{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,1,18]],"date-time":"2025-01-18T05:04:32Z","timestamp":1737176672406,"version":"3.33.0"},"publisher-location":"Berlin, Heidelberg","reference-count":88,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540416357"},{"type":"electronic","value":"9783540445777"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2001]]},"DOI":"10.1007\/3-540-44577-3_5","type":"book-chapter","created":{"date-parts":[[2007,6,9]],"date-time":"2007-06-09T18:23:39Z","timestamp":1181413419000},"page":"63-85","source":"Crossref","is-referenced-by-count":4,"title":["Cryptography 2000\u00b110"],"prefix":"10.1007","author":[{"given":"Ueli","family":"Maurer","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2001,3,29]]},"reference":[{"key":"5_CR1","doi-asserted-by":"crossref","unstructured":"M. Ajtai, Generating hard instances of lattice problems, Proc. 28th ACM Symposium on the Theory of Computing (STOC), pp. 99\u2013108, 1996.","DOI":"10.1145\/237814.237838"},{"key":"5_CR2","doi-asserted-by":"crossref","unstructured":"M. Ajtai and C. Dwork, A public-key cryptosystem with worst-case\/average-case equivalence, Proc. 29th ACM Symposium on the Theory of Computing (STOC), pp. 284\u2013293, 1997.","DOI":"10.1145\/258533.258604"},{"key":"5_CR3","doi-asserted-by":"publisher","first-page":"194","DOI":"10.1137\/0217013","volume":"17","author":"W. Alexi","year":"1988","unstructured":"W. Alexi, B. Chor, O. Goldreich, and C. Schnorr, RSA and Rabin functions: certain parts are as hard as the whole, SIAM Journal on Computing, vol. 17, no. 2, pp. 194\u2013209, 1988.","journal-title":"SIAM Journal on Computing"},{"key":"5_CR4","series-title":"Lect Notes Comput Sci","first-page":"455","volume-title":"Advances in Cryptology-CRYPTO\u2019 94","author":"M. Bellare","year":"1995","unstructured":"M. Bellare, J. Kilian, and P. Rogaway, The security of the cipher block chaining message authentication code, Advances in Cryptology-CRYPTO\u2019 94, Lecture Notes in Computer Science, vol. 839, pp. 455\u2013469, Springer-Verlag, 1995."},{"key":"5_CR5","doi-asserted-by":"crossref","unstructured":"M. Bellare and P. Rogaway, Random oracles are practical: A paradigm for designing efficient protocols, Proc. First ACM Conference on Computer and Communication Security, pp. 62\u201373. Association for Computing Machinery, 1993.","DOI":"10.1145\/168588.168596"},{"issue":"1","key":"5_CR6","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/BF00191318","volume":"5","author":"C. H. Bennett","year":"1992","unstructured":"C. H. Bennett, F. Bessette, G. Brassard, L. Salvail, and J. Smolin, \u201cExperimental quantum cryptography,\u201d Journal of Cryptology, vol. 5, no. 1, pp. 3\u201328, Springer-Verlag, 1992.","journal-title":"Journal of Cryptology"},{"key":"5_CR7","doi-asserted-by":"crossref","unstructured":"M. Ben-Or, S. Goldwasser, and A. Wigderson, Completeness theorems for noncryptographic fault-tolerant distributed computation, Proc. 20th ACM Symposium on the Theory of Computing (STOC), pp. 1\u201310, 1988.","DOI":"10.1145\/62212.62213"},{"key":"5_CR8","doi-asserted-by":"crossref","DOI":"10.1007\/978-1-4613-9314-6","volume-title":"Differential cryptanalysis of the Data Encryption Standard","author":"E. Biham","year":"1993","unstructured":"E. Biham and A. Shamir, Differential cryptanalysis of the Data Encryption Standard, New York: Springer-Verlag, 1993."},{"key":"5_CR9","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/BFb0055716","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 98","author":"D. Bleichenbacher","year":"1998","unstructured":"D. Bleichenbacher, Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS #1, Advances in Cryptology \u2014 CRYPTO\u2019 98, Lecture Notes in Computer Science, vol. 1462, pp. 1\u201312, Springer-Verlag, 1998."