%% URL: "http://theory.lcs.mit.edu/~rivest/crypto.bib"
%% Maintained by Be Hubbard and Ronald L. Rivest.
%% Last updated 4/2/95 (1268 entries)
%% This bibliography contains COMPLETE listings for:
%%    CRYPTO '81--'94, EUROCRYPT '84, AUSCRYPT'90
%%    Burg Feuerstein '82
%% and PARTIAL lists for many other conferences.
%% We are in the process of merging into this bibliography the
%% bibliography from "Cryptography: Theory and Practice" by Doug
%% Stinson (CRC Press, 1995).  An excellent book! (Thanks, Doug)

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%% Various journal and conference string definitions:
@String{ASIACRYPT91 = "Advances in Cryptology--ASIACRYPT '91"}

@String{AUSCRYPT90 = "Advances in Cryptology--AUSCRYPT '90"}

@String{AUSCRYPT92 = "Advances in Cryptology--AUSCRYPT '92"}

@String{CACM =   "Communications of the ACM"}

@String{JCSS =   "JCSS"}

@String{SIAM =   "SIAM J.\ Computing"}

@String{ACM =    "ACM"}

@String{IEEE =   "IEEE"}

@String{AFIPS =  "AFIPS"}

@String{CRYPTO81 = "Advances in Cryptology: A Report on CRYPTO 81"}

@String{CRYPTO82 = "Proc.\ CRYPTO 82"}

@String{CRYPTO83 = "Proc.\ CRYPTO 83"}

@String{CRYPTO84 = "Proc.\ CRYPTO 84"}

@String{CRYPTO85 = "Proc.\ CRYPTO 85"}

@String{CRYPTO86 = "Proc.\ CRYPTO 86"}

@String{CRYPTO87 = "Proc.\ CRYPTO 87"}

@String{CRYPTO88 = "Proc.\ CRYPTO 88"}

@String{CRYPTO89 = "Proc.\ CRYPTO 89"}

@String{CRYPTO90 = "Proc.\ CRYPTO 90"}

@String{CRYPTO91 = "Proc.\ CRYPTO 91"}

@String{CRYPTO92 = "Proc.\ CRYPTO 92"}

@String{CRYPTO93 = "Proc.\ CRYPTO 93"}

@String{CRYPTO94 = "Proc.\ CRYPTO 94"}

@String{CRYPTO95 = "Proc.\ CRYPTO 95"}

@String{CRYPTO96 = "Proc.\ CRYPTO 96"}

@String{CRYPTO97 = "Proc.\ CRYPTO 97"}

@String{CRYPTO98 = "Proc.\ CRYPTO 98"}

@String{CRYPTO99 = "Proc.\ CRYPTO 99"}

@String{EUROCRYPT84 = "Proc.\ EUROCRYPT 84"}

@String{EUROCRYPT85 = "Proc.\ EUROCRYPT 85"}

@String{EUROCRYPT86 = "Proc.\ EUROCRYPT 86"}

@String{EUROCRYPT87 = "Proc.\ EUROCRYPT 87"}

@String{EUROCRYPT88 = "Proc.\ EUROCRYPT 88"}

@String{EUROCRYPT89 = "Proc.\ EUROCRYPT 89"}

@String{EUROCRYPT90 = "Proc.\ EUROCRYPT 90"}

@String{EUROCRYPT91 = "Proc.\ EUROCRYPT 91"}

@String{EUROCRYPT92 = "Proc.\ EUROCRYPT 92"}

@String{EUROCRYPT93 = "Proc.\ EUROCRYPT 93"}

@String{EUROCRYPT94 = "Proc.\ EUROCRYPT 94"}

@String{EUROCRYPT95 = "Proc.\ EUROCRYPT 95"}

@String{EUROCRYPT96 = "Proc.\ EUROCRYPT 96"}

@String{EUROCRYPT97 = "Proc.\ EUROCRYPT 97"}

@String{EUROCRYPT98 = "Proc.\ EUROCRYPT 98"}

@String{EUROCRYPT99 = "Proc.\ EUROCRYPT 99"}

@String{FOCS77 = "Proc.\ $18$th IEEE Symp.\ on Foundations of Comp.\
                 Science"}

@String{FOCS78 = "Proc.\ $19$th IEEE Symp.\ on Foundations of Comp.\
                 Science"}

@String{FOCS79 = "Proc.\ $20$th IEEE Symp.\ on Foundations of Comp.\
                 Science"}

@String{FOCS80 = "Proc.\ $21$st IEEE Symp.\ on Foundations of Comp.\
                 Science"}

@String{FOCS81 = "Proc.\ $22$nd IEEE Symp.\ on Foundations of Comp.\
                 Science"}

@String{FOCS82 = "Proc.\ $23$rd IEEE Symp.\ on Foundations of Comp.\
                 Science"}

@String{FOCS83 = "Proc.\ $24$th IEEE Symp.\ on Foundations of Comp.\
                 Science"}

@String{FOCS84 = "Proc.\ $25$th IEEE Symp.\ on Foundations of Comp.\
                 Science"}

@String{FOCS85 = "Proc.\ $26$th IEEE Symp.\ on Foundations of Comp.\
                 Science"}

@String{FOCS86 = "Proc.\ $27$th IEEE Symp.\ on Foundations of Comp.\
                 Science"}

@String{FOCS87 = "Proc.\ $28$th IEEE Symp.\ on Foundations of Comp.\
                 Science"}

@String{FOCS88 = "Proc.\ $29$th IEEE Symp.\ on Foundations of Comp.\
                 Science"}

@String{FOCS89 = "Proc.\ $30$th IEEE Symp.\ on Foundations of Comp.\
                 Science"}

@String{FOCS90 = "Proc.\ $31$st IEEE Symp.\ on Foundations of Comp.\
                 Science"}

@String{FOCS91 = "Proc.\ $32$nd IEEE Symp.\ on Foundations of Comp.\
                 Science"}

@String{FOCS92 = "Proc.\ $33$rd IEEE Symp.\ on Foundations of Comp.\
                 Science"}

@String{FOCS93 = "Proc.\ $34$th IEEE Symp.\ on Foundations of Comp.\
                 Science"}

@String{FOCS94 = "Proc.\ $35$th IEEE Symp.\ on Foundations of Comp.\
                 Science"}

@String{FOCS95 = "Proc.\ $36$th IEEE Symp.\ on Foundations of Comp.\
                 Science"}

@String{STOC79 = "Proc.\ $11$th ACM Symp.\ on Theory of Computing"}

@String{STOC80 = "Proc.\ $12$th ACM Symp.\ on Theory of Computing"}

@String{STOC81 = "Proc.\ $13$th ACM Symp.\ on Theory of Computing"}

@String{STOC82 = "Proc.\ $14$th ACM Symp.\ on Theory of Computing"}

@String{STOC83 = "Proc.\ $15$th ACM Symp.\ on Theory of Computing"}

@String{STOC84 = "Proc.\ $16$th ACM Symp.\ on Theory of Computing"}

@String{STOC85 = "Proc.\ $17$th ACM Symp.\ on Theory of Computing"}

@String{STOC86 = "Proc.\ $18$th ACM Symp.\ on Theory of Computing"}

@String{STOC87 = "Proc.\ $19$th ACM Symp.\ on Theory of Computing"}

@String{STOC88 = "Proc.\ $20$th ACM Symp.\ on Theory of Computing"}

@String{STOC89 = "Proc.\ $21$st ACM Symp.\ on Theory of Computing"}

@String{STOC90 = "Proc.\ $22$nd ACM Symp.\ on Theory of Computing"}

@String{STOC91 = "Proc.\ $23$rd ACM Symp.\ on Theory of Computing"}

@String{STOC92 = "Proc.\ $24$th ACM Symp.\ on Theory of Computing"}

@String{STOC93 = "Proc.\ $25$th ACM Symp.\ on Theory of Computing"}

@String{STOC94 = "Proc.\ $26$th ACM Symp.\ on Theory of Computing"}

@String{STOC95 = "Proc.\ $27$th ACM Symp.\ on Theory of Computing"}

@String{PODC87 = "Proc.\ $6$th ACM Symp.\ on Principles of Distributed
                 Computation"}

@String{PODC86 = "Proc.\ $5$th ACM Symp.\ on Principles of Distributed
                 Computation"}

@String{PODC95 = "Proc.\ $14$th ACM Symp.\ on Principles of Distributed
                 Computation"}

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%% Sorted into order by latex key value

@InProceedings{AbadiAlBrFeHe88,
  author =       "M. Abadi and E. Allender and A. Broder and J.
                 Feigenbaum and L. A. Hemachandra",
  title =        "On Generating Solved Instances of Computational
                 Problems",
  pages =        "297--310",
  booktitle =    CRYPTO88,
  editor =       "S. Goldwasser",
  note =         "Lecture Notes in Computer Science No.\ 403",
  publisher =    "Springer-Verlag",
  year =         "1988",
}

@Article{AbadiFeKi89,
  author =       "Martin Abadi and Joan Feigenbaum and Joe Kilian",
  title =        "On Hiding Information from an Oracle",
  journal =      "Journal of Computer and Systems Science",
  volume =       "39",
  number =       "1",
  year =         "1989",
  pages =        "21--50",
}

@InProceedings{AbadiBuLa92,
  author =       "M. Abadi and M. Burrows and B. Lampson",
  title =        "A calculus for access control in distributed systems",
  pages =        "1--23",
  booktitle =    CRYPTO91,
  editor =       "J. Feigenbaum",
  note =         "Lecture Notes in Computer Science No.\ 576",
  publisher =    "Springer",
  year =         "1992",
}

@InProceedings{Abadi97,
  author =       "Mart\'{\}in Abadi",
  title =        "On {SDSI}'s Linked Local Name Spaces",
  booktitle =    "Proceedings 10th IEEE Computer Security Foundations
                 Workshop",
  month =        Jun,
  year =         "1997",
}

@Article{Abadi98,
  author =       "Mart\'{\i}n Abadi",
  title =        "On {SDSI}'s Linked Local Name Spaces",
  journal =      "Journal of Computer Security",
  volume =       "6",
  number =       "1-2",
  year =         "1998",
  pages =        "3--21",
  note =         "See {\tt
                 http://www.research.digital.com/SRC/personal/Martin\_Abadi/Papers/naming-jcs.ps}.",
}

@Article{AbadiBuLaPl93,
  author =       "Mart\'{\i}n Abadi and Michael Burrows and Butler
                 Lampson and Gordon Plotkin",
  title =        "A calculus for access control in distributed systems",
  journal =      "{ACM} Transactions on Programming Languages and
                 Systems",
  volume =       "15",
  number =       "4",
  year =         "1993",
  month =        Sep,
  pages =        "706--734",
}

@InProceedings{AbdallaRe00,
  author =       "Michel Abdalla and Leonid Reyzin",
  title =        "A New Forward-Secure Digital Signature Scheme",
% pages =      {??--??},
  booktitle =    "Proceedings ASIACRYPT '00",
  editor =       "T. Okamoto",
  note =         "Lecture Notes in Computer Science No.\ 1976",
  publisher =    "Springer-Verlag",
  year =         "2000",
}

@Manual{AccreditedSC81,
  author =       "{Accredited Standards Committee X3}",
  year =         "1981",
  title =        "American National Standard {X3}.92: Data Encryption
                 Algorithm ({DEA})",
}

@Manual{AccreditedSC82,
  author =       "{Accredited Standards Committee X9}",
  year =         "1982",
  title =        "American National Standard {X9}.9: Financial
                 Institution Message Authentication",
}

@Manual{AccreditedSC85,
  author =       "{Accredited Standards Committee X9}",
  year =         "1985",
  title =        "American National Standard {X9}.17: Financial
                 Institution Key Management (Wholesale)",
}

@Manual{AccreditedSC93,
  newtag =       "AccreditedSC93",
  author =       "{Accredited Standards Committee X9}",
  year =         "1993",
  title =        "Working Draft: American National Standard
                 {X9}.30-199{X}: Public Key Cryptography Using
                 Irreversible Algorithms for the Financial Services
                 Industry: Part 1: The Digital Signature Algorithm
                 ({DSA})",
  month =        jun # " 18,",
}

@Manual{AccreditedSC93a,
  newtag =       "AccreditedSC93a",
  author =       "{Accredited Standards Committee X9}",
  year =         "1993",
  title =        "Working Draft: American National Standard
                 {X9}.30-1993: Public Key Cryptography Using
                 Irreversible Algorithms for the Financial Services
                 Industry: Part 2: The Secure Hash Algorithm ({SHA})",
}

@Manual{AccreditedSC93b,
  newtag =       "AccreditedSC93b",
  author =       "{Accredited Standards Committee X9}",
  year =         "1993",
  title =        "Working Draft: American National Standard
                 {X9}.30-1993: Public Key Cryptography Using
                 Irreversible Algorithms for the Financial Services
                 Industry: Part 4: Management of Symmetric Algorithm
                 Keys Using {Diffie-Hellman}",
  month =        jun # " 4,",
}

@Manual{AccreditedSC93c,
  newtag =       "AccreditedSC93c",
  author =       "{Accredited Standards Committee X9}",
  year =         "1993",
  title =        "Working Draft: American National Standard
                 {X9}.31-1992: Public Key Cryptography Using Reversible
                 Algorithms for the Financial Services Industry: Part 1:
                 The {RSA} Signature Algorithm",
  month =        mar # " 7,",
}

@Manual{AccreditedSC93d,
  newtag =       "AccreditedSC93d",
  author =       "{Accredited Standards Committee X9}",
  year =         "1993",
  title =        "Working Draft: American National Standard
                 {X9}.31-1992: Public Key Cryptography Using Reversible
                 Algorithms for the Financial Services Industry: Part 2:
                 The {MDC-2} Hash Algorithm",
  month =        jun # " 4,",
}

@Manual{AccreditedSC93e,
  newtag =       "AccreditedSC93e",
  author =       "{Accredited Standards Committee X9}",
  year =         "1993",
  title =        "Working Draft: American National Standard
                 {X9}.31-1993: Public Key Cryptography Using Reversible
                 Algorithms for the Financial Services Industry: Part 4:
                 Management of Symmetric Algorithm Keys Using {RSA}",
  month =        jun # " 4,",
}

@Manual{AccreditedSC93f,
  newtag =       "AccreditedSC93f",
  author =       "{Accredited Standards Committee X9}",
  year =         "1993",
  title =        "Working Draft: American National Standard
                 {X9}.41-1993: Security Services Management for the
                 Financial Services Industry",
  month =        aug,
}

@PhdThesis{Adams90,
  author =       "C. M. Adams",
  title =        "A formal and practical design procedure for
                 substitution-permutation network cryptosystems",
  school =       "Queen's University",
  year =         "1990",
}

@Article{Adams92,
  author =       "C. M. Adams",
  year =         "1992",
  title =        "{On Immunity against Biham and Shamir's ``Differential
                 Cryptanalysis''}",
  journal =      "Information Processing Letters",
  volume =       "41",
  number =       "2",
  pages =        "77--80",
}

@InProceedings{AdamsMe88,
  author =       "Carlisle M. Adams and Henk Meijer",
  title =        "Security-related comments regarding McEliece's
                 public-key cryptosystem",
  pages =        "224--228",
  booktitle =    CRYPTO87,
  editor =       "Carl Pomerance",
  note =         "Lecture Notes in Computer Science No.\ 293",
  publisher =    "Springer-Verlag",
  year =         "1988",
}

@InProceedings{AdamsTa90,
  author =       "Carlisle Adams and Stafford Tavares",
  title =        "Good-{S}-boxes are easy to find",
  pages =        "612--615",
  booktitle =    CRYPTO89,
  editor =       "G. Brassard",
  note =         "Lecture Notes in Computer Science No.\ 435",
  publisher =    "Springer-Verlag",
  year =         "1990",
}

@Article{AdamsTa90a,
  author =       "C. M. Adams and S. E. Tavares",
  title =        "Generating and counting binary bent sequences",
  journal =      "IEEE Transactions on Information Theory",
  month =        Sep,
  year =         "1990",
  volume =       "36",
  number =       "5",
  pages =        "1170--1173",
}

@Article{AdamsTa90b,
  author =       "C. M. Adams and S. E. Tavares",
  title =        "The Structured Design of Cryptographically Good
                 {S}-Boxes",
  journal =      "Journal of Cryptology",
  year =         "1990",
  volume =       "3",
  number =       "1",
  pages =        "27--41",
}

@InProceedings{Adleman77,
  author =       "L. M. Adleman",
  title =        "A Subexponential Algorithm for the Discrete Logarithm
                 Problem with Applications to Cryptography",
  pages =        "55--60",
  booktitle =    FOCS77,
  address =      "Providence",
  year =         "1977",
  publisher =    "IEEE",
}

