Showing papers on "Plaintext-aware encryption published in 1994"
••
09 May 1994TL;DR: A slightly enhanced scheme is shown to have the property that the adversary can create ciphertexts only of strings for which she “knows” the corresponding plaintexts—such a scheme is not only semantically secure but also non-malleable and secure against chosen-ciphertext attack.
Abstract: Given an arbitrary k-bit to k-bit trapdoor permutation f and a hash function, we exhibit an encryption scheme for which (i) any string x of length slightly less than k bits can be encrypted as f(rx), where r x is a simple probabilistic encoding of x depending on the hash function; and (ii) the scheme can be proven semantically secure assuming the hash function is “ideal.” Moreover, a slightly enhanced scheme is shown to have the property that the adversary can create ciphertexts only of strings for which she “knows” the corresponding plaintexts—such a scheme is not only semantically secure but also non-malleable and secure against chosen-ciphertext attack.
1,007 citations
••
25 Sep 1994TL;DR: From the analysis, it is concluded that it is easy to select S-boxes so that an efficient implementation or the CAST algorithm is demonstrably resistant to linear cryptanalysis.
Abstract: We examine a new private key encryption algorithm referred to as CAST. Specifically, we investigate the security of the cipher with respect to linear cryptanalysis. From our analysis we conclude that it is easy to select S-boxes so that an efficient implementation or the CAST algorithm is demonstrably resistant to linear cryptanalysis. >
33 citations
••
12 Oct 1994TL;DR: The authors show how the use of the Digital Signature Algorithm combined with both symmetric and asymmetric encryption techniques can provide a practical solution to key management scaleability problems, by reducing the key management complexity to a problem of order N, without sacrificing the encryption speed necessary to operate in high performance networks.
Abstract: The Digital Signature Standard (DSS), which has been adopted by the United States Government, has both public and private components, similar to a public-key cryptosystem. The Digital Signature Algorithm of the DSS is intended for authenticity but not for secrecy. The authors show how the use of the Digital Signature Algorithm combined with both symmetric and asymmetric (public-key) encryption techniques can provide a practical solution to key management scaleability problems, by reducing the key management complexity to a problem of order N, without sacrificing the encryption speed necessary to operate in high performance networks. >
15 citations
•
14 citations
••
28 Nov 1994TL;DR: A variation of the Data Encryption Standard (DES), called DESV-1, is introduced, and its implementation is described and analyses it using the principles of differential cryptanalysis, showing its resistance to this attack.
Abstract: This paper introduces a variation of the Data Encryption Standard (DES), called DESV-1, describes its implementation, and analyses it using the principles of differential cryptanalysis, showing its resistance to this attack. Indications are that as few as eight rounds of DESV-1 will give the same security as sixteen rounds of the DES, but the question is still open.
2 citations