errata

《应用密码学》协议、算法与C原程序(第二版)配套源码。很多人都需要的

From chinet.chinet.com!schneier@mcs.com Sat Jan 21 15:13:35 1995
Received: from ghost.dsi.unimi.it by idea.sec.dsi.unimi.it with SMTP
	(1.38.193.4/16.2) id AA11579; Sat, 21 Jan 1995 15:13:35 +0100
Return-Path: <chinet.chinet.com!schneier@mcs.com>
Received: from Kitten.mcs.com by ghost.dsi.unimi.it with SMTP id AA24202
  (5.65+/IDA-1.3.5 for vince@idea.sec.dsi.unimi.it); Sat, 21 Jan 95 15:09:01 +0100
Received: from mailbox.mcs.com (Mailbox.mcs.com [192.160.127.87]) by kitten.mcs.com (8.6.9/8.6.9) with SMTP id IAA09638 for <vince@dsi.unimi.it>; Sat, 21 Jan 1995 08:08:49 -0600
Received: by mailbox.mcs.com (/\==/\ Smail3.1.28.1 #28.5)
	id <m0rVgID-000jtFC@mailbox.mcs.com>; Sat, 21 Jan 95 07:55 CST
Message-Id: <m0rVgID-000jtFC@mailbox.mcs.com>
Apparently-To: vince@dsi.unimi.it
Date: Sat, 21 Jan 95 00:16 CST
From: schneier@chinet.chinet.com
Content-Length: 29548
Content-Type: text
X-Filter: mailagent [version 3.0 PL22] for vince@ghost.dsi.unimi.it
Status: RO

                  APPLIED CRYPTOGRAPHY

                         ERRATA
              Version 1.5.9 - June 15, 1994


This errata includes all errors I have found in the book,
including minor spelling and grammatical errors.  Please
distribute this errata sheet to anyone else who owns a copy of
the book.


Page xvii:  Third paragraph, first line:  "Part IV" should be
"Part III".

Page xviii:  "Xuija" should be "Xuejia".  "Mark Markowitz" should
be "Mike Markowitz".

Page 1:  First paragraph, fourth line:  "receiver cannot
intercept" should be "intermediary cannot intercept".

Page 2:  Third line:  "Outside the historical chapter" should be
"Outside the Classical Cryptography chapter".

Page 3:  Figure 1.2:  "with key" should be "with one key".

Page 4:  Eleventh line:  Delete the sentence which begins:  "In
instances where...."

Page 5:  "Chosen-plaintext attack":  "but they also choose the
encrypted plaintext" should be "but they choose the plaintexts to
encrypt".

Page 6:  Sixth and seventh lines:  "against symmetric" should be
"against a symmetric".

Page 8:  Second paragraph, first line:  "q code" should be "a
code".

Page 10:  Second paragraph, fifth line:  Reference "[744]" should
be "[774]".

Page 11:  Second paragraph:  "The rotations of the rotors are a
Caesar Cipher" should be "Each rotor is an arbitrary permutation
of the alphabet".

Page 13:  Third paragraph:  Delete parenthetical remark. Fourth
paragraph, second line:  "the key against" should be "the
ciphertext against".  Fifth paragraph:  "Shift the key" should be
"shift the ciphertext".  And:  "with text XORed with itself"
should be "with the plaintext XORed with itself shifted by the
key length."

Page 14:  Third line:  "to be any possible" should be "to
correspond to any possible".

Page 15:  Section 1.3, first line:  "Throughout this book use"
should be "Throughout this book I use".

Page 22:  Step (4): "gives the title" should be "gives the title
and keys".

Page 25:  "Attacks Against Protocols," first paragraph:  "the
protocol iself" should be "the protocol itself".

Page 27:  "One-Way Functions," second paragraph:  "millions of
years to compute this function" should be "millions of years
to compute the reverse function."  Fourth paragraph: "For
example, x^2" should be "For example, in a finite field x^2."

Page 28:  Third paragraph, third and fourth sentences should be
"How to put mail in a mailbox is public knowledge.  How to open
the mailbox is not public knowledge."

Page 29:  Third paragraph:  "If you only want" should be "If you
want only".