@InProceedings{Adleman82,
  author =       "Leonard Adleman",
  title =        "Primality Testing",
  pages =        "10--10",
  booktitle =    CRYPTO81,
  editor =       "Allen Gersho",
  organization = "U.C. Santa Barbara Dept. of Elec. and Computer Eng.",
  note =         "Tech Report 82-04",
  year =         "1982",
}

@InProceedings{Adleman83,
  author =       "L. M. Adleman",
  title =        "On Breaking Generalized Knapsack Public Key
                 Cryptosystems",
  pages =        "402--412",
  booktitle =    STOC83,
  publisher =    ACM,
  address =      "Boston",
  year =         "1983",
}

@InProceedings{Adleman83a,
  author =       "Leonard M. Adleman",
  title =        "Implementing an Electronic Notary Public",
  pages =        "259--265",
  booktitle =    CRYPTO82,
  editor =       "R. L. Rivest and A. Sherman and D. Chaum",
  publisher =    "Plenum Press",
  address =      "New York",
  year =         "1983",
}

@InProceedings{Adleman83b,
  author =       "Leonard M. Adleman",
  title =        "On Breaking the Iterated {M}erkle-{H}ellman Public-Key
                 Cryptosystem",
  pages =        "303--308",
  booktitle =    CRYPTO82,
  editor =       "R. L. Rivest and A. Sherman and D. Chaum",
  publisher =    "Plenum Press",
  address =      "New York",
  year =         "1983",
}

@TechReport{Adleman90,
  author =       "L. M. Adleman",
  title =        "Factoring Numbers Using Singular Integers",
  institution =  "U.S.C. Computer Science Department",
  number =       "TR 90-20",
  month =        Sep,
  year =         "1990",
}

@InProceedings{Adleman88,
  author =       "L. M. Adleman",
  title =        "An Abstract Theory of Computer Viruses",
  pages =        "354--374",
  booktitle =    CRYPTO88,
  editor =       "S. Goldwasser",
  note =         "Lecture Notes in Computer Science No.\ 403",
  publisher =    "Springer-Verlag",
  year =         "1988",
}

@InProceedings{Adleman94,
  author =       "Leonard M. Adleman",
  title =        "Algorithmic Number Theory--The Complexity
                 Contribution",
  booktitle =    STOC94,
  publisher =    ACM,
  address =      "Montreal, Canada",
  year =         "1994",
  pages =        "88--113",
}

@Article{Adleman95,
  author =       "Leonard M. Adleman",
  title =        "A thousand billion billion sums",
  journal =      "The Economist",
  year =         "1995",
  pages =        "83--84",
}

@InProceedings{AdlemanDe94,
  author =       "Leonard M. Adleman and Johnathan DeMarrais",
  title =        "A subexponential algorithm for discrete logarithms
                 over all finite fields",
  pages =        "147--158",
  booktitle =    CRYPTO93,
  editor =       "Douglas R. Stinson",
  note =         "Lecture Notes in Computer Science No.\ 773",
  publisher =    "Springer",
  year =         "1994",
}

@InProceedings{AdlemanHu87,
  author =       "L. M. Adleman and M. A. Huang",
  title =        "Recognizing primes in random polynomial time",
  pages =        "462--469",
  booktitle =    STOC87,
  publisher =    ACM,
  address =      "New York City",
  year =         "1987",
}

@InProceedings{AdlemanMaMi77,
  author =       "L. M. Adleman and K. Manders and G. Miller",
  title =        "On taking roots in finite fields",
  pages =        "175--177",
  booktitle =    FOCS77,
  address =      "Providence",
  publisher =    IEEE,
  year =         "1977",
}

@Article{AdlemanPoRu83,
  author =       "L. M. Adleman and C. Pomerance and R. S. Rumely",
  title =        "On distinguishing prime numbers from composite
                 numbers",
  journal =      "Ann. Math.",
  volume =       "117",
  year =         "1983",
  pages =        "173--206",
}

@InProceedings{Agnew85,
  author =       "Gordon B. Agnew",
  title =        "Secrecy and Privacy in a Local Area Network
                 Environment",
  pages =        "349--363",
  booktitle =    EUROCRYPT84,
  editor =       "T. Beth and N. Cot and I. Ingemarsson",
  note =         "Lecture Notes in Computer Science No.\ 209",
  publisher =    "Springer-Verlag",
  year =         "1985",
}

@InProceedings{AgnewMuVa88,
  author =       "G. B. Agnew and R. C. Mullin and S. A. Vanstone",
  year =         "1988",
  title =        "A secure public key protocol based on discrete
                 exponentiation",
  booktitle =    "Advances in Cryptology --- Eurocrypt '88",
  editor =       "C. G. {G\"{u}nther}",
  publisher =    "Springer-Verlag",
  address =      "Berlin",
  pages =        "159--166",
}

@InProceedings{AielloBeVe95,
  author =       "William Aiello and Mihir Bellare and Ramarathnam
                 Venkatesan",
  title =        "Knowledge on the Average--- Perfect, Statistical and
                 Logarithmic",
  pages =        "469--478",
  booktitle =    STOC95,
  publisher =    ACM,
  address =      "Las Vegas",
  year =         "1995",
}

@Article{AielloGoHa90,
  author =       "W. Aiello and S. Goldwasser and J. Hastad",
  title =        "On the Power of Interaction",
  journal =      "Combinatorica",
  volume =       "10",
  number =       "1",
  year =         "1990",
  pages =        "3--25",
}

@Article{AielloHa91,
  author =       "W. Aiello and J. Hastad",
  title =        "Statistical Zero Knowledge Can Be Recognized in Two
                 Rounds",
  journal =      JCSS,
  volume =       "42",
  year =         "1991",
  pages =        "327--345",
}

@InProceedings{Akl84,
  author =       "Selim G. Akl",
  title =        "On the Security of Compressed Encodings",
  pages =        "209--230",
  booktitle =    CRYPTO83,
  editor =       "D. Chaum",
  publisher =    "Plenum Press",
  address =      "New York",
  year =         "1984",
}

@InProceedings{AklMe85,
  author =       "Selim G. Akl and Henk Meijer",
  title =        "A Fast Pseudo Random Permutation Generator with
                 Applications to Cryptology",
  pages =        "269--275",
  booktitle =    CRYPTO84,
  editor =       "G. R. Blakley and D. C. Chaum",
  note =         "Lecture Notes in Computer Science No.\ 196",
  publisher =    "Springer",
  year =         "1985",
}

@InProceedings{AklTa83,
  author =       "Selim G. Akl and Peter D. Taylor",
  title =        "Cryptographic Solution to a Multilevel Security
                 Problem",
  pages =        "237--249",
  booktitle =    CRYPTO82,
  editor =       "R. L. Rivest and A. Sherman and D. Chaum",
  publisher =    "Plenum Press",
  address =      "New York",
  year =         "1983",
}

@InProceedings{AlexiChGoSc84,
  author =       "W. B. Alexi and B. Chor and O. Goldreich and C. P.
                 Schnorr",
  title =        "{RSA/Rabin} bits are ${1/2} + {1/{poly(\log(N))}}$
                 Secure",
  pages =        "449--457",
  booktitle =    FOCS84,
  address =      "Singer Island",
  publisher =    IEEE,
  year =         "1984",
}

@Article{AlexiChGoSc88,
  author =       "W. B. Alexi and B. Chor and O. Goldreich and C. P.
                 Schnorr",
  title =        "{RSA}/{Rabin} functions: certain parts are as hard as
                 the whole",
  pages =        "194--209",
  journal =      "SIAM J. Computing",
  year =         "1988",
  month =        Apr,
  volume =       "17",
  number =       "2",
}

@InProceedings{Alagar90,
  author =       "V. S. Alagar",
  title =        "Range Equations and Range Matrices: {A} Study in
                 Statistical Database Security",
  booktitle =    AUSCRYPT90,
  year =         "1990",
  editor =       "J. Seberry and J. Pieprzyk",
  series =       "Lecture Notes in Computer Science",
  volume =       "453",
  publisher =    "Springer-Verlag",
  pages =        "360--385",
}

@InProceedings{AlonGaYu,
  author =       "N. Alon and Z. Galil and M. Yung",
  year =         "1995",
  title =        "Verifiable secret sharing and achieving simultaneity
                 in the presence of faults",
  booktitle =    "Proc.\ 3rd Annual European Symposium on Algorithmns",
  series =       "Lecture Notes in Computer Science 979",
  volume =       "ESA 95",
  publisher =    "Springer Verlag",
  pages =        "523--537",
}

@Article{AlonGoHaPe92,
  author =       "N. Alon and O. Goldreich and J. Hastad and R.
                 Peralta",
  title =        "Simple Constructions of Almost $k-$wise Independent
                 Random Variables",
  journal =      "Journal of Random Structures and Algorithms",
  volume =       "3",
  number =       "3",
  year =         "1992",
  pages =        "289--304",
}

@Article{AlpernSc83,
  author =       "B. Alpern and F. B. Schneider",
  title =        "Key exchange using `Keyless Cryptography'",
  journal =      "Information Processing Letters",
  volume =       "16",
  year =         "1983",
  pages =        "79--81",
}

@Article{AmaKan95,
  author =       "E. Amaldi and V. Kann",
  title =        "The complexity and approximability of finding maximum
                 feasible subsystems of linear relations",
  journal =      "Theoret. Comput. Sci.",
  volume =       "147",
  year =         "1995",
  pages =        "181--210",
}

@Manual{AmeritechMob93,
  newtag =       "AmeritechMob93",
  author =       "{Ameritech Mobile Communications {\em et al}}",
  year =         "1993",
  title =        "Cellular Digital Packet Data System Specifications:
                 Part 406: Airlink Security",
}

@Article{AmesGaSc83,
  author =       "S. Ames and M. Gasser and R. Schell",
  title =        "Security Kernel Design and Implementation; An
                 Introduction",
  journal =      "IEEE Computer",
  volume =       "16",
  number =       "7",
  year =         "1983",
}

@InProceedings{Ames90,
  author =       "M. Ames",
  title =        "Secure Cryptographic Initialization",
  booktitle =    AUSCRYPT90,
  year =         "1990",
  editor =       "J. Seberry and J. Pieprzyk",
  series =       "Lecture Notes in Computer Science",
  volume =       "453",
  publisher =    "Springer-Verlag",
  pages =        "451--462",
}

@InProceedings{AmiraziziHe82,
  author =       "Hamid Amirazizi and Martin E. Hellman",
  title =        "Time-Memory-Processor Tradeoffs",
  pages =        "7--9",
  booktitle =    CRYPTO81,
  editor =       "Allen Gersho",
  organization = "U.C. Santa Barbara Dept. of Elec. and Computer Eng.",
  note =         "Tech Report 82-04",
  year =         "1982",
}

@InProceedings{AmiraziziKaRe82,
  author =       "Hamid Amirazizi and Ehud Karnin and Justin Reyneri",
  title =        "A Polynomial Time Solution for Compact Knapsacks",
  pages =        "17--19",
  booktitle =    CRYPTO81,
  editor =       "Allen Gersho",
  organization = "U.C. Santa Barbara Dept. of Elec. and Computer Eng.",
  note =         "Tech Report 82-04",
  year =         "1982",
}

@TechReport{Anderson72,
  author =       "J. P. Anderson",
  title =        "Computer Security Technology Planning Study",
  institution =  "Hanscom AFB",
  number =       "ESD--TR--73--51",
  month =        oct,
  year =         "1972",
}

% note: not in class file cabinet yet

@Article{Anderson93,
  author =       "Ross Anderson",
  year =         "1993",
  title =        "A Practical {RSA} Trapdoor",
  journal =      "Electronics Letters",
  volume =       "29",
  number =       "11",
  month =        "27 " # may,
  pages =        "995",
}

@Article{Anderson94,
  author =       "Ross J. Anderson",
  title =        "Why Cryptosystems Fail",
  journal =      "Communications of the ACM",
  month =        Nov,
  year =         "1994",
  volume =       "37",
  number =       "11",
  pages =        "32--41",
}

@Misc{Anderson97,
  author =       "Ross J. Anderson",
  title =        "Invited lecture",
  howpublished = "Fourth Annual Conference on Computer and
                 Communications Security",
  year =         "1997",
  note =         "See also
                 \texttt{http://www.cl.cam.ac.uk/ftp/users/rja14/forwardsecure.pdf}.",
}

@Article{AndersonBeCrLeMaNe98,
  author =       "Ross Anderson and Francesco Bergadano and Bruno Crispo
                 and Jong-Hyeon Lee and Charalampos Manifavas and Roger
                 Needham",
  title =        "A New Family of Authentication Protocols"j
?? Expected comma after last field ``title''.
ournal =      {Operating Systems Review},
volume =       {32},
number =       {4},
year =         1998,
month =        Oct,
pages =        {9--20},
}

@InProceedings{AndersonBi96,
  author =       "Ross Anderson and Eli Biham",
  title =        "Two Practical and Probably Secure Block Ciphers:
                 {BEAR} and {LION}",
  pages =        "114--120",
  booktitle =    "Fast Software Encryption",
  editor =       "Dieter Gollman",
  publisher =    "Springer",
  year =         "1996",
  note =         "(Proceedings Third International Workshop, Feb.\ 1996,
                 Cambridge, UK)",
}

@InProceedings{AndersonKu96,
  author =       "Ross Anderson and Markus Kuhn",
  title =        "Tamper Resistance -- a Cautionary Note",
  pages =        "1--11",
  booktitle =    "Proceedings of the Second {USENIX} Workshop on
                 Electronic Commerce",
  month =        Nov,
  year =         "1996",
}

@InProceedings{AndersonKu61,
  author =       "Ross J. Anderson and Markus Kuhn",
  title =        "Low Cost Attacks on Tamper Resistant Devices",
  booktitle =    "Security Protocols --- Proceedings of the 5th
                 International Workshop",
  month =        apr # " 7--9,",
  year =         "1997",
  publisher =    "Springer-Verlag",
  note =         "Lecture Notes in Computer Science No.\ 1361",
  pages =        "125--136",
}

@InProceedings{AndersonKu98,
  author =       "Ross J. Anderson and Markus Kuhn",
  title =        "Soft Tempest: Hidden Data Transmission Using
                 Electromagnetic Emanations",
  booktitle =    "Proceedings Second International Workshop on
                 Information Hiding IH'98",
  editor =       "David Aucsmith",
  year =         "1998",
  month =        apr # " 15--17",
  publisher =    "Springer-Verlag",
  note =         "Lecture Notes in Computer Science No.\ 1525",
  pages =        "124--142",
}

@Misc{AndersonMaSu95,
  author =       "Ross Anderson and Harry Manifavas and Chris
                 Sutherland",
  title =        "A Practical Electronic Cash System",
  institution =  "Computer Laboratory, Pembroke Street, Cambridge {CB2
                 3QG}, U.K.",
  year =         "1995",
  note =         "Available from author: {\tt
                 Ross.Anderson@cl.cam.ac.uk}",
}

@Book{Andrews76,
  title =        "The Theory of Partitions",
  author =       "George E. Andrews",
  publisher =    "Addison-Wesley",
  year =         "1976",
  volume =       "2",
  series =       "Encyclopedia of Mathematics and its Applications",
}

@TechReport{Angluin82,
  author =       "D. Angluin",
  title =        "Lecture notes on the complexity of some problems in
                 number theory",
  institution =  "Yale University Computer Science Department",
  year =         "1982",
  month =        Aug,
  number =       "TR-243",
}

@TechReport{AngluinLi83,
  author =       "D. Angluin and D. Lichtenstein",
  title =        "Provable Security of Cryptosystems: {A} Survey",
  institution =  "Yale University Department of Computer Science",
  month =        Oct,
  year =         "1983",
  number =       "TR-288",
}

@InProceedings{AnthonyMaSeWi90,
  author =       "M. H. G. Anthony and K. M. Martin and J. Seberry and
                 P. Wild",
  title =        "Some Remarks on Authentication Systems",
  booktitle =    AUSCRYPT90,
  year =         "1990",
  editor =       "J. Seberry and J. Pieprzyk",
  series =       "Lecture Notes in Computer Science",
  volume =       "453",
  publisher =    "Springer-Verlag",
  pages =        "122--139",
}

@Book{Anton91,
  author =       "H. Anton",
  title =        "Elementary Linear Algebra (Sixth Edition)",
  publisher =    "John Wiley and Sons",
  year =         "1991",
}

@Book{Apostol76,
  author =       "Tom M. Apostol",
  title =        "Introduction to Analytic Number Theory",
  publisher =    "Springer-Verlag",
  year =         "1976",
}

@TechReport{AokiOhArMa94,
  author =       "K. Aoki and K. Ohta and S. Araki and M. Matsui",
  year =         "1994",
  title =        "Linear Cryptanalysis of {FEAL-8} (Experimentation
                 Report)",
  institution =  "IEICE",
  number =       "ISEC 94-6 (1994-05)",
}

