### Table 2. Applications for Public-key Cryptosystems Algorithm Encryption/Decryption Digital Signature Key Exchange

2005

"... In PAGE 8: ...able 1. Type of Attacks on Encrypted Messages ........................................................... 11 Table2 .... In PAGE 22: ...14 Figure 9. Example of Asymmetric Encryption, Encrypting M with KPublic Example of a commonly used asymmetric encryption algorithm is the RSA algorithm, used as an example for key distribution, PKI, digital signatures and other security mechanisms as shown in Table2 . [20] Table 2.... ..."

### Table 1: Efficiency comparison for CCA-secure public-key encryption schemes Scheme

2006

### Table 7: Time to decrypt a digital signature using 1024-bit public-key.

2000

"... In PAGE 12: ...able 6: Time to encrypt a 128-bit message digest using a 1024-bit private-key................ 62 Table7 : Time to decrypt a digital signature using 1024-bit public-key.... ..."

### Table 1: Comparison to prior schemes. A star signifies that the question was not explicitly considered. For min ciphertext, k; jmj; a are the lengths of the public-key domain, the message, and the security parameter.

"... In PAGE 2: ... This paper presents several optimized signcryption constructions, all of which share features such as sim- plicity, efficiency, generality, near-optimal exact security, flexi- ble and ad-hoc key management, key reuse for sending/receiving data, optimally-low message expansion, backward use for plain signature/encryption, long message and associated data support, the strongest-known qualitative security (so called IND-CCA and sUF-CMA) and, finally, complete compatibility with the PKCS#1 infrastructure [23]. While some of these attractive features are al- ready present in several previous works to various extents, we be- lieve that our schemes improve on earlier proposals in at least sev- eral dimensions (see Table1 and Section 8). In our model, each user U independently picks a single trap- door permutation fU (together with its trapdoor, denoted f 1 U ) and publishes fU as its public signcryption key (as opposed to separate signature and encryption keys, as in [1]).... In PAGE 2: ... This design (1) results in noticeable practical savings in both quantitative and qualitative security, (2) improves the message bandwidth and randomness utilization, and (3) simplifies protocol design and implementation. Table1 compares our signcryption construction against several earlier proposals, with regards to several properties. Section 8 de- scribes these alternate schemes in more depth, and we include the comparison here for easy reference.... In PAGE 8: ...ary encryption and signature schemes (e.g., [3, 5, 25, 11]), the most relevant previous works are those related to signcryption and universal paddings. The comparison of our constructions to previ- ous work is summarized in Table1 in the Introduction. Comparing with signcryption schemes [1, 19].... ..."

### Table 1: Measured performance of public-key algorithms. ECC-160 RSA-1024 ECC-224 RSA-2048

2004

"... In PAGE 2: ... RSA decryption and ECDH operations represent the most com- putationally intensive portion in a typical SSL handshake. Perfor- mance measurements for these operations ( Table1 ) illustrate the advantage of ECC over RSA and show that advantage growing as security needs increase. In addition to public-key computations, secure webservers incur the cost of message parsing, file system accesses, and symmetric- key encryption and hashing.... ..."

Cited by 2

### Table 1: A comparison of public-key cryptosystems [16].

2004

"... In PAGE 2: ... The relative difficulty of solving that problem determines the security strength of the corre- sponding system. Table1 summarizes three types of well known public-key cryptosystems. As shown in the last column, RSA, Diffie-Hellman and DSA can all be attacked using sub-exponential algorithms, but the best known attack on ECC requires exponential time.... ..."

Cited by 11

### Table 1. A comparison of public-key cryptosystems [30]. Public-key system Examples Mathematical Problem Best known method for

"... In PAGE 2: ... The relative difficulty of solving that problem de- termines the security strength of the corresponding system. Table1 summarizes three types of well known public-key cryptosystems. As shown in the last column, RSA, Diffie- Hellman and DSA can all be attacked using sub-exponential algorithms, but the best known attack on ECC requires ex- ponential time.... ..."

### Table 5: Public Key Initialization Theory

2004

"... In PAGE 27: ... 4.1 Initialization Theory The Initialization Theory I, for a public key system without a trusted server, is shown in Table5 . Here, the predicate GoodGuy indicates an uncompromised princi- pal, parameterized by its encryption and decryption (public and private) keys.... ..."

Cited by 29

### Table II. Simulating Public Key with Shared Key Encryption Using a Relay Public key Shared key with relay

1992

Cited by 368

### Table II. Simulating Public Key with Shared Key Encryption Using a Relay Public key Shared key with relay

1992

Cited by 368