 |
Главная Случайная страница Контакты | Мы поможем в написании вашей работы! | |
Экспорт и импорт криптографии за рубежом 4 страница
|
|
/* Clobber sensitive data before deallocating memory. */
for(i=0;i<pklen;i++) pk[i] =0;
f r ee (p k);
v o i d ma i n (v o i d) {
rc5_ctx c;
u4 data[8];
char key[] = "ABODE";
int i;
p * 'i * * * * ' ' - - - ' ' - - " ' ' - - ' ' - - - ' " - - ' ' - - - ' ' - - ' ' - - ' ' - - ' ' - - - ' - - - \ n),
for(i=0;i<8;i++) data[i] = };
rc5_init(&c,10); /* 10 rounds */
r c 5_key (& c, key, 5);
r c 5_e n c ry pt (&c, d a ta, 4);
p r int f (" E n c ry pt i o n s: \ n ");
for(i=0;i<8;i+=2) printfC'Block %01d = %081x %081x\n",
i/2,data[i],data[i+l]);
r c 5de c rypt (&c, d a ta, 2);
r c 5d e c rypt (&c, d a t a+4, 2);
p r int f (" Dec rypt i on s: \ n ");
for(i=0;i<8;i+=2) printfC'Block %01d = %081x %081x\n",
i /2, data [ i ], data [ i +l 1);
A5
typedef struct {
unsigned long n.r2.r3;
1 a5_ctx;
static int threshold(n, r2, r3)
unsigned int n;
unsigned int r2;
unsigned int r3;
int t ot a i;
total = (((n >> 9) & Oxl) == i) +
(((r2 >> 11) & Oxl) == i) +
(((r3 >> i i) & Oxl) == i);
if (total > i)
return (0);
e i s e
return (i);
unsigned long clock_n(ctl, n)
int c t i;
unsigned long n;
unsigned long feedback;
ctl "= ((n >> 9) & Oxl);
i f (ctl)
feedback = (n >> 18) (n >> 17) (n >> 16) (n >> 13);
n = (n << i) & Ox7ffff;
if (feedback & OxOi)
n *= OxO};
return (n);
unsigned long clock_r2(ctl, r2)
int c t i;
unsigned long r2;
unsigned long feedback;
ctl *= ((r2 >> 11) & Oxl);
i f (ctl)
feedback = (r2 >> 21) (r2 >> 20) (r2 >> 16) (r2 >> 12);
r2 = (r2 << i) & Ox3fffff;
if (feedback & OxOi)
r2 *= OxO};
return (r2);
unsigned long clock_r3(ctl, r3)
int ct i;
unsigned long r3;
unsigned long feedback;
ct i "= ((r3 >> i i) & Oxl);
i f (ctl)
feedback = (r3 >> 22) (r3 >> 21) (r3 >> 18) (r3 >> 17);
r3 = (r3 << i) & Ox7fffff;
if (feedback & OxOi)
r3 "= OxO};
return (r3);
int keystream(key, frame, alice, bob)
unsigned char *key; /* 64 bit session key */
unsigned long frame; /* 22 bit frame sequence number */
unsigned char *alice; /* 114 bit Alice to Bob key stream */
unsigned char *bob; /* 114 bit Bob to Alice key stream */
unsigned long n; /* 19 bit shift register */
unsigned long r2; /* 22 bit shift register */
unsigned long r3; /* 23 bit shift register */
int }; /* counter for loops */
int clock*ct}; /* xored with clock enable on each shift register */
unsigned char *ptr; /* current position in keystream */
unsigned char byte; /* byte of keystream being assembled */
unsigned int bits; /* number of bits of keystream in byte */
unsigned int bit; /* bit output from keystream generator */
/* initial ise shift registers from session key */