@InProceedings{AroraLuMoSuSz91,
  author =       "Sanjeev Arora and Carsten Lund and Rajeev Motwani and
                 Madhu Sudan and Mario Szegedy",
  title =        "Proof Verification and Hardness of Approximation
                 Problems",
  month =        oct,
  year =         "1991",
  booktitle =    "Proc.\ 33rd IEEE Foundations of Computer Science",
  pages =        "14--23",
}

@Article{AsmuthBl81,
  author =       "C. A. Asmuth and G. R. Blakley",
  title =        "An efficient algorithm for constructing a cryptosystem
                 which is harder to break than two other cryptosystems",
  journal =      "Comp.\ and Maths.\ with Appls.",
  year =         "1981",
  volume =       "7",
  pages =        "447--450",
}

@InProceedings{AumannFe94,
  author =       "Yonatan Aumann and Uriel Feige",
  title =        "On message proof systems with known space verifiers",
  pages =        "85--99",
  booktitle =    CRYPTO93,
  editor =       "Douglas R. Stinson",
  note =         "Lecture Notes in Computer Science No.\ 773",
  publisher =    "Springer",
  year =         "1994",
}

@InProceedings{AvisTa83,
  author =       "G. M. Avis and S. E. Tavares",
  title =        "Using Data Uncertainty to Increase the
                 Crypto-Complexity of Simple Private Key Enciphering
                 Schemes",
  pages =        "139--143",
  booktitle =    CRYPTO82,
  editor =       "R. L. Rivest and A. Sherman and D. Chaum",
  publisher =    "Plenum Press",
  address =      "New York",
  year =         "1983",
}

@InProceedings{AwerbuchChGoMi86,
  author =       "B. Awerbuch and B. Chor and S. Goldwasser and S.
                 Micali",
  year =         "1986",
  title =        "Verifiable secret sharing and achieving simultaneity
                 in the presence of faults",
  booktitle =    "Proc.\ 26th Annual IEEE Symp.\ of Foundations of
                 Computer Science",
  publisher =    "IEEE",
  address =      "New York",
  pages =        "383--395",
}

@InProceedings{Bach83,
  author =       "Eric Bach",
  title =        "How to generate factored random numbers",
  pages =        "184--188",
  booktitle =    Stoc83,
  publisher =    Acm,
  address =      "Boston",
  year =         "1983",
}

@Article{Bach88,
  author =       "Eric Bach",
  title =        "How to generate factored random numbers",
  pages =        "179--193",
  journal =      "SIAM J. Computing",
  year =         "1988",
  month =        Apr,
  volume =       "17",
  number =       "2",
}

@InProceedings{Bach88a,
  author =       "Eric Bach",
  title =        "Intractable Problems in Number Theory",
  pages =        "77--93",
  booktitle =    CRYPTO88,
  editor =       "S. Goldwasser",
  note =         "Lecture Notes in Computer Science No. 403",
  publisher =    "Springer-Verlag",
  year =         "1988",
}

@InCollection{Bach90,
  author =       "Eric Bach",
  title =        "Number-Theoretic Algorithms",
  booktitle =    "Annual Review of Computer Science",
  publisher =    "Annual Reviews, Inc.",
  addr =         "Palo Alto",
  year =         "1990",
  volume =       "4",
  pages =        "119--172",
}

@Article{Bach91,
  author =       "Eric Bach",
  title =        "Toward a Theory of {Pollard's Rho} Method",
  journal =      "Information and Computation",
  volume =       "90",
  year =         "1991",
  number =       "2",
  month =        Feb,
  pages =        "139--155",
  comment =      "Rigorous approach, in contrast to usual heuristic
                 analysis. Proves rigorously that for $n=pq$, with
                 $p<q$, that the chance of successfully factoring $n$ in
                 the first $\frac{1}{4}\lg(n)$ steps is at least
                 $\Omega(\log^2(p))/p$.",
}

@Article{BachMiSh86,
  author =       "Eric Bach and Gary Miller and Jeffrey Shlalit",
  title =        "Sums of Divisors, Perfect Numbers, and Factoring",
  journal =      "{SIAM} Journal of Computing",
  year =         "1986",
  month =        Nov,
  volume =       "15",
  number =       "4",
  pages =        "1143--1154",
}

@Book{BachSh96,
  author =       "Eric Bach and Jeffrey Shallit",
  title =        "Algorithmic Number Theory; Volume {I}: Efficient
                 Algorithms",
  publisher =    "The MIT Press",
  year =         "1996",
}

@TechReport{Baldwin88,
  author =       "Robert Baldwin",
  title =        "Rule Based Analysis of Computer Security",
  institution =  "MIT Laboratory for Computer Science",
  number =       "TR--401",
  month =        mar,
  year =         "1988",
}

@Manual{Balenson93,
  author =       "D. Balenson",
  year =         "1993",
  month =        feb,
  title =        "{RFC} 1423: Privacy Enhancement for Internet
                 Electronic Mail: Part {III} -- Algorithms, Modes, and
                 Identifiers",
  organization = "Internet Activities Board",
}

@Book{Bamford82,
  author =       "James Bamford",
  title =        "The Puzzle Palace -- {A} Report on {NSA}, America's
                 Most Secret Agency",
  publisher =    "Houghton Miflin",
  address =      "Boston",
  year =         "1982",
}

@InProceedings{BaoIg95,
  author =       "Feng Bao and Yoshihide Igarashi",
  title =        "Break Finite Automata Public Key Cryptosystem",
  booktitle =    "ICALP",
  note =         "Lecture Notes in Computer Science",
  year =         "1995",
  pages =        "147--158",
}

@InProceedings{BaritaudCaChGi92,
  author =       "Thierry Baritaud and Mireille Campana and Pascal
                 Chauvaud and Henri Gilbert",
  title =        "On the Security of the Permuted Kernel Identification
                 Scheme",
  pages =        "305--311",
  booktitle =    CRYPTO92,
  editor =       "Ernest F. Brickell",
  note =         "Lecture Notes in Computer Science No. 740",
  publisher =    "Springer-Verlag",
  year =         "1992",
}

@InProceedings{BaritaudGiGi93,
  author =       "T. Baritaud and H. Gilbert and M. Girault",
  year =         "1993",
  title =        "{FFT} Hashing is not Collision-free",
  booktitle =    "Advances in Cryptology --- Eurocrypt '92",
  editor =       "R. A. Rueppel",
  pages =        "35--44",
  publisher =    "Springer-Verlag",
  address =      "Berlin",
}

@Article{Barlow92,
  author =       "J. P. Barlow",
  year =         "1992",
  month =        jul,
  title =        "Decrypting the puzzle palace",
  journal =      "Communications of the ACM",
  volume =       "35",
  number =       "7",
  pages =        "25--31",
}

@InProceedings{Barrett87,
  author =       "Paul Barrett",
  title =        "Implementing the Rivest Shamir and Adleman public key
                 encryption algorithm on a standard digital signal
                 processor",
  pages =        "311--323",
  booktitle =    CRYPTO86,
  editor =       "A. M. Odlyzko",
  note =         "Lecture Notes in Computer Science No.\ 263",
  publisher =    "Springer-Verlag",
  year =         "1987",
}

@InProceedings{BarrettEi90,
  author =       "Paul Barrett and Raymund Eisele",
  title =        "The smart diskette -- a universal user token and
                 personal crypto-engine",
  pages =        "74--81",
  booktitle =    CRYPTO89,
  editor =       "G. Brassard",
  note =         "Lecture Notes in Computer Science No.\ 435",
  publisher =    "Springer-Verlag",
  year =         "1990",
}

@InProceedings{Bauer83,
  author =       "Friedrich L. Bauer",
  title =        "Cryptology - Methods and Maxims",
  pages =        "31--48",
  year =         "1983",
  booktitle =    "Cryptography, Proc. Burg Feuerstein 1982",
  editor =       "T. Beth",
  volume =       "149",
  publisher =    "Springer-Verlag",
  address =      "Berlin",
}

@InProceedings{BayerHaSt92,
  author =       "D. Bayer and S. Haber and W. S. Stornetta",
  year =         "1992",
  title =        "Improving the efficiency and reliablility of digital
                 time-stamping",
  booktitle =    "Sequences '91: Methods in Communication, Security, and
                 Computer Science",
  pages =        "329--334",
  editor =       "R. M. Capocelli",
  publisher =    "Springer-Verlag",
  address =      "Berlin",
}

@InProceedings{BeaucheminBr88,
  author =       "Pierre Beauchemin and Gilles Brassard",
  title =        "A generalization of Hellman's extension of Shannon's
                 approach to cryptography",
  pages =        "461--461",
  booktitle =    CRYPTO87,
  editor =       "Carl Pomerance",
  note =         "Lecture Notes in Computer Science No.\ 293",
  publisher =    "Springer-Verlag",
  year =         "1988",
}

@InProceedings{BeaucheminBrCr87,
  author =       "Pierre Beauchemin and Gilles Brassard and Claude
                 Cr\'epeau",
  title =        "Two observations on probabilistic primality testing",
  pages =        "443--450",
  booktitle =    CRYPTO86,
  editor =       "A. M. Odlyzko",
  note =         "Lecture Notes in Computer Science No.\ 263",
  publisher =    "Springer-Verlag",
  year =         "1987",
}

@Article{BeaucheminBrCrGoPo88,
  author =       "Pierre Beauchemin and Gilles Brassard and Claude
                 Cr\'epeau and Claude Goutier and Carl Pomerance",
  title =        "The Generation of Random Numbers That Are Probably
                 Prime",
  journal =      "Journal of Cryptology",
  year =         "1988",
  volume =       "1",
  pages =        "53--64",
  comment =      "Earlier version in CRYPTO 86 Proceedings.",
}

@InProceedings{Becker82,
  author =       "H. J. Becker",
  title =        "Nonlinear Feedback Shift Register Sequences",
  pages =        "121--123",
  booktitle =    CRYPTO81,
  editor =       "Allen Gersho",
  organization = "U.C. Santa Barbara Dept. of Elec. and Computer Eng.",
  note =         "Tech Report 82-04",
  year =         "1982",
}

@InProceedings{Beaver90,
  author =       "Donald Beaver",
  title =        "Multiparty protocols tolerating half faulty
                 processors",
  pages =        "560--572",
  booktitle =    CRYPTO89,
  editor =       "G. Brassard",
  note =         "Lecture Notes in Computer Science No.\ 435",
  publisher =    "Springer-Verlag",
  year =         "1990",
}

@InProceedings{Beaver92,
  author =       "D. Beaver",
  title =        "Foundations of secure interactive computing",
  pages =        "377--391",
  booktitle =    CRYPTO91,
  editor =       "J. Feigenbaum",
  note =         "Lecture Notes in Computer Science No.\ 576",
  publisher =    "Springer",
  year =         "1992",
}

@InProceedings{Beaver92a,
  author =       "D. Beaver",
  title =        "Efficient multiparty protocols using circuit
                 randomization",
  pages =        "420--432",
  booktitle =    CRYPTO91,
  editor =       "J. Feigenbaum",
  note =         "Lecture Notes in Computer Science No.\ 576",
  publisher =    "Springer",
  year =         "1992",
}

@InProceedings{BeaverFeKiRo91,
  author =       "D. Beaver and J. Feigenbaum and J. Kilian and P.
                 Rogaway",
  title =        "Security with Low Communication Overhead",
  pages =        "62--76",
  booktitle =    CRYPTO90,
  editor =       "A. J. Menezes and S. A. Vanstone",
  note =         "Lecture Notes in Computer Science No.\ 537",
  publisher =    "Springer-Verlag",
  year =         "1991",
}

@TechReport{BeaverFeOsSh93,
  author =       "Donald Beaver and Joan Feigenbaum and Rafail Ostrovsky
                 and Victor Shoup",
  title =        "Instance-Hiding Proof Systems",
  institution =  "DIMACS Center for Discrete Mathematics and Theoretical
                 Computer Science",
  number =       "TR--93-65",
  month =        Sep,
  year =         "1993",
}

@InProceedings{BeaverFeSh91,
  author =       "D. Beaver and J. Feigenbaum and V. Shoup",
  title =        "Hiding Instances in Zero-Knowledge Proof Systems",
  pages =        "326--338",
  booktitle =    CRYPTO90,
  editor =       "A. J. Menezes and S. A. Vanstone",
  note =         "Lecture Notes in Computer Science No.\ 537",
  publisher =    "Springer-Verlag",
  year =         "1991",
}

@InProceedings{BeaverGo90,
  author =       "Donald Beaver and Shafi Goldwasser",
  title =        "Multiparty computation with faulty majority",
  pages =        "589--590",
  booktitle =    CRYPTO89,
  editor =       "G. Brassard",
  note =         "Lecture Notes in Computer Science No.\ 435",
  publisher =    "Springer-Verlag",
  year =         "1990",
}

@InProceedings{BeimelCh92,
  author =       "Amos Beimel and Benny Chor",
  title =        "Universally Ideal Secret Sharing Schemes",
  pages =        "183--195",
  booktitle =    CRYPTO92,
  editor =       "Ernest F. Brickell",
  note =         "Lecture Notes in Computer Science No.\ 740",
  publisher =    "Springer-Verlag",
  year =         "1992",
}

@InProceedings{BeimelCh94,
  author =       "Amos Beimel and Benny Chor",
  title =        "Interaction in key distribution schemes",
  pages =        "456--479",
  booktitle =    CRYPTO93,
  editor =       "Douglas R. Stinson",
  note =         "Lecture Notes in Computer Science No.\ 773",
  publisher =    "Springer",
  year =         "1994",
}

@InProceedings{Beker83,
  author =       "H. J. Beker",
  title =        "Analogue Speech Security Systems",
  pages =        "130--146",
  year =         "1983",
  booktitle =    "Cryptography, Proc. Burg Feuerstein 1982",
  editor =       "T. Beth",
  volume =       "149",
  publisher =    "Springer-Verlag",
  address =      "Berlin",
}

@Book{BekerPi82,
  author =       "H. Beker and F. Piper",
  title =        "Cipher Systems: The Protection of Communications",
  publisher =    "Northwood",
  address =      "London",
  year =         "1982",
}

@InProceedings{BekerWa85,
  author =       "Henry Beker and Michaell Walker",
  title =        "Key Management for Secure Electronic Funds Transfer in
                 a Retail Environment",
  pages =        "401--410",
  booktitle =    CRYPTO84,
  editor =       "G. R. Blakley and D. C. Chaum",
  note =         "Lecture Notes in Computer Science No.\ 196",
  publisher =    "Springer",
  year =         "1985",
}

@TechReport{BellLa73,
  author =       "D. Bell and L. La{P}adula",
  title =        "Secure Computer Systems: Mathematical Foundations",
  institution =  "{MITRE} Corporation",
  number =       "ESD-TR-73-278",
  year =         "1973",
}

@TechReport{BellareBaChGu94,
  author =       "Mihir Bellare and Erol Basturk and Chee-Seng Chow and
                 Roch Gu\'{e}rin",
  title =        "Secure Transport Protocols for High Speed Networks",
  institution =  "IBM",
  number =       "RC 19981",
  month =        Jan,
  year =         "1994",
}

@InProceedings{BellareBeFeGo91,
  author =       "Mihir Bellare and Richard Beigel and Joan Feigenbaum
                 and Shafi Goldwasser",
  title =        "Languages that are Easier than their Proofs",
  pages =        "19--28",
  booktitle =    FOCS91,
  publisher =    IEEE,
  address =      "San Juan",
  year =         "1991",
}

@InProceedings{BellareCoGo90,
  author =       "Mihir Bellare and Lenore Cowen and Shafi Goldwasser",
  title =        "On the structure of secret key exchange protocols",
  pages =        "604--606",
  booktitle =    CRYPTO89,
  editor =       "G. Brassard",
  note =         "Lecture Notes in Computer Science No.\ 435",
  publisher =    "Springer-Verlag",
  year =         "1990",
}

% This is the final version of what appears in your bib as BellareCoGo90.
% (The entry above is actually not a paper, just a one page "rump session
% abstract" in Crypto).

