scispace - formally typeset
Search or ask a question

Showing papers on "Plaintext-aware encryption published in 1994"


Book ChapterDOI
09 May 1994
TL;DR: A slightly enhanced scheme is shown to have the property that the adversary can create ciphertexts only of strings for which she “knows” the corresponding plaintexts—such a scheme is not only semantically secure but also non-malleable and secure against chosen-ciphertext attack.
Abstract: Given an arbitrary k-bit to k-bit trapdoor permutation f and a hash function, we exhibit an encryption scheme for which (i) any string x of length slightly less than k bits can be encrypted as f(rx), where r x is a simple probabilistic encoding of x depending on the hash function; and (ii) the scheme can be proven semantically secure assuming the hash function is “ideal.” Moreover, a slightly enhanced scheme is shown to have the property that the adversary can create ciphertexts only of strings for which she “knows” the corresponding plaintexts—such a scheme is not only semantically secure but also non-malleable and secure against chosen-ciphertext attack.

1,007 citations


Proceedings ArticleDOI
Heys1, Tavares1
25 Sep 1994
TL;DR: From the analysis, it is concluded that it is easy to select S-boxes so that an efficient implementation or the CAST algorithm is demonstrably resistant to linear cryptanalysis.
Abstract: We examine a new private key encryption algorithm referred to as CAST. Specifically, we investigate the security of the cipher with respect to linear cryptanalysis. From our analysis we conclude that it is easy to select S-boxes so that an efficient implementation or the CAST algorithm is demonstrably resistant to linear cryptanalysis. >

33 citations


Proceedings ArticleDOI
12 Oct 1994
TL;DR: The authors show how the use of the Digital Signature Algorithm combined with both symmetric and asymmetric encryption techniques can provide a practical solution to key management scaleability problems, by reducing the key management complexity to a problem of order N, without sacrificing the encryption speed necessary to operate in high performance networks.
Abstract: The Digital Signature Standard (DSS), which has been adopted by the United States Government, has both public and private components, similar to a public-key cryptosystem. The Digital Signature Algorithm of the DSS is intended for authenticity but not for secrecy. The authors show how the use of the Digital Signature Algorithm combined with both symmetric and asymmetric (public-key) encryption techniques can provide a practical solution to key management scaleability problems, by reducing the key management complexity to a problem of order N, without sacrificing the encryption speed necessary to operate in high performance networks. >

15 citations



Book ChapterDOI
28 Nov 1994
TL;DR: A variation of the Data Encryption Standard (DES), called DESV-1, is introduced, and its implementation is described and analyses it using the principles of differential cryptanalysis, showing its resistance to this attack.
Abstract: This paper introduces a variation of the Data Encryption Standard (DES), called DESV-1, describes its implementation, and analyses it using the principles of differential cryptanalysis, showing its resistance to this attack. Indications are that as few as eight rounds of DESV-1 will give the same security as sixteen rounds of the DES, but the question is still open.

2 citations