On computationally secure authentication tags requiring short secret shared keys", Crypto (1983)

by G Brassard