• Table of Contents Modern Cryptography: Theory and Practice By Wenbo Mao Hewlett-Packard Company Publisher : Prentice Hall PTR Pub Date : July 25, 2003 ISBN : 0-13-066943-1 Pages : 648 Many cryptographic schemes and protocols, especially those based on public-keycryptography, have basic or so-called "textbook crypto" versions, as these versionsare usually the subjects for many textbooks on cryptography. This book takes adifferent approach to introducing cryptography: it pays much more attention tofit-for-application aspects of cryptography. It explains why "textbook crypto" isonly good in an ideal world where data are random and bad guys behave nicely.It reveals the general unfitness of "textbook crypto" for the real world by demonstratingnumerous attacks on such schemes, protocols and systems under variousreal- world application scenarios. This book chooses to introduce a set of practicalcryptographic schemes, protocols and systems, many of them standards or de factoones, studies them closely, explains their working principles, discusses their practicalusages, and examines their strong (i.e., fit-for-application) security properties, oftenwith security evidence formally established. The book also includes self-containedtheoretical background material that is the foundation for modern cryptography. • Table of Contents Modern Cryptography: Theory and Practice By Wenbo Mao Hewlett-Packard Company Publisher : Prentice Hall PTR Pub Date : July 25, 2003 ISBN : 0-13-066943-1 Pages : 648 Many cryptographic schemes and protocols, especially those based on public-keycryptography, have basic or so-called "textbook crypto" versions, as these versionsare usually the subjects for many textbooks on cryptography. This book takes adifferent approach to introducing cryptography: it pays much more attention tofit-for-application aspects of cryptography. It explains why "textbook crypto" isonly good in an ideal world where data are random and bad guys behave nicely.It reveals the general unfitness of "textbook crypto" for the real world by demonstratingnumerous attacks on such schemes, protocols and systems under variousreal- world application scenarios. This book chooses to introduce a set of practicalcryptographic schemes, protocols and systems, many of them standards or de factoones, studies them closely, explains their working principles, discusses their practicalusages, and examines their strong (i.e., fit-for-application) security properties, oftenwith security evidence formally established. The book also includes self-containedtheoretical background material that is the foundation for modern cryptography. • Table of Contents Modern Cryptography: Theory and Practice By Wenbo Mao Hewlett-Packard Company Publisher : Prentice Hall PTR Pub Date : July 25, 2003 ISBN : 0-13-066943-1 Pages : 648 Copyright Hewlett-Packard® Professional Books A Short Description of the Book Preface Scope Acknowledgements List of Figures List of Algorithms, Protocols and Attacks Part I: Introduction Chapter 1. Beginning with a Simple Communication Game Section 1.1. A Communication Game Section 1.2. Criteria for Desirable Cryptographic Systems and Protocols Section 1.3. Chapter Summary Exercises Chapter 2. Wrestling Between Safeguard and Attack Section 2.1. Introduction Section 2.2. Encryption Section 2.3. Vulnerable Environment (the Dolev-Yao Threat Model) Section 2.4. Authentication Servers Section 2.5. Security Properties for Authenticated Key Establishment Section 2.6. Protocols for Authenticated Key Establishment Using Encryption Section 2.7. Chapter Summary Exercises Part II: Mathematical Foundations: Standard Notation Chapter 3. Probability and Information Theory Section 3.1. Introduction Section 3.2. Basic Concept of Probability Section 3.3. Properties Section 3.4. Basic Calculation Section 3.5. Random Variables and their Probability Distributions Section 3.6. Birthday Paradox Section 3.7. Information Theory • Table of Contents Modern Cryptography: Theory and Practice By Wenbo Mao Hewlett-Packard Company Publisher : Prentice Hall PTR Pub Date : July 25, 2003 ISBN : 0-13-066943-1 Pages : 648 Many cryptographic schemes and protocols, especially those based on public-keycryptography, have basic or so-called "textbook crypto" versions, as