},{"issue":"4","key":"5_CR10","doi-asserted-by":"publisher","first-page":"850","DOI":"10.1137\/0213053","volume":"13","author":"M. Blum","year":"1984","unstructured":"M. Blum and S. Micali, How to generate cryptographically strong sequences of pseudo-random bits, SIAM Journal on Computing, vol. 13, no. 4, pp. 850\u2013864, 1984.","journal-title":"SIAM Journal on Computing"},{"key":"5_CR11","doi-asserted-by":"publisher","first-page":"337","DOI":"10.1016\/0304-3975(83)90029-4","volume":"28","author":"N. Blum","year":"1984","unstructured":"N. Blum, A boolean function requiring 3n network size, Theoretical Computer Science, vol. 28, pp. 337\u2013345, 1984.","journal-title":"Theoretical Computer Science"},{"key":"5_CR12","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"425","DOI":"10.1007\/BFb0052253","volume-title":"Advances in Cryptology-CRYPTO\u2019 97","author":"D. Boneh","year":"1997","unstructured":"D. Boneh and M. Franklin, Efficient generation of shared RSA keys, Advances in Cryptology-CRYPTO\u2019 97, Lecture Notes in Computer Science, vol. 1294, pp. 425\u2013439, Springer-Verlag, 1997."},{"key":"5_CR13","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1007\/3-540-68697-5_11","volume-title":"Advances in Cryptology-CRYPTO\u2019 96","author":"D. Boneh","year":"1996","unstructured":"D. Boneh and R. Venkatesan, Hardness of computing the most significant bits of secret keys in Diflie-Hellman and related schemes, Advances in Cryptology-CRYPTO\u2019 96, Lecture Notes in Computer Science, vol. 1109, pp. 129\u2013142, Springer-Verlag, 1996."},{"key":"5_CR14","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"302","DOI":"10.1007\/3-540-48329-2_26","volume-title":"Advances in Cryptology-CRYPTO\u2019 93","author":"S. Brands","year":"1994","unstructured":"S. Brands, Electronic cash systems based on the representation problem in groups of prime order, Advances in Cryptology-CRYPTO\u2019 93, Lecture Notes in Computer Science, vol. 773, pp. 302\u2013318, Springer-Verlag, 1994."},{"key":"5_CR15","doi-asserted-by":"publisher","first-page":"156","DOI":"10.1016\/0022-0000(88)90005-0","volume":"37","author":"G. Brassard","year":"1988","unstructured":"G. Brassard, D. Chaum, and C. Cr\u00e9peau, Minimum disclosure proofs of knowledge, Journal of Computer and System Sciences, vol. 37, no. 2, pp. 156\u2013189, 1988.","journal-title":"Journal of Computer and System Sciences"},{"key":"5_CR16","doi-asserted-by":"crossref","unstructured":"R. Canetti, O. Goldreich, and S. Halevi, The random oracle methodology, revisited, Proc. 30th ACM Symposium on the Theory of Computing (STOC), pp. 209\u2013218, 1998.","DOI":"10.1145\/276698.276741"},{"key":"5_CR17","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-45539-6_1","volume-title":"Advances in Cryptology-EUROCRYPT 2000","author":"S. Cavallar","year":"2000","unstructured":"S. Cavallar et al., Factorization of a 512-bit RSA modulus, Advances in Cryptology-EUROCRYPT 2000, Lecture Notes in Computer Science, vol. 1807, pp. 1\u201318, Springer-Verlag, 2000."},{"key":"5_CR18","doi-asserted-by":"crossref","unstructured":"D. Chaum, Blind signature systems, Advances in Cryptology \u2014 CRYPTO\u2019 83, p. 153, Plenum Press, 1984.","DOI":"10.1007\/978-1-4684-4730-9_14"},{"key":"5_CR19","doi-asserted-by":"crossref","unstructured":"D. Chaum, C. Cr\u00e9peau, and I. Damgard, Multiparty unconditionally secure protocols, Proc. 20th ACM Symposium on the Theory of Computing (STOC), pp. 11\u201319, 1988.","DOI":"10.1145\/62212.62214"},{"key":"5_CR20","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"212","DOI":"10.1007\/0-387-34805-0_20","volume-title":"Advances in Cryptology-CRYPTO\u2019 89","author":"D. Chaum","year":"1990","unstructured":"D. Chaum and H. van Antwerpen, Undeniable signatures, Advances in Cryptology-CRYPTO\u2019 89, Lecture Notes in Computer Science, vol. 435, pp. 212\u2013216, Springer-Verlag, 1990."