n = (key[0] j (key[l] << 8) 1 (key[2] << 16)) & Ox/ffff;
r2 = ((key[2] >> 3) 1 (key[3] << 5) 1 (key[4] << 13) 1 (key[5] << 21)) &
Ox3fffff;
r3 = ((key[5] >> i) i (key[6] << 7) 1 (key[7] << 15)) &*x7fffff;
7* Merge frame sequence number into shift register state, by xor'ing it
* into the feedback path
for (i=0;i<22;i++)
clock_ctl = threshold(n, r2, r2);
n = clock_n(clock_ctl, n);
r2 = clock_r2(clock_ctl, r2);
r3 = clock_r3(clock_ctl, r3);
if (frame & i)
n *= };
r2 *= };
r3 *= i;
frame = frame >> };
/* Run shift registers for 100 clock ticks to allow frame number to
* be diffused into all the bits of the shift registers
for (i=0;i<100;i++)
clockctl = threshold*, r2, r2);
n = clock_n(clock_ctl, n);
r2 = clock_r2(clock_ctl, r2);
r3 = clock_r3(clock_ctl, r3);
/* produce 114 bits of Alice->Bob key stream */
pt r = a i i ce;
bits = 0;
byte = 0;
for (i=0;i<*4;i++)
clock_ctl =threshold(n, r2, r2);
n = clock_n(clock_ctl, n);
r2 = clock_r2(clock_ctl, r2);
r3 = clock_r3(clock_ctl, r3);
bit = ((n >> 18) (r2 >> 21) (r3 >> 22)) & OxO};
byte = (byte << i) i bit;
bi ts++;
if (bits == 8)
*ptr = byte;
pt r++;
b i t s = 0;
byte = 0;
if (bits)
*ptr = byte;
/* Run shift registers for another 100 bits to hide relationship between
* Alice->Bob key stream and Bob->Alice key stream.
for (i=0;i<100;i++)
clock_ctl = threshold*, r2, r2);
n = clock_n(clock_ctl, n);
r2 = clock_r2(clock_ctl, r2);
r3 = clock_r3(clock_ctl, r3);
/* Produce 114 bits of Bob->Alice key stream */
ptr = bob;
b i t s = 0;
byte = 0;
for (i=0;i<*4;i++)
clock*ctl = threshold(n, r2, r2);
n = clock_n(clock_ctl, n);
r2 = clockr2(clock_ctl, r2);
r3 = clock_r3(clock_ctl, r3);
bit = ((n >> 18) (r2 >> 21) (r3 >> 22)) & OxO};
byte = (byte << i) i bit;
bi t s++;
if (bits == 8)
*ptr = byte;
pt r++;
bits = 0;
byte = 0;
if (bits)
*ptr = byte;
return (0);
void a5_key(a5ctx *c, char *k)l
On = k[0]<<ll[k[l]<<3 1 k[2]>>5; /* 19 */
c>r2 = k[2]<<171k[3]<<9 1 k[4]<<l i k[5]>>7; 7* 22 */
c->r3 = k[5]<<151k[6]<<8 j k[7]; 7* 23 *7
/* Step one bit in A5, return 0 or i as output bit. */
int a5_step(a5_ctx *c){
int control;
control = threshold(c->n,c->r2,c->r3);
c - > r i = c i oc kr i (c on t ro i, c - > r i);
c - > r2 = c i oc k_r 2 (cant ro i, c - > r 2);
c - > r3 = c i oc k_r3 (con t ro i, c - > r3);
returns (c->n*>r2"c->r3)&l);
/* Encrypts a buffer of len bytes. */
void a5_encrypt(a5_ctx *c, char *data, int len){
int i, j;
char t;
fo r (i =0; i < i en; i ++) {
for(j=0;j<8;j++) t = t<<l i a5_step(c);
data [ i ] *=t;
void a5_decrypt(a5_ctx *c, char *data, int len){
a 5_en c ry pt (c, d a ta, i e n);
vo i d nla i n (v o i d) {
a5*ctx c;
char data[100];
char key[] = (1,2,3,4,5,6,7,8);
int i, f i a g;
for(i=0;i<100;i++) data[i] = };
a 5key (&c, key);