these versionsare usually the subjects for many textbooks on cryptography. This book takes adifferent approach to introducing cryptography: it pays much more attention tofit-for-application aspects of cryptography. It explains why "textbook crypto" isonly good in an ideal world where data are random and bad guys behave nicely.It reveals the general unfitness of "textbook crypto" for the real world by demonstratingnumerous attacks on such schemes, protocols and systems under variousreal- world application scenarios. This book chooses to introduce a set of practicalcryptographic schemes, protocols and systems, many of them standards or de factoones, studies them closely, explains their working principles, discusses their practicalusages, and examines their strong (i.e., fit-for-application) security properties, oftenwith security evidence formally established. The book also includes self-containedtheoretical background material that is the foundation for modern cryptography. Section 3.8. Redundancy in Natural Languages Section 3.9. Chapter Summary Exercises Chapter 4. Computational Complexity Section 4.1. Introduction Section 4.2. Turing Machines Section 4.3. Deterministic Polynomial Time Section 4.4. Probabilistic Polynomial Time Section 4.5. Non-deterministic Polynomial Time Section 4.6. Non-Polynomial Bounds Section 4.7. Polynomial-time Indistinguishability Section 4.8. Theory of Computational Complexity and Modern Cryptography Section 4.9. Chapter Summary Exercises Chapter 5. Algebraic Foundations Section 5.1. Introduction Section 5.2. Groups Section 5.3. Rings and Fields Section 5.4. The Structure of Finite Fields Section 5.5. Group Constructed Using Points on an Elliptic Curve Section 5.6. Chapter Summary Exercises Chapter 6. Number Theory Section 6.1. Introduction Section 6.2. Congruences and Residue Classes Section 6.3. Euler's Phi Function Section 6.4. The Theorems of Fermat, Euler and Lagrange Section 6.5. Quadratic Residues Section 6.6. Square Roots Modulo Integer Section 6.7. Blum Integers Section 6.8. Chapter Summary Exercises Part III: Basic Cryptographic Techniques Chapter 7. Encryption — Symmetric Techniques Section 7.1. Introduction Section 7.2. Definition Section 7.3. Substitution Ciphers Section 7.4. Transposition Ciphers Section 7.5. Classical Ciphers: Usefulness and Security Section 7.6. The Data Encryption Standard (DES) Section 7.7. The Advanced Encryption Standard (AES) Section 7.8. Confidentiality Modes of Operation Section 7.9. Key Channel Establishment for Symmetric Cryptosystems Section 7.10. Chapter Summary Exercises Chapter 8. Encryption — Asymmetric Techniques Section 8.1. Introduction Section 8.2. Insecurity of "Textbook Encryption Algorithms" Section 8.3. The Diffie-Hellman Key Exchange Protocol Section 8.4. The Diffie-Hellman Problem and the Discrete Logarithm Problem • Table of Contents Modern Cryptography: Theory and Practice By Wenbo Mao Hewlett-Packard Company Publisher : Prentice Hall PTR Pub Date : July 25, 2003 ISBN : 0-13-066943-1 Pages : 648 Many cryptographic schemes and protocols, especially those based on public-keycryptography, have basic or so-called "textbook crypto" versions, as these versionsare usually the subjects for many textbooks on cryptography. This book takes adifferent approach to introducing cryptography: it pays much more attention tofit-for-application aspects of cryptography. It explains why "textbook crypto" isonly good in an ideal world where data are random and bad guys behave nicely.It reveals the general unfitness of "textbook crypto" for the real world by demonstratingnumerous attacks on such schemes, protocols and systems under variousreal- world application scenarios. This book chooses to introduce a set of practicalcryptographic schemes, protocols and systems, many of them standards or de factoones, studies them closely, explains their working principles, discusses their practicalusages, and examines their strong (i.e., fit-for-application) security properties, oftenwith security evidence formally established. The book also includes self-containedtheoretical background material that is the foundation for modern cryptography. Section 8.5. The RSA Cryptosystem (Textbook Version) Section 8.6. Cryptanalysis Against