<<

. 4
( 5 .)



>>

polygraphic substitution, 601 propagation characteristics of
Rabin cryptosystem, 501
polynomial basis representation, 211 Boolean functions, 55, 481
Rabin digital signature scheme, 502
polynomial complexity, 465 propagation criterion, 481
Rabin-Miller test, 291, 436, 437
polynomial function, 464, 465 proposed encryption standard, 271
Rabin™s primality test, 473, 474, 475
polynomial security, 93 protection, 2
RACE project, 408, 409
polynomial time, 464 protection pro¬le, 87, 229
radio frequency attacks, 503
polyphony, 202 protocol, 482
rainbow tables, 615
Pontifex, 593 Proton, 362, 482
ramp scheme, 545
Porta encryption, 465 provable prime, 472
random bit generation (hardware),
Porta table, 465 provable security, 12
509
POS, 66 prover, 297, 593
random key, 324
postal security device, 178 provisioning, 283
random oracle model, 514
power analysis, 572, 573 proxy encryption, 488
random preimage attack, 259
power trace, 152 proxy signatures, 490
random sequence, 323
PP, 87, 229 PSAM, 66
random squares method, 294
pre-charged dual rail logic, 575 PSD, 178
randomized algorithm, 94, 95
predecessor attack, 385 PSEC-KEM, 411
randomness postulates of Golomb, 242
predictable sequence, 350 PSEP, 582
randomness source, 511
preimage resistance, 257, 465 pseudo-Hadamard transform, 638
rank metric, 376
pre-pay, 176 pseudo Mersenne prime, 482
rational points, 186
preperiod, 415 pseudo-noise sequence, 483
RC2, 515, 518
Pretty Good Privacy, 466 pseudonym, 476, 477, 483
RC4, 515
PRIMALITY problem, 93 pseudonymity, 10
RC5, 515
primality proving algorithm, 470, pseudoprime, 472, 484
RC6, 516
472 pseudo-random function, 146, 485
rchop, 386, 387
primality test, 470 pseudo-random number generator,
reactive defense password, 455
prime certi¬cate, 68 485
receipt-free problem, 180
prime ¬eld, 227 pseudo-random permutation, 358, 359
receiver deniable encryption, 142
prime ¬eld anomalous curve, 187 pseudo-random sequence, 242
recipient anonymity, 517
prime generation, 470, 472, 474 PSS, 530, 534
recipient unobservability, 517
prime number, 470“75 PSS-R, 530, 581
record layer, 548
prime number theorem, 436, 471 public key based protocol, 222
rectangle attack, 56, 62, 150
prime-order ¬eld, 227, 393 public key certi¬cate, 67
reduced, 346
priming key character, 323 public key cryptography, 487
reducible polynomial, 313
primitive cyclic code, 124 public key cryptography standards, 459
reduction, 93, 94
primitive element, 476 Public Key Infrastructure, 488
reductionist, 443
primitive polynomial, 126, 373, 476 public key proxy encryption, 488
redundancy, 290
primitive root, 240 public key proxy signatures, 490
Reed-Muller codes, 517
principal ideal, 125 public key stegosystem, 163
Reed“Solomon code, 125
principal ideal ring, 125 public key watermarking, 656
Registration Authority, 518
privacy, 11, 12, 282, 284, 285, 476 public watermarking, 655
re-keying, 245, 247
Privacy Enhanced Mail, 455 publicly veri¬able secret sharing, 646
related key attack, 518
privacy enhancing technologies, 478 purchase secure application module,
relationship anonymity, 88
private key cryptosystem, 324, 603 66
relationship pseudonym, 484
private key generator, 273 pure circulating register, 139
682 Index