a 5_en c rypt (&c, d a t a, i 00);
a 5*key (&c, key);
a 5_decrypt (&c, data, i);
a 5_dec rypt (&c, data+l, 99);
flag = 0;
fOr(i=0;i<100;i++) if(data[i]!=i)flag = };
if(flag)printf("Decrypt failed\n"); else printfC'Decrypt succeeded\n");
SEAL
#undef SEALDEBUG
#define ALG_OK 0
#define ALG_NOTOK {
#define klORDS_PER_SEAL_CALL 1024
typedef struct {
unsigned long t[520]; /* 512 rounded up to a multiple of 5 + 5*/
unsigned long s[265]; /* 256 rounded up to a multiple of 5 + 5*/
unsigned long r[20]; /* 16 rounded up to multiple of 5 */
unsigned long counter; /* 32-bit synch value. */
unsigned long ksbuf*ORDSPERSEALCALL};
int ks_pos;
i seal_ctx;
#define ROT2(x) (((x) >> 2) 1 ((x) << 30))
#define ROT9(x) (((x) >> 9) 1 ((x) << 23))
#define ROT8(x) (((x) >> 8) 1 ((x) << 24))
#define ROTi6(x) (((x) >> 16) j ((x) << 16))
#define ROT24(x) (((x) >> 24) 1 ((x) << 8))
#define ROT27(x) (Kx) >> 27) 1 ((x) << 5))
#define klORD(cp) ((cp[0] << 24)l(cp[l] << 16)l(cp[2] << 8)l(cp[3]))
#define FKx, y, z) (((x) & (y)) i ((-(x)) & (z)))
#define F2(x, y, z) ((x)"(y)*(z))
#define F3(x, y, z) (((x) & (y)) i ((x) & (z)) i ((y) & (z)))
#define F4(x, y, z) ((x)"(y)"(z))
int g (i n, i, h)
unsigned char *in;
int i;
unsigned long *h;
unsigned long hO;
unsigned long hl;
unsigned long h2;
unsigned long h3;
unsigned long h4;
unsigned long a;
unsigned long b;
unsigned long c;
unsigned long d;
unsigned long e;
unsigned char *kp;
unsigned long w[80];
unsigned long temp;
kp = in;
hO = k<ORD(kp); kp += 4;
hl = MORD(kp); kp += 4*
h2 = l*ORD(kp); kp += 4*
h3 = l*ORD(kp); kp += 4*
h4 = l*ORD(kp); kp += 4*
W[0] = i;
for (i=l;i<16;i++)
w [ i ] = 0;
for (i=16;i<80;i++)
*i* i ] * >>[ i 3] *w[ i 8] "w[ i 14] "w[ i - 16];
a = hO;
b = hl;
c = h2;
d = h3;
e = h4;
for (i=0;i<20;i++)
*ft*' ROT27fa) + FKb, c, d) + e + w[i] + Ox5a827999;
d = c;
C = ROT2(b);
b = a;
a = t emp;
for (i=20;i<40;i++)
***P*= RO*27(a) + F2(b, c, d) + e + m[l] + 0x6ed9ebal;
d = c;
C = ROT2tb);
b = a;
a = t emp;
for (i=40;i<60;i++)
*!**= ROT27(a) + F3(b, c, d) + e + w[i] + Ox8flbbcdc;
d = c;
C = ROT2tb);
b = a;
a = temp;
for (i=60;i<80;i++)
*P*- ROT27(a) + F4(b, c, d) + e + w[i] + Oxca62cld6;
d = c;
c = ROT2(b);
b = a;
a = temp;
h[0] = hO+a;
h[l] = hl+b;
h[2] = h2+c;
h[3] = h3+d;
h[4] = h4+e;
return (ALG_OK);
unsigned long gamma(a, i)
unsigned char *a;
int i;
unsigned long h[5];
(v o i d) g (a, i / 5, h);
return hll % 5];
int seal_init(seal_ctx *result, unsigned char *key)
int i;
unsigned long h[5];
for (i=0;i<510;i+=5)
g(key, 1/5, &(result>t[i]));
/* horrible special case for the end */
g(key, 510/5, h);
for (i=510;i<512;i++)
result->t[i] = h[i-510];
/* OxlOOO mod 5 is +l, so have horrible special case for the start */