Page 30:  Fourth line:  "symmetric cryptosystems: by distributing
the key" should be "symmetric cryptosystems: distributing the
key".

Page 30:  "Attacks Against Public Key Cryptography," first
sentence:  "In all these public-key digital signature protocols"
should be "In all these public-key protocols".  Second
paragraph:  "The obvious way to exchange" should be "The obvious
way to get".  And: "The database also has to be protected from
access by anyone" should be "The database also has to be
protected from write access by anyone".  Last paragraph:
"substitute a key of his choosing for Alice's" should be
"substitute a key of his own choosing for Bob's".

Page 30:  Last line:  "substitute that key for his own public
key" should be "substitute his own key for that public key".

Page 32:  Ninth line:  Delete the word "encrypted".

Page 34:  "Signing Documents with..."  First sentence:  "too
inefficient to encrypt long documents" should be "too inefficient
to sign long documents".

Page 35:  Step (4), second sentence should be:  "He then, using
the digital signature algorithm, verifies the signed hash
with Alice's public key."

Page 36:  Second line:  "document encrypted with" should be
"document signed with".  "Multiple Signatures," step (4):  "Alice
or Bob sends" should be "Alice sends".

Page 38:  Fifth paragraph:  "V_X = E_X and that S_X = D_X" should
be "V_X = E_X and S_X = D_X".

Page 40:  Third line:  "computer can exist" should be "computer
can be".  Second paragraph:  Delete "should be runs of zeros and
the other half should be runs of ones; half the runs".  At the
end of the sentence, add "The distribution of run lengths for
zeros and ones should be the same."

Page 41:  Second paragraph:  At the end of the paragraph, add: 
"Cryptographically secure pseudo-random sequence generators
can only be compressed if you know the secret."  Last paragraph
should be: "The output of a generator satisfying these three
properties will be good enough for a one-time pad, key
generation, and any other cryptographic features that require a
truly random sequence generator."

Page 44:  Ninth line: "for Alice's" should be "for Bob's".

Page 46:  "Key and Message Transmission":  Second steps (1) and
(2) should be (5) and (6).

Page 49:  Second line:  "the user" should be "Alice".  First
protocol, steps (1) and (3):  "secret key" should be "private
key".

Page 50:  First step (3):  "With Alice's public key" should be
"with "Alice's" public key."

Page 51:  Step 5:  "with what he received from Bob" should be
"with what he received from Alice".

Page 55:  First step (2):  At the end of the step, add:  "He
sends both encrypted messages to Alice."

Page 58:  Last line: "Alice, Bob, and Carol" should be "Alice,
Bob, Carol, and Dave".

Page 59:  First line: "Alice, Bob, and Carol" should be "Alice,
Bob, Carol, and Dave".  Second paragraph:  "All Alice, Bob, and
Dave, combined, know" should be "All Alice, Bob, and Dave, each,
know".

Page 63:  Tenth line:  "signed timestamp" should be "signed
timestamped hash".  Step (3) is actually part of step (2), and
step (4) should be step (3).

Page 66:  Second line from bottom:  "identity" should be
"content".

Page 69:  Last line:  "tried to recover her private key" should
be "tries to recover Alice's private key".

Page 72:  The second set of steps (1) and (2) should be step (3)
and step (4).

Page 73:  "Bit Commitment Using One-Way Functions":  The general
class of one-way functions is suitable for this protocol, not
only one-way hash functions.  Last paragraph:  Second and third
sentences should be "Alice cannot cheat and find another message
(R_1,R_2',b'), such that H(R_1,R_2',b') = H(R_1,R_2,b).  If Alice
didn't send Bob R_1, then she could change the value of both R_1
and R_2 and then the value of the bit."

Page 75:  First paragraph after quotation:  "over modem" should
be "over a modem".

Page 76:  First paragraph of text, third sentence: "Additionally,
f(x) must produce even and odd numbers with equal probability"
should be "Additionally, Alice should ensure that the random
number x takes even and odd values with equal probability". 
Fifth sentence: " For example, if f(x) produces even numbers 70%
of the time" should be "For example, if x takes even values 75%
of the time".