@InProceedings{BellareCoGo91,
  author =       "Mihir Bellare and Lenore Cowen and Shafi Goldwasser",
  title =        "On the structure of secret key exchange protocols",
  pages =        "79--92",
  booktitle =    "Distributed Computing and Cryptography",
  editor =       "J.~Feigenbaum and M.~Merritt",
  note =         "Dimacs Series in Discrete Mathematics and Theoretical
                 Computer Science, Volume 2",
  publisher =    "AMS/ACM",
  year =         "1991",
}

@InProceedings{BellareFeKi95,
  author =       "Mihir Bellare and Uri Feige and Joe Kilian",
  title =        "On the Role of Shared Randomness in Two Prover Proof
                 Systems",
  pages =        "199--208",
  booktitle =    "ISTCS95",
  publisher =    "IEEE",
  address =      "Tel Aviv",
  year =         "1995",
}

@InProceedings{BellareGaHaHeKrStTsWa95,
  author =       "M.~Bellare and J.~Garay and R.~Hauser and H.~Krawczyk
                 A.~Herzberg and M.~Steiner and G.~Tsudik and
                 M.~Waidner",
  title =        "$i${KP} -- {A} Family of Secure Electronic Payment
                 Protocols",
  pages =        "1--20",
  booktitle =    "Proceedings of the Usenix Electronic Commerce
                 Workshop",
  year =         "1995",
}

@InProceedings{BellareGo90,
  author =       "Mihir Bellare and Shafi Goldwasser",
  title =        "New paradigms for digital signatures and message
                 authentication based on non-interative zero knowledge
                 proofs",
  pages =        "194--211",
  booktitle =    CRYPTO89,
  editor =       "G. Brassard",
  note =         "Lecture Notes in Computer Science No.\ 435",
  publisher =    "Springer-Verlag",
  year =         "1990",
}

@InProceedings{BellareGo92,
  author =       "Mihir Bellare and Oded Goldreich",
  title =        "On Defining Proofs of Knowledge",
  pages =        "390--420",
  booktitle =    CRYPTO92,
  editor =       "Ernest F. Brickell",
  note =         "Lecture Notes in Computer Science No.\ 740",
  publisher =    "Springer-Verlag",
  year =         "1992",
}

@Article{BellareGo94,
  author =       "Mihir Bellare and Shafi Goldwasser",
  title =        "The complexity of decision versus search",
  journal =      "SIAM Journal of Computing",
  year =         "1994",
  month =        Feb,
  volume =       "23",
  number =       "1",
  pages =        "97--119",
}

@TechReport{BellareGo95,
  author =       "Mihir Bellare and Shafi Goldwasser",
  title =        "Verifiable Partial Key Escrow",
  institution =  "Dept. of Computer Science and Engineering, U.C. San
                 Diego",
  number =       "CS95-447",
  year =         "1995",
  month =        Oct,
}

@InProceedings{BellareGoGo90,
  author =       "Mihir Bellare and Oded Goldreich and Shafi
                 Goldwasser",
  title =        "Randomness in Interactive Proofs",
  pages =        "563--573",
  booktitle =    FOCS90,
  publisher =    IEEE,
  address =      "St.~Louis",
  year =         "1990",
}

% Journal version of BellareGoGo90:

@Article{BellareGoGo93,
  author =       "Mihir Bellare and Oded Goldreich and Shafi
                 Goldwasser",
  title =        "Randmoness in Interactive Proofs",
  journal =      "Computational Complexity",
  volume =       "4",
  number =       "4",
  year =         "1993",
  pages =        "319--354",
}

@InProceedings{BellareGoGo94,
  author =       "Mihir Bellare and Oded Goldreich and Shafi
                 Goldwasser",
  title =        "Incremental cryptography: the case of hashing and
                 signing",
  pages =        "216--233",
  booktitle =    CRYPTO94,
  editor =       "Yvo G. Desmedt",
  note =         "Lecture Notes in Computer Science No.\ 839",
  publisher =    "Springer",
  year =         "1994",
}

@InProceedings{BellareGoGo95,
  author =       "Mihir Bellare and Oded Goldreich and Shafi
                 Goldwasser",
  title =        "Incremental Cryptography with Application to Virus
                 Protection",
  pages =        "45--56",
  booktitle =    STOC95,
  publisher =    ACM,
  address =      "Las Vegas",
  year =         "1995",
}

@TechReport{BellareGuRo95,
  author =       "Mihir Bellare and Roch Gu\'{e}rin and Phillip
                 Rogaway",
  title =        "{XOR MACs}: New Methods for Message Authentication
                 Using Block Ciphers",
  institution =  "IBM Research Report",
  number =       "RC 19970",
  month =        Mar,
  year =         "1995",
}

@InProceedings{BellareGuRo95b,
  author =       "Mihir Bellare and Roch Gu\'{e}rin and Phillip
                 Rogaway",
  title =        "{XOR MACs}: New Methods for Message Authentication
                 Using Finite Pseudorandom Functions",
  pages =        "15--28",
  booktitle =    CRYPTO95,
  editor =       "Don Coppersmith",
  note =         "Lecture Notes in Computer Science No.\ 963",
  publisher =    "Springer",
  year =         "1995",
}

@InProceedings{BellareKiRo94,
  author =       "Mihir Bellare and Joe Kilian and Phillip Rogaway",
  title =        "The security of cipher block chaining",
  pages =        "341--358",
  booktitle =    CRYPTO94,
  editor =       "Yvo G. Desmedt",
  note =         "Lecture Notes in Computer Science No.\ 839",
  publisher =    "Springer",
  year =         "1994",
}

@InProceedings{BellareMi88,
  author =       "Mihir Bellare and Silvio Micali",
  title =        "How to Sign Given Any Trapdoor Function",
  pages =        "32--42",
  booktitle =    STOC88,
  publisher =    ACM,
  address =      "Chicago",
  year =         "1988",
}

@InProceedings{BellareMi88a,
  author =       "Mihir Bellare and Silvio Micali",
  title =        "How to Sign Given Any Trapdoor Function",
  pages =        "200--215",
  booktitle =    CRYPTO88,
  editor =       "S. Goldwasser",
  note =         "Lecture Notes in Computer Science No. 403",
  publisher =    "Springer-Verlag",
  year =         "1988",
}

@InProceedings{BellareMi90a,
  author =       "Mihir Bellare and Silvio Micali",
  title =        "Non-interactive oblivious transfer and applications",
  pages =        "547--559",
  booktitle =    CRYPTO89,
  editor =       "G. Brassard",
  note =         "Lecture Notes in Computer Science No.\ 435",
  publisher =    "Springer-Verlag",
  year =         "1990",
}

@Article{BellareMi92,
  author =       "Mihir Bellare and Silvio Micali",
  title =        "How to Sign Given Any Trapdoor Permutation",
  journal =      "Journal of the ACM",
  volume =       "39",
  number =       "1",
  year =         "1992",
  month =        Jan,
  pages =        "214--233",
}

@InProceedings{BellareMi99,
  author =       "Mihir Bellare and Sara K. Miner",
  title =        "A forward-secure digital signature scheme",
  pages =        "431--448",
  booktitle =    CRYPTO99,
  editor =       "M. Wiener",
  note =         "Lecture Notes in Computer Science No.\ 1666",
  publisher =    "Springer-Verlag",
  year =         "1999",
}

@InProceedings{BellareMiOs90a,
  author =       "Mihir Bellare and Silvio Micali and Rafail Ostrovsky",
  title =        "Perfect Zero-Knowledge in Constant Rounds",
  pages =        "482--493",
  booktitle =    STOC90,
  publisher =    ACM,
  address =      "Baltimore",
  year =         "1990",
}

@InProceedings{BellareMiOs90b,
  author =       "Mihir Bellare and Silvio Micali and Rafail Ostrovsky",
  title =        "The (True) Complexity of Statistical Zero-Knowledge",
  pages =        "494--502",
  booktitle =    STOC90,
  publisher =    ACM,
  address =      "Baltimore",
  year =         "1990",
}

@InProceedings{BellarePe92,
  author =       "Mihir Bellare and Erez Petrank",
  title =        "Making Zero-Knowledge Provers Efficient",
  pages =        "711--722",
  booktitle =    STOC92,
  publisher =    ACM,
  address =      "Victoria",
  year =         "1992",
}

@Article{BellareRi99,
  author =       "Mihir Bellare and Ronald L. Rivest",
  title =        "Translucent Cryptography",
  journal =      "Journal of Cryptology",
  year =         "1999",
  volume =       "12",
  number =       "2",
  pages =        "117--140",
}

@InProceedings{BellareRo93,
  author =       "Mihir Bellare and Phillip Rogaway",
  title =        "Random Oracles are Practical: {A} Paradigm for
                 Designing Efficient Protocols",
  pages =        "62--73",
  booktitle =    "First ACM Conference on Computer and Communications
                 Security",
  publisher =    ACM,
  address =      "Fairfax",
  year =         "1993",
}

@InProceedings{BellareRo94,
  author =       "Mihir Bellare and Phillip Rogaway",
  title =        "Entity authentication and key distribution",
  pages =        "232--249",
  booktitle =    CRYPTO93,
  editor =       "Douglas R. Stinson",
  note =         "Lecture Notes in Computer Science No.\ 773",
  publisher =    "Springer",
  year =         "1994",
}

@InProceedings{BellareRo94b,
  author =       "Mihir Bellare and Phillip Rogaway",
  title =        "Optimal Asymmetric Encryption",
}

,
pages =        {92--111},
booktitle =    {EUROCRYPT94},
editor =       {Alfredo De Santis},
note =         {Lecture Notes in Computer Science No.\ 950},
publisher =    {Springer},
year =         1995
}

@InProceedings{BellareRo95,
  author =       "Mihir Bellare and Phillip Rogaway",
  title =        "Provably Secure Session Key Distribution-- The Three
                 Party Case",
  pages =        "57--66",
  booktitle =    STOC95,
  publisher =    ACM,
  address =      "Las Vegas",
  year =         "1995",
}

@InProceedings{BellareYu92,
  author =       "Mihir Bellare and Moti Yung",
  title =        "Certifying Cryptographic Tools: The Case of Trapdoor
                 Permutations",
  pages =        "442--460",
  booktitle =    CRYPTO92,
  editor =       "Ernest F. Brickell",
  note =         "Lecture Notes in Computer Science No.\ 740",
  publisher =    "Springer-Verlag",
  year =         "1992",
}

@TechReport{BellOl78,
  author =       "D. A. Bell and S. E. Olding",
  title =        "An Annotated Bibliography of Cryptography",
  institution =  "National Physical Laboratory",
  year =         "1978",
  month =        Jan,
  number =       "COM-100",
}

@Article{BellovinCh94,
  author =       "Steven M. Bellovin and William R. Cheswick",
  title =        "Network Firewalls",
  journal =      "IEEE Communications Magazine",
  month =        Sep,
  year =         "1994",
  volume =       "32",
  number =       "9",
  pages =        "50--57",
}

@InProceedings{Benaloh87,
  author =       "J. Benaloh",
  title =        "Secret Sharing Homomorphisms: Keeping Shares of {A}
                 Secret Sharing",
  booktitle =    CRYPTO86,
  editor =       "A. M. Odlyzko",
  note =         "Lecture Notes in Computer Science No.\ 263",
  publisher =    "Springer",
  year =         "1987",
}

@InProceedings{Benaloh87a,
  author =       "Josh Cohen Benaloh",
  title =        "Cryptographic capsules: {A} disjunctive primative for
                 interactive protocols",
  pages =        "213--222",
  booktitle =    CRYPTO86,
  editor =       "A. M. Odlyzko",
  note =         "Lecture Notes in Computer Science No.\ 263",
  publisher =    "Springer-Verlag",
  year =         "1987",
}

@InProceedings{BenalohLe88,
  author =       "J. Benaloh and J. Leichter",
  title =        "Generalized Secret Sharing and Monotone Functions",
  pages =        "27--36",
  booktitle =    CRYPTO88,
  editor =       "S. Goldwasser",
  note =         "Lecture Notes in Computer Science No. 403",
  publisher =    "Springer-Verlag",
  year =         "1988",
}

@InProceedings{BenalohYu86,
  author =       "J. Benaloh and M. Yung",
  title =        "Distributing the power of government to enhance the
                 power of voters",
  pages =        "52--62",
  booktitle =    PODC86,
  publisher =    "ACM",
  year =         "1986",
}

@InProceedings{Ben-AroyaBi94,
  author =       "Ishai Ben-Aroya and Eli Biham",
  title =        "Differtial cryptanalysis of Lucifer",
  pages =        "187--199",
  booktitle =    CRYPTO93,
  editor =       "Douglas R. Stinson",
  note =         "Lecture Notes in Computer Science No.\ 773",
  publisher =    "Springer",
  year =         "1994",
}

@Article{BengioGrDeGoQu91,
  author =       "Samy Bengio and Gilles Grassard and Yvo G. Desmedt and
                 Claude Goutier and Jean-Jacques Quisquater",
  title =        "Secure Implementation of Identification Systems",
  journal =      "Journal of Cryptology",
  year =         "1991",
  volume =       "4",
  pages =        "175--183",
}

@InProceedings{Ben-OrGo93,
  author =       "Ran Canetti Micahel Ben-Or and Oded Goldreich",
  title =        "Asynchronous Secure Computation",
  pages =        "52--61",
  booktitle =    STOC93,
  year =         "1993",
}

@Article{Ben-DavidChGoLu92,
  author =       "S. Ben-David and B. Chor and O. Goldreich and M.
                 Luby",
  title =        "On the Theory of Average Case Complexity",
  journal =      "Journal of Computer and System Sciences",
  volume =       "44",
  number =       "2",
  month =        Apr,
  year =         "1992",
  pages =        "193--219",
}

@InProceedings{BenderCa90,
  author =       "Andreas Bender and Guy Castagnoli",
  title =        "On the implementation of elliptic curve
                 cryptosystems",
  pages =        "186--193",
  booktitle =    CRYPTO89,
  editor =       "G. Brassard",
  note =         "Lecture Notes in Computer Science No.\ 435",
  publisher =    "Springer-Verlag",
  year =         "1990",
}

@InProceedings{BennettBr85,
  author =       "Charles H. Bennett and Gilles Brassard",
  title =        "An Update on Quantum Cryptography",
  pages =        "475--480",
  booktitle =    CRYPTO84,
  editor =       "G. R. Blakley and D. C. Chaum",
  note =         "Lecture Notes in Computer Science No.\ 196",
  publisher =    "Springer",
  year =         "1985",
}

@Article{BennettBrEk92,
  author =       "Charles H. Bennett and Gilles Brassard and Artur K.
                 Ekert",
  title =        "Quantum Cryptography",
  journal =      "Scientific American",
  volume =       "267",
  number =       "4",
  year =         "1992",
  pages =        "50--57",
}

@InProceedings{BennettBrBrWi83,
  author =       "Charles H. Bennett and Gilles Brassard and Seth
                 Breidbard and Stephen Wiesner",
  title =        "Quantum Cryptography, or Unforgeable Subway Tokens",
  pages =        "267--275",
  booktitle =    CRYPTO82,
  editor =       "R. L. Rivest and A. Sherman and D. Chaum",
  publisher =    "Plenum Press",
  address =      "New York",
  year =         "1983",
}

@InProceedings{BennettBrCrMa94,
  author =       "C. H. Bennett and Gilles Brassard and C. Cr\'epeau and
                 U. M. Maurer",
  title =        "Generalized privacy amplification",
  booktitle =    "Proc. 1994 IEEE Internation Symp. of Information
                 Theory",
  year =         "1994",
  pages =        "350--350",
  note =         "Trondheim, Norway, June 27-July1, 94",
}

@InProceedings{BennettBrCrSk92,
  author =       "C. H. Bennett and G. Brassard and C. Cr\'epeau and
                 M.-H. Skubiszewska",
  title =        "Practical Quantum Oblivious Transfer",
  pages =        "351--366",
  booktitle =    CRYPTO91,
  editor =       "J. Feigenbaum",
  note =         "Lecture Notes in Computer Science No.\ 576",
  publisher =    "Springer",
  year =         "1992",
}

@InProceedings{BennettBrRo86,
  author =       "Charles H. Bennett and Gilles Brassard and Jean-Marc
                 Robert",
  title =        "How to Reduce Your Enemy's Information",
  pages =        "468--476",
  booktitle =    CRYPTO85,
  editor =       "H. C. Williams",
  note =         "Lecture Notes in Computer Science No.\ 218",
  publisher =    "Springer",
  year =         "1986",
}

@Article{BennettBrRo88,
  author =       "C. H. Bennett and G. Brassard and J. Robert",
  title =        "Privacy Amplification by Public Discussion",
  journal =      "SIAM J. Computing",
  volume =       "17",
  number =       "2",
  year =         "1988",
  month =        Apr,
  pages =        "210--229",
}

@InProceedings{Ben-OrChSh83,
  author =       "M. Ben-Or and B. Chor and A. Shamir",
  title =        "On the Cryptographic Security of Single {RSA} bits",
  pages =        "421--430",
  booktitle =    STOC83,
  publisher =    ACM,
  address =      "Boston",
  year =         "1983",
}

