appliedcryptology, cryptographicprotocols, an d computersecuritymodels

8/13/2019 APPLIEDCRYPTOLOGY, CRYPTOGRAPHICPROTOCOLS, an d COMPUTERSECURITYMODELS

1/16


2/16

PROCEEDINGS OF SYMPOSIA IN APPLIED MATHEMATICS

VOLUME 1 NON-LINEAR PROBLEMS IN MECHANICS OF CONTINUAEdited by E. Reissner Brown University, August 1947

VOLUME 2 ELECTROMAGNETIC THEORYEdited by A. H. Taub Massachu setts Institute of Technology, July 1948

VOLUME 3 ELASTICITYEdited by R. V. Churchill University of Michigan, June 1949

VOLUME 4 FLUID DYNAMICSEdited by M. H. Martin University of Maryland, June 1951

VOLUME 5 WAVE MOTION AND VIBRATION THEORYEdited by A. E. Heins Carnegie Institute of Technology, June 1952

VOLUME 6 NUMERICAL ANALY SISEdited by J. H. Curtiss Santa Monica City Co llege, August 195 3

VOLUME 7 APPLIED PROBABILITYEdited by L. A. MacC oll Polytechnic Institute of Brooklyn, April 1955

VOLUME 8 CALCULUS OF VARIATIONS AND ITS APPLICATIONSEdited by L. M. Graves University of Chicago, April 1956

VOLUME 9 ORBIT THEORYEdited by G. Birkhoff and R. E. Langer New York University, April 1957

VOLUME 1 COMBINATORIAL ANALYSISEdited by R. Bellman and M. Hall, Jr. Columbia University, April 1958

VOLUME 11 NUCLE R RE CTOR THEORYEdited by G. Birkhoff and E. P. Wigner New York City, April 1959

VOLUME 12 STRUCTURE OF LANGU AG E AND ITS MATHEM ATICAL ASPECTSEdited by R. Jakobson New York City, April 1960

VOLUME 13 HYDRODYNAMIC INSTABILITYEdited by R. Bellman, G. Birkhoff, C. C. Lin New York City, April 1960

VOLUME 14 MATHEMATICAL PROBLEMS IN THE BIOLOGICAL SCIENCES

Edited by R. Bellman New York City, April 1961VOLUME 15 EXPERIMENTAL ARITHMETIC, HIGH SPEED COMPUTING, AND

MATHEMATICSEdited by N. C. Metropolis, A. H. Taub, J. Todd, C. B. Tompkins Atlantic City andChicago, April 1962

VOLUME 16 STOCHASTIC PROCESSES IN MATHEMATICAL PHYSICS AND ENGINEERINGEdited by R. Bellman New York City, April 1963

http://dx.doi.org/10.1090/psapm/029


3/16

VOLUME 17 APPLICATIONS OF NON LINEAR PARTIAL DIFFER ENT IAL EQUATIONS IN MATHEMATICAL PHYSICSEdited by R. Finn New York City, April 1964

VOLUME 18 MAGNET O-FLUID AN D PLASMA DYNAMICSEdited by H. Grad New York City, April 1965

VOLU ME 19 MATHEM ATICAL ASPECTS OF COMPUTER SCIENCEEdited by J. T. Schwartz New York City, April 1966

VOLUME 20 THE INFLUENCE OF COMPUTING ON MATHEMATICAL RESEARCHAND EDUCATIONEdited by J. P. LaSalle University of Montana, Augu st 1973

VOLUME 21 MATHEMATICAL ASPECTS OF PRODUCTION AN D DISTRIBUTION OFENERGYEdited by P. D. Lax San Antonio, Texas, January 1976

VOLUME 22 NUMERICAL ANALY SISEdited by G. H. Golub and J. Oliger Atlanta, Georgia, January 1978

VOLUME 23 MODERN STATISTICS: METHODS AN D APPLICATIONSEdited by R. V. Hogg San Antonio, Texas, January 1980

VOLUME 24 GAME THEORY AND ITS APPLICATIONSEdited by W. F. Lucas Biloxi, Mississippi, January 1979