Page 77:  "Flipping Coins into a Well," first line:  "neither
party learns the result" should be "Alice and Bob don't learn the
result".  Third line:  parenthetical remark should be:  "Alice in
the first two protocls and Bob in the last one".

Page 78:  Step (1):  "Alice, Bob, and Carol all generate" should
be "Alice, Bob, and Carol each generate".

Page 80:  Second paragraph, second sentence.  It should read: "A
general n-player poker protocol that eliminates the problem of
information leakage was developed in [228]."

Page 81:  Last sentence:  delete it.

Page 83:  Fourth line:  "five" should be "n", twice.  Step (2): 
"This message must" should be "These messages must".  Second
sentence after protocol:  "Neither the KDC" should be "Before
this surerendering, neither the KDC".

Page 87:  Second sentence after protocol:  "so that Bob" should
be "so that Victor".  "Hamilton Cycles":  "Alice" should be
"Peggy".

Page 88:  "Graph Isomorphism", second sentence:  "Peggy knows
that two graphs, G_1 and G_2, are isomorphic" should be "Peggy
knows the isomorphism between two graphs, G_1 and G_2."

Page 90:  Last paragraph:  "step (3)" should be "step (4)".

Page 91:  Second line:  "step (3)" should be "step (4)".

Page 93:  "Blind Signatures," first line:  "An essential in all"
should be "An essential feature of all".

Page 98:  First paragraph after protocol, fourth line:  "to
determine the DES key with the other encrypted message" should be
"to determine the DES key that the other encrypted message was
encrypted in."

Page 115:  "Protocol #2," third paragraph:  "together determine
if f(a,b)" should be "together determine f(a,b)".

Page 121:  Second paragraph: Delete the colon in the third line. 
Step (11), sixth line:  "a diferent identity string" should be "a
different selector string".

Page 131:  Fifth paragraph:  "each capable of checking 265
million keys" should be "each capable of checking 256 million
keys".

Page 133:  Table 7.2:  Third number in third column, "1.2308"
should be "0.2308".

Page 134:  Table 7.3:  "1027" should be "10^27".

Page 135:  table 7.4:  "Cost-per-Period of Breaking a 56-bit Key"
should be "Cost-per-Period of Breaking a Given Length Key".

Page 139:  Indented paragraph:  "could break the system" should
be "could break the system within one year".

Page 141:  "Reduced Keyspaces," last sentence:  "don't expect
your keys to stand up" should be "don't expect short keys to
stand up".

Page 148:  Eighth line:  "2^24" should be "2^32".

Page 156:  Second paragraph:  "blocks 5 through 10" should be
"blocks 5 through 12".

Page 157:  Figure 8.2:  "IO" should be "IV".

Page 158:  Fifth line:  "P_i" and "D_K" should be in italics.

Page 159:  Figure 8.3:  "IO" should be "IV".

Page 161:  Figure 8.5:  "Decrypt" should be "Encrypt".

Page 162:  Figure 8.6:  "Encipherment" diagram: Input should be
"p_i" instead of "b_i", and output should be "c_i" instead of
"p_i".  "Decipherment" diagram:  "Decrypt" should be "Encrypt".

Page 164:  Figure 8.7:  "IO" should be "IV".

Page 165:  Last equation:  There should be a "(P)" at the end of
that equation.

Page 167:  Second paragraph, last line:  "2^(2n-4)" should be
"2^(2n-14)".

Page 168:  Figure 8.8:  This figure is wrong.  The encryption
blocks in the second row should be off-centered from the
encryption blocks in the first and third row by half a block
length.  The pads are half a block length.

Page 174:  Middle of page:  Equations should be:
   k_2 = c'_2 XOR p', and then p_2 = c_2 XOR k_2
   k_3 = c'_3 XOR p_2, and then p_3 = c_3 XOR k_3
   k_4 = c'_4 XOR p_3, and then p_4 = c_4 XOR k_4

Page 175:  Last paragraph, second line:  "acting as the output
function" should be "acting as the next-state function".

Page 177:  Diffie's quote, second to last line:  "proposal to
built" should be "proposal to build".

