Table of Contents

• Elliptic Curves
  • A Memory Efficient Version of Satoh's Algorithm , page 1
    by Frederik Vercauteren (K. U. Leuven, Belgium)
    Bart Preneel (K. U. Leuven, Belgium)
    Joos Vandewalle (K. U. Leuven, Belgium)
  • Finding Secure Curves with the Satoh-FGH Algorithm and an Early-Abort Strategy , page 14
    by Mireille Fouquet (LIX, école polytechnique, France)
    Pierrick Gaudry (LIX, école polytechnique, France)
    Robert Harley (ArgoTech, France)
  • How Secure are Elliptic Curves over Composite Extension Fields? , page 30
    by Nigel P. Smart (University of Bristol, UK)
• Commitments
  • Efficient and Non-Interactive Non-Malleable Commitment , page 40
    by Giovanni Di Crescenzo (Telcordia Technologies Inc., USA)
    Jonathan Katz (Telcordia Technologies Inc. and Columbia University, USA)
    Rafail Ostrovsky (Telcordia Technologies Inc., USA)
    Adam Smith (Massachusetts Institute of Technology, USA)
  • How to Convert the Flavor of a Quantum Bit Commitment , page 60
    by Claude Crépeau (McGill University, Canada)
    Frédéric Légaré (Zero-Knowledge Systems Inc., Canada)
    Louis Salvail (BRICS, University of Århus, Denmark)
• Anonymity
  • Cryptographic Counters and Applications to Electronic Voting , page 78
    by Jonathan Katz (Telcordia Technologies Inc. and Columbia University, USA)
    Steven Myers (University of Toronto, Canada)
    Rafail Ostrovsky (Telcordia Technologies Inc., USA)
  • An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , page 93
    by Jan Camenisch (IBM Zürich Research Laboratory, Switzerland)
    Anna Lysyanskaya (Massachusetts Institute of Technology, USA)
  • Priced Oblivious Transfer: How to Sell Digital Goods , page 118
    by Bill Aiello (AT&T Labs -- Research, USA)
    Yuval Ishai (DIMACS and AT&T Labs -- Research, USA)
    Omer Reingold (AT&T Labs -- Research, USA)
• Signatures and Hash Functions
  • A Secure Three-move Blind Signature Scheme for Polynomially Many Signatures , page 135
    by Masayuki ABE (NTT Laboratories, Japan)
  • Practical Threshold RSA Signatures Without a Trusted Dealer ,page 151
    by Ivan Damgård (BRICS, University of Århus, Denmark)
    Maciej Koprowski (BRICS, University of Århus, Denmark)
  • Hash Functions: From Merkle-Damgård to Shoup , page 165, by Ilya Mironov (Stanford University, USA)
• XTR and NTRU
  • Key Recovery and Message Attacks on NTRU-Composite , page 181,
    by Craig Gentry (DoCoMo Communications Laboratories Inc., USA)
  • Evidence that XTR is more Secure than Supersingular Elliptic Curve Cryptosystems , page 194,
    by Eric R. Verheul (PricewaterhouseCoopers, The Netherlands)
  • NSS: An NTRU Lattice-Based Signature Scheme , page 210,
    by Jeffrey Hoffstein (NTRU Cryptosystems Inc., USA)
    Jill Pipher (NTRU Cryptosystems Inc., USA)
    Joseph H. Silverman (NTRU Cryptosystems Inc., USA)
• Assumptions
  • The Bit Security of Paillier's Encryption Scheme and its Applications , page 228,
    by Dario Catalano (University of Catania, Italy)
    Rosario Gennaro (IBM T. J. Watson Research Center, USA)
    Nick Howgrave-Graham (IBM T. J. Watson Research Center, USA)
  • Assumptions Related to Discrete Logarithms: Why Subtleties Make a Real Difference , page 243
    by Ahmad-Reza Sadeghi (Saarland University, Germany)
    Michael Steiner (Saarland University, Germany)
• Multiparty Protocols
  • On Adaptive vs. Non-adaptive Security of Multiparty Protocols , page 261
    by Ran Canetti (IBM T. J. Watson Research Center, USA)
    Ivan Damgård (BRICS, University of Århus, Denmark)
    Stefan Dziembowski (BRICS, University of Århus, Denmark)
    Yuval Ishai (DIMACS and AT&T Labs -- Research, USA)
    Tal Malkin (AT&T Labs -- Research, USA)
  • Multiparty Computation from Threshold Homomorphic Encryption , page 279
    by Ronald Cramer (BRICS, University of Århus, Denmark)
    Ivan Damgård (BRICS, University of Århus, Denmark)
    Jesper B. Nielsen (BRICS, University of Århus, Denmark)
  • On Perfect and Adaptive Security in Exposure-Resilient Cryptography , page 299
    by Yevgeniy Dodis (University of New York, USA)
    Amit Sahai (Princeton University, USA)
    Adam Smith (Massachusetts Institute of Technology, USA)
• Block Ciphers
  • Cryptanalysis of Reduced-Round MISTY , page 323
    by Ulrich Kühn (Dresdner Bank AG, Germany)
  • The Rectangle Attack -- Rectangling the Serpent , page 338
    by Eli Biham (Technion, Israel)
    Orr Dunkelman (Technion, Israel)
    Nathan Keller (Technion, Israel)
• Primitives
  • Efficient Amplification of the Security of Weak Pseudo-Random Function Generators , page 356
    by Steven Myers (University of Toronto, Canada)
  • Min-Round Resettable Zero-Knowledge in the Public-Key Model , page 371
    by Silvio Micali (Massachusetts Institute of Technology, USA)
    Leonid Reyzin (Massachusetts Institute of Technology, USA)
• Symmetric Ciphers
  • Structural Cryptanalysis of SASAS , page 392
    by Alex Biryukov (The Weizmann Institute, Israel)
    Adi Shamir (The Weizmann Institute, Israel)
  • Hyper-Bent Functions , page 404
    by Amr M. Youssef (University of Waterloo, Canada)
    Guang Gong (University of Waterloo, Canada)
  • New Method for Upper Bounding the Maximum Average Linear Hull Probability for SPNs , page 418
    by Liam Keliher (Queen's University at Kingston, Canada)
    Henk Meijer (Queen's University at Kingston, Canada)
    Stafford Tavares (Queen's University at Kingston, Canada)
• Key Exchange and Multicast
  • Lower Bounds for Multicast Message Authentication , page 435
    by Dan Boneh (Stanford University, USA)
    Glenn Durfee (Stanford University, USA)
    Matt Franklin (University of California, USA)
  • Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , page 451
    by Ran Canetti (IBM T. J. Watson Research Center, USA)
    Hugo Krawczyk (Technion, Israel)
  • Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords , page 473
    by Jonathan Katz (Telcordia Technologies Inc. and Columbia University, USA)
    Rafail Ostrovsky (Telcordia Technologies Inc., USA)
    Moti Yung (CertCo Inc., USA)
• Authentication and Identification
  • Identification Protocols Secure Against Reset Attacks , page 493
    by Mihir Bellare (University of California at San Diego, USA)
    Marc Fischlin (University of Frankfurt, Germany)
    Shafi Goldwasser (Massachusetts Institute of Technology, USA)
    Silvio Micali (Massachusetts Institute of Technology, USA)
  • Does Encryption with Redundancy Provide Authenticity? , page 509
    by Jee Hea An (University of California at San Diego, USA)
    Mihir Bellare (University of California at San Diego, USA)
  • Encryption Modes with Almost Free Message Integrity , page 525
    by Charanjit S. Jutla (IBM T. J. Watson Research Center, USA)