g(key, (l+OxlOOO)/5, h);
for (i=0;i<4;i++)
re s u i t - > s [ i ] = h [ i +l ];
for (i=4;i<254;i+=5)
g(key, (i+OxlOOO/5, &(result>s[i]));
/* horrible special case for the end */
g(key, (254+OxlOOO/5, h);
for (i=254;i<256;i++)
result >s[i] = h[i254];
/* Ox2000 mod 5 is +2, so have horrible special case at the start */
g(key, (2+Ox2000/5, h);
for (i=0;i<3;i++)
result >r[i] = h[i+2];
for (i=3;i<13;i+=5)
g(key, (i+Ox2000)/5, &(result->r[i]));
/* horrible special case for the end */
g(key, (13+Ox2000)/5, h);
for (i=13;i<16;i++)
re s u i t - > r [ i ] = h [ i - i 3 1;
return (ALG*OK);
int seal(seal_ctx *key, unsigned long in, unsigned long *out)
int i;
int j;
int i;
unsigned long a;
unsigned long b;
unsigned long c;
unsigned long d;
unsigned short p;
unsigned short q;
unsigned long nl;
unsigned long n2;
unsigned long n3;
unsigned long n4;
unsigned long *wp;
wp = ou t;
for (|=0;l<4;l++)
a = in ^ key->r[4*l];
b = ROT8(in) key->r[4*l+l];
c = ROTi6(in) key>r[4*l+2];
d = ROT24fin) key->r[4*l+3];
for (j=0;j<2;j++)
p = a & Ox7fc;
b += key->t[p/4];
a = ROT9(a);
p = b & Ox/fc;
c += key>t[p/4];
b = ROT9(b);
p = c & Ox7fc;
d += key->t[p74];
c = ROT9(c);
p = d & Ox7fc;
a += key->t[p74];
d = ROT9(d);
n i = d;
n2 = b;
n3 = a;
n4 = c;
p = a & Ox7fc;
b += key>t[p/4];
a = ROT9(a);
p = b & Ox7fc;
C += key->t[p74];
b = ROT9(b);
p = c & Ox7fc;
d += key->t[p/4];
c = ROT9(c);
p = d & Ox/fc;
a += key->t[p/4];
d = ROT9(d);
/* This generates 64 32bit words, or 256 bytes of keystreani. */
for (i=0;i<64;i++)
p = a & Ox/fc;
b += key>t[p/4];
a = ROT9(a);
b "= a;
q = b & Ox7fc;
c *= key->t[q/4];
b = ROT9(b);
c += b;
p = (p+c) & Ox7fc;
d += key>t[p/4];
c = ROT9(c);
d *= c;
q = (q+d) & Ox/fc;
a "= key->t[q/4];
d = ROT9(d);
a += d;
p = (p+a) & Ox7fc;
b *= key->t[p*'4];
a = ROT9(a);
q = (q+b) & Ox7fc;
c += key->t[q74];
b = ROT9(b);
p = (p+c) & Ox7fc;
d *= key>t[p/4];
c = ROT9(c);
q = (q+d) & Ox/fc;
a += key->t[q/4];
d = ROT9(d);
*wp = b + key>s[4*i];
wp++;
*wp = c key->s[4*i+l];
wp++;
*wp = d + key->s[4*i+2];
wp++;
*wp = a " key->s[4*i+3];
wp++;
if (i & i)
a += n 3;
c += n4;
e i s e
a += n i;
c += n 2;
return (ALGOK);
/* Added call to refill ks_buf and reset counter and ks_pos. */
void seal_refill_buffer(seal_ctx *c){
s e a i (c, c - >co un te r, c - > ks_bu f);
c - > co u nte r++;
c->ks_pos = 0;
void seal_key(seal_ctx *c, unsigned char *key)l
s ea i _i n i t (c, key);
c-*counter = 0; /* By default, init to zero. */
c->ks_pos = k<ORDS_PER_SEAL_CALL;
/* Refill keystream buffer on next call. */
/* This encrypts the next w words with SEAL. */
void seal_.encrypt(seal_ctx *c, unsigned long *data_ptr, int w))
int i;
for (i=0; i <w; i++) {
if(c>ksjos>=HORDS_PER_SEAL_CALL) seal_refi*_buffer(c);
