bart.preneel(AT)esat.kuleuven.be

Naor and Yung ([NY89]) show that a onebit -compressing universal one-way hash function (UOWHF) can be constructed based on a one-way permutation. This construction can be iterated to build a UOWHF which compresses by "n bits, at the cost of "n invocations of the one-way permutation. We show that this construction is not far from optimal, in the following sense: there exists an oracle relative to which there exists a one-way permutation with inversion probability 2 \Gammap(n) (for any p(n) 2 !(log n)), but any construction of an "n-bit-compressing UOWHF requires \Omega\Gamma p n=p(n)) invocations of the one-way permutation, on average. (For example, there exists in this relativized world a one-way permutation with inversion probability n \Gamma!(1) , but no UOWHF that invokes it fewer than \Omega\Gamma p n= log n) times.) Thus any proof that a more efficient UOWHF can be derived from a one-way permutation is necessarily non-relativizing; in particular, no provable construction...

models of information sharing, and runtime support based on those models, are by themselves incomplete for the task of constructing robust, practical collaborative applications. To be usable, we must provide a means for developers to access these facilities easily. This chapter has presented developer perspectives on the concepts introduced by Intermezzo. We have investigated a number of components of the developer support, or "toolkit," in this research, including notification, programming interfaces for accessing shared data, interfaces for accessing collaboration-specific functionality, and the use of scripting through embedded computation. Notification is one of the most important problems to be addressed in any developer support: how do applications (and, by extension, their users) become aware of changes in their environments? This problems is especially vexing in the case of coordination, where information that may be considered interesting is plentiful, change is rapid, and the...

Abstract We introduce the notion of associative one-way functions and prove that they exist if and only if P 6 = NP. As evidence of their utility, we present two novel protocols that apply strong forms of these functions to achieve secret key agreement and digital signatures.

We discuss the security of Message Authentication Code (MAC) schemes from the viewpoint of differential attack, and propose an attack that is effective against DES-MAC and FEAL-MAC. The attack derives the secret authentication key in the chosen plaintext scenario. For example, DES(8-round)-MAC can be broken with 2 34 pairs of plain text, while FEAL8-MAC can be broken with 2 22 pairs. The proposed attack is applicable to any MAC scheme, even if the 32-bits are randomly selected from among the 64-bits of ciphertext generated by a cryptosystem vulnerable to differential attack in the chosen plaintext scenario.

1.4 Simple XOR

This article presents the definition of an XML schema of digital ballots for official elections using XML signature, thus defining the syntax of the digital ballot and providing the services of identification, integrity and non-repudiation of the ballot. The proposed schema was validated in regard to the XML Schema standard and an application was developed in order to allow the configuration of digital ballots for official elections.