relatively prime, 519 safeguard selection, 629 SEMA, 171
relay attack, 519 SAFER, 518, 627 semagram, 118
reliability, 174, 176, 245, 606 sally, 462 semantic security, 417, 559
relying party, 67, 594 salt, 541 semi-honest adversary, 399
remote DoS attack, 143 SAML, 479 semi-weak key, 130
repeated key, 323 SAN, 602 sender anonymity, 560
replay attack, 80, 312, 329, 519 SASAS, 405 sender deniable encryption, 142
repository, 283, 617 Satoh™s algorithm, 190 sensitivity level, 6
representation (lambda), 194 saturation attack, 405, 639 sensor, 299, 300
request for comment, 455, 459 SBEMP, 504 sensor module, 35
resettable zero-knowledge, 672 scalable GKE, 245 sequences, 560
residue class, 206, 391 scalar multiplication, 191, 244, 608 sequential composition, 672
resilience, 612 scanning electron microscope, 302 Serpent, 563
resiliency order, 83, 105 Schnorr digital signature scheme, ServerHello, 549
resilient, 55, 105 541 session key, 244, 324, 329, 457
response, 519 Schnorr Identi¬cation, 542 session pseudonym, 484
resynchronization attack, 519 Schoof ™s algorithm, 190 SET, 176, 564
retail MAC, 64, 65, 365 SDA, 198 S-expression, 594
reversed alphabet, 10 SDMI, 656 SFLASH, 410, 411
revocable credentials, 110 SDSI, 593 SGEMP, 505
revocation scheme, 56, 57, 278, 669 SDSI names, 593, 594 SHA family (Secure Hash
RF attack, 503 SEAL, 543 Algorithm), 410, 565
RFC, 366, 455, 459 second preimage resistance, 257, SHACAL, 410, 411
right, 462, 520 543 Shamir™s threshold scheme, 567
right-to-left exponentiation, 33, 520, secrecy, 118 Shamir™s ultimate knapsack scheme,
583, 588, 640 secret key cryptosystem, 325, 603 336
rights management, 520 secret sharing scheme, 544 Shamir“Zippel scheme, 335
Rijndael, 520“24 secretive defense password, 455 Shank™s baby“step giant“step method,
ring, 524 secure channel, 568 165
ring homomorphism, 268 secure digital music initiative, 656 Shannon™s maxim, 372
RIPE, 408, 409, 411 Secure Electronic Transactions, 176, Shannon™s main theorem, 290
RIPEMD family, 260, 366, 524 564 Shannon™s model, 568
risk, 629 Secure Hash Algorithm, 565 Shannon theory, 289, 290
risk management, 200 secure HTTP, 268 share, 568
RMAC, 65, 366 Secure Shell, 596 sharing rules, 545
robust, 612, 655 secure signatures from the “strong SHARK, 298
Rohrbach™s maxim, 371 RSA” assumption, 546 Shawe-Taylor™s algorithm, 474, 475
role hierarchy, 5 Secure Socket Layer (SSL), 14, 548 shift-and-add property, 373
root CA, 564 SecureID, 367 shift register sequence, 373
rotor, 116 security, 12, 551 shifted alphabet, 10
round, 245, 480 Security Architecture, 551 Sh¨ nhage and Strasse method, 403
o
round function, 41, 258 security assertion markup language, short digital signatures, 49
rounds complexity, 245 479 shortest vector problem, 569
RP, 67, 594 security association, 311 shrinking generator, 570
RS code, 125 security association database, 311 shuf¬‚ing procedure, 180
RSA assumption, 532, 534, 537 security boundary, 456 side-channel analysis, 571
RSA-CRT, 666 Security Evaluation Criteria, 552 side-channel attacks, 576
RSA cryptosystem, 527, 528, 537 security gateways, 311 Siegenthaler, 105
RSA digital signature scheme, 527 security label, 6 sieve of Eratosthenes, 471
RSA factoring challenge, 531 security level, 228, 229 sieving, 577
RSA-KEM, 411 security module, 254 sieving in function ¬elds, 577
RSA number, 531 security parameter, 93, 551 sieving technique, 287
RSA problem, 532, 537 security parameter index, 311 SIGABA, 117
RSA-PSS, 410 security policy, 660, 663 SIGMYC, 117
RSA public-key encryption, 536 security policy database, 311 sign function, 54
Rule Book, 52 security standards activities, 552 signature, 158, 299, 463
run, 539 security target, 86, 456 signcryption, 578
run property, 373 seed, 485 signed digit exponentiation, 583
running-key, 323, 539 selective forgery, 363, 558 signer™s security, 214
running time, 92 self-initializing Quadratic Sieve, 495 signing algorithm, 158
self-reciprocal permutation, 600 silo, 285
S self-reducibility, 533 simple distributed security
self-shrinking generator, 558 infrastructure, 593
SA, 311, 312 self-synchronizing stream cipher, simple electromagnetic analysis, 171
SAC, 55 559 simple mail transport protocol, 231
SAEP+, 444 seller, 462 simple power analysis, 152, 171, 302,
safe prime, 541 SEM, 302 573
Index 683


