Let X1, X2, . . . , Xk be independent n bit random variables. If they have arbitrary distributions, we show how to compute distributions like Pr{X1 ⊕ X2 ⊕ · · · ⊕ Xk} and ...
In this paper we revisit a known but ignored weakness of the RC4 keystream generator, where secret state info leaks to the generated keystream, and show that this leakage, also kno...
Abstract. This paper reconsiders the established Merkle-Damg˚ard design principle for iterated hash functions. The internal state size w of an iterated n-bit hash function is trea...
Abstract We provide evidence that the unforgeability of several discrete-log based signatures like Schnorr signatures cannot be equivalent to the discrete log problem in the standa...
Cryptosystems based on the knapsack problem were among the first public-key systems to be invented. Their high encryption/decryption rate attracted considerable interest until it ...
Many variants of Chaum and van Antwerpen’s undeniable signatures have been proposed to achieve specific properties desired in real-world applications of cryptography. Among them...
Abstract. We give improved upper bounds on the communication complexity of optimally-resilient secure multiparty computation in the cryptographic model. We consider evaluating an n...
The security of key agreement protocols has traditionally been notoriously hard to establish. In this paper we present a modular approach to the construction of proofs of security ...