},{"key":"5_CR21","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"257","DOI":"10.1007\/3-540-46416-6_22","volume-title":"Advances in Cryptology \u2014 EUROCRYPT\u2019 91","author":"D. Chaum","year":"1991","unstructured":"D. Chaum and E. van Heyst, Group signatures, Advances in Cryptology \u2014 EUROCRYPT\u2019 91, Lecture Notes in Computer Science, vol. 547, pp. 257\u2013265, Springer-Verlag, 1991."},{"key":"5_CR22","series-title":"Lect Notes Comput Sci","first-page":"1","volume-title":"Advances in Cryptology-EUROCRYPT\u2019 96","author":"D. Coppersmith","year":"1996","unstructured":"D. Coppersmith, M. Franklin, J. Patarin, and M. Reiter, Low-exponent RSA with related messages, Advances in Cryptology-EUROCRYPT\u2019 96, Lecture Notes in Computer Science, vol. 1070, pp. 1\u20139, Springer-Verlag, 1996."},{"issue":"3","key":"5_CR23","doi-asserted-by":"publisher","first-page":"207","DOI":"10.1007\/s001459900028","volume":"10","author":"D. Coppersmith","year":"1997","unstructured":"D. Coppersmith, J. Stern, and S. Vaudenay, The security of the birational permutation signature schemes, Journal of Cryptology, vol. 10, no. 3, pp. 207\u2013221, 1997.","journal-title":"Journal of Cryptology"},{"key":"5_CR24","doi-asserted-by":"crossref","unstructured":"R. Cramer, R. Gennaro, and B. Schoenmakers, A secure and optimally efficient multi-authority election scheme, European Transactions on Telecommunications, vol. 8, pp. 481\u2013489, Sept. 1997.","DOI":"10.1002\/ett.4460080506"},{"key":"5_CR25","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1007\/BFb0055717","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 98","author":"R. Cramer","year":"1998","unstructured":"R. Cramer and V. Shoup, A practical public-key cryptosystem provably secure against adaptive chosen ciphertext attack, Advances in Cryptology \u2014 CRYPTO\u2019 98, Lecture Notes in Computer Sc., vol. 1462, pp. 13\u201325, Springer-Verlag, 1998."},{"key":"5_CR26","unstructured":"J. Daemen and V. Rijmen, The Rijndael block cipher-AES Proposal, see http:\/\/csrc.nist.gov\/encryption\/aes\/rijndael\/ ."},{"issue":"6","key":"5_CR27","doi-asserted-by":"publisher","first-page":"644","DOI":"10.1109\/TIT.1976.1055638","volume":"22","author":"W. Diffie","year":"1976","unstructured":"W. Diffie and M. E. Hellman, New directions in cryptography, IEEE Transactions on Information Theory, vol. 22, no. 6, pp. 644\u2013654, 1976.","journal-title":"IEEE Transactions on Information Theory"},{"issue":"4","key":"5_CR28","doi-asserted-by":"publisher","first-page":"253","DOI":"10.1007\/s001459900047","volume":"11","author":"H. Dobbertin","year":"1998","unstructured":"H. Dobbertin, Cryptanalysis of MD4, Journal of Cryptology, vol. 11, no. 4, pp. 253\u2013271, 1998.","journal-title":"Journal of Cryptology"},{"key":"5_CR29","doi-asserted-by":"crossref","unstructured":"D. Dolev, C. Dwork, and M. Naor, Non-malleable cryptography, Proc. 23rd ACM Symposium on the Theory of Computing (STOC), pp. 542\u2013552, 1991. (Also to appear in SIAM Journal on Computing.)","DOI":"10.1145\/103418.103474"},{"key":"5_CR30","doi-asserted-by":"crossref","unstructured":"U. Feige, S. Goldwasser, L. Lov\u00e1sz, S. Safra, and M. Szegedy, Approximating clique is almost NP-complete, Proc. 32nd Annual Symposium on Foundations of Computer Science (FOCS), pp. 2\u201312, IEEE Press, 1991.","DOI":"10.1109\/SFCS.1991.185341"},{"key":"5_CR31","series-title":"Lect Notes Comput Sci","first-page":"186","volume-title":"Advances in Cryptology-CRYPTO\u2019 86","author":"A. Fiat","year":"1987","unstructured":"A. Fiat and A. Shamir, How to prove yourself: practical solution to identification and signature problems, Advances in Cryptology-CRYPTO\u2019 86, Lecture Notes in Computer Science, vol. 263, pp. 186\u2013194, Springer-Verlag, 1987."