d a t a_pt r L i 1 "=c - > k s_bu f [ c > k sjos ];
c - > k s_po s++;
void sealdecrypt(seal_ctx *c, unsigned long *data_ptr, int w) {
s e a i _e n c ry pt (c, d a t a_pt r, w);
void sealresynchfsealctx *c, unsigned long synch_word){
c-*counter = synch_word;
C->ks_pos = HORDS_RER_SEAL_CALL;
vo i d ma i n (v o i d) {
seal_ctx sc;
unsigned long buf[1000],t;
int i, f i a g;
unsigned char key[] =
i 0, i, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19 1;
p r intf (" i \ n ");
s e a i _key (&s c, key);
printf(" 2\n ");
for(i=0;i<1000;i++) buf[i]=0;
pr intf (" 3\n ");
s ea i _en c rypt (& s c, bu f, i 0 0 0);
printft "4\n ");
t = 0;
for(i=0;i<1000;i++) t = t buf[i];
printfC'XOR of buf is %081x.\n",t);
s e a i _key (& s c, key);
s ea i d ec rypt (& s c, bu f, i);
seal decrypt (&sc, buf+l, 999);
flag= 0;
for(i=0;i<1000;i++) if(buf[i]!=0)flag=l;
if(flag) printfC'Decrypt failed.\n");
else printfC'Decrypt succeeded.\n");
Литература
1. ABA Bank Card Standard, "Management and Use of Personal Information Numbers," Aids from ABA, Catalog no. 207213, American Bankers Association, 1979.
2. ABA Document 4.3, "Key Management Standard," American Bankers Association, 1980.
3. M. Abadl, J. Felgenbaum, and J. Klllan, "On Hiding Information from an Oracle," Proceedings of the WtA ACM Symposium on the Theory of Computing, 1987, pp. 195-203.
4. M. Abadi, J. Felgenbaurn, and J. Kilian, "On Hiding Information from an Oracle," Journal of Computer and System Sciences, v. 39, n. I, Aug 1989, pp. 21-50.
5. M. Abadi and R. Needham, "Prudent Engineering Practice for Cryptographic Protocols," Research Report 125, Digital Equipment Carp Systems Research Center, Jun 1994.
6. C.M. Adams, "On Immunity Against Blham and Shamir's 'Differential Crypt- analysis,' " Information Processing Letters, v. 41, 14 Feb 1992, pp. 77-80.
7. C.M. Adams, "Simple and Effective Key Scheduling for Symmetric Ciphers," Workshop on Selected Areas in Cryptography- Workshop Record, Kingston, Ontario, 5-6 May 1994, pp. 129-133.
8. C.M. Adams and H. Meljer, "Security- Related Comments Regarding McEllece's Public-Key Cryptosystem," Advances in Cryptology-CRYPTO '87 Proceedings, Springer-Verlag, 1988, pp. 224-230.
9. C.M. Adams and S.E. Tavares, "The Structured Design of Cryptographically Good S- Boxes," Journal of Cryptology, v. 3, n. I, 1990, pp. 27-41.
10. C.M. Adams and S.E. Tavares, "Designing S-Boxes for Ciphers Resistant to Differential Cryptanalysis," Proceedings of the Srd Symposium on State and Progress of Research in Cryptography, Rome, Italy, 15-16 Feb 1993, pp. 181-190.
11. W. Adams and D. Shanks, "Strong Primal- ity Tests That Are Not Sufficient," Mathematics of Computation, v. 39, 1982, pp. 255-300.
