📄 book-index.html
字号:
<DD>Oblivious transfer, 116–117, 550<DD>Oblivous signatures, 117<DD>OFB, <I>see</I> Output-feedback mode<DD>Ohta, Kazuo, 146, 501<DD>Ohta-Okamoto identification scheme, 508<DD>Okamoto, Tatsuaki, 146, 501<DD>1/p generator, 414<DD>One-time pad, 15–17<DL><DD>hiding ciphertext in ciphertext, 227–228</DL><DD>One-time tape, 418<DD>One-way accumulators, 95–96, 543<DD>One-way function, 29–30<DL><DD>authentication using, 52<DD>bit commitment using, 87–88<DD>coin flipping using, 90<DD>trap-door, 158</DL><DD>One-way hash functions, 30–31, 351–354<DL><DD>background, 429–431<DD>birthday attacks, 165–166, 430<DD>choosing, 455<DD>cipher security, 353–354<DD>compression function, 431<DD>encryption speeds, 456<DD>HAVAL, 445–446<DD>improved arbitrated solution, 76<DD>Karn, 351–352<DD>length, 430–431<DD>Luby-Rackoff, 352–353<DD>MD2, 441<DD>MD3, 446<DD>MD4, 435–436<DD>MD5, 436–441<DD>MD-strengthening, 431<DD>message authentication codes, 455–459<DD>Message Digest Cipher, 353–354<DD>multiple signatures, 40<DD><I>N</I>-Hash, 433–435<DD>RIPE-MD, 445<DD>Secure Hash Algorithm, 442–445signing documents with, 38–39<DD>Snefru, 432<DD>as unbiased random-bit generator, 107<DD>using public-key algorithms, 455<DD>using symmetric block algorithms, 446–455<DL><DD>AR hash function, 453<DD>GOST hash function, 454<DD>hash length equals block size, 447–449<DD>LOKI Double-Block, 451<DD>MDC-2 and MDC-4, 452–454<DD>modified Davies-Meyer, 449–450<DD>parallel Davies-Meyer, 451<DD>Preneel-Bosselaers-Govaerts-Vandewalle, 450<DD>Quisquater-Girault, 450<DD>tandem and abreast Davies-Meyer, 451–452</DL></DL><DD>Ong-Schnorr-Shamir, 498–499, 531–532<DD>Orange Book, 599–600<DD>Otway-Rees protocol, 59–60<DD>Outerbridge, Richard, 363<DD>Outer-CBC, 360<DD>Output-feedback mode, 203–205, 208–210<DL><DD>combined with ECB, 364<DD>DES, 277<DD>with a nonlinear function, 208</DL><DD>Overtake, 598<DD>Overwriting, 229<DD>Padding:<DL><DD>cipher block chaining mode, 195<DD>electronic codebook mode, 190–191<DD>MD5, 436<DD>Secure Hash Algorithm, 442<DD>triple encryption with, 362</DL><DD>Painvin, Georges, 12<DD>Pass phrases, 174–175<DD>Passive attack, 27<DD>Passive cheaters, 27<DD>Patents, 609–610; <I>See also</I> specific algorithms<DD>P-boxes:<DL><DD>design criteria, 294<DD>permutation, 275, 277, 316</DL><DD>PEM, <I>see</I> Privacy-Enhanced Mail<DD>Perfect secrecy, 235<DD>Period, 11<DL><DD>shift register, 373</DL><DD>Permutation, 237<DL><DD>key, DES, 272–273</DL><DD>PES, 319, 324<DD>Pike, 391–392<DD>PKZIP, 394–395<DD>Plaintext, 1–2<DD>Plaintext block chaining mode, 208<DD>Plaintext feedback mode, 208<DD>Plaintext pair, right and wrong pairs, 287<DD>Pless generator, 413–414<DD>p-NEW scheme, 498<DD>Pohlig, Stephen, 262<DD>Pohlig-Hellman encryption scheme, 474<DD>Polarized photons, 555<DD>Pollard’s Monte Carlo algorithm, 256<DD>Polyalphabetic substitution cipher, 10–11<DD>Polygram substitution cipher, 10–11<DD>Polynomials:<DL><DD>degree, shift register length, 374<DD>dense, 378<DD>irreducible, 255, 481<DD>sparse, 378</DL><DD>Pomerance, Carl, 257<DD>Powerline System, 466<DD>Pre-image, 30<DD>Preneel, Bart, 457<DD>Preneel-Bosselaers-Govaerts-Vandewalle, 450<DD>Pretty Good Privacy, 584–587<DD>Price, William, 562<DD>Prime numbers, 245<DL><DD>generation, 258–261<DL><DD>DSA, 488–490<DD>practical considerations, 260–260</DL><DD>relatively prime, 245<DD>strong, 261</DL><DD>Primitive, 253<DD>Principal square root, 251<DD>Privacy-Enhanced Mail, 577–584<DL><DD>certificates, 579<DD>documents, 578<DD>messages, 579–582<DD>RIPEM, 583–584<DD>security, 582–583<DD>TIS/PEM, 583</DL><DD>Private key, 5<DL><DD>creating public key from, 464<DD>for public-key cryptography, lifetime, 184</DL><DD>Probabilistic encryption, 552–554<DD>Problems:<DL><DD>complexity, 239–241<DD>EXPTIME, 241<DD>hard, 239<DD>intractable, 239<DD>PSPACE, 241</DL><DD>Problems (<I>Cont.