},{"key":"5_CR32","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"112","DOI":"10.1007\/BFb0052231","volume-title":"Advances in Cryptology-CRYPTO\u2019 97","author":"O. Goldreich","year":"1997","unstructured":"O. Goldreich, S. Goldwasser, and S. Halevi, Public-key cryptosystems from lattice reduction problems, Advances in Cryptology-CRYPTO\u2019 97, Lecture Notes in Computer Science, vol. 1294, pp. 112\u2013131, Springer-Verlag, 1997."},{"issue":"4","key":"5_CR33","doi-asserted-by":"publisher","first-page":"210","DOI":"10.1145\/6490.6503","volume":"33","author":"O. Goldreich","year":"1986","unstructured":"O. Goldreich, S. Goldwasser, and S. Micali, How to construct random functions, Journal of the ACM, vol. 33, no. 4, pp. 210\u2013217, 1986.","journal-title":"Journal of the ACM"},{"key":"5_CR34","series-title":"Lect Notes Comput Sci","first-page":"171","volume-title":"Advances in Cryptology-CRYPTO\u2019 86","author":"O. Goldreich","year":"1987","unstructured":"O. Goldreich, S. Micali, and A. Wigderson, How to prove all NP statements in zero-knowledge, and a methodology of cryptographic protocol design, Advances in Cryptology-CRYPTO\u2019 86, Lecture Notes in Computer Science, vol. 263, pp. 171\u2013185, Springer-Verlag, 1987."},{"key":"5_CR35","doi-asserted-by":"crossref","unstructured":"O. Goldreich, S. Micali, and A. Wigderson, How to play any mental game-a completeness theorem for protocols with honest majority, Proc. 19th ACM Symposium on the Theory of Computing (STOC), pp. 218\u2013229, 1987.","DOI":"10.1145\/28395.28420"},{"key":"5_CR36","doi-asserted-by":"publisher","first-page":"270","DOI":"10.1016\/0022-0000(84)90070-9","volume":"28","author":"S. Goldwasser","year":"1984","unstructured":"S. Goldwasser and S. Micali, Probabilistic encryption, Journal of Computer and System Sciences, vol. 28, pp. 270\u2013299, 1984.","journal-title":"Journal of Computer and System Sciences"},{"key":"5_CR37","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1137\/0218012","volume":"18","author":"S. Goldwasser","year":"1989","unstructured":"S. Goldwasser, S. Micali, and C. Racko., The knowledge complexity of interactive proof systems, SIAM Journal on Computing, vol. 18, pp. 186\u2013208, 1989.","journal-title":"SIAM Journal on Computing"},{"key":"5_CR38","doi-asserted-by":"publisher","first-page":"281","DOI":"10.1137\/0217017","volume":"17","author":"S. Goldwasser","year":"1988","unstructured":"S. Goldwasser, S. Micali, and R. Rivest, A digital signature scheme secure against adaptive chosen-message attacks, SIAM Journal on Computing, vol. 17, no. 2, pp. 281\u2013308, 1988.","journal-title":"SIAM Journal on Computing"},{"key":"5_CR39","doi-asserted-by":"crossref","unstructured":"J. Hastad and M. N\u00e4slund, The security of individual RSA bits, Proc. 39th IEEE Symposium on the Foundations of Computer Science (FOCS), pp. 510\u2013519, IEEE Press, 1998.","DOI":"10.1109\/SFCS.1998.743502"},{"key":"5_CR40","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"422","DOI":"10.1007\/3-540-57220-1_80","volume-title":"Advances in Cryptology-Auscrypt\u2019 92","author":"A. Hiltgen","year":"1993","unstructured":"A. Hiltgen, Constructions of feebly-one-way families of permutations, Advances in Cryptology-Auscrypt\u2019 92, Lecture Notes in Computer Science, pp. 422\u2013434, Springer-Verlag, 1993."},{"issue":"1","key":"5_CR41","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/s001459910003","volume":"13","author":"M. Hirt","year":"2000","unstructured":"M. Hirt and U. Maurer, Player simulation and general adversary structures in perfect multi-party computation, Journal of Cryptology, vol. 13, no. 1, pp. 31\u201360, 2000.","journal-title":"Journal of Cryptology"},{"key":"5_CR42","series-title":"Lect Notes Comput Sci","volume-title":"Advances in Cryptology-Asiacrypt 2000","author":"M. Hirt","year":"2000","unstructured":"M. Hirt, U. Maurer, and B. Przydatek, Efficient secure multi-party computation, to appear in Advances in Cryptology-Asiacrypt 2000, Lecture Notes in Computer Science, Springer-Verlag, 2000."