@InProceedings{Ben-OrGoGoHaKiMi88,
  author =       "M. Ben-Or and O. Goldreich and S. Goldwasser and J.
                 H{\aa}stad and J. Kilian and S. Micali and P. Rogaway",
  title =        "Everything Provable is Provable in Zero-Knowledge",
  pages =        "37--56",
  booktitle =    CRYPTO88,
  editor =       "S. Goldwasser",
  note =         "Lecture Notes in Computer Science No. 403",
  publisher =    "Springer-Verlag",
  year =         "1988",
}

@InProceedings{Ben-OrGoKiWi88,
  author =       "Michael Ben-Or and Shafi Goldwasser and Joe Kilian and
                 Avi Wigderson",
  title =        "Multi-Prover Interactive Proofs: How to Remove
                 Intractability Assumptions",
  booktitle =    STOC88,
  pages =        "113--132",
  year =         "1988",
}

@InProceedings{Ben-OrGoKiWi90,
  author =       "Michael Ben-Or and Shafi Goldwasser and Joe Kilian and
                 Avi Wigderson",
  title =        "Efficient identification schemes using two prover
                 interactive proofs",
  pages =        "498--506",
  booktitle =    CRYPTO89,
  editor =       "G. Brassard",
  note =         "Lecture Notes in Computer Science No.\ 435",
  publisher =    "Springer-Verlag",
  year =         "1990",
}

@InProceedings{Ben-OrGoMiRi85,
  author =       "M. Ben-Or and O. Goldreich and S. Micali and R. L.
                 Rivest",
  title =        "A Fair Protocol for Signing Contracts",
  booktitle =    "ICALP",
  note =         "Lecture Notes in Computer Science No. \ 194",
  year =         "1985",
  pages =        "43--52",
}

@Article{Ben-OrGoMiRi90,
  author =       "Michael Ben-Or and Oded Goldreich and Silvio Micali
                 and Ronald L. Rivest",
  title =        "A Fair Protocol for Signing Contracts",
  journal =      "IEEE Transactions on Information Theory",
  year =         "1990",
  volume =       "36",
  number =       "1",
  pages =        "40--46",
}

@InProceedings{Ben-OrGoWi88,
  author =       "M. Ben-Or and S. Goldwasser and A. Wigderson",
  title =        "Completeness theorems for fault-tolerant distributed
                 computing",
  pages =        "1--10",
  booktitle =    STOC88,
  publisher =    ACM,
  address =      "Chicago",
  year =         "1988",
}

@InProceedings{BergerKaPe86,
  author =       "Richard Berger and Sampath Kannan and Rene Peralta",
  title =        "A Framework for the Study of Cryptographic Protocols",
  pages =        "87--103",
  booktitle =    CRYPTO85,
  editor =       "H. C. Williams",
  note =         "Lecture Notes in Computer Science No.\ 218",
  publisher =    "Springer",
  year =         "1986",
}

@InProceedings{BergerPeTe85,
  author =       "R. Berger and R. Peralta and T. Tedrick",
  title =        "A Provably Secure Oblivious Transfer Protocol",
  pages =        "379--386",
  booktitle =    EUROCRYPT84,
  editor =       "T. Beth and N. Cot and I. Ingemarsson",
  note =         "Lecture Notes in Computer Science No. 209",
  publisher =    "Springer-Verlag",
  year =         "1985",
}

@Article{Berkovits82,
  author =       "Shimshon Berkovits",
  title =        "Factoring via Superencryption",
  journal =      "Cryptologia",
  year =         "1982",
  month =        Jul,
  volume =       "6",
  number =       "3",
  pages =        "229--237",
}

@Article{Berlekamp70,
  author =       "E. Berlekamp",
  title =        "Factoring polynomials over large finite fields",
  journal =      "Math. Comp",
  volume =       "24",
  year =         "1970",
  pages =        "713--735",
}

@InProceedings{Berson82,
  author =       "Thomas Berson",
  title =        "Local Network Cryptosystem Architecture",
  pages =        "73--78",
  booktitle =    CRYPTO81,
  editor =       "Allen Gersho",
  organization = "U.C. Santa Barbara Dept. of Elec. and Computer Eng.",
  note =         "Tech Report 82-04",
  year =         "1982",
}

@InProceedings{Berson83,
  author =       "Thomas A. Berson",
  title =        "Local Network Cryptosystem Architecture: Access
                 Control",
  pages =        "251--258",
  booktitle =    CRYPTO82,
  editor =       "R. L. Rivest and A. Sherman and D. Chaum",
  publisher =    "Plenum Press",
  address =      "New York",
  year =         "1983",
}

@InProceedings{Berson83a,
  author =       "Thomas A. Berson",
  title =        "Long Key Variants of {DES}",
  pages =        "311--313",
  booktitle =    CRYPTO82,
  editor =       "R. L. Rivest and A. Sherman and D. Chaum",
  publisher =    "Plenum Press",
  address =      "New York",
  year =         "1983",
}

@InProceedings{Berson92,
  author =       "T. A. Berson",
  year =         "1992",
  title =        "Differential cryptanalysis mod $2^{32}$ with
                 applications to {MD5}",
  booktitle =    "Advances in Cryptology --- Eurocrypt '92",
  editor =       "R. A. Rueppel",
  publisher =    "Springer-Verlag",
  address =      "Berlin",
}

@Article{Beth95,
  author =       "Thomas Beth",
  title =        "Confidential Communication on the Internet",
  journal =      "Scientific American",
  month =        Dec,
  year =         "1995",
  pages =        "87--91",
}

@InProceedings{BethCoGo87,
  author =       "T. Beth and B. M. Cook and D. Gollmann",
  title =        "Architectures for exponentiation in {GF}$(2{^n})$",
  pages =        "303--310",
  booktitle =    CRYPTO86,
  editor =       "A. M. Odlyzko",
  note =         "Lecture Notes in Computer Science No. 263",
  publisher =    "Springer-Verlag",
  year =         "1987",
}

@InProceedings{BethDa90,
  author =       "T. Beth and Zong-duo Dai",
  year =         "1990",
  title =        "On the Complexity of Pseudo-Random Sequences - or:
                 {If} You Can Describe a Sequence It Can't be Random",
  booktitle =    "Advances in Cryptology --- Eurocrypt '89",
  editor =       "J. J. Quisquater and J. Vandewalle",
  pages =        "533--543",
  publisher =    "Springer-Verlag",
  address =      "Berlin",
}

@InProceedings{BethDe91,
  author =       "T. Beth and Y. Desmedt",
  title =        "Identification Tokens - or: Solving the Chess
                 Grandmaster Problem",
  pages =        "169--177",
  booktitle =    CRYPTO90,
  editor =       "A. J. Menezes and S. A. Vanstone",
  note =         "Lecture Notes in Computer Science No. 537",
  publisher =    "Springer-Verlag",
  year =         "1991",
}

@Book{BethFrSi92,
  editor =       "T. Beth and M. Frisch and G. J. Simmons",
  year =         "1992",
  title =        "Public-key Cryptography, State of the Art and Future
                 Directions",
  series =       "Lecture Notes in Computer Science",
  volume =       "578",
  publisher =    "Springer-Verlag",
  address =      "Berlin",
}

@Book{BethJuLe85,
  author =       "T.~Beth and D.~Jungnickel and H.~Lenz.",
  title =        "Design Theory",
  publisher =    "Bibliographisches Institut, Zurich",
  year =         "1985",
}

@InProceedings{BethLaMa94,
  author =       "T. Beth and D. E. Lazic and A. Mathias",
  title =        "Cryptanalysis of cryptosystems based on remote chaos
                 replication",
  pages =        "318--331",
  booktitle =    CRYPTO94,
  editor =       "Yvo G. Desmedt",
  note =         "Lecture Notes in Computer Science No. 839",
  publisher =    "Springer",
  year =         "1994",
}

@InProceedings{BethPi84,
  author =       "T. Beth and F. Piper",
  year =         "1984",
  title =        "The stop-and-go generator",
  booktitle =    "Advances in Cryptology --- Eurocrypt '84",
  editor =       "T. Beth and N. Cot and I. Ingemarsson",
  pages =        "88--92",
  publisher =    "Springer-Verlag",
  address =      "Berlin",
}

@Book{Beutelspacher94,
  newtag =       "Beutelspacher94",
  author =       "A.~Beutelspacher",
  title =        "Cryptology",
  publisher =    "Mathematical Association of America",
  year =         "1994",
}

@TechReport{Biba75,
  author =       "K. Biba",
  title =        "Integrity Consideration for Secure Computer Systems",
  institution =  "{MITRE} Corporation",
  number =       "MTR-3153",
  year =         "1975",
}

@InProceedings{BiehlBuTh94,
  author =       "Ingrid Biehl and Johannes Buchmann and Christoph
                 Thiel",
  title =        "Cryptographic protocols based on discrete logarithms
                 in real-quadratic orders",
  pages =        "56--60",
  booktitle =    CRYPTO94,
  editor =       "Yvo G. Desmedt",
  note =         "Lecture Notes in Computer Science No. 839",
  publisher =    "Springer",
  year =         "1994",
}

@InProceedings{BierbrauerGoSt94,
  author =       "J/{"}urgen Bierbrauer and K. Gopalakrishnan and D. R.
                 Stinson",
  title =        "Bounds for resilient functions and orthogonal arrays",
  pages =        "247--256",
  booktitle =    CRYPTO94,
  editor =       "Yvo G. Desmedt",
  note =         "Lecture Notes in Computer Science No. 839",
  publisher =    "Springer",
  year =         "1994",
}

@InProceedings{BierbrauerJoKaSm94,
  author =       "J/{"}urgen Bierbrauer and Thomas Johansson and Gregory
                 Katatianskii and Ben Smeets",
  title =        "On families of hash functions via geometric codes and
                 concatenation",
  pages =        "331--342",
  booktitle =    CRYPTO93,
  editor =       "Douglas R. Stinson",
  note =         "Lecture Notes in Computer Science No. 773",
  publisher =    "Springer",
  year =         "1994",
}

@InProceedings{Biham94,
  author =       "E. Biham",
  title =        "On Modes of Operation",
  booktitle =    "Fast Software Encryption",
  year =         "1994",
  editor =       "R. Anderson",
  publisher =    "Springer-Verlag",
  series =       "Lecture Notes in Computer Science",
  volume =       "809",
  pages =        "116--121",
  address =      "Berlin",
}

@InProceedings{Biham94a,
  author =       "E. Biham",
  year =         "1994",
  title =        "New Types of Cryptanalytic Attacks Using Related
                 Keys",
  booktitle =    "Advances in Cryptology --- Eurocrypt'93",
  editor =       "T. Helleseth",
  publisher =    "Springer-Verlag",
  series =       "Lecture Notes in Computer Science",
  volume =       "765",
  pages =        "398--409",
  address =      "Berlin",
}

@InProceedings{Biham95,
  author =       "Eli Biham",
  title =        "Cryptanalysis of Multiple Modes of Operation",
  note =         "Pre-Proceedings of {ASIACRYPT '94}. Submitted to J.
                 Cryptology.",
  year =         "1995",
}

@InProceedings{BihamSh91,
  author =       "E. Biham and A. Shamir",
  title =        "Differential Cryptanalysis of {DES}-like
                 Cryptosystems",
  pages =        "2--21",
  booktitle =    CRYPTO90,
  editor =       "A. J. Menezes and S. A. Vanstone",
  note =         "Lecture Notes in Computer Science No. 537",
  publisher =    "Springer-Verlag",
  year =         "1991",
}

@Article{BihamSh91a,
  author =       "E. Biham and A. Shamir",
  title =        "Differential Cryptanalysis of {DES}-like
                 Cryptosystems",
  journal =      "Journal of Cryptology",
  year =         "1991",
  volume =       "4",
  pages =        "3--72",
}

@InProceedings{BihamSh91b,
  author =       "E. Biham and A. Shamir",
  year =         "1991",
  title =        "Differential cryptanalysis of {FEAL} and {N}-{H}ash",
  booktitle =    "Advances in Cryptology --- Eurocrypt '91",
  editor =       "D. W. Davies",
  pages =        "1--16",
  publisher =    "Springer-Verlag",
  address =      "Berlin",
}

@InProceedings{BihamSh92,
  author =       "E. Biham and A. Shamir",
  title =        "Differential Cryptanalysis of {Snefru, Khafre,
                 REDOC-II, LOKI and Lucifer}",
  pages =        "156--171",
  booktitle =    CRYPTO91,
  editor =       "J. Feigenbaum",
  note =         "Lecture Notes in Computer Science No. 576",
  publisher =    "Springer",
  year =         "1992",
}

@InProceedings{BihamSh92a,
  author =       "Eli Biham and Adi Shamir",
  title =        "Differential Cryptanalysis of the Full 16-Round
                 {DES}",
  pages =        "487--496",
  booktitle =    CRYPTO92,
  editor =       "Ernest F. Brickell",
  note =         "Lecture Notes in Computer Science No. 740",
  publisher =    "Springer-Verlag",
  year =         "1992",
}

@Book{BihamSh93,
  author =       "E. Biham and A. Shamir",
  title =        "A Differential Cryptanalysis of the {D}ata
                 {E}ncryption {S}tandard",
  publisher =    "Springer-Verlag",
  year =         "1993",
}

@InProceedings{BirdGoHeJaKuMo92,
  author =       "R. Bird and I. Gopal and A. Herzberg and P. Janson and
                 S. Kutten and R. Molva and M. Yung",
  title =        "Systematic Design of Two-Party Authentication
                 Protocols",
  pages =        "44--61",
  booktitle =    CRYPTO91,
  editor =       "J. Feigenbaum",
  note =         "Lecture Notes in Computer Science No. 576",
  publisher =    "Springer",
  year =         "1992",
}

@Article{Bishop91,
  author =       "M. Bishop",
  year =         "1991",
  title =        "Privacy-enhanced electronic mail",
  journal =      "Internetworking: Research and Experience",
  volume =       "2",
  pages =        "199--233",
}

@Book{Blahut83,
  author =       "R. E. Blahut",
  title =        "Theory and Practice of Error Control Codes",
  publisher =    "Addison-Wesley",
  year =         "1983",
}

@InProceedings{BlakeMuVa85,
  author =       "I. F. Blake and R. C. Mullin and S. A. Vanstone",
  title =        "Computing Logarithms in {GF}$(2{^n})$",
  pages =        "73--82",
  booktitle =    CRYPTO84,
  editor =       "G. R. Blakley and D. C. Chaum",
  note =         "Lecture Notes in Computer Science No. 196",
  publisher =    "Springer",
  year =         "1985",
}

@InProceedings{Blakley79,
  author =       "G.~R. Blakley",
  title =        "Safeguarding cryptographic keys",
  booktitle =    "Proc.\ AFIPS 1979 National Computer Conference",
  publisher =    AFIPS,
  year =         "1979",
  pages =        "313--317",
}

@InProceedings{Blakley82,
  newtag =       "Blakley82",
  author =       "G. Robert Blakley",
  title =        "Key Management from a Security Viewpoint",
  pages =        "82--82",
  booktitle =    CRYPTO81,
  editor =       "Allen Gersho",
  organization = "U.C. Santa Barbara Dept. of Elec. and Computer Eng.",
  note =         "Tech Report 82-04",
  year =         "1982",
}

@InProceedings{Blakley85,
  author =       "G. R. Blakley",
  title =        "Information Theory without the Finiteness Assumption,
                 {I}: Cryptosystems as Group-Theoretic Objects",
  pages =        "314--338",
  booktitle =    CRYPTO84,
  editor =       "G. R. Blakley and D. C. Chaum",
  note =         "Lecture Notes in Computer Science No. 196",
  publisher =    "Springer",
  year =         "1985",
}

@InProceedings{Blakley86,
  author =       "G. R. Blakley",
  title =        "Information Theory Without the Finiteness Assumption,
                 {II} Unfolding the {DES}",
  pages =        "282--337",
  booktitle =    CRYPTO85,
  editor =       "H. C. Williams",
  note =         "Lecture Notes in Computer Science No. 218",
  publisher =    "Springer",
  year =         "1986",
}

@InProceedings{BlakleyBlChMa92,
  author =       "Bob Blakley and G. R. Blakley and Agnes H. Chan and
                 James L. Massey",
  title =        "Threshold Schemes with Disenrollment",
  pages =        "540--548",
  booktitle =    CRYPTO92,
  editor =       "Ernest F. Brickell",
  note =         "Lecture Notes in Computer Science No. 740",
  publisher =    "Springer-Verlag",
  year =         "1992",
}

@InProceedings{BonehSh95,
  author =       "Dan Boneh and James Shaw",
  title =        "Collusion-Secure Fingerprinting for Digital Data",
  pages =        "452--465",
  booktitle =    CRYPTO95,
  editor =       "Don Coppersmith",
  note =         "Lecture Notes in Computer Science No.\ 963",
  publisher =    "Springer",
  year =         "1995",
}