Public-key Cryptosystems Section 8.7. The RSA Problem Section 8.8. The Integer Factorization Problem Section 8.9. Insecurity of the Textbook RSA Encryption Section 8.10. The Rabin Cryptosystem (Textbook Version) Section 8.11. Insecurity of the Textbook Rabin Encryption Section 8.12. The ElGamal Cryptosystem (Textbook Version) Section 8.13. Insecurity of the Textbook ElGamal Encryption Section 8.14. Need for Stronger Security Notions for Public-key Cryptosystems Section 8.15. Combination of Asymmetric and Symmetric Cryptography Section 8.16. Key Channel Establishment for Public-key Cryptosystems Section 8.17. Chapter Summary Exercises Chapter 9. In An Ideal World: Bit Security of The Basic Public-Key Cryptographic Functions Section 9.1. Introduction Section 9.2. The RSA Bit Section 9.3. The Rabin Bit Section 9.4. The ElGamal Bit Section 9.5. The Discrete Logarithm Bit Section 9.6. Chapter Summary Exercises Chapter 10. Data Integrity Techniques Section 10.1. Introduction Section 10.2. Definition Section 10.3. Symmetric Techniques Section 10.4. Asymmetric Techniques I: Digital Signatures Section 10.5. Asymmetric Techniques II: Data Integrity Without Source Identification Section 10.6. Chapter Summary Exercises Part IV: Authentication Chapter 11. Authentication Protocols — Principles Section 11.1. Introduction Section 11.2. Authentication and Refined Notions Section 11.3. Convention Section 11.4. Basic Authentication Techniques Section 11.5. Password-based Authentication Section 11.6. Authenticated Key Exchange Based on Asymmetric Cryptography Section 11.7. Typical Attacks on Authentication Protocols Section 11.8. A Brief Literature Note Section 11.9. Chapter Summary Exercises Chapter 12. Authentication Protocols — The Real World Section 12.1. Introduction Section 12.2. Authentication Protocols for Internet Security Section 12.3. The Secure Shell (SSH) Remote Login Protocol Section 12.4. The Kerberos Protocol and its Realization in Windows 2000 Section 12.5. SSL and TLS Section 12.6. Chapter Summary Exercises • Table of Contents Modern Cryptography: Theory and Practice By Wenbo Mao Hewlett-Packard Company Publisher : Prentice Hall PTR Pub Date : July 25, 2003 ISBN : 0-13-066943-1 Pages : 648 Many cryptographic schemes and protocols, especially those based on public-keycryptography, have basic or so-called "textbook crypto" versions, as these versionsare usually the subjects for many textbooks on cryptography. This book takes adifferent approach to introducing cryptography: it pays much more attention tofit-for-application aspects of cryptography. It explains why "textbook crypto" isonly good in an ideal world where data are random and bad guys behave nicely.It reveals the general unfitness of "textbook crypto" for the real world by demonstratingnumerous attacks on such schemes, protocols and systems under variousreal- world application scenarios. This book chooses to introduce a set of practicalcryptographic schemes, protocols and systems, many of them standards or de factoones, studies them closely, explains their working principles, discusses their practicalusages, and examines their strong (i.e., fit-for-application) security properties, oftenwith security evidence formally established. The book also includes self-containedtheoretical background material that is the foundation for modern cryptography. Chapter 13. Authentication Framework for Public-Key Cryptography Section 13.1. Introduction Section 13.2. Directory-Based Authentication Framework Section 13.3. Non-Directory Based Public-key Authentication Framework Section 13.4. Chapter Summary Exercises Part V: Formal Approaches to Security Establishment Chapter 14. Formal and Strong Security Definitions for Public-Key Cryptosystems Section 14.1. Introduction Section 14.2. A Formal Treatment for Security Section 14.3. Semantic Security — the Debut of Provable Security Section 14.4. Inadequacy of Semantic Security Section 14.5. Beyond Semantic Security Section 14.6. Chapter Summary Exercises Chapter 15. Provably Secure and Efficient Public-Key Cryptosystems Section 15.1. Introduction Section 15.2. The Optimal Asymmetric Encryption Padding Section 15.3. The Cramer-Shoup Public-key Cryptosystem Section 15.4. An Overview of Provably Secure Hybrid