},{"key":"5_CR43","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"539","DOI":"10.1007\/3-540-45539-6_38","volume-title":"Advances in Cryptology-EUROCRYPT 2000","author":"M. Hirt","year":"2000","unstructured":"M. Hirt and K. Sako, Efficient receipt-free voting based on homomorphic encryption, Advances in Cryptology-EUROCRYPT 2000, Lecture Notes in Computer Science, vol. 1807, pp. 539\u2013556, Springer-Verlag, 2000."},{"key":"5_CR44","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1007\/BFb0054868","volume-title":"Algorithmic Number Theory (ANTS III)","author":"J. Hoffstein","year":"1998","unstructured":"J. Hoffstein, J. Pipher, and J. Silverman, NTRU: A ring based public key cryptosystem, Algorithmic Number Theory (ANTS III), Lecture Notes in Computer Science, vol. 1423, pp. 267\u2013288, Springer-Verlag, 1998."},{"key":"5_CR45","first-page":"175","volume":"9","author":"S. Hougardy","year":"1995","unstructured":"S. Hougardy, H. J. Pr\u00f6mel, and A. Steger, Probabilistically checkable proofs and their consequences for approximation algorithms, Discrete Mathematics, vol. 9, pp. 175\u2013223, North Holland, 1995.","journal-title":"Discrete Mathematics"},{"key":"5_CR46","doi-asserted-by":"crossref","unstructured":"R. Impagliazzo, L. Levin, and M. Luby, Pseudo-random generation from oneway functions, Proc. 21st ACM Symposium on the Theory of Computing (STOC), pp. 12\u201324, 1989.","DOI":"10.1145\/73007.73009"},{"key":"5_CR47","unstructured":"D. Kahn,The code breakers, the story of secret writing,MacMillan, New York, 1967."},{"key":"5_CR48","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"19","DOI":"10.1007\/3-540-48405-1_2","volume-title":"Advances in Cryptology-CRYPTO\u2019 99","author":"A. Kipnis","year":"1999","unstructured":"A. Kipnis and A. Shamir, Cryptanalysis of the HFE public key cryptosystem by relinearization, Advances in Cryptology-CRYPTO\u2019 99, Lecture Notes in Computer Science, vol. 1666, pp. 19\u201330, Springer-Verlag, 1999."},{"key":"5_CR49","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-662-03642-6","volume-title":"Algebraic Aspects of Cryptography","author":"N. Koblitz","year":"1998","unstructured":"N. Koblitz, Algebraic Aspects of Cryptography, Berlin: Springer-Verlag, 1998."},{"key":"5_CR50","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"104","DOI":"10.1007\/3-540-68697-5_9","volume-title":"Advances in Cryptology-CRYPTO\u2019 96","author":"P. Kocher","year":"1996","unstructured":"P. Kocher, Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems, Advances in Cryptology-CRYPTO\u2019 96, Lecture Notes in Computer Science, vol. 1109, pp. 104\u2013113, Springer-Verlag, 1996."},{"key":"5_CR51","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"388","DOI":"10.1007\/3-540-48405-1_25","volume-title":"Advances in Cryptology-CRYPTO\u2019 99","author":"P. Kocher","year":"1999","unstructured":"P. Kocher, J. Jaffe, and B. Jun, Differential power analysis, Advances in Cryptology-CRYPTO\u2019 99, Lecture Notes in Computer Science, vol. 1666, pp. 388\u2013397, Springer-Verlag, 1999."},{"key":"5_CR52","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"389","DOI":"10.1007\/3-540-46877-3_35","volume-title":"Advances in Cryptology-EUROCRYPT\u2019 90","author":"X. Lai","year":"1991","unstructured":"X. Lai and J. L. Massey, A proposal for a new block encryption standard, Advances in Cryptology-EUROCRYPT\u2019 90, Lecture Notes in Computer Science, vol. 473, pp. 389\u2013404, Springer-Verlag, 1991."