VOLUME 25 OPERATIONS RESEARC H: MATHEMATICS AN D MODELSEdited by S. I. Gass Duluth, Minnesota, Au gust 1979

VOLUME 26 THE MATHEMATICS OF NETWORKSEdited by S. A. Burr Pittsburgh, Pennsylvania, August 1981

VOLUME 27 COMPUTED TOMOGRAPHYEdited by L. A. Shepp Cincinnati, Ohio, January 1982

VOLUME 28 STATISTICAL DAT A ANA LYSISEdited by R. Gnanadesikan Toronto, Ontario, August 1982


4/16

AMS SHORT COURSE LECTURE NOTES

published as a subseries ofProceedings of Symposia in Applied Mathematics


5/16

APPLIED CRYPTOLOGY,CRYPTOGRAPHIC PROTOCOLS,

andCOMPUTER SECURITY MODELS


6/16

PROCEEDINGS OF SYMPOSI

IN PPLIED M THEM TICS

Volume 29

PPLIED CRYPTOLOGY,CRYPTOGR PHIC PROTOCOLS,

andCOMPUTER SECURITY MODELS

AMERICAN MATHEMATICAL SOCIETYPROVIDENCE, RHODE ISLAND


7/16

LECTURE NOTES PREPARED FOR THEAMERICAN MATHEMATICAL SOCIETY SHORT COURSE

CRYPTOLOGY IN REVOLUTION: MATHEMATICS AND MODELS

HELD IN SAN FRANCISCO, CALIFORNIAJANUARY 5-6 , 1981

ByRichard A. DeMilloGeorge I. DavidaDavid P. DobkinMichael A. HarrisonRichard J. Lipton

The AMS Short Course Series is sponsored by the S ociety s Co mm ittee onEmployment and Education Policy (CEEP). The series is under the direction ofthe Short Course Advisory Subcommittee of CEEP.

Library of Congress Cataloging in Publication DataMain entry under title:Applied cryptology, cryptograph ic protocols, and comp uter securi ty models.

(Proceedings of symposia in applied mathematics, ISSN 0160-7634; v. 29. AMS shortcourse lecture notes)

Exp and ed version of notes prepared for the AMS short course entitled C ryptolo gy inrevolution, mathematics and models, held in San Francisco, Calif., Jan. 56, 198 1, byRichard A. DeMillo and others.

Bibliography: p.1. ComputersAccess contro l . 2. Cryp tograph y. I . D eMillo, Richard A. II . Amer

ican Mathematical Soc iety. III . Series: Proceedings of symposia in applied m athem atics;v. 29 . IV. Series: Proceedings of symp osia in applied m athe ma tics; v. 29 . AMS short co urselecture notes.QA76.9 .A25A 66 1983 001.64 83-15548ISBN 0-8218-0041-8

1980 Mathe matics Subject Classification. Primary 68-02, 68B 99, 68C99.

Reprinted 1985

Copyright 198 by the American Mathematical Society.

Printed in the United States of America.

All r ights reserved except those granted to the United States Government.

This book may not be reproduced in any form without the permission of the publishers.

This volume was printed directly from copy prepared by the authors.


8/16

Contents

1 . In t roduc t ion 1

2 . Cryp tography 72.1 Ciphers and Crypto syste ms 82.2 Stream Ciph ers 152.3 Inform at ion- The oret ic Crypt analys is 22

2.4 Feasi bi l i ty of Crypt analysis 282.5 Mode rn Block Ciphers 332.6 Int ra ctabi l i ty and Cryp tana lysis 522.7 Bibl i ograp hic Notes 61

3. Computer System Secur i ty Model s 633.1 Operat in g System Model s 633.2 Mult i level Secur i ty 993.3 Datab ases and Inferenc e 1043.4 Bibl io graphi c Notes 122