Cryptosystems Section 15.5. Literature Notes on Practical and Provably Secure Public-key Cryptosystems Section 15.6. Chapter Summary Section 15.7. Exercises Chapter 16. Strong and Provable Security for Digital Signatures Section 16.1. Introduction Section 16.2. Strong Security Notion for Digital Signatures Section 16.3. Strong and Provable Security for ElGamal-family Signatures Section 16.4. Fit-for-application Ways for Signing in RSA and Rabin Section 16.5. Signcryption Section 16.6. Chapter Summary Section 16.7. Exercises Chapter 17. Formal Methods for Authentication Protocols Analysis Section 17.1. Introduction Section 17.2. Toward Formal Specification of Authentication Protocols Section 17.3. A Computational View of Correct Protocols — the Bellare-Rogaway Model Section 17.4. A Symbolic Manipulation View of Correct Protocols Section 17.5. Formal Analysis Techniques: State System Exploration Section 17.6. Reconciling Two Views of Formal Techniques for Security Section 17.7. Chapter Summary Exercises Part VI: Cryptographic Protocols Chapter 18. Zero-Knowledge Protocols Section 18.1. Introduction Section 18.2. Basic Definitions Section 18.3. Zero-knowledge Properties Section 18.4. Proof or Argument? Section 18.5. Protocols with Two-sided-error Section 18.6. Round Efficiency Section 18.7. Non-interactive Zero-knowledge Section 18.8. Chapter Summary • Table of Contents Modern Cryptography: Theory and Practice By Wenbo Mao Hewlett-Packard Company Publisher : Prentice Hall PTR Pub Date : July 25, 2003 ISBN : 0-13-066943-1 Pages : 648 Many cryptographic schemes and protocols, especially those based on public-keycryptography, have basic or so-called "textbook crypto" versions, as these versionsare usually the subjects for many textbooks on cryptography. This book takes adifferent approach to introducing cryptography: it pays much more attention tofit-for-application aspects of cryptography. It explains why "textbook crypto" isonly good in an ideal world where data are random and bad guys behave nicely.It reveals the general unfitness of "textbook crypto" for the real world by demonstratingnumerous attacks on such schemes, protocols and systems under variousreal- world application scenarios. This book chooses to introduce a set of practicalcryptographic schemes, protocols and systems, many of them standards or de factoones, studies them closely, explains their working principles, discusses their practicalusages, and examines their strong (i.e., fit-for-application) security properties, oftenwith security evidence formally established. The book also includes self-containedtheoretical background material that is the foundation for modern cryptography. Exercises Chapter 19. Returning to "Coin Flipping Over Telephone" Section 19.1. Blum's "Coin-Flipping-By-Telephone" Protocol Section 19.2. Security Analysis Section 19.3. Efficiency Section 19.4. Chapter Summary Chapter 20. Afterremark Bibliography • Table of Contents Modern Cryptography: Theory and Practice By Wenbo Mao Hewlett-Packard Company Publisher : Prentice Hall PTR Pub Date : July 25, 2003 ISBN : 0-13-066943-1 Pages : 648 Many cryptographic schemes and protocols, especially those based on public-keycryptography, have basic or so-called "textbook crypto" versions, as these versionsare usually the subjects for many textbooks on cryptography. This book takes adifferent approach to introducing cryptography: it pays much more attention tofit-for-application aspects of cryptography. It explains why "textbook crypto" isonly good in an ideal world where data are random and bad guys behave nicely.It reveals the general unfitness of "textbook crypto" for the real world by demonstratingnumerous attacks on such schemes, protocols and systems under variousreal- world application scenarios. This book chooses to introduce a set of practicalcryptographic schemes, protocols and systems, many of them standards or de factoones, studies them closely, explains their working principles, discusses their practicalusages, and examines their strong (i.e., fit-for-application) security properties, oftenwith security evidence formally established. The book also includes self-containedtheoretical background material that is the foundation for modern cryptography. Copyright Library