},{"key":"5_CR53","doi-asserted-by":"crossref","unstructured":"A. K. Lenstra, H.W. Lenstra, M.S. Manasse, and J.M. Pollard, The number field sieve, Proc. 22nd ACM Symposium on Theory of Computing, pp. 564\u2013572, 1990.","DOI":"10.1145\/100216.100295"},{"key":"5_CR54","doi-asserted-by":"publisher","first-page":"649","DOI":"10.2307\/1971363","volume":"126","author":"H. W. Lenstra Jr.","year":"1987","unstructured":"H. W. Lenstra, Jr., Factoring integers with elliptic curves, Annals of Mathematics, vol. 126, pp. 649\u2013673, 1987.","journal-title":"Annals of Mathematics"},{"key":"5_CR55","doi-asserted-by":"crossref","unstructured":"M. Luby, Pseudorandomness and Cryptographic Applications, Princeton University Press, 1996.","DOI":"10.1515\/9780691206844"},{"key":"5_CR56","doi-asserted-by":"publisher","first-page":"373","DOI":"10.1137\/0217022","volume":"17","author":"M. Luby","year":"1988","unstructured":"M. Luby and C. Racko., How to construct pseudorandom permutations from pseudorandom functions, SIAM Journal on Computing, vol. 17, no. 2, pp. 373\u2013386, 1988.","journal-title":"SIAM Journal on Computing"},{"issue":"1","key":"5_CR57","doi-asserted-by":"publisher","first-page":"55","DOI":"10.1007\/BF02620231","volume":"6","author":"J. L. Massey","year":"1993","unstructured":"J. L. Massey and U. Maurer, Cascade ciphers: the importance of being first, Journal of Cryptology, vol. 6, no. 1, pp. 55\u201361, 1993.","journal-title":"Journal of Cryptology"},{"key":"5_CR58","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"386","DOI":"10.1007\/3-540-48285-7_33","volume-title":"Advances in Cryptology-EUROCRYPT\u2019 93","author":"M. Matsui","year":"1994","unstructured":"M. Matsui, Linear Cryptanalysis Method for DES Cipher, Advances in Cryptology-EUROCRYPT\u2019 93, Lecture Notes in Computer Science, vol. 765, pp. 386\u2013397, Springer-Verlag, 1994."},{"issue":"3","key":"5_CR59","doi-asserted-by":"publisher","first-page":"733","DOI":"10.1109\/18.256484","volume":"39","author":"U. Maurer","year":"1993","unstructured":"U. Maurer, Secret key agreement by public discussion from common information, IEEE Transactions on Information Theory, vol. 39, no. 3, pp. 733\u2013742, 1993.","journal-title":"IEEE Transactions on Information Theory"},{"key":"5_CR60","doi-asserted-by":"publisher","first-page":"1689","DOI":"10.1137\/S0097539796302749","volume":"28","author":"U. Maurer","year":"1999","unstructured":"U. Maurer and S. Wolf, On the complexity of breaking the Diffie-Hellman protocol, SIAM Journal on Computing, vol. 28, pp. 1689\u20131721, 1999.","journal-title":"SIAM Journal on Computing"},{"key":"5_CR61","doi-asserted-by":"crossref","unstructured":"K. S. McCurley, The discrete logarithm problem, in Cryptology and computational number theory, C. Pomerance (Ed.), Proc. of Symp. in Applied Math., vol. 42, pp. 49\u201374, American Mathematical Society, 1990.","DOI":"10.1090\/psapm\/042\/1095551"},{"key":"5_CR62","volume-title":"A public-key cryptosystem based on algebraic coding theory","author":"R. J. McEliece","year":"1978","unstructured":"R. J. McEliece, A public-key cryptosystem based on algebraic coding theory, DSN progress report 42-44, Jet Propulsion Laboratory, Pasadena, 1978."},{"issue":"3","key":"5_CR63","doi-asserted-by":"publisher","first-page":"159","DOI":"10.1007\/BF02252874","volume":"1","author":"W. Meier","year":"1989","unstructured":"W. Meier and O. Staffelbach, Fast correlation attacks on stream ciphers, Journal of Cryptology, vol. 1, no. 3, pp. 159\u2013176, 1989.","journal-title":"Journal of Cryptology"},{"key":"5_CR64","doi-asserted-by":"crossref","unstructured":"A. J. Menezes, Elliptic curve public key cryptosystems, Kluwer Academic Publishers, 1993.","DOI":"10.1007\/978-1-4615-3198-2"},{"key":"5_CR65","volume-title":"Handbook of Applied Cryptography","author":"A. J. Menezes","year":"1997","unstructured":"A. J. Menezes, P.C. van Oorschot, and S.A. Vanstone, Handbook of Applied Cryptography, Boca Raton: CRC Press, 1997."