</I>)<DL><DD>tractable, 239<DD>undecidable, 240<DD><I>See also</I> NP-complete problem</DL><DD>Processing complexity, 9<DD>Product cipher, 347<DD>Proofs of Membership, 111<DD>Propagating cipher block chaining mode, 207<DD>Proposed Encryption Standard, 319<DD>Protocols, 21, 47<DL><DD>adjudicated, 26, 70–71<DD>all-or-nothing disclosure of secrets, 96<DD>analysis, approaches, 65–66<DD>anonymous message broadcast, 137–139<DD>arbitrated, 23–26<DD>attacks against, 27<DD>authentication, 576–577<DD>authentication and key-exchange, formal analysis, 65–68<DD>BAN logic, 66–67<DD>basic zero-knowledge, 102–104<DD>bit commitment, 86–88<DD>blind signatures, 112–115<DD>characteristics, 21<DD>cryptographic, 22<DD>DASS, 62<DD>definition, 21<DD>Denning-Sacco, 63<DD>digital cash, <I>see</I> Digital cash<DD>digital certified mail, 122–123<DD>digital signatures, 40<DD>distributed, timestamping, 77–78<DD>fair coin flips, 89–92<DD>IBM Common Cryptographic Architecture, 573–574<DD>IBM secret-key management, 561–562<DD>identity-based public-key cryptography, 115<DD>interactive, 103<DD>interlock, 49–50, 54–55<DD>Kerberos, 60, 566–571<DD>key escrow, 97–100<DD>key exchange, 47–52<DD>KryptoKnight, 571–572<DD>lessons, 64–65<DD>mental poker, 92–95<DD>multiparty unconditionally secure, 137<DD>Needham-Schroeder, 58<DD>Neuman-Stubblebine, 60–62<DD>oblivious signatures, 117<DD>oblivious transfer, 116–117<DD>one-way accumulators, 95–96<DD>Otway-Rees, 59–60<DD>purpose, 22–23<DD>secret splitting, 70–71<DD>secure circuit evaluation, 137<DD>secure elections, <I>see</I> Secure elections<DD>secure multiparty computation, 134–137<DD>self-enforcing, 26–27<DD>SESAME, 572<DD>simultaneous contract signing, 118–122<DD>simultaneous exchange of secrets, 123–124<DD>subliminal channel, 79–80<DD>timestamping, 75–79<DD>types, 24<DD>Wide-Mouth Frog, 56–57<DD>Woo-Lam, 63–64<DD>Yahalom, 57–58<DD><I>See also</I> Authentication; Zero-knowledge proofs</DL><DD>Pseudo-Hadamard Transform, 340<DD>Pseudo-random function family, SEAL, 398–399<DD>Pseudo-random-number generator, 78, 416<DD>Pseudo-random sequence, 44–45<DD>Pseudo-random-sequence generator, 44<DL><DD>bit commitment using, 88<DD>generating multiple streams, 420–421<DD>linear congruential generators, 369–372<DD>linear feedback shift registers, 372–379</DL><DD>PSPACE, 241<DD>Public key, 5<DL><DD>certificates, 185–187<DD>creating from private key, 464<DD>key length, 158–165<DL><DD>recommended lengths, 161–163</DL><DD>key management, 185–187</DL><DD>Public-key algorithms, 4–5, 33, 500–502<DL><DD>background, 461–462<DD>based on linear error-correcting codes, 480<DD>Diffie-Hellman, 513<DD>ElGamal, 476–479<DD>elliptic curve cryptosystems, 480–481<DD>finite automaton cryptosystems, 482<DD>knapsack algorithms, 462–466<DD>LUC, 481<DD>McEliece, 479–480<DD>one-way hash functions using, 455<DD>Pohlig-Hellman, 474<DD>Rabin, 475–476<DD>RSA, <I>see</I> RSA<DD>security, 461–462<DD>strength, 502</DL><DD>Public-key cryptography:<DL><DD>attacks against, 43–44<DD>authentication using, 53–54<DD>coin flipping using, 90–91<DD>communications using, 31–34<DD>identity-based, 115<DD>key exchange with, 48<DD>multiple-key, 68–69<DD>private keys, lifetime, 184<DD>signing documents with, 37–38<DL><DD>one-way hash functions, 38–39</DL><DD>versus symmetric cryptography, 216–217</DL><DD>Public-Key Cryptography Standards, 588–589<DD>Public Key Partners, 604–605<DD>Public-key ring, 585<DD>Purchase-key attack, 7<DD>Quadratic nonresidues, 