of Congress Cataloging-in-Publication Data A CIP catalog record for this book can be obtained from the Library of Congress. Editorial/production supervision: Mary Sudul Cover design director: Jerry Votta Cover design: Talar Boorujy Manufacturing manager: Maura Zaldivar Acquisitions editor: Jill Harry Marketing manager: Dan DePasquale Publisher, Hewlett-Packard Books: Walter Bruce © 2004 by Hewlett-Packard Company Published by Prentice Hall PTR Prentice-Hall, Inc. Upper Saddle River, New Jersey 07458 Prentice Hall books are widely used by corporations and government agencies for training, marketing, and resale. The publisher offers discounts on this book when ordered in bulk quantities. For more information, contact Corporate Sales Department, Phone: 800-382-3419; FAX: 201-236-7141; E-mail: corpsales@prenhall.com Or write: Prentice Hall PTR, Corporate Sales Dept., One Lake Street, Upper Saddle River, NJ 07458. Other product or company names mentioned herein are the trademarks or registered trademarks of their respective owners. All rights reserved. No part of this book may be reproduced, in any form or by any means, without permission in writing from the publisher. Printed in the United States of America 1st Printing Pearson Education LTD. Pearson Education Australia PTY, Limited Pearson Education Singapore, Pte. Ltd. Pearson Education North Asia Ltd. Pearson Education Canada, Ltd. Pearson Educación de Mexico, S.A. de C.V. Pearson Education — Japan Pearson Education Malaysia, Pte. Ltd. • Table of Contents Modern Cryptography: Theory and Practice By Wenbo Mao Hewlett-Packard Company Publisher : Prentice Hall PTR Pub Date : July 25, 2003 ISBN : 0-13-066943-1 Pages : 648 Many cryptographic schemes and protocols, especially those based on public-keycryptography, have basic or so-called "textbook crypto" versions, as these versionsare usually the subjects for many textbooks on cryptography. This book takes adifferent approach to introducing cryptography: it pays much more attention tofit-for-application aspects of cryptography. It explains why "textbook crypto" isonly good in an ideal world where data are random and bad guys behave nicely.It reveals the general unfitness of "textbook crypto" for the real world by demonstratingnumerous attacks on such schemes, protocols and systems under variousreal- world application scenarios. This book chooses to introduce a set of practicalcryptographic schemes, protocols and systems, many of them standards or de factoones, studies them closely, explains their working principles, discusses their practicalusages, and examines their strong (i.e., fit-for-application) security properties, oftenwith security evidence formally established. The book also includes self-containedtheoretical background material that is the foundation for modern cryptography. Dedication To Ronghui || Yiwei || Yifan • Table of Contents Modern Cryptography: Theory and Practice By Wenbo Mao Hewlett-Packard Company Publisher : Prentice Hall PTR Pub Date : July 25, 2003 ISBN : 0-13-066943-1 Pages : 648 Many cryptographic schemes and protocols, especially those based on public-keycryptography, have basic or so-called "textbook crypto" versions, as these versionsare usually the subjects for many textbooks on cryptography. This book takes adifferent approach to introducing cryptography: it pays much more attention tofit-for-application aspects of cryptography. It explains why "textbook crypto" isonly good in an ideal world where data are random and bad guys behave nicely.It reveals the general unfitness of "textbook crypto" for the real world by demonstratingnumerous attacks on such schemes, protocols and systems under variousreal- world application scenarios. This book chooses to introduce a set of practicalcryptographic schemes, protocols and systems, many of them standards or de factoones, studies them closely, explains their working principles, discusses their practicalusages, and examines their strong (i.e., fit-for-application) security properties, oftenwith security evidence formally established. The book also includes self-containedtheoretical background material that is the foundation for modern cryptography. Hewlett-Packard ® Professional Books HP-UX Fernandez Configuring CDE Madell Disk