@Article{BlakleyBo79,
  author =       "G. R. Blakley and I. Borosh",
  title =        "{Rivest-Shamir-Adleman} Public Key Cryptosystems do
                 not always conceal messages",
  journal =      "Computers \& Mathematics with Applications",
  volume =       "5",
  number =       "3",
  year =         "1979",
  pages =        "169--178",
}

@InProceedings{BlakleyDi87,
  author =       "G. R. Blakley and R. D. Dixon",
  title =        "Smallest possible message expansion in threshold
                 schemes",
  pages =        "266--274",
  booktitle =    CRYPTO86,
  editor =       "A. M. Odlyzko",
  note =         "Lecture Notes in Computer Science No. 263",
  publisher =    "Springer-Verlag",
  year =         "1987",
}

@InProceedings{BlakleyMe85,
  author =       "G. R. Blakley and Catherine Meadows",
  title =        "Security of Ramp Schemes",
  pages =        "242--268",
  booktitle =    CRYPTO84,
  editor =       "G. R. Blakley and D. C. Chaum",
  note =         "Lecture Notes in Computer Science No. 196",
  publisher =    "Springer",
  year =         "1985",
}

@InProceedings{BlakleyMePu86,
  author =       "G. R. Blakley and Catherine Meadows and G. B. Purdy",
  title =        "Fingerprinting Long Forgiving Messages",
  pages =        "180--189",
  booktitle =    CRYPTO85,
  editor =       "H. C. Williams",
  note =         "Lecture Notes in Computer Science No. 218",
  publisher =    "Springer",
  year =         "1986",
}

@InProceedings{BlakleyRu88,
  author =       "G. R. Blakley and William Rundell",
  title =        "Cryptosystems based on an analog of heat flow",
  pages =        "306--329",
  booktitle =    CRYPTO87,
  editor =       "Carl Pomerance",
  note =         "Lecture Notes in Computer Science No. 293",
  publisher =    "Springer-Verlag",
  year =         "1988",
}

@InProceedings{BlakleySw83,
  author =       "G. R. Blakley and Laif Swanson",
  title =        "Infinite Structures in Information Theory",
  pages =        "39--50",
  booktitle =    CRYPTO82,
  editor =       "R. L. Rivest and A. Sherman and D. Chaum",
  publisher =    "Plenum Press",
  address =      "New York",
  year =         "1983",
}

@Misc{BlazeDiRiScShThWi96,
  author =       "Matt Blaze and Whitfield Diffie and Ronald L. Rivest
                 and Bruce Schneier and Tsutomu Shimomura and Eric
                 Thompson and Michael Wiener",
  title =        "Minimal Key Lengths for Symmetric Ciphers to Provide
                 Adequate Commercial Security: {A} Report by an Ad Hoc
                 Group of Cryptographers and Computer Scientists",
  year =         "1996",
  month =        Jan,
  note =         "Available at {\tt http://www.bsa.org}.",
}

@InProceedings{BlazeFeLa96,
  author =       "Matt Blaze and Joan Feigenbaum and Jack Lacy",
  title =        "Decentralized Trust Management",
  pages =        "(to appear)",
  month =        may,
  year =         "1996",
  booktitle =    "Proceedings 1996 IEEE Symposium on Security and
                 Privacy",
}

@InProceedings{BlazeBlSt98,
  author =       "Matt Blaze and Gerritt Bleumer and Martin Strauss",
  title =        "Atomic Proxy Cryptography",
  pages =        "127--144",
  booktitle =    "Proceedings Eurocrypt 98",
  publisher =    "Springer-Verlag",
  note =         "Lecture Notes in Computer Science No. 1403",
  editor =       "Kaisa Nyberg",
  year =         "1998",
}

@InProceedings{BleichenbacherMa94,
  newtag =       "BleichenbacherMa94",
  author =       "Daniel Bleichenbacher and Ueli M. Maurer",
  title =        "Directed acyclic graphs, one-way functions and digital
                 signatures",
  pages =        "75--82",
  booktitle =    CRYPTO94,
  editor =       "Yvo G. Desmedt",
  note =         "Lecture Notes in Computer Science No. 839",
  publisher =    "Springer",
  year =         "1994",
}

@InProceedings{Blom83,
  author =       "Rolf Blom",
  title =        "Non-Public Key Distribution",
  pages =        "231--236",
  booktitle =    CRYPTO82,
  editor =       "R. L. Rivest and A. Sherman and D. Chaum",
  publisher =    "Plenum Press",
  address =      "New York",
  year =         "1983",
}

@InProceedings{Blom85,
  author =       "Rolf Blom",
  title =        "An Optimal Class of Symmetric Key Generation Systems",
  pages =        "335--338",
  booktitle =    EUROCRYPT84,
  editor =       "T. Beth and N. Cot and I. Ingemarsson",
  note =         "Lecture Notes in Computer Science No.\ 209",
  publisher =    "Springer-Verlag",
  year =         "1985",
}

@Misc{BluesteinCrDrJeSi85,
  author =       "L. Bluestein and P. Crandell and D. Drake and L.
                 Jedynak and L. Simpson",
  title =        "Two Level Encripting of {RF} Signals",
  howpublished = "U.S. Patent No. 4,531,021",
  month =        jul # " 23,",
  year =         "1985",
}

@Manual{Blum81,
  author =       "M. Blum",
  title =        "Three applications of the oblivious transfer: Part
                 {I}: Coin flipping by telephone; Part {II}: How to
                 exchange secrets; Part {III}: How to send certified
                 electronic mail",
  organization = "Department of EECS",
  address =      "University of California, Berkeley, CA",
  year =         "1981",
}

@InProceedings{Blum82,
  author =       "M. Blum",
  title =        "Coin Flipping by Telephone",
  booktitle =    "Proc. IEEE Spring COMPCOM",
  year =         "1982",
  pages =        "133--137",
  publisher =    IEEE,
  comment =      "Suggests using p = q = 3(4).",
}

@InProceedings{Blum82a,
  author =       "Manuel Blum",
  title =        "Coin Flipping by Telephone",
  pages =        "11--15",
  booktitle =    CRYPTO81,
  editor =       "Allen Gersho",
  organization = "U.C. Santa Barbara Dept. of Elec. and Computer Eng.",
  note =         "Tech Report 82-04",
  year =         "1982",
}

@Article{Blum83,
  author =       "M. Blum",
  title =        "How to exchange (secret) keys",
  journal =      "Trans.\ Computer Systems",
  volume =       "1",
  month =        May,
  year =         "1983",
  pages =        "175--193",
  publisher =    ACM,
  note =         "(Previously published in ACM STOC '83 proceedings,
                 pages 440--447.)",
}

@InProceedings{Blum84,
  author =       "M. Blum",
  title =        "Independent Unbiased Coin Flips from a Correlated
                 Biased Source: {A} Finite State {Markov} Chain",
  pages =        "425--433",
  booktitle =    FOCS84,
  address =      "Singer Island",
  year =         "1984",
  publisher =    IEEE,
}

@InProceedings{BlumBlSh83,
  author =       "Lenore Blum and Manuel Blum and Michael Shub",
  title =        "Comparison of Two Pseudo-Random Number Generators",
  pages =        "61--78",
  booktitle =    CRYPTO82,
  editor =       "R. L. Rivest and A. Sherman and D. Chaum",
  publisher =    "Plenum Press",
  address =      "New York",
  year =         "1983",
}

@Article{BlumBlSh86,
  author =       "L. Blum and M. Blum and M. Shub",
  title =        "A Simple Unpredictable Pseudo-Random Number
                 Generator",
  journal =      SIAM,
  volume =       "15",
  number =       "2",
  month =        May,
  year =         "1986",
  pages =        "364--383",
  comment =      "$x^2 \mod N$ generator, where $N$ is product $pq$,
                 where $p\equiv q \equiv 3 \mod N$. Notes that this
                 permutes quadratic residues mod $N$.",
}

@Article{BlumDeMiPe91,
  author =       "M. Blum and A. De Santis and S. Micali and G.
                 Persiano",
  title =        "NonInteractive Zero-Knowledge",
  journal =      "SIAM J. Computing",
  year =         "1991",
  month =        Dec,
  volume =       "20",
  number =       "6",
  pages =        "1084--1118",
}

@InProceedings{BlumFeMi88,
  author =       "M. Blum and P. Feldman and S. Micali",
  title =        "Proving Security Against Chosen Cyphertext Attacks",
  pages =        "256--268",
  booktitle =    CRYPTO88,
  editor =       "S. Goldwasser",
  note =         "Lecture Notes in Computer Science No. 403",
  publisher =    "Springer-Verlag",
  year =         "1988",
}

@InProceedings{BlumFuKeLi94,
  author =       "Avrim Blum and Merrick Furst and Michael Kearns and
                 Richard J. Lipton",
  title =        "Cryptographic primitives based on hard learning
                 problems",
  pages =        "278--291",
  booktitle =    CRYPTO93,
  editor =       "Douglas R. Stinson",
  note =         "Lecture Notes in Computer Science No. 773",
  publisher =    "Springer",
  year =         "1994",
}

@InProceedings{BlumGo85,
  author =       "M. Blum and S. Goldwasser",
  title =        "An efficient probabilistic public-key encryption
                 scheme which hides all partial information",
  pages =        "289--302",
  booktitle =    CRYPTO84,
  publisher =    "Springer",
  editor =       "G. R. Blakley and D. C. Chaum",
  year =         "1985",
  note =         "Lecture Notes in Computer Science No. 196",
}

@InProceedings{BlumGo85a,
  newtag =       "BlumGo85a",
  author =       "Manuel Blum and Shafi Goldwasser",
  title =        "An Efficient Probalistic Public Key Encryption Scheme
                 which Hides All Partial Information",
  pages =        "289--299",
  booktitle =    CRYPTO84,
  editor =       "G. R. Blakley and D. C. Chaum",
  note =         "Lecture Notes in Computer Science No. 196",
  publisher =    "Springer",
  year =         "1985",
}

@Article{BlumMi84,
  author =       "M. Blum and S. Micali",
  title =        "How to generate cryptographically strong sequences of
                 pseudo-random bits",
  journal =      SIAM,
  volume =       "13",
  number =       "4",
  month =        Nov,
  year =         "1984",
  pages =        "850--863",
}

@InProceedings{BlumVaVa84,
  author =       "Manuel Blum and Umesh V. Vazirani and Vijay V.
                 Vazirani",
  title =        "Reducibility Among Protocols",
  pages =        "137--146",
  booktitle =    CRYPTO83,
  editor =       "D. Chaum",
  publisher =    "Plenum Press",
  address =      "New York",
  year =         "1984",
}

@InProceedings{BlundoDeDiGaVa94,
  author =       "Carlo Blundo and Alfredo De Santis and Giovanni Di
                 Crescenzo and Antonio Giorgio Gaggia and Ugo Vaccaro",
  title =        "Multi-secret sharing schemes",
  pages =        "150--163",
  booktitle =    CRYPTO94,
  editor =       "Yvo G. Desmedt",
  note =         "Lecture Notes in Computer Science No. 839",
  publisher =    "Springer",
  year =         "1994",
}

@InProceedings{BlundoDeDiGaVa94a,
  author =       "Carlo Blundo and Alfredo De Santis and Giovanni Di
                 Crescenzo and Antonio Giorgio Gaggia and Ugo Vaccaro",
  title =        "Fully dynamic secret sharing schemes",
  pages =        "110--125",
  booktitle =    CRYPTO93,
  editor =       "Douglas R. Stinson",
  note =         "Lecture Notes in Computer Science No. 773",
  publisher =    "Springer",
  year =         "1994",
}

@InProceedings{BlundoDeHeKuVaYu92,
  author =       "Carlo Blundo and Alfredo DeSantis and Amir Herzberg
                 and Shay Kutten and Ugo Vaccaro and Moti Yung",
  title =        "Perfectly-Secure Key Distribution for Dynamic
                 Conferences",
  pages =        "471--486",
  booktitle =    CRYPTO92,
  editor =       "Ernest F. Brickell",
  note =         "Lecture Notes in Computer Science No. 740",
  publisher =    "Springer-Verlag",
  year =         "1992",
}

@InProceedings{BlundoDeGaVa92,
  author =       "Carlo Blundo and Alfredo De Santis and L. Gargano and
                 Ugo Vaccaro",
  title =        "On the Information Rate of Secret Sharing Schemes",
  pages =        "148--167",
  booktitle =    CRYPTO92,
  editor =       "Ernest F. Brickell",
  note =         "Lecture Notes in Computer Science No. 740",
  publisher =    "Springer-Verlag",
  year =         "1992",
}

@Article{BoppanaHaZa87,
  author =       "R. Boppana and J. Hastad and S. Zachos",
  title =        "Does {co-NP} have Short Interactive Proofs?",
  journal =      "Information Processing Letters",
  volume =       "25",
  month =        May,
  year =         "1987",
  pages =        "127--132",
}

@InProceedings{BosCh92,
  author =       "Jurjen N. E. Bos and David Chaum",
  title =        "Provable Unforgeable Signatures",
  pages =        "1--14",
  booktitle =    CRYPTO92,
  editor =       "Ernest F. Brickell",
  note =         "Lecture Notes in Computer Science No. 740",
  publisher =    "Springer-Verlag",
  year =         "1992",
}

@InProceedings{BosCo90,
  author =       "Jurjen Bos and Matthijs Coster",
  title =        "Addition chain heuristics",
  pages =        "400--407",
  booktitle =    CRYPTO89,
  editor =       "G. Brassard",
  note =         "Lecture Notes in Computer Science No. 435",
  publisher =    "Springer-Verlag",
  year =         "1990",
}

@InProceedings{BosselaersGoVa94,
  author =       "Antoon Bosselaers and Ren\'e Govaerts and Joos
                 Vandewalle",
  title =        "Comparison of three modular reduction functions",
  pages =        "175--186",
  booktitle =    CRYPTO93,
  editor =       "Douglas R. Stinson",
  note =         "Lecture Notes in Computer Science No. 773",
  publisher =    "Springer",
  year =         "1994",
}

@InProceedings{Bouckaert85,
  author =       "A. Bouckaert",
  title =        "Security of Transportable Computerized Files",
  pages =        "416--425",
  booktitle =    EUROCRYPT84,
  editor =       "T. Beth and N. Cot and I. Ingemarsson",
  note =         "Lecture Notes in Computer Science No.\ 209",
  publisher =    "Springer-Verlag",
  year =         "1985",
}

@Article{Boyar89,
  author =       "Joan Boyar",
  title =        "Inferring Sequences Produced by Pseudo-Random Number
                 Generators",
  journal =      "Journal of the ACM",
  volume =       "36",
  number =       "1",
  month =        Jan,
  year =         "1989",
  pages =        "129--141",
  publisher =    ACM,
}

@InProceedings{BoyarChDaPe91,
  author =       "J. Boyar and D. Chaum and I. Damg{\aa}rd and T.
                 Pedersen",
  title =        "Convertible Undeniable Signatures",
  pages =        "189--205",
  booktitle =    CRYPTO90,
  editor =       "A. J. Menezes and S. A. Vanstone",
  note =         "Lecture Notes in Computer Science No. 537",
  publisher =    "Springer-Verlag",
  year =         "1991",
}

@Article{BoyarFrLu91,
  author =       "J. Boyar and K. Friedl and C. Lund",
  title =        "Practical Zero-Knowledge Proofs: Giving Hints and
                 Using Deficiencies",
  journal =      "Journal of Cryptology",
  year =         "1991",
  volume =       "4",
  pages =        "185--206",
}

@InProceedings{BoyarPe90,
  author =       "Joan Boyar and Ren\'e Peralta",
  title =        "On the concrete complexity of zero-knowledge proofs",
  pages =        "507--525",
  booktitle =    CRYPTO89,
  editor =       "G. Brassard",
  note =         "Lecture Notes in Computer Science No. 435",
  publisher =    "Springer-Verlag",
  year =         "1990",
}

@InProceedings{Brand90,
  author =       "Russell L. Brand",
  title =        "Problems with the normal use of cryptography for
                 providing security on unclassified networks",
  pages =        "30--34",
  booktitle =    CRYPTO89,
  editor =       "G. Brassard",
  note =         "Lecture Notes in Computer Science No. 435",
  publisher =    "Springer-Verlag",
  year =         "1990",
}

@InProceedings{Brands94,
  author =       "Stefan Brands",
  title =        "Untraceable off-line cash in wallets with observers",
  pages =        "302--318",
  booktitle =    CRYPTO93,
  editor =       "Douglas R. Stinson",
  note =         "Lecture Notes in Computer Science No. 773",
  publisher =    "Springer",
  year =         "1994",
}

@Misc{Brands95a,
  author =       "Stefan Brands",
  title =        "Secret-Key Certificates",
  year =         "1995",
  institution =  "CWI",
  address =      "Amsterdam",
}

