### Table 1: Complexity comparison among group key agreement schemes that achieve both provable security and forward secrecy Communication Computation

"... In PAGE 3: ... As the experiment results of [2] also indicate, it is widely accepted that the number of communication rounds and the number of exchanged messages are two most important factors for efficient key agreement over a high-delay network. Table1 compares the efficiency of our scheme given in Section 5 with other provably-secure 1For example, the computation of a modular exponentiation xy mod z with |x| = |y| = |z| = 1024 takes about 9 ms using the big number library in OpenSSL on a Athlon XP 2100+ PC, whereas a 100-300 ms round-trip delay in wide area networks is common.... ..."

### Table 5 gives an overview of the results derived in this section. The result on the average DP (Ntot) of a characteristic through a long-key cipher is the same as the result obtained in Markov cipher theory. Markov cipher theory also works with the average DP (Ntot) of differentials over a long-key cipher, and the theory of provable security against differential attacks bounds this quantity. The 6 remaining cardinalities are not considered in Markov cipher theory, nor in the theory of provable security (except by invoking the hypothesis of stochastic equivalence). In most practical ciphers, the cardinality of characteristics and differentials depends on the value of the key. In this section, we modeled the choice of a particular value for the key as

2005

"... In PAGE 24: ...Table5 : Overview of results on the cardinalities of characteristics and differentials. long-key cipher key-alternating cipher N[k](Q) Theorem 13 Theorem 13 N[k](a, b) Theorem 14 Theorem 14 Ntot(Q) Markov = Theorem 12 Theorem 15 Ntot(a, b) Markov, provable security Theorem 16 a sampling process in a population formed by the ciphers with keys consisting of independent round keys.... ..."

### Table 2: Approriate minimum round number based on provable security

2000

### Table 1. Comparison of Efficiency and Security Goals of TDH1 and some other Static Provably Secure GKE Protocols

"... In PAGE 12: ...Table1 we compare TDH1 protocol with several well-known provably secure GKE protocols in terms of their performance and security goals. Our comparison is done based on the security arguments Table 1.... ..."

### Table 1. Fitting various cryptographic situations into TMTO framework

2005

"... In PAGE 19: ... The set C contains the output values and a speciflc single target from this set is given to the attacker at the last stage of TMTO. What these sets refer to in the various situations considered in this paper is listed in Table1 . In some cases, V is missing from the cryptographic system, in which case we think of V as containing a single element.... ..."

Cited by 3

### Table 1: Analysis of Provably Secure Group Key Exchange Protocols Protocol Model(s) Assumption(s) Corr. S/D

2006

Cited by 1

### Table 1. Comparison of PAKEs proven to be secure in the standard model

2002

"... In PAGE 2: ... In this paper, we propose a more efficient protocol that is also provably secure in the standard model. Comparative results with the previous schemes [7, 9] are summarized in Table1 . As shown in the table, our protocol is efficient in both the communication costs and the computation costs.... ..."

Cited by 9

### Table 1. lscript is the number of level, n is the number of bit representing an identity, h is the number of block to store the identity with each block size is n/h

"... In PAGE 2: ... Although their scheme can be proven without random oracles, it is either provable secure under a even weaker model called the gauntlet-ID model or require a specially designed strong assumption, the OrcY W assumption. Table1 summerizes a comparison between different HIBE schemes. Contributions.... ..."

### Table 2: Cloud Attributes

"... In PAGE 5: ...Table 2: Cloud Attributes planes integrates the volume in smaller steps, increasing the visual opacity of the cloud. We have developed a system of equations exposing qualitatively independent parameters, summarized in Table2 . These attributes adjust the image along a single visual dimension without side-effects in an- other dimension.... ..."

### Table 1. The directories and files written to each file system as part of the stamping procedure. The total number of 512-byte sectors is based on a calculation of file sizes made by the stamp program, rather than an analysis of the actual space required on the disk by the files.

"... In PAGE 5: ... The final record of the file included a flag indicating that it was the final record. Table1 lists the directories and files that were written to the media as part of this stamping procedure. A specially written program called report analyzed the disk images for traces of the B directory names, file names, and file contents.... ..."

Cited by 1