},{"key":"5_CR66","doi-asserted-by":"crossref","unstructured":"A. J. Menezes, T. Okamoto, and S.A. Vanstone, Reducing elliptic curve logarithms to logarithms in a finite field, Proc. 23rd ACM Symposium on the Theory of Computing (STOC), pp. 80\u201389, 1991.","DOI":"10.1145\/103418.103434"},{"issue":"4","key":"5_CR67","doi-asserted-by":"publisher","first-page":"294","DOI":"10.1145\/359460.359473","volume":"21","author":"R. Merkle","year":"1978","unstructured":"R. Merkle, Secure communication over insecure channels, Communications of the ACM, vol. 21, no. 4, pp. 294\u2013299, 1978.","journal-title":"Communications of the ACM"},{"key":"5_CR68","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"218","DOI":"10.1007\/0-387-34805-0_21","volume-title":"Advances in Cryptology-CRYPTO\u2019 89","author":"R. Merkle","year":"1990","unstructured":"R. Merkle, A certified digital signature, Advances in Cryptology-CRYPTO\u2019 89, Lecture Notes in Computer Science, vol. 435, pp. 218\u2013238, Springer-Verlag, 1990."},{"key":"5_CR69","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1007\/BFb0055731","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 98","author":"P. Nguyen","year":"1998","unstructured":"P. Nguyen and J. Stern, Cryptanalysis of the Ajtai-Dwork cryptosystem, Advances in Cryptology \u2014 CRYPTO\u2019 98, Lecture Notes in Computer Science, vol. 1462, pp. 243\u2013256, Springer-Verlag, 1998."},{"key":"5_CR70","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"33","DOI":"10.1007\/3-540-68339-9_4","volume-title":"Advances in Cryptology \u2014 EUROCRYPT\u2019 96","author":"J. Patarin","year":"1996","unstructured":"J. Patarin, Hidden fields equations (HFE) and isomorphisms of polynomials (IP): two new families of asymmetric algorithms, Advances in Cryptology \u2014 EUROCRYPT\u2019 96, Lecture Notes in Computer Science, vol. 1070, pp. 33\u201348, Springer-Verlag, 1996."},{"key":"5_CR71","unstructured":"B. Pfitzmann and M. Waidner, Fail-stop signatures and their application, Proc. SECURICOM\u2019 91, pp. 145\u2013160, 1991."},{"key":"5_CR72","series-title":"Lect Notes Comput Sci","first-page":"377","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 91","author":"C. Racko","year":"1991","unstructured":"C. Racko. and D. Simon, Noninteractive zero-knowledge proof of knowledge and chosen ciphertext attack, Advances in Cryptology \u2014 CRYPTO\u2019 91, Lecture Notes in Computer Science, vol. 576, pp. 377\u2013391, Springer-Verlag, 1991."},{"key":"5_CR73","doi-asserted-by":"crossref","unstructured":"R. L. Rivest, Cryptography, Chapter 13 in Handbook of Theoretical Computer Science, (J. van Leeuwen, ed.), MIT Press, 1990.","DOI":"10.1016\/B978-0-444-88071-0.50018-7"},{"key":"5_CR74","doi-asserted-by":"publisher","first-page":"120","DOI":"10.1145\/359340.359342","volume":"21","author":"R. L. Rivest","year":"1978","unstructured":"R. L. Rivest, A. Shamir, and L. Adleman, \u201cA method for obtaining digital signatures and public-key cryptosystems,\u201d Communications of the ACM, vol. 21, no. 2, pp. 120\u2013126, 1978.","journal-title":"Communications of the ACM"},{"key":"5_CR75","unstructured":"B. Schneier, Applied Cryptography, Wiley, 2nd edition, 1996."},{"issue":"3","key":"5_CR76","doi-asserted-by":"publisher","first-page":"239","DOI":"10.1007\/BF00196725","volume":"4","author":"C. P. Schnorr","year":"1991","unstructured":"C. P. Schnorr, Efficient signature generation for smart cards, Journal of Cryptology, vol. 4, no. 3, pp. 239\u2013252, 1991.","journal-title":"Journal of Cryptology"},{"key":"5_CR77","doi-asserted-by":"publisher","first-page":"11","DOI":"10.1109\/FSCS.1990.89519","volume":"I","author":"A. Shamir","year":"1990","unstructured":"A. Shamir, IP = PSPACE, Proc. 31st Annual Symposium on Foundations of Computer Science (FOCS), vol. I, pp. 11\u201315, IEEE Press, 1990.","journal-title":"Proc. 31st Annual Symposium on Foundations of Computer Science (FOCS)"},{"key":"5_CR78","series-title":"Lect Notes Comput Sci","first-page":"1","volume-title":"Advances in Cryptology-CRYPTO\u2019 93","author":"A. Shamir","year":"1994","unstructured":"A. Shamir, Efficient signature schemes based on birational permutations, Advances in Cryptology-CRYPTO\u2019 93, Lecture Notes in Computer Science, vol. 773, pp. 1\u201312, Springer-Verlag, 1994."