12. W.W. Adams and L.f. Coldstein, Introduction to Number Theory, Englewood Cliffs, N.J.: Prentice-Hall, 1976.
13. B.S. Adiga and P. Shankar, "Modified Lu- Lee Cryptosystem," Electronics Letters, v. 21, n. 18, 29 Aug 1985, pp. 794-795.
14. L.M. Adleman, "A Subexponential Algorithm for the Discrete Logarithm Problem with Applications to Cryptography," Proceedings of the IEEE ZOth Annual Symposium of Foundations of Computer Science, 1979, pp. 55-60.
15. L.M. Adleman, "On Breaking Generalized Knapsack Public Key Cryptosystems" Proceedings of the ISth ACM Symposium on Theory of Computing, 1983, pp. 402- 412.
16. L.M. Adleman, "Factoring Numbers Using Singular Integers," Proceedings of the 23td Annual ACM Symposium on the Theory of Computing, 1991, pp. 64-71.
17. L.M. Adleman, "Molecular Computation of Solutions to Combinatorial Problems," Science, v. 266, n. 11, Nov 1994, p. malls. L.M. Adleman, D. Estes, and K. McCurley, "Solving Bivariate Quadratic Congruences in Random Polynomial Time," Mathematics of Computation, v. 48, n. 177, Jan 1987, pp. 17-28.
19. L.M. Adleman, C. Pomerance, and R.S. Rumley, "On Distinguishing Prime Numbers from Composite Numbers," Annals of Mathematics, v. 117, n. I, 1983, pp. I 73-206.
20. L.M. Adleman and R.L. Rivest, "How to Break the Lu-Lee (COMSAT) Public-Key Cryptosystem," MIT Laboratory for Computer Science, Jul 1979.
21. C.B. Agnew, "Random Sources for Crypto- graphic Systems," Advances in Cryp- tology-EUROCRYPT '87 Proceedings, Springer-Verlag, 1988, pp. 77-81.
22. G.B.Agnew.R.C.MuUin.l.M.Onyszchuk, and S.A. Vanstone, "An Implementation for a Fast Public-Key Cryptosystem" Jow- nal of Cryptology, v. 3, n. I, 1991, pp. 63-79.
23. G.B. Agnew, R.C. Mullin, and S.A. Van- stone, "A Fast Elliptic Curve Cryptosys- tem," Advances in Clyptology-EURO- CRYPT '89 Proceedings, Springer-Verlag, 1990, pp. 706-708.
24. C.B. Agnew, R.C. Mullin, and S.A. Van- stone, "Improved Digital Signature Scheme Based on Discrete Exponentiation," Electronics Letters, v. 26, n. 14, 5 Jul 1990, pp. 1024-1025.
25. G.B. Agnew, R.C. Mullin, and S.A. Van- stone, "On the Development of a Fast Elliptic Curve Cryptosystem," Advances in Cryptology-EVROCRYPT '92 Proceedings. Springer-Verlag, 1993, pp. 482- 287.
26. C.B. Agnew, R.C. Mullin, and S.A. Van- stone, "An Implementation of Elliptic Curve Cryptosystems over F2155," IEEE Selected Areas of Communications, v. I I, n. 5, Jun 1993, pp. 804-813.
27. A. Aho, I. Hopcroft, and). Unman, The Design and Analysis of Computer Algorithms, Addison-Wesley, 1974.
28. S.C. Akl, "Digital Signatures: A Tutorial Survey," Computer, v. 16, n. 2, Feb 1983 pp. 15-24.
29. S.C. Akl, "On the Security of Compressed Encodings," Advances in Cryptology: Proceedings ofCrypto 83, Plenum Press, 1984 pp.209-230.
30. S.C. Akl and H. Meijer, "A Fast Pseudo- Random Permutation Generator with Applications to Cryptology," Advances ia Cryptology: Proceedings of CRYPTS 84, Springer-Verlag, 1985, pp. 269-275.