Page 178:  Figure 8.20:  In "Node 2", the subscripts should be
"D_2" and "E_3".

Page 190:  Fourth paragraph, last line:  "to determine M" should
be "to determine P".

Page 191:  First paragraph:  "3.5" should be "6.8" in fourth
line.  "0.56" should be "0.15".  "EBCDIC (Extended Binary-Coded
Decimal Interchange Code)" should be "BAUDOT".  "0.30" should be
"0.76".  "0.70" should be "0.24".

Page 193:  Second sentence:  "but does guarantee security if it's
high" should be "but does not guarantee security if it's high."

Page 197:  Second paragraph, second sentence:  "it has never been
proven that P = NP" should be "it has never been proven that P =
NP or that P <> NP".  Third paragraph, fifth sentence:  "Thus
SATISFIABILITY is the hardest problem in NP" should be "Thus,
there is no problem harder than SATISFIABILITY in NP".

Page 198:  Fourth paragraph from bottom, second sentence:  "If a
and b are positive and a is less than n, you can think of a as
the remainder of b when divided by n" should be "If a and b are
positive and b is less than n, you can think of b as the
remainder of a when divided by n".

Page 199:  Middle of the page:  In the sentence "Calculating the
power of a number modulo a number", "a" should not be italicized. 
Fourth line from bottom:  "expresses n as a sum" should be
"expresses x as a sum".

Page 201:  First line of code:  Remove "assuming x and y are >
0".

Page 202:  Ninth line:  "The modular reduction" should be "the
modular inverse".  Middle of the page:  In the sentence "Now, how
do you go about finding the inverse of a modulo n?" "a" should be
italicized.

Page 206:  Legendre Symbol:  "L(a,p) = 0 if a divides p" should
be "L(a,p) = 0 if a is divisible by p".  "L(a,p) = -1 if a is a
nonresidue mod p" should be "L(a,p) = -1 if a is a
quadratic nonresidue mod p".

Page 207:  "Jacobi Symbol," formula:  Variable "h" should be "a".
Also, J(0,n) = 0.

Page 208:  Thirteenth line: "If a = 1, then J(a/p) = 1" should be
"If a = 1, then J(a,p) = 1".  Third line from the bottom:  "for
each n from 0 to p-1" should be "for each n from 1 to p-1".

Page 209:  Fourth paragraph:  "If that value does not equal q"
should be "If that value does not equal 1".

Page 210:  Fifth line:  "age 21" should be "age 20".

Page 213:  Second to last paragraph:  "10^150" should be
"10^151", "one in log N" should be "one in ln N", and "would
still be 10^110 primes left over" should be "would still be
enough for 10^34 other universes".

Page 214: Solovay-Strassen, second sentence:  "Jacobi function"
should be "Jacobi symbol".  Last line:  "n" should be "p".  Lines
29, 30, and 31: "r" should be "a", and "gcd(p,r)" should be
gcd(a,p)".

Page 215:  Lehman test, step 5:  All three "(n-1)/2" should be
exponents.

Page 217:  There should be an open parenthesis in front of the
second "ln" in both exponents.  Sixth paragraph:  "Guassian"
should be "Gaussian".

Page 222:  "Validation and Certification of DES Equipment," first
line:  "As part of the standard, the DES NIST" should be "As part
of DES, NIST".

Page 223:  Second to last paragraph, last line.  Reference
"[472]" should be "[473]".

Page 225:  Figure 10.2:  L_i is taken from R_(i-1) before the
expansion permutation, not after.  And "L_(i)-1" should be
"L_(i-1)".

Page 226:  Third sentence: "bit 1 to bit 58, bit 2 to bit 50, bit
3 to bit 42, etc." should be "bit 58 to bit 1, bit 50 to bit 2,
bit 42 to bit 3, etc."

Page 227:  Fourth line from bottom: "output positions that
correspond" should be "output positions correspond".

Page 228:  Fourth paragraph, last line:  "0 to 16" should be 0 to
15".

Page 228:  Fifth paragraph should read:  "For example, assume
that the input to the sixth S-box (that is, bits 31 through 36 of