},{"key":"5_CR79","doi-asserted-by":"crossref","first-page":"379","DOI":"10.1002\/j.1538-7305.1948.tb01338.x","volume":"27","author":"C. E. Shannon","year":"1948","unstructured":"C. E. Shannon, \u201cA mathematical theory of communication,\u201d Bell System Technical Journal, vol. 27, pp. 379\u2013423, 623-656, 1948.","journal-title":"Bell System Technical Journal"},{"key":"5_CR80","doi-asserted-by":"crossref","first-page":"656","DOI":"10.1002\/j.1538-7305.1949.tb00928.x","volume":"28","author":"C. E. Shannon","year":"1949","unstructured":"C. E. Shannon, \u201cCommunication theory of secrecy systems,\u201d Bell System Technical Journal, vol. 28, pp. 656\u2013715, 1949.","journal-title":"Bell System Technical Journal"},{"key":"5_CR81","doi-asserted-by":"crossref","unstructured":"P. W. Shor, Algorithms for quantum computation: discrete log and factoring, Proc. 35th IEEE Symposium on the Foundations of Computer Science (FOCS), pp. 124\u2013134, IEEE Press, 1994.","DOI":"10.1109\/SFCS.1994.365700"},{"key":"5_CR82","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"256","DOI":"10.1007\/3-540-69053-0_18","volume-title":"Advances in Cryptology-EUROCRYPT\u2019 97","author":"V. Shoup","year":"1997","unstructured":"V. Shoup, Lower bounds for discrete logarithms and related problems, Advances in Cryptology-EUROCRYPT\u2019 97, Lecture Notes in Computer Science, vol. 1233, pp. 256\u2013266, Springer-Verlag, 1997."},{"key":"5_CR83","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"207","DOI":"10.1007\/3-540-45539-6_15","volume-title":"Advances in Cryptology-EUROCRYPT 2000","author":"V. Shoup","year":"2000","unstructured":"V. Shoup, Practical threshold signatures, Advances in Cryptology-EUROCRYPT 2000, Lecture Notes in Computer Science, vol. 1807, pp. 207\u2013220, Springer-Verlag, 2000."},{"key":"5_CR84","volume-title":"The Code Book","author":"S. Singh","year":"1999","unstructured":"S. Singh, The Code Book, Fourth Estate, London, 1999."},{"key":"5_CR85","unstructured":"D.R. Stinson, Cryptography-Theory and Practice, CRC Press, 1995."},{"key":"5_CR86","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1007\/BFb0055732","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 98","author":"S. Vaudenay","year":"1998","unstructured":"S. Vaudenay, Cryptanalysis of the Chor-Rivest cryptosystem, Advances in Cryptology \u2014 CRYPTO\u2019 98, Lecture Notes in Computer Science, vol. 1462, pp. 243\u2013256, Springer-Verlag, 1998."},{"key":"5_CR87","doi-asserted-by":"crossref","unstructured":"A. C. Yao, Protocols for secure computations, Proc. 23rd IEEE Symposium on the Foundations of Computer Science (FOCS), pp. 160\u2013164, IEEE Press, 1982.","DOI":"10.1109\/SFCS.1982.38"},{"key":"5_CR88","unstructured":"P. R. Zimmermann, The Official PGP User\u2019s Guide, MIT Press, 1995."}],"container-title":["Lecture Notes in Computer Science","Informatics"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/3-540-44577-3_5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,1,17]],"date-time":"2025-01-17T04:35:29Z","timestamp":1737088529000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/3-540-44577-3_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2001]]},"ISBN":["9783540416357","9783540445777"],"references-count":88,"URL":"https:\/\/doi.org\/10.1007\/3-540-44577-3_5","relation":{},"ISSN":["0302-9743"],"issn-type":[{"type":"print","value":"0302-9743"}],"subject":[],"published":{"date-parts":[[2001]]}}}