4. Protoc ols and Secur i ty . .1254 1 Arb i t e r s 130

4.2 Digi ta l Signatures 1314.3 Ment al Poker 1434.4 Secret Bal lot Elect i ons 1464.5 Password Authen t i ca t io n 1474.6 Using Rando mness 1484.7 Key Dis t r ibu t ion 1514.8 Dis t r ibut i ng Subkeys 1524 .9 Shaking Hands 1554.10 Secure Computer Systems 1574.11 Compro mising Prot ocol s 1704.12 Establ ishin g Prot ocol s Secur i ty 1794.13 Bibl i ograph ic Notes 184

5 . B ib l iography 187


9/16

Preface

On January 5-6, 198 1, the authors del ivered a ser ies of lec

tu res en t i t led Cryp to iogy in Revo lu t ion : Mathemat i c s and Mod e l s

to a meet ing of the Ameri can Mathema t ical Socie t y. This survey of

cryptol ogy and computer secur i ty is an edi ted and expanded ver s ion

of the notes which AMS publ is hed for the or iginal lec ture ser i es .

The pres enta t ion is organized as fol low s. A survey of cry p

tographic theory which emphasi zes the two major develo pments of

contempo rary cryp togr aphy ( the federal data encryp t ion s tandard

and publ i c-key c ryp togr aphy ) is presen ted in Chapter 2 . Chapter 3

pre sen ts a survey of the security prob lem s whic h arise in the use

of t ime-shared and network ed digi ta l comp uter s . Final ly a number

of proto cols which are used to achieve levels of secur i ty in com

puter sytems and the emerging theory surrounding crypto graphi c

prot ocols are presen ted in Chapter 4 . As th is survey is being

compi led, some fr ic t ion exis ts between cer ta in U.S . Governmen t

agenc ies , academic r e sea rche r s , and p ro fess iona l soc ie t i e s . A

brie f account of the issues whi ch have led to this cont rover y is

given in Chapter 1 .

This work was supported in par t by the Nat ional Science Foun

da t ion , under g ran t s MCS7 9-03 42 8 , MCS8 1-03 608 , and MCS-08012 716

and the Off ice of Naval research under contracts N000 14-7 9-C- 02 31

a nd N 0 0 0 1 4 - 7 9 - C - 0 8 7 3 .

xi


10/16

5. Bibl iography

[1] A. Aho, J. Hopcr oft and J. Ull man , 'The Desi gn and Anal ysisof Computer Algori thms, ' Addison- Wesley, 1974.

[2] D. Bell and L. LaPad ula, 'Secure Computer Syste ms:Mathematical Foundat ions and Mode l , ' MITRE Report , MTR-25 47,volume 2, November 1973.

[3] E. R. Berlekamp , 'Factoring Polyn omia ls over Large FiniteFie lds , ' Mathematics of Computat ion, volume 24, (1978) , pp.713-735 .

[43 Bis hop , M. and Snyd er, L., 'The Tra nsf er of Info rmat ion andAuthor ity in a Prot ecti on System', Proceed ings of the SeventhSymposium on Operating System Prin cip les , 197 9.

[5] R. Blakely and G. Blak ely, 'Security of Number TheoreticPublic Key Cryptosy stems Against Random Attack I,II , III 'Cryptologia , to appear.

[6] M, Blum, 'How to Exchange Secret Key s' , Univ ersi ty ofCal ifornia , Berkeley, UCB/ERLM81/90, March, 1982.

[7] G. Bras sard , S. Fortune and J. Hopc roft , 'A Note onCrypotgr aphy and NP co-NP ,' TR 78 -338 , Department of Computer Science, Cornel l Universi ty, 1978.

[8] Budd, T. and Lipton, R.J. , 'On Classes of P rotect ionSys tems ' , in DeMi llo, R.A. et al (ed itors) Founda t ions ojSecu re Comj>ut.a.tJLo.n, Ac ad em ic P res s, I nc . New Yo rk, 19 78 .

[9] Coh en , El li s S., P ro bl em s, Me ch an is m^ and iut..ins. Ph D Disser tat ion, Carnegie-Mellon Universi ty, 1976.

[10] George I. Dav ida , 'Chosen Signat ure Crypt analy sis of the RSA(MIT) Public Key Cryptosystem, ' unpublished manuscrip t .