251<DD>Quadratic residues, 250–251<DL><DD>generator, 417</DL><DD>Quadratic sieve, 256<DL><DD>factoring, 159</DL><DD>Quantum computing, 164–165<DD>Quantum cryptography, 554–557<DD>Quintuple encryption, 366<DD>Quisquater, Jean-Jacques, 102, 508<DD>Quisquater-Girault, 450<DD>Rabin, 475–476<DD>Rabin, Michael, 103, 259, 518, 550<DD>Rabin-Miller algorithm, 259–260<DD>RACE Integrity Primitives Evaluation, 605–606<DD>Rackoff, Charles, 352<DD>Rainbow Books, 600<DD>Rambutan, 390<DD>Random keys, 173–174<DD>Random noise, as random-sequence generator, 423–424<DD>Random-number generation, 44<DD>Random-sequence generators, 421–428<DL><DD>biases and correlations, 425–426<DD>computer clock, 424<DD>distilling randomness, 426–428<DD>keyboard latency measurement, 424–425<DD>RAND tables, 422–423<DD>using random noise, 423–424</DL><DD>Random sequences, real, 45–46<DD>Randomized approach, stream ciphers, 415<DD>Randomized stream cipher, 419<DD>Randomness, distilling, 426–428<DD>RAND tables, 422–423<DD>Rao-Nam algorithm, 346<DD>Rate of the language, 234<DD>RC2, 318–319<DD>RC4, 319, 397–398<DD>RC5, 344–346<DL><DD>source code, 659–662</DL><DD>RDES, 297–298<DD>Receipt, resending message as, 42–43<DD>REDOC II, 311–313<DD>REDOC III, 313<DD>Redundancy, of language, 234<DD>Reeds, Jim, 369<DD>Related-key cryptanalysis, 290<DD>Renji, Tao, 482<DD>Renting Passports, 111<DD>Replay attacks, 58–59<DD>Research and Development in Advanced Communication Technologies, Integrity Primitives Evaluation, 605–606<DD>Resend attack, foiling, 43<DD>Residue, 242<DL><DD>quadratic, 250–251<DD>reduced set, 248</DL><DD>Restricted algorithms, 3<DD>RFC 1421, 578<DD>RFC 1422, 578<DD>RFC 1423, 578<DD>RFC 1424, 578<DD>Richter, Manfield, 423<DD>Riordan, Mark, 583–584<DD>RIPE, 605–606<DD>RIPEM, 583–584<DD>RIPE-MAC, 457–458<DD>RIPE-MD, 445<DD>Rip van Winkle cipher, 418–419<DD>Rivest, Ron, 159, 163, 318–319, 344, 397, 435, 440–441, 444, 446, 467<DD>Rivest Cipher, 318<DD>Robshaw, Matt, 342<DD>Rogaway, Phil, 398<DD>ROM key, 181<DD>ROT13, 11<DD>Rotor machines, 12–13<DD>RSA, 17, 466–474<DL><DD>ability to break, zero-knowledge proofs, 548–549<DD>attack on encrypting and signing with, 473–474<DD>blind signatures, 548<DD>chosen ciphertext attack, 471–472<DD>common modulus attack, 472<DD>compared to DSA, 485<DD>computation time comparison with DSA, 489<DD>as <I>de facto</I> standard, 485–486<DD>EKE implementation, 519<DD>encryption, 468<DL><DD>with DSA, 491</DL><DD>in hardware, 469<DD>low decryption exponent attack, 473<DD>low encryption exponent attack, 472–473<DD>patents, 474<DD>restrictions on use, 473<DD>security, 470–471<DD>speed, 469<DD>standards, 474</DL><DD>RSA Data Security, Inc., 295, 603–604<DD>RSA Factoring Challenge, 257<DD>RSA generator, 417<DD>Rubber-hose cryptanalysis, 7<DD>Rueppel, Ranier, 385–386<DD>Running-key cipher, 12<DD>SAFER K-64, 339–341<DD>SAFER K-128, 341<DD>Salt, 52–53<DD>S-boxes:<DL><DD>alternate, DES, 296–298<DD>Blowfish, 336<DD>Boolean functions in, 350<DD>DES, key-dependent, 298, 300<DD>design<DL><DD>criteria, 294<DD>security questions, 284<DD>theory, 349–351</DL><DD>Lucifer, 303<DD>NSA role, 278, 280<DD>substitution, 274–276</DL><DD>Scherbius, Arthur, 13<DD>Schlafly, Roger, 394<DD>Schneier, Bruce, 336, 346<DD>Schnorr, Claus, 418, 446, 510<DD>Schnorr authentication and signature scheme, 510–512<DD>Schroeder, Michael, 58, 216<DD>Schwartau, Winn, 300<DD>Sci.crypt, 608–609<DD>Scott, Robert, 306<DD>SEAL, 398–400<DL><DD>source code, 667–673</DL><DD>Secrecy:<DL><DD>ideal, 236<DD>perfect, 235</DL><DD>Secrets, simultaneous exchange, 123–124<DD>Secret sharing, 71–73<DL><DD>without adjud⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -