Results 1 
7 of
7
Ciphers with Arbitrary Finite Domains
, 2002
"... Abstract. We explore the problem of enciphering members of a finite set M where k = M  is arbitrary (in particular, it need not be a power of two). We want to achieve this goal starting from a block cipher (which requires a message space of size N =2 n, for some n). We look at a few solutions to t ..."
Abstract

Cited by 33 (7 self)
 Add to MetaCart
Abstract. We explore the problem of enciphering members of a finite set M where k = M  is arbitrary (in particular, it need not be a power of two). We want to achieve this goal starting from a block cipher (which requires a message space of size N =2 n, for some n). We look at a few solutions to this problem, focusing on the case when M =[0,k − 1]. We see ciphers with arbitrary domains as a worthwhile primitive in its own right, and as a potentially useful one for making higherlevel protocols.
On the Construction of VariableInputLength Ciphers
 In Fast Software Encryption
, 1998
"... We invesitgate how to construct ciphers which operate on messages of various (and effectively arbitrary) lengths. In particular, lengths not necessarily a multiple of some block length. (By a "cipher" we mean a keyindexed family of lengthpreserving permutations, with a "good" cipher being one that ..."
Abstract

Cited by 15 (4 self)
 Add to MetaCart
We invesitgate how to construct ciphers which operate on messages of various (and effectively arbitrary) lengths. In particular, lengths not necessarily a multiple of some block length. (By a "cipher" we mean a keyindexed family of lengthpreserving permutations, with a "good" cipher being one that resembles a family of random lengthpreserving permutations.) Oddly enough, this question seems not to have been investiaged. We show how to construct variableinput length ciphers starting from any block cipher (ie, a cipher which operates on strings of some fixed length n). We do this by giving a general method starting from a particular kind of pseudorandom function and a particular kind of encryption scheme, and then we give example ways to realize these tools from a block cipher. All of our constructions are proven sound, in the provablesecurity sense of contemporary cryptography. Variableinputlength ciphers can be used to encrypt in the presence of the constraint that the ciphertex...
A Secure, Accountable, and Collaborative Whiteboard
, 1998
"... . This paper addresses the design issues and the security concept of the digital lecture board which is an enhanced whiteboard tailored to the speci#c needs of collaborativetypes of work, for instance, in computer#based distance education. The development of the digital lecture board emerged fro ..."
Abstract

Cited by 8 (6 self)
 Add to MetaCart
. This paper addresses the design issues and the security concept of the digital lecture board which is an enhanced whiteboard tailored to the speci#c needs of collaborativetypes of work, for instance, in computer#based distance education. The development of the digital lecture board emerged from our experiences with synchronous, computer# based distance education in the TeleTeaching projects of the University of Mannheim. For almost twoyears, wehave been using video conferencing tools for transmitting lectures and seminars. These tools proveto be far from optimal for this purpose since they do not takeinto account the speci#c requirements of teaching. Security issues suchasauthentication, secure key exchange, and fast symmetric encryption are almost completely neglected, even though security is extremely important to allow for con#dential, private sessions, and billing. 1 Introduction Computer#based video conferencing is one of today's most exciting multimedia applicatio...
Towards making LubyRacko ciphers optimal and practical
 In Fast Software Encryption
, 1999
"... Abstract. We provide new constructions for LubyRacko � block ciphers which are e�cient in terms of computations and key material used. Next, we show that we can make some security guarantees for LubyRacko� block ciphers under much weaker and more practical assumptions about the underlying function ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
Abstract. We provide new constructions for LubyRacko � block ciphers which are e�cient in terms of computations and key material used. Next, we show that we can make some security guarantees for LubyRacko� block ciphers under much weaker and more practical assumptions about the underlying function; namely, that the underlying function is a secure Message Authentication Code. Finally, we provide a SHA1 based example block cipher called Shazam. 1
ManTiCore: Encryption with Joint CipherState Authentication
, 2003
"... We describe a new method for authenticated encryption, which uses information from the internal state of the cipher to provide the authentication. This methodology has a number of benefits. The encryption has properties similar to CBC mode, yet the encipherment and authentication mechanisms can ..."
Abstract
 Add to MetaCart
We describe a new method for authenticated encryption, which uses information from the internal state of the cipher to provide the authentication. This methodology has a number of benefits. The encryption has properties similar to CBC mode, yet the encipherment and authentication mechanisms can be parallelized and/or pipelined. The authentication overhead is minimal, so the computational cost of the authenticated encryption is very nearly that of the encryption process.
Ciphers with Arbitrary Finite Domains
, 2000
"... We introduce the problem of enciphering members of a nite set M where k = jMj is arbitrary (in particular, it need not be a power of two). We want to achieve this goal starting from a block cipher (which requires a message space of size N = 2 n , for some n). We look at a few solutions to this ..."
Abstract
 Add to MetaCart
We introduce the problem of enciphering members of a nite set M where k = jMj is arbitrary (in particular, it need not be a power of two). We want to achieve this goal starting from a block cipher (which requires a message space of size N = 2 n , for some n). We look at a few solutions to this problem, focusing on the case when M = f0; 1; : : : ; k 1g. We see ciphers with arbitrary domains as a useful primitive for making bitecient higherlevel protocols. They seem to be particularly useful for passwordbased authentication protocols.
Security of Feistel Schemes with New and Various Tools
"... Abstract: We combine the H Coe cients technique and the Coupling technique to improve security bounds of balanced Feistel schemes. For q queries and round functions of n−bits to n−bits, we nd that the CCA Security of 4 + 2r rounds Feistel schemes is upperbounded by ..."
Abstract
 Add to MetaCart
Abstract: We combine the H Coe cients technique and the Coupling technique to improve security bounds of balanced Feistel schemes. For q queries and round functions of n−bits to n−bits, we nd that the CCA Security of 4 + 2r rounds Feistel schemes is upperbounded by