[11] G. Dav ida , R. DeM ill o, and R. Lipto n, 'Sharing Cr yptographic Ke ys , ' IEEE Symposium on Security and Privac y,Berkeley, CA,Apri l 1980.

[12] G. Davida , R. DeMillo and R. Lipton, 'A System Arch itecture to Support a Veri fiab ly Secure M ultile vel SecuritySystem,' IEEE Symposium on Security and Priva cy, Berkele y,CA, April 1980.

187


11/16

1 8 8 B i b l i o g r a p h y

[ 13 3 G . D a v i d a a n d J . K a m , 'A S t r u c t u r e d D e s i g n o f S u b s t i t u t i o n -P e r m u t a t i o n E n c r y p t i o n N e t w o r k s , ' i n D e M i l l o , R . A . et al( e d i t o r s ) , Fo>uncla.tj,p_n_s o.f > c.u r_ c mp ut.a.Jt.i o.n A c a d e m i c P r e s s ,1 9 7 8 , p p . 9 5 - 1 1 4 .

[ 1 4 ] R . D eB l il l o, ' D a t a b a s e S e c u r i t y , ' I s s u e s i n D a t a b a s eM a n a g e m e n t , e d i t e d b y H . We b e r a n d A . Wa s s e r m a n , N o r t h -H o l l a n d , 1 9 7 9 , p p . 2 5 3 - 2 5 6 .

[ 1 5 ] R . D e M i l l o a n d D . D o b k i n , ' R e c e n t P r o g r e s s i n S e c u r e Corn-put at i on , 1 9 7 8 I E E E C o m p s a c C o n f e r e n c e , C h i c a g o , I L , N o v e m b e r1 9 7 8 .

[ 1 6 ] R . D e M i l l o , D . D o b k i n a nd R . L i p t o n , ' E v e n D a t a b a s e s T h a tL i e C a n b e C o m p r o m i s e d , ' I E E E Tr a n s a c t i o n s o n S o f t w a r eE n g i n e e r i n g , v o l u m e S E - 4 , n u m b e r 1, ( J a n u a r y, 1 9 7 8 ) , p p . 7 3 -7 5 .

[ 1 7 ] R . D e M i l l o , D . D o b k i n a nd R . L i p t o n , ' C o m b i n a t o r i a lI n f e r e n c e , ' in D e M i l l o , R . A . e t a l ( e d i t o r s ) , F.ouncijit.i.o.ns. p_ fS e c u r e C o m p u t a t i on , A c a d e m i c P r e s s , 1 9 7 8 , p 2 7 - 3 8 .

[ 1 8 ] R . D e M i l l o , R . L i p t o n a n d A . P e r l i s , ' S o c i a l P r o c e s s e s an dP r o o f s o f T h e o r e m s a nd P r o g r a m s , ' C o m m u n i c a t i o n s o f t he A C M ,v o l u m e 2 2 , n u m b e r 5 , ( M a y, 1 9 7 9 ) , p p . 2 7 2 - 2 8 0 .

[ 1 9 ] R . D e M i l l o , D . D o b k i n , R . L i p t o n a nd A . J o n e s , F o u nd a t i o n s o f S e c u r e C o m p u t a t i o n , A c a d e m i c P r e s s , 1 9 7 8 .

[ 2 0 ] R . A . D e M i l l o , N . A . Ly n c h a n d M . J . M e r r i t t , ' C r y pt o g r a p h i c P r o t o c o l s , ' P r o c e e d i n g s 1 4 t h A C M S y m p o s i u m o nT h e o r y o f C o m p u t i n g , M a y 1 9 8 2 , 3 8 3 - 4 0 0 .

[ 2 1 ] R . A . D e M i l l o a n d M . J . M e r r i t t , ' C h o s e n S i g n a t u r e C r y p -t a n a l y s i s o f P u b l i c K e y C r y p t o s y s t e m s , ' Te c h n i c a l M e m o r a n d u m ,S c h o o l of I n f o r m a t i o n a nd C o m p u t e r S c i e n c e , G e o r g i a I n s t i t u t eof Te c h n o l o g y, A t l a n t a , GA , O c t o b e r , 1 9 8 2 .

