCS 809, R. Anderson, Ed., Springer-Verlag, 1994, pp. 18-32. [.ps.gz]

J. Daemen, R. Govaerts, and J. Vandewalle, A hardware design model for cryptographic algorithms, Computer Security - ESORICS'92, Proceedings 2nd European Symposium on Research in Computer Security, LNCS 648, Y. Deswarte, G. Eizenberg and J.-J. Quisquater, Eds., Springer-Verlag, 1992, pp. 419-434. [.ps.gz]

J. Daemen, R. Govaerts, and J. Vandewalle, Correlation matrices, Fast Software Encryption, LNCS 1008, B. Preneel, Ed., Springer-Verlag, 1995, pp. 275-285. [.ps.gz]

J. Daemen, R. Govaerts, and J. Vandewalle, Cryptanalysis of MUX-LFSR based scramblers, Proceedings of the 3rd symposium on State and Progress of Research in Cryptography, W. Wolfowicz, Ed., Fondazione Ugo Bordoni, 1993, pp. 55-61. [.ps.gz]

A. Bosselaers, R. Govaerts, and J. Vandewalle, Comparison of three modular reduction functions, Advances in Cryptology, Proceedings Crypto'93, LNCS 773, D. Stinson, Ed., Springer-Verlag, 1994, pp. 175-186. [.pdf]

J. Daemen, R. Govaerts, and J. Vandewalle, J. Daemen, R. Govaerts, J. Vandewalle, A framework for the design of one-way hash functions including cryptanalysis of Damgård's one-way function based on a cellular automaton, Advances in Cryptology, Proceedings Asiacrypt'91, LNCS 739, H. Imai, R.L. Rivest, and T. Matsumoto, Eds., Springer-Verlag, 1993, pp. 82-96. [.ps.gz]

J. Daemen, A. Bosselaers, R. Govaerts, and J. Vandewalle, Collisions for Schnorr's hash function FFT-hash, Advances in Cryptology, Proceedings Asiacrypt'91, LNCS 739, H. Imai, R.L. Rivest, and T. Matsumoto, Eds., Springer-Verlag, 1993, pp. 477-480. [.ps.gz]

A. Bosselaers, R. Govaerts, and J. Vandewalle, SHA: A design for parallel architectures?, Advances in Cryptology, Proceedings Eurocrypt'97, LNCS 1233, W. Fumy, Ed., Springer-Verlag, 1997, pp. 348-362. [.pdf]

J. Daemen, R. Govaerts, and J. Vandewalle, An efficient nonlinear shift-invariant transformation, Proceedings of the Fifteenth Symposium on Information Theory in the Benelux, Louvain-la-Neuve (B), May 30-31, 1994, pp. 82-89. [.ps.gz]

J. Daemen, R. Govaerts, and J. Vandewalle, Weak keys of IDEA, Advances in Cryptology, Proceedings Crypto'93, LNCS 773, D. Stinson, Ed., Springer-Verlag, 1994, pp. 224-231. [.ps.gz]

J. Daemen, R. Govaerts, and J. Vandewalle, A practical approach to the design of high speed self-synchronizing stream ciphers, Singapore ICCS/ISITA '92 Conference Proceedings, P.Y. Kam and O. Hirota, Eds., IEEE, 1992, pp. 279-283. [.ps.gz]

A. Bosselaers, R. Govaerts, and J. Vandewalle, A fast and flexible software library for large integer arithmetic, Proceedings 15th Symposium on Information Theory in the Benelux, Louvain-la-Neuve (B), May 30-31, 1994, pp. 82-89. [.pdf]

J. Daemen, R. Govaerts, and J. Vandewalle, Resynchronization weaknesses in synchronous stream ciphers, Advances in Cryptology, Proceedings Eurocrypt'93, LNCS 765, T. Helleseth, Ed., Springer-Verlag, 1994, pp. 159-169. [.ps.gz]

J. Daemen, L. Van Linden, R. Govaerts, and J. Vandewalle, Propagation properties of multiplication modulo 2n-1, Proceedings 13th Symposium on Information Theory in the Benelux, Enschede (NL), June 1-2, 1992, pp. 111-118. [.ps.gz]

J. Daemen, R. Govaerts, and J. Vandewalle, Block ciphers based on modular arithmetic, Proceedings of the 3rd symposium on State and Progress of Research in Cryptography, W. Wolfowicz, Ed., Fondazione Ugo Bordoni, 1993, pp. 80-89. [.ps.gz]

N. Daswani, D. Boneh, H. Gracia-Molina, S. Ketchpel, and A. Paepcke, A Generalized Wallet Architecture, Proceedings of the 3rd USENIX Workshop on Electronic Commerce, 1998.

D. Atkins, M. Graff, A. Lenstra, and P. Leyland, The Magic Words are Squeamish Ossifrage (extended abstract), Asiacrypt 1994. [.ps]

A. Joux and L. Granboulan, A Practical Attack against Knapsack based Hash Functions, In A. de Santis, editor, Advances in Cryptology -- EUROCRYPT'94, volume 950 of LNCS, pages 58--66, Perugia, Italy, May 1994. Springer-Verlag. [.ps] [.ps.gz]

O. Baudron, H. Gilbert, L. Granboulan, H. Handschuh, A. Joux, P. Nguyen, F. Noilhan, D. Pointcheval, T. Pornin, G. Poupard, J. Stern, and S. Vaudenay, Report on the AES Candidates, Proceedings of the Second AES Candidate Conference, Rome, Italy, 1999. [.pdf]

J. Gray and J. McLean, Using Temporal Logic to Specify and Verify Cryptographic Protocols (Progress Report), Proceedings of the 8th IEEE Computer Security Foundations Workshop, IEEE Press, 1995. [.pdf] [.ps]

M. Bellare, R. Guerin, and P. Rogaway, XOR MACs: New methods for message authentication using finite pseudorandom functions. Extended abstract in Advances in Cryptology - Crypto 95 Proceedings, Lecture Notes in Computer Science Vol. 963, D. Coppersmith ed, Springer-Verlag,1995.

E. Basturk, M. Bellare, C. S. Chow, and R. Guerin, Secure transport protocols for high-speed networks, IBM Research Report 19981, March, 1994.

H. Gilbert, D. Gupta, A. Odlyzko, and J.-J. Quisquater, Attacks on Shamir's 'RSA for paranoids', Information Processing Letters (1998), to appear. [.pdf] [.ps]

Schneier.com is a personal website. Opinions expressed are not necessarily those of BT Counterpane.