31. M. Alabbadi and S.B. Wicker, "Security of Xinmei Digital Signature Scheme,'' Electronics Letters, v. 28, n. 9, 23 Apr 1992, pp. 890-891.
32. M. Alabbadi and S.B. Wicker, "Digital Signature Schemes Based on Error-Correcting Codes," Proceedings of the 1993 IEEE- ISIT, IEEE Press, 1993, p. 199.
33. M. Alabbadi and S.B. Wicker, "Cryptanaly- sis of tile Ham and Wang Modification of the Xinmei Digital Signature Scheme," Electronics Letters, v. 28, n. 18, 27 Aug 1992, pp. 1756-1758.
34. K. Alagappan and I. Tardo, "SPX Guide: Prototype Public Key Authentication Service," Digital Equipment Corp., May 1991.
35. W Alexi, B.-Z. Char, 0. Coldreich, and C.P. Schnorr, "RSA and Rabin Functions: Certain Parts Are as Hard as the Whole," Proceedings of the 25th IEEE Symposium on the Foundations of Computer Science, 1984, pp. 449-457.
36. W Alexi, B.-Z. Char, 0. Goldreich, and C.P. Schnorr, "RSA and Rabin Functions: Certain Parts are as Hard as the Whole," SIAM Journal on Computing, v. U, n. I, Apr 1988, pp. 194-209.
37. Ameritech Mobile Communications et al., "Cellular Digital Packet Data System Specifications: Part 406: Airlink Security," CDPD Industry Input Coordinator, Costa Mesa, Calif,, *ul 1993.
38. H.R. Amirazizi, E.D. Karnin, and J.M. Reyneri, "Compact Knapsacks are Polynomial Solvable," ACM SIGACT News, v. 15, 1983, pp. 20-22.
39. R.J. Anderson, "Solving a Class of Stream Ciphers," Cryptologia, v. 14, n. 3, Jul 1990, pp. 285-288.
40. R.*. Anderson, "A Second Generation Electronic Wallet," ESORICS 92, Proceedings of the Second European Symposium on Research in Computer Security, Springer- Verlag, 1992, pp. 411-418.
41. R-l. Anderson, "Faster Attack on Certain Stream Ciphers," Electronics Letters, v. 29, n. 15, 22 Tul 1993, pp. 1322-1323.
42. R.*. Anderson, "Derived Sequence Attacks on Stream Ciphers," presented at the rump session of CRYPTO '93, Aug 1993.
43. R.T. Anderson, "Why Cryptosystems Fail," lst ACM Conference on Computer and Communications Security, ACM Press, 1993, pp. 215-227.
44. R.T. Anderson, "Why Cryptosystems Fail," Communications of the ACM, v. 37, n. I I, Nov 1994, pp. 32-40.
45. R.*. Anderson, "On Fibonacci Keystream Generators," K.U. Leuven Workshop on Cryptographic Algorithms, Springer-Verlag, 1995, to appear.
46. R.*. Anderson, "Searching for the Optimum Correlation Attack," K.U. Leuven Workshop on Cryptographic Algorithms, Springer-Verlag, 1995, to appear.
47. R.J. Anderson and T.M.A. Lamas, "Fortifying Key Negotiation Schemes with Poorly Chosen Passwords," Electronics Letters, v. 30, n. 13, 23 Jun 1994, pp. 1040-1041.
48. R.*. Anderson and R. Needham, "Robustness Principles for Public Key Protocols," Advances in Cryptology-CRYPTO '95 Proceedings, Springer-Verlag, 1995, to appear.
49. D. Andleman and }. Reeds, "On the Crypt- analysis of Rotor Machines and Substitution-Permutation Networks," IEEE Transactions on Information Theory, v. IT-28, n. 4, *ul 1982, pp. 578-584.
50. ANSI X3.92, "American National Standard for Data Encryption Algorithm IDEA)," American National Standards Institute, 1981.
51. ANSI X3.105, "American National Standard for Information Systems-Data Link Encryption," American National Standards Institute, 1983.
