From the Publisher:
A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols; more than 200 tables and figures; more than 1,000 numbered definitions, facts, examples, notes, and remarks; and over 1,250 significant references, including brief comments on each paper.

Handbook of Applied Cryptography

PROBLEM TO BE SOLVED: To solve the problem, wherein it is impossible for an electronic content information provider to provide commercially secure and effective method, for a configurable general-purpose electronic commercial transaction/distribution control system. SOLUTION: In this system, having at least one protected processing environment for safely controlling at least one portion of decoding of digital information, a secure content distribution method comprises a process for encapsulating digital information in one or more digital containers; a process for encrypting at least a portion of digital information; a process for associating at least partially secure control information for managing interactions with encrypted digital information and/or digital container; a process for delivering one or more digital containers to a digital information user; and a process for using a protected processing environment, for safely controlling at least a portion of the decoding of the digital information. COPYRIGHT: (C)2006,JPO&NCIPI

https://apps.dtic.mil/dtic/tr/fulltext/u2/a423264.pdf

Systems and Methods for Secure Transaction Management and Electronic Rights Protection

We will review some of the major results in random graphs and some of the more challenging open problems. We will cover algorithmic and structural questions. We will touch on newer models, including those related to the WWW.

Random graphs

Cryptosystem designers frequently assume that secrets will be manipulated in closed, reliable computing environments. Unfortunately, actual computers and microchips leak information about the operations they process. This paper examines specific methods for analyzing power consumption measurements to find secret keys from tamper resistant devices. We also discuss approaches for building cryptosystems that can operate securely in existing hardware that leaks information.

/pdf/differential-power-analysis-4t7fjmuc7b.pdf

Differential Power Analysis

We study two families of error-correcting codes defined in terms of very sparse matrices "MN" (MacKay-Neal (1995)) codes are recently invented, and "Gallager codes" were first investigated in 1962, but appear to have been largely forgotten, in spite of their excellent properties The decoding of both codes can be tackled with a practical sum-product algorithm We prove that these codes are "very good", in that sequences of codes exist which, when optimally decoded, achieve information rates up to the Shannon limit This result holds not only for the binary-symmetric channel but also for any channel with symmetric stationary ergodic noise We give experimental results for binary-symmetric channels and Gaussian channels demonstrating that practical performance substantially better than that of standard convolutional and concatenated codes can be achieved; indeed, the performance of Gallager codes is almost as close to the Shannon limit as that of turbo codes

/pdf/good-error-correcting-codes-based-on-very-sparse-matrices-3kdz0lhhm4.pdf

Good error-correcting codes based on very sparse matrices

Gary McGraw chats with Ross Anderson, professor of security engineering at the Computer Laboratory at Cambridge University and author of Security Engineering. Gary and Ross discuss the simple reasons why most systems fail, the economic imbalance between engineers/developers and a system's users, and why publicly describing attacks is essential to security engineering.

Silver Bullet Talks with Ross Anderson

What we can learn from API security: (Transcript of discussion)

This paper discusses weak authentication techniques to provide cryptographically strong authentication between previously unknown parties without relying on trusted third parties.

Weak authentication: How to authenticate unknown principals without trusted parties. Discussion

We present new attacks against the EMV financial transaction security system (known in Europe as “Chip and PIN”), specifically on the back-end API support for sending secure messages to EMV smartcards.

/pdf/on-the-security-of-the-emv-secure-messaging-api-extended-4esjuh2rqn.pdf

On the Security of the EMV Secure Messaging API (Extended Abstract)

We present new attacks against the EMV financial transaction security system (known in Europe as “Chip and PIN”), specifically on the back-end API support for sending secure messages to EMV smartcards. We examine how secure messaging is implemented in two major Hardware Security Modules (HSMs). We show how to inject chosen plaintext into encrypted traffic between HSM and smartcard. In the case of IBM’s implementation, we further show how to retrieve confidential data from within messages by combining the injection ability with a partial dictionary attack. Such attacks could compromise secret key update of a banking smartcard, permitting construction of a perfect counterfeit, or could change the card’s PIN to a value chosen by the adversary. We discuss the issues underlying such security holes: the unwieldy primitive of cipher block chaining (CBC) has much to answer for, as does an ever-present tension between defining API functionality too specifically or too generically. We stress the importance of using secure primitives when designing security APIs, particularly because their functionality so closely resembles the theoretical adversarial model of Oracle-access.

/pdf/on-the-security-of-the-emv-secure-messaging-api-d6s9xgb1hv.pdf

Ross Anderson

Papers

Silver Bullet Talks with Ross Anderson

What we can learn from API security: (Transcript of discussion)

Weak authentication: How to authenticate unknown principals without trusted parties. Discussion

On the Security of the EMV Secure Messaging API (Extended Abstract)

On the security of the emv secure messaging API