[ 2 2 ] R . A . D e M i l l o a n d M . J . M e r r i t t , ' P r o t o c o l s f o r D a t aS e c u r i t y , ' C o m p u t e r , v o l u m e 1 6 , nu m b e r 2 , F e b r u a r y, 1 9 8 3 , p p .3 9 - 5 0 .

[ 2 3] C . A . D e a v o u r s , ' Ho w t h e B r i t i s h B r o k e E n i g m a , ' C r y p -t o l o g i a , v o l u m e 4 , n u m b e r 3 ( J u l y, 1 9 8 0 ) , p p . 1 2 1 9 - 1 3 2 .

[ 2 4 ] D . D e n n i n g a n d P. D e n n i n g , ' D a t a S e c u r i t y ' , C o m p u t i n g S u rv e y s , S e p t e m b e r 1 9 7 9 , p p . 2 2 7 - 2 5 0 .

[ 2 5 ] D . E . D e n n i n g , P. J . D e n n i n g , S . J . G a r l a n d , M . A .H a r r i s o n , a n d W. L . R u z z o , ' P r o v i n g P r o t e c t i o n S y s t e m sS a f e ' , u n p u b l i s h e d m a n u s c r i p t , 1 9 7 7 .

[ 2 6 ] B . DeYfo lf and P. Sz u l ew sk i , ed i t o r s , ' F i na l R e p o r t o f t he1 9 7 9 S u m m e r S t u d y on A i r F o r c e C o m p u t e r S e c u r i t y, ' D r a p e r L a b sR e p o r t R - 1 3 2 6 , O c t o b e r , 1 9 7 9 .

[ 2 7] W. D i f f i e a nd M . H e l l m a n , ' Ne w D i r e c t i o n s i n C r y p t o g a p h y, 'I E E E T r a n s a c t i o n s o n I n f o r m a t i o n T h e o r y , v o l u m e I T- 2 2 , n u m b e r6 , ( N o v e m b e r, 1 9 7 6 ) , p p . 6 4 4 - 6 5 4 .


12/16

Bibliography 189

[28] W. Diffie and M. Hel lma n, 'Exh austi ve Crypt anal ysis of theNBS Data Encrypt ion Standard, 1 Comput er, volume 10, number 6(June, 1 9 7 7 ) , pp . 74-84.

[29] D. Dob kin , A. Jones and R. Lipt on, 'Secure Data Bas es :Protect ion Against User Inference, ' ACM Transact ions onDatabase System s, volume 4, number 1, (March, 1979) pp. 97-106.

[30] D. Dolev and A. Yao, 'On the Securi ty of Public KeyProto cols , ' Proceedings 22nd Annual FOCS Symposium, IEEE,October, 198 1, pp. 350- 357.

[31] S. Even and Y. Yac obi, 'Cryptocom plexity and NP Completeness , ' (unpublished m a n u s c r i p t ) .

[32] H. Fei ste l, 'Cryptography and Computer Priv acy, ' ScientificAmerican, volume 228 (May, 1 9 7 3 ) , pp . 15-23 .

[33] Ford Aer ospa ce, 'Secure Minic omput er Operating System KSOS:Computer Program Develop ment Speci fica tions , Type B-5 ,Departme nt of Defense Kernel ized Secure Operating System. I.Security Kern el, II . Unix Emula tor, III. Security RelatedSoftware, Report WDL-TR7811, July 1978.

[34] Martin Gardne r, Math emati cal Games , Scientific American,volume 237, (August, 1 9 7 7 ) , pp . 120-124 .

[35] Ha rr is on , M. A., In tr od uc ti on to Fjor. m aj. Lat njgu ajje. Theory,Addison-W esley, Reading, Mass, 1978 . 461-47 1.

[36] Harri son, M.A. and Ruzzo, W. L., 'Monotonic Prote ctionSystems' , in DeMil lo, R.A. et al (editor s) F o u n d_a t i p n s .of,Secure Computat ion, Academic Press , Inc. , New York, 1978.

[37] M. Harri son, W. Ruzzo and J. Ullma n, 'Protection inOperati ng Syst ems , ' Communi cations of the ACM, volume 19,(1976) , pp. 461-47 1.

[38] Marti n E. Hellman , 'An Extens ion of the Shannon TheoryApproach to Cryptograp hy, ' IEEE Tran s. on InformationTheory, volume IT-23 (May, 1 9 7 7 ) , pp . 289- 294 .

[39] Marti n E. Hell man, 'An Overview of Public Key Cr ypto grap hy, 'IEEE Trans . on Commun icat ions, volume COM-16, (November,1 9 7 8 ) , pp . 24-32 .

[40] Marti n E. Hellm an, 'The Mathe matic s of Public Key Cryptograp hy, ' Scientific Ameri can, volume 241 (August, 1979) ,pp. 146-157 .

[41] T. Herles trom, 'Critical Remarks on Some Publi c-Key Cryp-tosys tems , ' BIT, vo lume 18 , (1978) , pp . 493-496 .

[42] Bruce Hoard, 'Technology Advances Seen Outpacing Securi ty, 'Computer World, June 23,198 0,p. 15.

[43] Jones , Anita, K., Prote ctio n in Programme d Systems PhD Disser tat ion, Carnegie-Mellon Universi ty, 1973.


13/16

1 9 0 B i b l i o g r a p h y

[ 4 4 ] A , J o n e s , R . L i p t o n a nd L . S n y d e r , 'A L i n e a r Ti m eA l g o r i t h m f or D e c i d i n g S e c u r i t y , ' 1 7 t h I E E E F O C S C o n f e r e n c e ,H o u s t o n , T X , O c t o b e r , 1 9 7 6 .

[ 4 5 ] D a v i d K a h n , T h e C o d e b r e a k e r s : T h e S t o r y o f S e c r e t Wr i t i n g ,M a c M i l l a n , N e w Yo r k , 1 9 6 7 .

[ 4 6] R . M . K a r p , 'Re d u e i b i l i t y A m o n g C o m b i n a t o r i a l P r o b l e m s , ' C o mp l e x i t y o f C o m p u t e r C o m p u t a t i o n s , i n M i l l e r , R . a ndT h a t c h e r , J, e d i t o r s , P l e n u m P r e s s , N e w Yo r k , 1 9 7 2 , p p . 8 5 -1 0 4 .

[ 4 7 ] S . K u l l b a c k , S t a t i s t i c a l M e t h o d s i n C r y p t a n a l y s i s , N S A Te c hn i c a l M o n o g r a p h S e r i e s , A e g e a n P a r k P r e s s , L a g u n a H i l l , C A ,1 9 7 6 .

[ 4 8 ] L . L a m p o r t , P a s s w o r d A u t h e n t i c a t i o n w i t h I n s e c u r e C o mm u n i c a t i o n , ' C o m m u n i c a t i o n s o f t he A C M , v o l u m e 2 4 , n u m b e r 11 ,( N o v e r m b e r , 1 9 8 1 ) , p p . 7 7 0 - 7 7 2 .

[4 9] L a m p s o n , B u t l e r W. , ' P r o t e c t i o n ' , P r o c e e d i n g s o f t h e F i f t hP r i n c e t o n C o n f e r e n c e o> n i n.f c rm a_t JL n S c. . en c_ e. a n d S y s t e m s , 43 7-4 4 3 , 1 9 7 1 .

[ 5 0 ] B . L a m p s o n , 'A N o t e o n th e C o n f i n e m e n t P r o b l e m , ' C o mm u n i c a t i o n s o f th e A C M , v o l u m e 1 6 , n u m b r 1 0 , ( O c t o b e r , 1 9 7 3 ) ,p p . 6 1 3 - 6 1 5 .

[ 5 1 ] R . J . L i p t o n , ' An I m p r o v e d P o w e r E n c r y p t i o n M e t h o d , 'u n p u b l i s h e d m a n u s c r i p t , 1 9 8 1 .