simple public key infrastructure, 593 statistically secure steganography, 161 tamper response, 605
simple substitution, 343, 601 steganography, 118, 159“63 Tandem Davies-Meyer hash function,
Simpli¬ed Asymmetric Encryption stegosystem, 159, 160 263
Padding, 444 stegotext, 159 tapping sequence, 223
simultaneous exponentiation, 584 Steiner™s algorithm, 31 target collision resistant, 643
simultaneous security, 253 stop-and-go generator, 350 target LFSR, 216
simultaneous sliding window straddling cipher, 601 Target of Evaluation, 229
exponentiation, 585 straddling encryption, 601 Tate pairing, 187, 273, 275
single sign-on, 283 stream cipher, 596, 601 TC, 198, 200
singleton bound, 126 strict avalanche criterion, 55 TCP, 230, 231, 232
size, 545 strong liar, 473 TCPA, 101
Skipjack, 327, 586 strong prime, 597 TCR, 643
Sky Videocrypt system, 367 strong pseudoprime, 473 TCSEC, 552
slid pair, 587 strong pseudoprime test, 436, 473 TDEA, 626
slide attack, 587 strong RSA assumption, 534, 546, TEA, 518
slide-with a twist, 587 597 teardrop, 300
sliding window exponentiation, 588 strongly unforgeable, 14 TED, 506
SLN, 602 structural cryptanalysis, 598 Telepass, 367
slow key-schedule, 133 structures, 152, 287 teletype alphabet, 9
small polynomial, 465 STS protocol, 596 tempest, 170, 605
smartcard tamper resistance, 218, sub-exponential time, 598 ternary alphabet, 9
306, 590 sub¬eld, 211 TGS, 329
S/MIME, 554, 591 sub¬eld inversion, 309 theta-notation, 447
smooth number, 493, 592 sub¬eld operations, 448 three-GPP-MAC, 65, 366
smooth polynomial, 592 subgroup, 598 threshold authentication, 606
smoothness, 592 subgroup cryptosystems, 598 threshold cryptography, 606“10
smoothness probability, 593 subject, 595 threshold decryption, 606, 607
SMTP, 231 subliminal channel, 106 threshold pseudorandomness, 606
Snefru, 628 subpolynomial time, 465 threshold scheme, 606, 608
SNFS, 430, 431 subscriber registration model, 631 threshold security, 606
snif¬ng, 663 subset difference method, 57 threshold signature, 399, 400, 607,
SNORT, 301 subset sum problem, 96, 333 611“13
SOBER-128, 19 substitution, 130, 458, 599“601 threshold subject, 595
software attack, 302, 590 substitution-af¬ne network, 602 threshold tracing, 623
Solitaire, 593 substitution attack, 21 Through Transport Club, 52
Solovay & Strassen™s primality test, substitution cipher, 600 ticket, 99, 329
473, 475 substitution-linear network, 602 ticket granting server, 329
Sophie Germain prime, 541 substitution-permutation (SP) t-identi¬able parent property, 226
soundness, 146, 298, 641 network, 602 time-memory tradeoff, 43, 614
SP network, 41, 602 substitution-permutation sandwich, 602 time stamping, 71, 329, 616“19
SPA, 152, 171, 302, 573 successive minima, 346 timing attack, 302, 384, 619
SPD, 311 summation generator, 602 title registry, 52
special NFS, 430, 431 sum-of-squares indicator, 55 TLS, 120, 122, 123, 362, 366, 554, 624
special purpose primality test, 437, 438 super pseudorandom permutation, 359 TM system, 463
SPKI/SDSI, 555, 593 superelliptic curves, 577 TOE, 229
SPN, 602 superencryption, 202, 480 token, 621
spoo¬ng, 144, 232 superimposition, 115 Toom-Cook multiplication, 402
square-and-multiply algorithm, 33, 537 superincreasing sequence, 333 TOS, 311
square attack, 62, 405 supersingular curve, 185 total break, 37, 43
square-root bound, 21 support, 53 totient function, 394
SQUFOF algorithm, 494 SVP, 569 TR, 52
SSH, 14, 596 S.W.I.F.T., 52, 366 trace function, 53, 127, 192, 374, 571,
SSL-protocol, 123, 548 symmetric cryptosystem, 11, 325, 573, 599
stage, 355 602 traceability, 251, 613
standard alphabet, 10 symmetric proxy encryption, 489 tracing for watermarking, 225
state, 355 symmetric proxy signature scheme, 490 tracing mechanism, 56
stateful ¬rewall, 232 symmetry of position, 115 traf¬c normalization, 232
stateless, 56, 57 synchronous stream cipher, 603 traitor, 621
static, 25, 325, 612 systematic cyclic code, 124 traitor tracing, 101, 225, 621
static adversary, 399 transaction pseudonym, 484
T
static data authentication, 198, 199 transform, 310, 311
static group signature, 250 transform mode, 311
T method, 149
static off-line CAM, 198 transient electromagnetic device, 506
table attack, 43
station-to-station protocol, 596 transitive signature, 238
tag, 21, 595
statistical cryptanalysis, 44 translucent, 489, 490
tamper detection, 605
statistical test, 487 transmission control protocol, 230, 231
tamper resistance, 605
statistical zero knowledge, 671 transparent, 489, 490
684 Index