52. ANSI X3.106, "American National Standard for Information Systems-Data Encryption Algorithm-Modes of Operation,'' American National Standards Institute, 1983.
53. ANSI X9.8, "American National Standard for Personal Information Number (PIN) Management and Security," American Bankers Association, 1982.
54. ANSI X9.9 (Revised), "American National Standard for Financial Institution Message Authentication (Wholesale)," American Bankers Association, 1986.
55. ANSI X9.17 (Revised), "American National Standard for Financial Institution Key Management (Wholesale)," American Bankers Association, 1985.
56. ANSI X9.19, "American National Standard for Retail Message Authentication," American Bankers Association, 1985.
57. ANSI X9.23, "American National Standard for Financial Institution Message Encryption," American Bankers Association, 1988.
58. ANSI X9.24, "Draft Proposed American National Standard for Retail Key Management," American Bankers Association, 1988.
59. ANSI X9.26 (Revised), "American National Standard for Financial Institution Sign-On Authentication for Wholesale Financial Transaction," American Bankers Association, 1990.
60. ANSI X9.30, "Working Draft: Public Key Cryptography Using Irreversible Algorithms for the Financial Services Industry," American Bankers Association, Aug 1994.
61. ANSI X9.31, "Working Draft: Public Key Cryptography Using Reversible Algorithms for the Financial Services Industry," American Bankers Association, Mar 1993.
62. K. Aoki and K. Ohta, "Differential-Linear Cryptanalysis of FEAL-8," Proceedings of the 1995 Symposium on Cryptography and Information Security fSCIS 95), Inuyama, *pan, 24-27 *an 1995, pp. A3.4. 1 - I I. (In Japanese.)
63. K. Araki and T. Sekine, "On the Conspiracy Problem of the Generalized Tanaka's Cryptosystem," IEICE Transactions, v. E74, n. 8, Aug 1991, pp. 2176-2178.
64. S. Araki, K. Aoki, and K. Ohta, "The Best Linear Expression Search for FEAL," Proceedings of the 1995 Symposium on Cryptography and Information Security (SCIS 95), Inuyama, Tapan, 24-27 *an 1995, pp. A4.4.l-10.
65. C. Asmuth and T. Bloom, "A Modular Approach to Key Safeguarding," IEEE Transactions on Information Theory, v. IT- 29, n. 2, Mar 1983, pp. 208-210.
66. D. Atkins, M. Craff, A.K. Lenstra, and P.C. Leyland, "Tile Magic Words are Squeamish Ossifrage," Advances in Cryptology- ASIACRYPT '94 Proceedings, Springer- Verlag, 1995, pp. 263-277.
67. AT&T, "T7001 Random Number Generator," Data Sheet, Aug 1986.
68. AT&T, "AT&T Readying New Spy-Proof Phone for Big Military and Civilian Markets," The Report on ATqyT, 2, lm 1986, pp. 6-7.
69. AT&T, "T7002/T7003 Bit Slice Multiplier,'* product announcement, 1987.
70. AT&T, "Telephone Security Device TSD 3600-User's Manual," AT&T, 10 Sep 1992.
71. Y. Aumann and U. Feige, "On Message Proof Systems with Known Space Verifiers," Advances in Cryptology-CRYPTO '93 Proceedings, Springer-Verlag, 1994, pp. 85-99.
72. R.G. Ayoub, An Introduction to the Theory of Numbers, Providence, RI: American Mathematical Society, 1963.
73. A. Aziz and W. Diffie, '*Privacy and Authentication for Wireless Local Area Networks," IEEE Personal Communications, v. I, n. l, 1994, pp. 25-31.
74. A. Bahreman and J.D. Tygar, "Certified Electronic Mail,'* Proceedings of the Internet Society 1994 Workshop on Network and Distributed System Security, The Internet Society, 1994, pp. 3-19.
Дата публикования: 2015-11-01; Прочитано: 473 | Нарушение авторского права страницы | Мы поможем в написании вашей работы!
