LEADER 05987nam 2200613 450 001 996465804403316 005 20211129194138.0 010 $a3-540-39568-7 024 7 $a10.1007/3-540-39568-7 035 $a(CKB)1000000000210857 035 $a(SSID)ssj0000320905 035 $a(PQKBManifestationID)11256237 035 $a(PQKBTitleCode)TC0000320905 035 $a(PQKBWorkID)10262554 035 $a(PQKB)11252816 035 $a(DE-He213)978-3-540-39568-3 035 $a(MiAaPQ)EBC3073003 035 $a(MiAaPQ)EBC6574618 035 $a(Au-PeEL)EBL6574618 035 $a(OCoLC)1255223088 035 $a(PPN)155222643 035 $a(EXLCZ)991000000000210857 100 $a20211129d1985 uy 0 101 0 $aeng 135 $aurnn|008mamaa 181 $ctxt 182 $cc 183 $acr 200 00$aAdvances in cryptology--CRYPTO '91 $eproceedings of CRYPTO 82 /$fEdited by G. Goos and J. Hartmanis 205 $a1st ed. 1985. 210 1$aBerlin, Germany ;$aNew York, New York :$cSpringer-Verlag,$d[1985] 210 4$dİ1985 215 $a1 online resource (XII, 496 p.) 225 1 $aLecture Notes in Computer Science,$x0302-9743 ;$v196 300 $aBibliographic Level Mode of Issuance: Monograph 311 $a3-540-15658-5 320 $aIncludes bibliographical references at the end of each chapters and index. 327 $aPublic Key Cryptosystems and Signatures -- A Prototype Encryption System Using Public Key -- A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms -- A Public-Key Cryptosystem Based on the Word Problem -- Efficient Signature Schemes Based on Polynomial Equations (preliminary version) -- Identity-Based Cryptosystems and Signature Schemes -- A Knapsack Type Public Key Cryptosystem Based On Arithmetic in Finite Fields (preliminary draft) -- Some Public-Key Crypto-Functions as Intractable as Factorization -- Cryptosystems and Other Hard Problems -- Computing Logarithms in GF (2n) -- Wyner?s Analog Encryption Scheme: Results of a Simulation -- On Rotation Group and Encryption of Analog Signals -- The History of Book Ciphers -- An Update on Factorization at Sandia National Laboratories -- An LSI Digital Encryption Processor (DEP) -- Efficient hardware and software implementations for the DES -- Efficient hardware implementation of the DES -- A Self-Synchronizing Cascaded Cipher System with Dynamic Control of Error Propagation -- Randomness and Its Concomitants -- Efficient and Secure Pseudo-Random Number Generation (Extended Abstract) -- An LSI Random Number Generator (RNG) -- Generalized Linear Threshold Scheme -- Security of Ramp Schemes -- A Fast Pseudo Random Permutation Generator With Applications to Cryptology -- On the Cryptographic Applications of Random Functions (Extended Abstract) -- An Efficient Probabilistic Public-Key Encryption Scheme Which Hides All Partial Information -- Analysis and Cryptanalysis -- RSA/Rabin least significant bits are secure (Extended Abstract) -- Information Theory without the Finiteness Assumption, I: Cryptosystems as Group-Theoretic Objects -- Cryptanalysis of Adfgvx Encipherment Systems -- Breaking Iterated Knapsacks -- Dependence of output on input in DES: Small avalanche characteristics -- Des has no Per Round Linear Factors -- Protocols and Authentication -- A Message Authenticator Algorithm Suitable for a Mainframe Computer -- Key Management for Secure Electronic Funds Transfer in a Retail Environment -- Authentication Theory/Coding Theory -- New Secret Codes Can Prevent a Computerized Big Brother -- Fair Exchange of Secrets (extended abstract) -- Cryptoprotocols: Subscription to a Public Key, The Secret Blocking and The Multi-Player Mental Poker Game (extended abstract) -- Poker Protocols -- Impromptu Talks -- A ?Paradoxical? Solution to The Signature Problem -- Sequence Complexity as a Test for Cryptographic Systems -- An Update on Quantum Cryptography -- How to Keep a Secret Alive. 330 $aRecently, there has been a lot of interest in provably "good" pseudo-random number generators [lo, 4, 14, 31. These cryptographically secure generators are "good" in the sense that they pass all probabilistic polynomial time statistical tests. However, despite these nice properties, the secure generators known so far suffer from the han- cap of being inefiicient; the most efiicient of these take n2 steps (one modular multip- cation, n being the length of the seed) to generate one bit. Pseudc-random number g- erators that are currently used in practice output n bits per multiplication (n2 steps). An important open problem was to output even two bits on each multiplication in a cryptographically secure way. This problem was stated by Blum, Blum & Shub [3] in the context of their z2 mod N generator. They further ask: how many bits can be o- put per multiplication, maintaining cryptographic security? In this paper we state a simple condition, the XOR-Condition and show that any generator satisfying this condition can output logn bits on each multiplication. We show that the XOR-Condition is satisfied by the lop least significant bits of the z2-mod N generator. The security of the z2 mod N generator was based on Quadratic Residu- ity [3]. This generator is an example of a Trapdoor Generator [13], and its trapdoor properties have been used in protocol design. We strengthen the security of this gene- tor by proving it as hard as factoring. 410 0$aLecture Notes in Computer Science,$x0302-9743 ;$v196 606 $aComputers$xAccess control 606 $aChemistry, Physical and theoretical 615 0$aComputers$xAccess control. 615 0$aChemistry, Physical and theoretical. 676 $a001.64 702 $aHartmanis$b Juris 702 $aGoos$b G. 801 0$bMiAaPQ 801 1$bMiAaPQ 801 2$bMiAaPQ 906 $aBOOK 912 $a996465804403316 996 $aAdvances in cryptology--CRYPTO '91$92831591 997 $aUNISA