and File Management Tasks on HP-UX Olker Optimizing NFS Performance Poniatowski HP-UX 11i Virtual Partitions Poniatowski HP-UX 11i System Administration Handbook and Toolkit, Second Edition Poniatowski The HP-UX 11.x System Administration Handbook and Toolkit Poniatowski HP-UX 11.x System Administration "How To" Book Poniatowski HP-UX 10.x System Administration "How To" Book Poniatowski HP-UX System Administration Handbook and Toolkit Poniatowski Learning the HP-UX Operating System Rehman HP Certified: HP-UX System Administration Sauers/Weygant HP-UX Tuning and Performance Weygant Clusters for High Availability, Second Edition Wong HP-UX 11i Security UNIX, L INUX , W INDOWS, AND MPE I/X Mosberger/Eranian IA-64 Linux Kernel Poniatowski UNIX User's Handbook, Second Edition Stone/Symons UNIX Fault Management C OMPUTER A RCHITECTURE Evans/Trimper Itanium Architecture for Programmers Kane PA-RISC 2.0 Architecture Markstein IA-64 and Elementary Functions N ETWORKING /C OMMUNICATIONS Blommers Architecting Enterprise Solutions with UNIX Networking Blommers OpenView Network Node Manager Blommers Practical Planning for Network Growth Brans Mobilize Your Enterprise Cook Building Enterprise Information Architecture • Table of Contents Modern Cryptography: Theory and Practice By Wenbo Mao Hewlett-Packard Company Publisher : Prentice Hall PTR Pub Date : July 25, 2003 ISBN : 0-13-066943-1 Pages : 648 Many cryptographic schemes and protocols, especially those based on public-keycryptography, have basic or so-called "textbook crypto" versions, as these versionsare usually the subjects for many textbooks on cryptography. This book takes adifferent approach to introducing cryptography: it pays much more attention tofit-for-application aspects of cryptography. It explains why "textbook crypto" isonly good in an ideal world where data are random and bad guys behave nicely.It reveals the general unfitness of "textbook crypto" for the real world by demonstratingnumerous attacks on such schemes, protocols and systems under variousreal- world application scenarios. This book chooses to introduce a set of practicalcryptographic schemes, protocols and systems, many of them standards or de factoones, studies them closely, explains their working principles, discusses their practicalusages, and examines their strong (i.e., fit-for-application) security properties, oftenwith security evidence formally established. The book also includes self-containedtheoretical background material that is the foundation for modern cryptography. Lucke Designing and Implementing Computer Workgroups Lund Integrating UNIX and PC Network Operating Systems S ECURITY Bruce Security in Distributed Computing Mao Modern Cryptography:Theory and Practice Pearson et al. Trusted Computing Platforms Pipkin Halting the Hacker, Second Edition Pipkin Information Security W EB /I NTERNET C ONCEPTS AND P ROGRAMMING Amor E-business (R)evolution, Second Edition Apte/Mehta UDDI Mowbrey/Werry Online Communities Tapadiya .NET Programming O THER P ROGRAMMING Blinn Portable Shell Programming Caruso Power Programming in HP Open View Chaudhri Object Databases in Practice Chew The Java/C++ Cross Reference Handbook Grady Practical Software Metrics for Project Management and Process Improvement Grady Software Metrics Grady Successful Software Process Improvement Lewis The Art and Science of Smalltalk Lichtenbelt Introduction to Volume Rendering Mellquist SNMP++ Mikkelsen Practical Software Configuration Management Norton Thread Time Tapadiya COM+ Programming Yuan Windows 2000 GDI Programming S TORAGE Thornburgh Fibre Channel for Mass Storage Thornburgh/Schoenborn Storage Area Networks Todman Designing Data Warehouses IT/IS [...]... 