Transport Layer Security (TLS), 14, unique SVP, 348 Walsh transform, 54, 104, 105, 217
554, 624 unit, 524 watermarking, 161, 225, 655
transposition, 343, 601 universal break, 37 weak collision resistance, 257
transposition cipher, 601 universal conversion operation, 642 weak keys, 271, 656
trapdoor one-way function, 625 universal nonlinearity bound, 416 weak plaintext awareness, 443, 444
trapdoor permutation, 625 Universal One-Way Hash Functions web browser security, 657
treble key, 323 (UOWHF), 257, 643 web of trust, 468
trial division, 292, 471 universal padding schemes, 582 web security, 657“65
Triple DES, 133, 626 universal statistical test, 487 wedge device, 198
triple encryption, 46 universal stegosystem, 162 Wegman-Carter construction, 14, 16,
Trojan horses, computer viruses universal veri¬ability, 145, 642 18
and worms, 627, 648, 663 unlinkability, 251, 644 Weierstrass equation, 183
truncated differentials, 149, 383, 627 unlinkable credentials, 110 weight, 124
Trust Management system, 463 unobstrusiveness, 655 Weil descent, 188
trust model, 628“36 untraceability, 644 Weil pairing, 49, 187, 275
trust model business controls, 634 unveil phase, 84 Weil™s theorem, 186
trust relationship, 628 UOWHF, 643 WEP, 13
trusted access structure, 7 U.S. FPKI, 556 Whirlpool, 261, 410, 411
trusted authority, 637 user authentication, 644 whitening, 46, 146, 576
trusted Center, 245 user data protocol, 311 wide-sense ¬ngerprinting, 226
trusted computer system evaluation user datagram protocol, 230, 231 wide trail strategy, 521
criteria, 552 uSVP, 348 width-w NAF, 193
trusted computing platform alliance, 101 Wiener, Boneh-Durfee and May
trusted group authority, 250, 612, 645 attacks on the RSA public key
V
trusted path, 229, 454 cryptosystem, 666
trusted third party, 630 Wi-Fi, 515
validation, 616
Trusted Third Party, 637 winnowing, 72
validity, 595
truth table, 53 wired equivalent privacy protocol, 13

<<

. 4
( 5 .)



>>