[ 5 2 ] R . J . L i p t o n , ' H ow t o C h e a t a t M e n t a l P o k e r , ' u n p u b l i s h e dm a n u s c r i p t , 1 9 8 0

[ 5 3 ] R . J. L i p t o n , 'A P u b l i c K e y E n c r y p t i o n M e t h o d B a s e d o nA l g e b r a i c N u m b e r T h e o r y, ' u n p u b l i s h e d m a n u s c r i p t , 1 9 8 1 .

[ 5 4 ] R . L i p t o n a n d L . S n y d e r , 'A L i n e a r Ti m e A l g o r i t h m f o r D e c i di ng S u b j e c t S e c u r i t y, ' J o u r n a l o f t h e A C M , v o l u m e 2 4 , n u m b e r3 , ( J u l y, 1 9 7 7 9 ) , p p .

[ 5 5 ] S . M a t y a s , ' D i g i t a l S i g n a t u r e s A n O v e r v i e w ' C o m p u t e rN e t w o r k s , v o l u m e 3 ( 1 9 7 9 ) , p p 8 7 - 9 4 .

[ 5 6 ] R a l p h M e r k l e , ' S e c u r e C o m m u n i c a t i o n s o v e r I n s e c u r e C h a n n e l s , 'C o m m u n i c a t i o n s o f t h e A C M , v o l u m e 2 1 , n u m b e r 4 ( A p r i l , 1 9 7 8 ) ,p p . 2 9 4 - 2 9 9 .

[ 5 7 ] R a l p h M e r k l e , ' P r o t o c o l s B a s e d o n P u b l i c K e y S y s t e m s , ' 1 9 8 0I E E E S y m p o s i u m o n S e c u r i t y a n d P r i v a c y, A p r i l , 1 9 8 0 ,B e r k e l e y, C A .

[ 5 8 ] R a l p h M e r k l e a n d M a r t i n H e l l m a n , ' H i d i n g I n f o r m a t i o n T r a p d o o rK n a p s a c k s , ' I E E E T r a n s a c t i o n s o n I n f o r m a t i o n T h e o r y, v o l u m eI T- 2 4 , n u m b e r 5 ( S e p t e m b e r , 1 9 7 8 ) , p p . 5 2 5 - 5 3 0 .

[ 5 9 ] M . J. M e r r i t t , C r y p t o g r a p h i c P r o t o c o l s , P h . D . T h e s i s ,G e o r g i a I n s t i t u e of Te c h n o l o g y, A t l a n t a , GA , ( a l s o a p p e a r s a sr e p or t G I T- I C S - 8 3 / 0 6 , F e b r u a r y , 1 9 8 3 ) .


14/16

Bibliography 191

[60] Donald V. Mill er, 'Ciphertext Only Attack on the Merk le-Hellman Public -Key System Under Broadcast Sit uat ion s, ' Cryp-tologia, volume 6, number 3, (July, 1 9 8 2 ) , pp . 279-281 .

[61] National Bureau of Stand ards, 'Data Encryp tion Stand ard, 'FIPS PUB 46, JAnuary 15, 1977

[62] Roger Needh am and Mich ael Sch roed er, 'Using Enc ryp tio n forAuth enti cati on in Large Networ ks of Comp uter s, ' Communic atio ns of the ACM, volume 21, number 12 (December, 1978 )pp. 993-999 .

[63] Peter Neuma nn, Richard Fierta g, Karl Levitt and L Robinson ,'Software Develop ment and Proofs of Multile vel Secur ity, '1976 Software Engineering Conference, pp. 421-428

[64] D. Park er, Crime by. Computer, Scri bner s, New York, 1976 .

[65] G. Popek and C. Kline , 'Encryption Prot ocol s, Public- KeyAlgori thms and Digita l Signatures in Computer Networ ks, ' inDeM ill o, R.A. et al ( ed i to rs ) , Fo un da ti on s


15/16


16/16

appliedcryptology, cryptographicprotocols, an d computersecuritymodels

Documents