16 .1 Reduction from a Signature Forgery to Solving a Hard Problem 5 51 16.2 Successful Forking Answers to Random Oracle Queries 553 16 .3 The PSS Padding 560 16 .4 The PSS-R Padding 563 17 .1 The CSP Language 609 17 .2 The CSP Entailment Axioms 613 • Table of Contents Modern Cryptography: Theory and Practice ByWenbo Mao Hewlett-Packard Company Publisher: Prentice Hall PTR Pub Date: July 25, 2003 ISBN: 0 -13 -066943 -1. .. for Protocol 11 .1: ISO Public Key Three-Pass Mutual 346 modern cryptography Authentication Protocol Attack 11 .1: Wiener's Attack on ISO Public Key Three-Pass Mutual Authentication Protocol 347 Protocol 11 .2: The Woo-Lam Protocol 350 Protocol 11 .3: Needham's Password Authentication Protocol 352 Protocol 11 .4: The S/KEY Protocol 355 Protocol 11 .5: Encrypted Key Exchange (EKE) 357 Protocol 11 .6: The Station-to-Station... Protocol 11 .8: A Minor Variation of the Otway-Rees Protocol 379 • Table of Contents Attack 11 .7: An Attack and Practice Modern Cryptography: Theory on the Minor Variation of the 3 81 Otway-Rees Protocol ByWenbo Mao Hewlett-Packard Company Protocol 12 .1: Signature-based IKE Phase 1 Main Mode Publisher: Prentice Hall PTR Attack 12 .1: Authentication Failure in Signature-based IKE Pub Phase Date: July Mode 1 Main... Algorithm) modern cryptography Algorithm 4.5: Probabilistic Primality Test (a Monte Carlo 11 0 Algorithm) Algorithm 4.6: Proof of Primality (a Las Vegas Algorithm) 11 3 Protocol 4 .1: Quantum Key Distribution (an Atlantic City Algorithm) 11 7 Algorithm 4.7: Random k-bit Probabilistic Prime Generation 12 1 Algorithm 4.8: Square-Freeness Integer 12 3 Algorithm 5 .1: Random Primitive Root Modulo Prime 16 6 Algorithm... The Station-to-Station (STS) Protocol 3 61 Protocol 11 .7: Flawed "Authentication-only" STS Protocol 363 Attack 11 .2: An Attack on the "Authentication-only" STS Protocol 364 Attack 11 .3: Lowe's Attack on the STS Protocol (a Minor Flaw) 366 Attack 11 .4: An Attack on the S/KEY Protocol 3 71 Attack 11 .5: A Parallel-Session Attack on the Woo-Lam Protocol 372 Attack 11 .6: A Reflection Attack on a "Fixed" Version... Curve Element 17 1 Algorithm 6 .1: Chinese Remainder 18 2 Algorithm 6.2: Legendre/Jacobi Symbol 19 1 Algorithm 6.3: Square Root Modulo Prime (Special Cases) 19 4 Algorithm 6.4: Square Root Modulo Prime (General Case) 19 6 Algorithm 6.5: Square Root Modulo Composite 19 7 Protocol 7 .1: A Zero-knowledge Protocol Using Shift Cipher 216 Protocol 8 .1: The Diffie-Hellman Key Exchange Protocol 249 Attack 8 .1: Man-in-the-Middle... chapters (14 17 ) which provide formalism and rigorous treatments for strong (i.e., fit-for-application) security notions for public-key cryptographic • Table of Contents techniques (encryption, signature and signcryption) and formal methodologies for the Modern Cryptography: Theory and Practice analysis of authentication protocols Chapter 14 introduces formal definitions of strong ByWenbo Mao Hewlett-Packard... Protocol 588 Protocol 17 .4: The Needham-Schroeder Public-key Authentication Protocol in Refined Specification 588 • Table of Contents Protocol 17 .5: Another Refined Specification Modern Cryptography: Theory and Practice of the Needham-Schroeder Public-key Authentication Protocol 589 Protocol 17 .6:MAP1 595 ByWenbo Mao Hewlett-Packard Company Publisher: Prentice Hall PTR Protocol 18 .1: An Interactive Proof... Flipping Over Telephone PREMISE • Alice and BobContents have agreed: Table of Modern Cryptography: Theory and Practice ByWenbo Mao Hewlett-Packard Company i a "magic function" f with properties specified in Property 1. 1 Publisher: Prentice Hall PTR ii an even number x in f(x) represents HEADS and the other case represents TAILS Pub Date: July 25, 2003 ISBN: 0 -13 -066943 -1 Pages: 648 (* Caution: due to (ii),... Exchange Protocol Table of Contents 2 51 Modern Cryptography: Theory and Practice 258 Algorithm 8 .1: The RSA Cryptosystem ByWenbo Mao Hewlett-Packard Company Algorithm 8.2: The Rabin Cryptosystem 269 Publisher: 8.3: Hall ElGamal Cryptosystem AlgorithmPrentice The PTR 274 Pub Date: July 25, 2003 Algorithm 9 .1: Binary Searching RSA Plaintext Using a ISBN: 0 -13 -066943 -1 Parity Oracle 289 Algorithm 9.2: Extracting . Principles Section 11 .1. Introduction Section 11 .2. Authentication and Refined Notions Section 11 .3. Convention Section 11 .4. Basic Authentication Techniques Section 11 .5. Password-based. Pearson and Martin Sadler for technical and literature services and management support. Bristol, England May 2003 • Table of Contents Modern Cryptography: Theory and Practice By Wenbo Mao Hewlett-Packard. Partitions Poniatowski HP-UX 11 i System Administration Handbook and Toolkit, Second Edition Poniatowski The HP-UX 11 .x System Administration Handbook and Toolkit Poniatowski HP-UX 11 .x System Administration