@Misc{Brands95b,
  author =       "Stefan Brands",
  title =        "Restrictive Blinding of Secret-Key Certificates",
  year =         "1995",
  institution =  "CWI",
  address =      "Amsterdam",
}

@InProceedings{BrandtDa92,
  author =       "J{\"o}rgen Brandt and Ivan Damg{\aa}rd",
  title =        "On Generation of Probable Primes By Incremental
                 Search",
  pages =        "358--370",
  booktitle =    CRYPTO92,
  editor =       "Ernest F. Brickell",
  note =         "Lecture Notes in Computer Science No. 740",
  publisher =    "Springer-Verlag",
  year =         "1992",
}

@InProceedings{BrandtDaLaPe88,
  author =       "J. Brandt and Ivan Damg{\aa}rd and P. Landrock and T.
                 Pedersen",
  title =        "Zero-Knowledge Authentication Scheme with Secret Key
                 Exchange",
  pages =        "583--588",
  booktitle =    CRYPTO88,
  editor =       "S. Goldwasser",
  note =         "Lecture Notes in Computer Science No. 403",
  publisher =    "Springer-Verlag",
  year =         "1988",
}

@TechReport{BranstadGaKa77,
  author =       "D. K. Branstad and J. Gait and S. Katzke",
  year =         "1977",
  title =        "Report of the {W}orkshop on {C}ryptography in
                 {S}upport of {C}omputer {S}ecurity",
  institution =  "National {B}ureau of {S}tandards",
  number =       "NBSIR 77-1291",
  month =        sep,
}

@InProceedings{Brassard79,
  author =       "G. Brassard",
  title =        "Relativized Cryptography",
  booktitle =    FOCS79,
  address =      "San Juan, Puerto Rico",
  publisher =    IEEE,
  year =         "1979",
  pages =        "383--391",
}

@InProceedings{Brassard82,
  author =       "Gilles Brassard",
  title =        "An Optimally Secure Relativized Cryptosystem",
  pages =        "54--58",
  booktitle =    CRYPTO81,
  editor =       "Allen Gersho",
  organization = "U.C. Santa Barbara Dept. of Elec. and Computer Eng.",
  note =         "Tech Report 82-04",
  year =         "1982",
}

@InProceedings{Brassard83,
  author =       "Gilles Brassard",
  title =        "On Computationally Secure Authentication Tags
                 Requiring Short Secret Shared Keys",
  pages =        "79--86",
  booktitle =    CRYPTO82,
  editor =       "R. L. Rivest and A. Sherman and D. Chaum",
  publisher =    "Plenum Press",
  address =      "New York",
  year =         "1983",
}

@TechReport{Brassard87,
  newtag =       "Brassard87",
  author =       "G. Brassard",
  title =        "Introduction to Modern Cryptology",
  institution =  "D\'epartment d'informatique et de recherche
                 op\'erationelle",
  number =       "606",
  year =         "1987",
}

@InProceedings{Brassard87a,
  author =       "Gilles Brassard",
  title =        "Cryptology in Academia: {A} Ten Year Retrospective",
  booktitle =    "Proc. IEEE Spring COMPCOM",
  year =         "1987",
  month =        Feb,
  pages =        "222--226",
  publisher =    IEEE,
}

@Book{Brassard88,
  author =       "Gilles Brassard",
  title =        "Modern Cryptology",
  year =         "1988",
  publisher =    "Springer-Verlag",
  note =         "Lecture Notes in Computer Science Number 325",
}

@Book{BrassardBr88,
  author =       "Gilles Brassard and Paul Bratley",
  title =        "Algorithmics, Theory and Practice",
  year =         "1988",
  publisher =    "Prentice Hall",
}

@Article{BrassardChCr88,
  author =       "G. Brassard and D. Chaum and C. Cr\'{e}peau",
  title =        "Minimum Disclosure Proofs of Knowledge",
  journal =      JCSS,
  volume =       "37",
  number =       "2",
  year =         "1988",
  pages =        "156--189",
}

@InProceedings{BrassardCr86,
  author =       "G. Brassard and C. Cr\'{e}peau",
  title =        "Nontransitive Transfer of Confidence: {A} Perfect
                 Zero-Knowledge Interactive Protocol for {SAT} and
                 Beyond",
  pages =        "188--195",
  booktitle =    FOCS86,
  publisher =    IEEE,
  address =      "Toronto",
  year =         "1986",
}

@InProceedings{BrassardCr87,
  author =       "Gilles Brassard and Claude Cr\'{e}peau",
  title =        "Zero-knowledge simulation of Boolean circuits",
  pages =        "223--233",
  booktitle =    CRYPTO86,
  editor =       "A. M. Odlyzko",
  note =         "Lecture Notes in Computer Science No. 263",
  publisher =    "Springer-Verlag",
  year =         "1987",
}

@InProceedings{BrassardCr91,
  author =       "G. Brassard and C. Cr\'{e}peau",
  title =        "Quantum Bit Commitment and Coin Tossing Protocols",
  pages =        "49--61",
  booktitle =    CRYPTO90,
  editor =       "A. J. Menezes and S. A. Vanstone",
  note =         "Lecture Notes in Computer Science No. 537",
  publisher =    "Springer-Verlag",
  year =         "1991",
}

@InProceedings{BrassardCrRo87,
  author =       "G. Brassard and C. Cr\'{e}peau and Jean-Marc Robert",
  title =        "All-or-nothing disclosure of secrets",
  pages =        "234--238",
  booktitle =    CRYPTO86,
  editor =       "A. M. Odlyzko",
  note =         "Lecture Notes in Computer Science No. 263",
  publisher =    "Springer-Verlag",
  year =         "1987",
}

@Article{BrassardCrYu91,
  author =       "G. Brassard and C. Cr\'{e}peau and M. Yung",
  title =        "Perfect Zero-Knowledge Computationally Convincing
                 Proofs for {NP} in Constant Rounds",
  journal =      "Theoretical Computer Science",
  volume =       "84",
  number =       "1",
  year =         "1991",
  pages =        "23--52",
}

@InProceedings{BrassardDa88,
  author =       "G. Brassard and I. B. Damg{\aa}rd",
  title =        "``Practical {IP}'' $subseteq$ {MA}",
  pages =        "580--582",
  booktitle =    CRYPTO88,
  editor =       "S. Goldwasser",
  note =         "Lecture Notes in Computer Science No. 403",
  publisher =    "Springer-Verlag",
  year =         "1988",
}

@InProceedings{BrassardYu91,
  author =       "G. Brassard and M. Yung",
  title =        "One-Way Group Actions",
  pages =        "94--108",
  booktitle =    CRYPTO90,
  editor =       "A. J. Menezes and S. A. Vanstone",
  note =         "Lecture Notes in Computer Science No. 537",
  publisher =    "Springer-Verlag",
  year =         "1991",
}

@Article{Brent80,
  author =       "Richard P. Brent",
  title =        "An Improved {M}onte {C}arlo Factorization Algorithm",
  journal =      "BIT",
  volume =       "20",
  number =       "2",
  year =         "1980",
  pages =        "176--184",
}

@InCollection{Brent76,
  author =       "R. P. Brent",
  year =         "1976",
  title =        "Analysis of the binary {Euclidean} algorithm",
  booktitle =    "Algorithms and Complexity",
  editor =       "J. F. Traub",
  pages =        "321--355",
  publisher =    "Academic Press",
}

@Book{Bressoud89,
  author =       "D. M. Bressoud",
  year =         "1989",
  title =        "Factorization and Primality Testing",
  publisher =    "Springer-Verlag",
  series =       "Undergraduate Texts in Mathematics",
  address =      "New York",
}

@InProceedings{Brickell83,
  author =       "Ernest F. Brickell",
  title =        "A Fast Modular Multiplication Algorithm With
                 Application To Two Key Cryptography",
  pages =        "51--60",
  booktitle =    CRYPTO82,
  editor =       "R. L. Rivest and A. Sherman and D. Chaum",
  publisher =    "Plenum Press",
  address =      "New York",
  year =         "1983",
}

@InProceedings{Brickell84a,
  author =       "E. F. Brickell",
  title =        "Solving Low Density Knapsacks",
  pages =        "25--37",
  booktitle =    CRYPTO83,
  editor =       "D. Chaum",
  publisher =    "Plenum Press",
  address =      "New York",
  year =         "1984",
}

@InProceedings{Brickell85,
  author =       "E. F. Brickell",
  title =        "Breaking Iterated Knapsacks",
  booktitle =    CRYPTO84,
  publisher =    "Springer",
  editor =       "G. R. Blakley and D. C. Chaum",
  year =         "1985",
  note =         "Lecture Notes in Computer Science No. 196",
  pages =        "342--358",
}

@InProceedings{Brickell85a,
  author =       "Ernest F. Brickell",
  title =        "Dependence of Output on Input in {DES}: Small
                 Avalanche Characteristics",
  pages =        "342--358",
  booktitle =    CRYPTO84,
  editor =       "G. R. Blakley and D. C. Chaum",
  note =         "Lecture Notes in Computer Science No. 196",
  publisher =    "Springer",
  year =         "1985",
}

@Article{Brickell88,
  author =       "E.~F. Brickell",
  title =        "Some ideal secret sharing schemes",
  journal =      "Journal of Computer and Systems Science",
  volume =       "37",
  year =         "1988",
  pages =        "156--189",
}

@InProceedings{Brickell90,
  author =       "Ernest F. Brickell",
  title =        "A survey of hardware implementation of {RSA}",
  pages =        "368--370",
  booktitle =    CRYPTO89,
  editor =       "G. Brassard",
  note =         "Lecture Notes in Computer Science No. 435",
  publisher =    "Springer-Verlag",
  year =         "1990",
}

@InProceedings{BrickellChDaVa88,
  author =       "Ernest F. Brickell and David Chaum and Ivan B.
                 Damg{\aa}rd and J. van de Graaf",
  title =        "Gradual and verifiable release of a secret",
  pages =        "156--166",
  booktitle =    CRYPTO87,
  editor =       "Carl Pomerance",
  note =         "Lecture Notes in Computer Science No. 293",
  publisher =    "Springer-Verlag",
  year =         "1988",
}

@InProceedings{BrickellDa90,
  author =       "Ernest F. Brickell and Daniel M. Davenport",
  title =        "On the classification of idea secret sharing schemes",
  pages =        "278--285",
  booktitle =    CRYPTO89,
  editor =       "G. Brassard",
  note =         "Lecture Notes in Computer Science No. 435",
  publisher =    "Springer-Verlag",
  year =         "1990",
}

@InProceedings{BrickellDaSi83,
  author =       "Ernest F. Brickell and J. A. Davis and G. J. Simmons",
  title =        "A Preliminary Report on the Cryptanalysis of
                 {M}erkle-{H}ellman Knapsack Cryptosystems",
  pages =        "289--301",
  booktitle =    CRYPTO82,
  editor =       "R. L. Rivest and A. Sherman and D. Chaum",
  publisher =    "Plenum Press",
  address =      "New York",
  year =         "1983",
}

@InProceedings{BrickellDe86,
  author =       "Ernest F. Brickell and John M. DeLaurentis",
  title =        "An Attack on a Signature Scheme Proposed by {Okamoto}
                 and {Shiraishi}",
  pages =        "28--32",
  booktitle =    CRYPTO85,
  editor =       "H. C. Williams",
  note =         "Lecture Notes in Computer Science No. 218",
  publisher =    "Springer",
  year =         "1986",
}

@Manual{BrickellDeKeMaTu93,
  author =       "E. F. Brickell and D. E. Denning and S. T. Kent and D.
                 P. Maher and W. Tuchman",
  year =         "1993",
  title =        "Skipjack Review, Interim Report: {The Skipjack
                 Algorithm}",
  month =        jul # " 28,",
}

@InProceedings{BrickellGoMcWi92,
  author =       "E. F. Brickell and D. M. Gordon and K. S. McCurley and
                 D. B. Wilson",
  year =         "1992",
  title =        "Fast exponentiation with precomputation",
  booktitle =    "Advances in Cryptology --- Eurocrypt '92",
  editor =       "R. A. Rueppel",
  publisher =    "Springer-Verlag",
  address =      "New York",
  pages =        "200--207",
}

@InProceedings{BrickellLaOd84,
  author =       "E. F. Brickell and J. C. Largarias and A. M. Odlyzko",
  title =        "Evaluation of the Adleman Attack on Multiply Iterated
                 Knapsack Cryptosystems",
  pages =        "39--42",
  booktitle =    CRYPTO83,
  editor =       "D. Chaum",
  publisher =    "Plenum Press",
  address =      "New York",
  year =         "1984",
}

@InProceedings{BrickellLeYa88,
  author =       "E. F. Brickell and P. J. Lee and Y. Yacobi",
  title =        "Secure audio teleconference",
  pages =        "418--426",
  booktitle =    CRYPTO87,
  editor =       "Carl Pomerance",
  note =         "Lecture Notes in Computer Science No. 293",
  publisher =    "Springer-Verlag",
  year =         "1988",
}

@Article{BrickellMc91,
  author =       "Ernest F. Brickell and Kevin S. McCurley",
  title =        "Interactive Identification and Digital Signatures",
  journal =      "AT\&T Journal",
  month =        nov # "/" # dec,
  year =         "1991",
}

@Article{BrickellMc92,
  author =       "E. F. Brickell and K. S. McCurley",
  year =         "1992",
  month =        "",
  title =        "An Interactive Identification Scheme Based on Discrete
                 Logarithms and Factoring",
  journal =      "Journal of Cryptology",
  year =         "1992",
  volume =       "5",
  number =       "1",
  pages =        "29--39",
}

@InProceedings{BrickellMo83,
  author =       "Ernest F. Brickell and J. H. Moore",
  title =        "Some Remarks on the {Herlestam-Johannesson} Algorithm
                 for Computing Logarithms over ${GF}(2^p)$",
  pages =        "15--19",
  booktitle =    CRYPTO82,
  editor =       "R. L. Rivest and A. Sherman and D. Chaum",
  publisher =    "Plenum Press",
  address =      "New York",
  year =         "1983",
}

@InProceedings{BrickellMoPu87,
  author =       "E. F. Brickell and J. H. Moore and M. R. Purtill",
  title =        "Structure in the ${S}$-boxes of the {DES}",
  pages =        "3--8",
  booktitle =    CRYPTO86,
  editor =       "A. M. Odlyzko",
  note =         "Lecture Notes in Computer Science No. 263",
  publisher =    "Springer-Verlag",
  year =         "1987",
}

@Article{BrickellOd88,
  author =       "E. F. Brickell and A. M. Odlyzko",
  year =         "1988",
  title =        "Cryptanalysis: {A} survey of recent results",
  journal =      "Proc.\ IEEE",
  volume =       "76",
  pages =        "578--593",
}

@InCollection{BrickellOd92,
  author =       "E.~F. Brickell and A.~M. Odlyzko",
  year =         "1992",
  title =        "Cryptanalysis, a survey of recent results",
  booktitle =    "Contemporary Cryptology, The Science of Information
                 Integrity",
  editor =       "G. J. Simmons",
  publisher =    "IEEE Press",
  pages =        "501--540",
}

@InProceedings{BrickellSt88,
  author =       "E. F. Brickell and D. R. Stinson",
  title =        "The Detection of Cheaters in Threshold Schemes",
  pages =        "564--577",
  booktitle =    CRYPTO88,
  editor =       "S. Goldwasser",
  note =         "Lecture Notes in Computer Science No. 403",
  publisher =    "Springer-Verlag",
  year =         "1988",
}

@InProceedings{BrickellSt91,
  newtag =       "BrickellSt91",
  author =       "Ernest F. Brickell and D. R. Stinson",
  title =        "Some Improved Bounds on the Information Rate of
                 Perfect Secret Sharing Schemes",
  pages =        "242--252",
  booktitle =    CRYPTO90,
  editor =       "A. J. Menezes and S. A. Vanstone",
  note =         "Lecture Notes in Computer Science No. 537",
  publisher =    "Springer-Verlag",
  year =         "1991",
}

@Article{BrickellSt92,
  author =       "E.~F. Brickell and D.~R. Stinson",
  title =        "Some improved bounds on the information rate of
                 perfect secret sharing schemes",
  journal =      "Journal of Cryptology",
  year =         "1992",
  volume =       "5",
  pages =        "153--166",
}

@Book{BrillhartLeSeTuWa88,
  author =       "J. Brillhart and D. Lehmer and J. Selfridge and B.
                 Tuckerman and S. {Wagstaff Jr}",
  year =         "1988",
  title =        "Factorizations of $b^n \pm 1$, $b=2,3,5,6,7,10,11,12$
                 up to High Powers",
  publisher =    "American Mathematical Society",
  address =      "Providence, Rhode Island",
  volume =       "22",
  series =       "Contemporary Mathematics",
  edition =      "2nd",
}

