Searching for authors named "Alfred Menezes" – sorted by Relevance.
38 documents found, showing 1 through 10.
Next 10 →
-
Security arguments for the UM key agreement protocol
- …The Unified Model (UM) key agreement protocol is an efficient Diffie-Hellman scheme that has been included in many cryptographic standards, most recently in the NIST SP 800-56A standard. The UM protocol is believed to possess all important security attributes including key authentication and secrecy…
- Cited by 1 (0 self) – Add To MetaCart
-
An introduction to pairing-based cryptography. Notes from lectures given in
- …Abstract. Bilinear pairings have been used to design ingenious protocols for such tasks as one-round three-party key agreement, identity-based encryption, and aggregate signatures. Suitable bilinear pairings can be constructed from…
- Cited by 3 (0 self) – Add To MetaCart
-
Another Look at HMQV
- …Abstract. The HMQV protocols are ‘hashed variants ’ of the MQV key agreement protocols. They were introduced at CRYPTO 2005 by Krawczyk, who claimed that the HMQV protocols have very significant advantages over their MQV counterparts: (i) security proofs under reasonable assumptions in the (extended…
- Cited by 7 (0 self) – Add To MetaCart
-
Security of Signature Schemes in a Multi-User Setting
- …This paper considers the security of signature schemes in the multi-user setting. We argue that the well-accepted notion of security for signature schemes, namely existential unforgeability against adaptive chosen-message attacks, is not adequate for the multi-user setting. We extend this securi…
- Cited by 7 (0 self) – Add To MetaCart
-
On the Number of Trace-One Elements in Polynomial Bases for ...
- …This paper investigates the number of trace-one elements in a polynomial basis for F2 n . A polynomial basis with a small number of trace-one elements is desirable because it results in an e#cient and lowcost implementation of the trace function. We focus on the case where the reduction polynom…
- Cited by 6 (3 self) – Add To MetaCart
-
Cryptographic Implications of Hess' Generalized GHS Attack
- …A finite field K is said to be weak for elliptic curve cryptography if all instances of the discrete logarithm problem for all elliptic curves over K can be solved in significantly less time than it takes Pollard 's rho method to solve the hardest instances. By considering the GHS Weil descent a…
- Cited by 2 (0 self) – Add To MetaCart
-
A Small Subgroup Attack on a Key Agreement Protocol of Arazi
- …In 1993, Arazi presented a key agreement protocol that integrates the Diffie-Hellman key agreement protocol and the digital signature algorithm (DSA). In this note, we present a small subgroup attack on Arazi's protocol whereby an attacker can learn another entity's DSA private key. The attack illus…
- Cited by 3 (0 self) – Add To MetaCart
-
Irreducible polynomials of maximum weight
- …Abstract. We establish some necessary conditions for the existence of irreducible polynomials of degree n and weight n over F2. Such polynomials can be used to efficiently implement multiplication in F2n. We also provide a simple proof of a result of Bluher concerning the reducibility of a certain f…
- Cited by 3 (0 self) – Add To MetaCart
-
A Small Subgroup Attack on Arazi’s Key Agreement Protocol
- …In 1993, Arazi presented a key agreement protocol that integrates the Diffie-Hellman key agreement protocol and the digital signature algorithm (DSA). In this note, we present a small subgroup attack on Arazi’s protocol whereby an attacker can learn another entity’s DSA private key. The attack illus…
- Cited by 1 (0 self) – Add To MetaCart
-
Pairing-based Cryptography at High Security Levels
- …Abstract. In recent years cryptographic protocols based on the Weil and Tate pairings on elliptic curves have attracted much attention. A notable success in this area was the elegant solution by Boneh and Franklin [7] of the problem of efficient identity-based encryption. At the same time, the secur…
- Cited by 28 (0 self) – Add To MetaCart
Showing 1 through 10.
Next 10 →