@InCollection{Brittanica89,
  author =       "Brittanica",
  title =        "Geometry",
  booktitle =    "The New Encyclop{\ae}dia Brittanica",
  publisher =    "Encyclop{\ae}dia Brittanica",
  year =         "1989",
  pages =        "927--1000",
  note =         "(Volume 19)",
}

@InProceedings{BrosciusSm92,
  author =       "A. G. Broscius and J. M. Smith",
  title =        "Exploiting parallelism in hardware implementations of
                 the {DES}",
  pages =        "367--376",
  booktitle =    CRYPTO91,
  editor =       "J. Feigenbaum",
  note =         "Lecture Notes in Computer Science No. 576",
  publisher =    "Springer",
  year =         "1992",
}

@Article{Brown94,
  author =       "Patrick W. Brown",
  title =        "Digital Signature: Are They Legal for Electronic
                 Commerce",
  journal =      "IEEE Communications Magazine",
  month =        Sep,
  year =         "1994",
  volume =       "32",
  number =       "9",
  pages =        "76--80",
}

@InProceedings{BrownPiSe90,
  author =       "L. Brown and J. Pieprzyl and J. Seberry",
  title =        "{LOKI}: {A} Cryptographic Primitive for Authentication
                 and Secrecy Applications",
  year =         "1990",
  booktitle =    "Advances in Cryptology --- Auscrypt '90",
  editor =       "J. Seberry and J. Pieprzyk",
  publisher =    "Springer Verlag",
  address =      "Berlin",
  pages =        "229--236",
}

@InProceedings{BrownSe90,
  author =       "L. Brown and J. Seberry",
  title =        "Key Scheduling in {DES} type Cryptosystems",
  booktitle =    AUSCRYPT90,
  year =         "1990",
  editor =       "J. Seberry and J. Pieprzyk",
  series =       "Lecture Notes in Computer Science",
  volume =       "453",
  publisher =    "Springer-Verlag",
  pages =        "221--228",
}

@InProceedings{BrugiaImWo85,
  author =       "Odoardo Brugia and Salvatore Improta and William
                 Wolfowicz",
  title =        "An Encryption and Authentication Procedure for
                 Tele-surveillance Systems",
  pages =        "437--445",
  booktitle =    EUROCRYPT84,
  editor =       "T. Beth and N. Cot and I. Ingemarsson",
  note =         "Lecture Notes in Computer Science No.\ 209",
  publisher =    "Springer-Verlag",
  year =         "1985",
}

@InProceedings{Brynielsson86,
  author =       "L. Brynielsson",
  year =         "1986",
  title =        "On the Linear Complexity of Combined Shift Register
                 Sequences",
  booktitle =    "Advances in Cryptology --- Eurocrypt '85",
  editor =       "F. Pichler",
  publisher =    "Springer-Verlag",
  address =      "Berlin",
  pages =        "156--166",
}

@InProceedings{BuchmannDu91,
  author =       "J. Buchmann and S. D{\"{u}}llmann",
  title =        "On the Computation of Discrete Logarithms in Class
                 Groups",
  pages =        "134--149",
  booktitle =    CRYPTO90,
  editor =       "A. J. Menezes and S. A. Vanstone",
  note =         "Lecture Notes in Computer Science No. 537",
  publisher =    "Springer-Verlag",
  year =         "1991",
}

@InProceedings{BuchmannLoZa94,
  author =       "J. Buchmann and J. Loho and J. Zayer",
  title =        "An implementation of the general number field sieve",
  pages =        "159--165",
  booktitle =    CRYPTO93,
  editor =       "Douglas R. Stinson",
  note =         "Lecture Notes in Computer Science No. 773",
  publisher =    "Springer",
  year =         "1994",
}

@InProceedings{BuchmannWi90,
  author =       "Johannes A. Buchmann and Hugh C. Williams",
  title =        "A key exchange system based on real quadratic fields",
  pages =        "335--343",
  booktitle =    CRYPTO89,
  editor =       "G. Brassard",
  note =         "Lecture Notes in Computer Science No. 435",
  publisher =    "Springer-Verlag",
  year =         "1990",
}

@Article{Buell87,
  author =       "Duncan A. Buell",
  title =        "Factoring: Algorithms, Computations, and Computers",
  journal =      "Journal of Supercomputing",
  year =         "1987",
  volume =       "1",
  pages =        "191--216",
  comment =      "Good discussion of elliptic curve methods, p-1, and
                 others.",
}

@Book{BuhlerLePo94,
  author =       "J. P. Buhler and H. W. Lenstra and Carl Pomerance",
  title =        "The development of the number field sieve",
  year =         "1994",
  publisher =    "Springer-Verlag",
  series =       "Lecture Notes in Mathematics",
  volume =       "1554",
}

@Misc{Bura75,
  author =       "Michael Craig Bura",
  title =        "Increasing the Pick Resisteance of the Pin-Tumbler
                 Cylinder Lock",
  note =         "Bachelor of Science Thesis",
  month =        Jun,
  year =         "1975",
  institution =  "MIT",
}

@Article{Burmester89,
  author =       "Mike Burmester",
  title =        "Remarks on Soundness of proofs",
  journal =      "Electronics Letters",
  volume =       "25",
  number =       "22",
  year =         "1989",
  month =        Oct,
  pages =        "1509--1510",
}

@Article{Burmester92,
  author =       "Mike Burmester",
  title =        "An almost-constant round interactive zero-knowledge
                 proof",
  journal =      "Information Processing Letters",
  volume =       "42",
  month =        May,
  year =         "1992",
  pages =        "81--87",
}

@InProceedings{Burmester94,
  author =       "Mike Burmester",
  title =        "On the risk of opening distributed keys",
  pages =        "308--317",
  booktitle =    CRYPTO94,
  editor =       "Yvo G. Desmedt",
  note =         "Lecture Notes in Computer Science No. 839",
  publisher =    "Springer",
  year =         "1994",
}

@Article{BurmesterDeBe92,
  author =       "M. V. D. Burmester and Y. G. Desmedt and T. Beth",
  year =         "1992",
  title =        "Efficient zero-knowledge identification schemes for
                 smart cards",
  journal =      "Computer Journal",
  volume =       "35",
  pages =        "21--29",
}

@Unpublished{BurmesterRiSh96,
  author =       "Mike Burmester and Ronald L. Rivest and Adi Shamir",
  title =        "Geometric Cryptography",
}

@Article{BurrowsAbNe90,
  author =       "Michael Burrows and Mart\'{\i}n Abadi and Roger
                 Needham",
  title =        "A Logic of Authentication",
  journal =      "ACM Transactions on Computer Systems",
  volume =       "8",
  number =       "1",
  year =         "1990",
  month =        Feb,
  pages =        "18--36",
}

@InProceedings{Cade87,
  author =       "John J. Cade",
  title =        "A modification of a broken public-key cipher",
  pages =        "64--83",
  booktitle =    CRYPTO86,
  editor =       "A. M. Odlyzko",
  note =         "Lecture Notes in Computer Science No. 263",
  publisher =    "Springer-Verlag",
  year =         "1987",
}

@InProceedings{Camenisch97,
  author =       "Jan Camenisch",
  title =        "Efficient and Generalized Group Signatures",
  pages =        "465--479",
  booktitle =    "Advances in Cryptology -- Eurocrypt '97",
  editor =       "Walter Fumy",
  year =         "1997",
  note =         "Lecture Notes in Computer Science 1233",
  publisher =    "Springer",
  address =      "Berlin",
}

@InProceedings{CamenischSt97,
  author =       "Jan Camenisch and Markus Stadler",
  title =        "Efficient Group Signature Schemes for Large Groups",
  pages =        "410--424",
  booktitle =    "Advances in Cryptology -- Crypto '97",
  editor =       "Burton S. Kaliski Jr.",
  year =         "1997",
  note =         "Lecture Notes in Computer Science 1294",
  publisher =    "Springer",
  address =      "Berlin",
}

@InProceedings{CamionCaChSe92,
  author =       "P. Camion and C. Carlet and P. Charpin and N.
                 Sendrier",
  title =        "On Correlation-Immune Functions",
  pages =        "86--100",
  booktitle =    CRYPTO91,
  editor =       "J. Feigenbaum",
  note =         "Lecture Notes in Computer Science No. 576",
  publisher =    "Springer",
  year =         "1992",
}

@InProceedings{CampbellWi92,
  author =       "Keith W. Campbell and Michael J. Wiener",
  title =        "{DES} is not a Group",
  pages =        "512--520",
  booktitle =    CRYPTO92,
  editor =       "Ernest F. Brickell",
  note =         "Lecture Notes in Computer Science No. 740",
  publisher =    "Springer-Verlag",
  year =         "1992",
}

@InProceedings{Canetti97,
  author =       "Ran Canetti",
  title =        "Towards Realizing Random Oracles: Hash Functions That
                 Hide All Partial Information{"}",
  pages =        "455--469",
  booktitle =    "Proceedings CRYPTO '97",
  editor =       "Burt Kaliski",
  note =         "Lectures Notes in Computer Science No. 1294",
  publisher =    "Springer-Verlag",
  year =         "1997",
}

@Article{CanettiGo93,
  author =       "R. Canetti and O. Goldreich",
  title =        "Bounds on Tradeoffs between Randmoness and
                 Communication Complexity",
  journal =      "Computational Complexity",
  volume =       "3",
  year =         "1993",
  pages =        "141--167",
}

@InProceedings{CanettiHe94,
  author =       "Ran Canetti and Amir Herzberg",
  title =        "Maintaining security in the presence of transient
                 faults",
  pages =        "425--438",
  booktitle =    CRYPTO94,
  editor =       "Yvo G. Desmedt",
  note =         "Lecture Notes in Computer Science No. 839",
  publisher =    "Springer",
  year =         "1994",
}

@InProceedings{CanettiMiRe98,
  author =       "Ran Canetti and Daniele Micciancio and Omer Reingold",
  title =        "Perfectly one-way probabilistic hash functions
                 (preliminary version)",
  pages =        "131--140",
  booktitle =    "Proceedings STOC 1998",
  year =         "1998",
}

@InProceedings{CanettiRa93,
  author =       "Ran Canetti and Tal Rabin",
  title =        "Fast Asynchronous Byzantine Agreement with Optimal
                 Resilience",
  pages =        "42--51",
  booktitle =    STOC93,
  year =         "1993",
}

@Article{CanfieldErPo83,
  author =       "E. R. Canfield and P. Erd{\"{o}}s and C. Pomerance",
  year =         "1983",
  title =        "On a problem of {Oppenheim} concerning {`Factorisatio
                 Numerorum'}",
  journal =      "J. Number Theory",
  volume =       "17",
  pages =        "1--28",
}

@InProceedings{CapocelliDeGaVa92,
  author =       "R. M. Capocelli and A. De Santis and L. Gargano and U.
                 Vaccaro",
  title =        "On the size of shares for secret sharing schemes",
  pages =        "101--113",
  booktitle =    CRYPTO91,
  editor =       "J. Feigenbaum",
  note =         "Lecture Notes in Computer Science No. 576",
  publisher =    "Springer",
  year =         "1992",
}

@Article{CapocelliDeGaVa93,
  author =       "R.~M. Capocelli and A.~{De Santis} and L.~Gargano and
                 U.~Vaccaro",
  title =        "On the size of shares for secret sharing schemes",
  journal =      "Journal of Cryptology",
  year =         "1993",
  volume =       "6",
  pages =        "157--167",
}

@InProceedings{Carlet92,
  author =       "Claude Carlet",
  title =        "Partially-Bent Functions",
  pages =        "280--291",
  booktitle =    CRYPTO92,
  editor =       "Ernest F. Brickell",
  note =         "Lecture Notes in Computer Science No. 740",
  publisher =    "Springer-Verlag",
  year =         "1992",
}

@InProceedings{Carroll90,
  author =       "J. M. Carroll",
  title =        "The Three Faces of Information Security",
  booktitle =    AUSCRYPT90,
  year =         "1990",
  editor =       "J. Seberry and J. Pieprzyk",
  series =       "Lecture Notes in Computer Science",
  volume =       "453",
  publisher =    "Springer-Verlag",
  pages =        "433--450",
}

@PhdThesis{Carter89,
  author =       "G. D. Carter",
  title =        "Aspects of local linear complexity",
  school =       "University of London",
  year =         "1989",
}

@Article{CarterWe79,
  author =       "J. Lawrence Carter and Mark N. Wegman",
  title =        "Universal Classes of Hash Functions",
  journal =      "JCSS",
  volume =       "18",
  year =         "1979",
  pages =        "143--154",
}

@Manual{CaseFeScDa90,
  author =       "J. Case and M. Fedor and M. Schoffstall and J. Davin",
  year =         "1990",
  month =        may,
  title =        "{RFC} 1157: The Simple Network Management Protocol",
  organization = "Internet Activities Board",
}

@Manual{CCITT-X.40088,
  newtag =       "CCITT-X.40088",
  author =       "{CCITT}",
  year =         "1988",
  title =        "Recommendation ${X}.400$: Message Handling System and
                 Service Overview",
}

@Manual{CCITT-X.41188,
  newtag =       "CCITT-X.41188",
  author =       "{CCITT (Consultative Committee on International
                 Telegraphy and Telephony)}",
  year =         "1988",
  title =        "Recommendation ${X}.411$: Message Handling Systems:
                 Message Transfer System: Abstract Service Definition
                 and Procedures",
}

@Manual{CCITT-X.43591,
  newtag =       "CCITT-X.43591",
  author =       "{CCITT (Consultative Committee on International
                 Telegraphy and Telephony)}",
  year =         "1991",
  title =        "Recommendation ${X}.435$: Message Handling Systems:
                 {EDI} Messaging System",
}

@Manual{CCITTConsult88a,
  oldtag =       "CCITT-X.500",
  author =       "{CCITT (Consultative Committee on International
                 Telegraphy and Telephony)}",
  year =         "1988",
  title =        "Recommendation ${X}.500$: The Directory --- Overview
                 of Concepts, Models and Services",
}

@Manual{CCITTConsult88b,
  oldtag =       "CCITT-X.509",
  author =       "{CCITT (Consultative Committee on International
                 Telegraphy and Telephony)}",
  year =         "1988",
  title =        "Recommendation ${X}.509$: The
                 Directory---Authentication Framework",
}

@Manual{CCITTConsult91a,
  oldtag =       "CCITT-X.800",
  author =       "{CCITT (Consultative Committee on International
                 Telegraphy and Telephony)}",
  year =         "1991",
  title =        "Recommendation ${X}.800$: Security Architecture for
                 Open Systems Interconnection for {CCITT} Applications",
}

@Book{Chaitin87,
  author =       "G. J. Chaitin",
  title =        "Information, Randomness and Incompleteness",
  publisher =    "World Scientific Publishing",
  address =      "Singapore",
  year =         "1987",
}

@Article{Chaitin66,
  author =       "G. J. Chaitin",
  year =         "1966",
  title =        "On the length of programs for computing finite binary
                 sequences",
  journal =      "J. {ACM}",
  month =        oct,
  volume =       "13",
  number =       "4",
  pages =        "547--569",
}

@InProceedings{ChanGa87,
  author =       "Agnes Hui Chan and Richard A. Games",
  title =        "On the linear span of binary sequences obtained from
                 finite geometries",
  pages =        "405--417",
  booktitle =    CRYPTO86,
  editor =       "A. M. Odlyzko",
  note =         "Lecture Notes in Computer Science No. 263",
  publisher =    "Springer-Verlag",
  year =         "1987",
}

@Article{ChanGaKe82,
  author =       "A. H. Chan and R. A. Games and E. L. Key",
  year =         "1982",
  title =        "On the Complexities of de {B}ruijn Sequences",
  journal =      "J. Comb. Theory",
  series =       "A",
  volume =       "33",
  pages =        "233--246",
}

@InProceedings{ChanGa90,
  author =       "Agnes H. Chan and Richard A. Games",
  title =        "On the quadratic spans of periodic sequences",
  pages =        "82--89",
  booktitle =    CRYPTO89,
  editor =       "G. Brassard",
  note =         "Lecture Notes in Computer Science No. 435",
  publisher =    "Springer-Verlag",
  year =         "1990",
}

@InProceedings{ChanGaRu94,
  author =       "A. H. Chan and R. A. Games and J. Rushanan",
  year =         "1994",
  title =        "On Quadratic ${M}$-sequences",
  booktitle =    "Fast Software Encryption",
  editor =       "R. Anderson",
  publisher =    "Springer-Verlag",
  series =       "Lecture Notes in Computer Science",
  volume =       "809",
  address =      "Berlin",
  pages =        "16