Wigderson, A. (2019). Mathematics and computation: A theory revolutionizing technology and science. Princeton University Press.
Garey, M. R., & Johnson, D. S. (1979). Computers and intractability (Vol. 174). San Francisco: freeman. — PDF
Arora, S., & Barak, B. (2009). Computational complexity: a modern approach. Cambridge University Press.
Shannon, C. E. (1948). A mathematical theory of communication. The Bell system technical journal, 27(3), 379-423.
Wiener, N. (1948). Cybernetics; or control and communication in the animal and the machine.
Karatsuba, A. A. (1995). The complexity of computations. Proceedings of the Steklov Institute of Mathematics-Interperiodica Translation, 211, 169-183.
Bernstein, D. J. (2001). Multidigit multiplication for mathematicians. Advances in Applied Mathematics, 1-19.
Peterson, G., Reif, J., & Azhar, S. (2001). Lower bounds for multiplayer noncooperative games of incomplete information. Computers & Mathematics with Applications, 41(7-8), 957-992.
Number Theory / Algebraic Number Theory / Complex Analysis Dickson, L. E. (1917). Elementary theory of equations. J. Wiley.
Rotman, J. J., & Rotman, J. (1990). Galois theory. New York: Springer.
Garling, D. J. H. (1986). A course in Galois theory. Cambridge University Press.
Koblitz, N. (1994). A course in number theory and cryptography (Vol. 114). Springer Science & Business Media.
Bernstein, D. J. (2001). Faster square roots in annoying finite fields. preprint.
Bernstein, D. J. (2007, December). The tangent FFT. In International Symposium on Applied Algebra, Algebraic Algorithms, and Error-Correcting Codes (pp. 291-300). Berlin, Heidelberg: Springer Berlin Heidelberg.
Galois, É., & Neumann, P. M. (2011). The mathematical writings of Évariste Galois (Vol. 6). European Mathematical Society.
Conrad, K. (2018). Cyclicity of (Z/(p))×.
Vaikuntanathan, V. (2021) Recitation 3: Number Theory Review. 6.875: Cryptography and Cryptanalysis. MIT.
Pippenger, N. (1976, October). On the evaluation of powers and related problems. In 17th Annual Symposium on Foundations of Computer Science (sfcs 1976) (pp. 258-263). IEEE Computer Society.
Yao, A. C. C. (1976). On the evaluation of powers. SIAM Journal on computing, 5(1), 100-103.
Pippenger, N. (1980). On the evaluation of powers and monomials. SIAM Journal on Computing, 9(2), 230-250.
Bernstein, D. J. (2002). Pippenger’s exponentiation algorithm.
Bernstein, D., & Sorenson, J. (2007). Modular exponentiation via the explicit Chinese remainder theorem. Mathematics of Computation, 76(257), 443-454.
Bernstein, D., Lenstra Jr, H., & Pila, J. (2007). Detecting perfect powers by factoring into coprimes. Mathematics of Computation, 76(257), 385-388.
Factorization & Primality Pollard, J. M. (1974, November). Theorems on factorization and primality testing. In Mathematical proceedings of the Cambridge philosophical society (Vol. 76, No. 3, pp. 521-528). Cambridge University Press.
Rabin, M. O. (1980). Probabilistic algorithms in finite fields. SIAM Journal on computing, 9(2), 273-280.
Rabin, M. O. (1980). Probabilistic algorithm for testing primality. Journal of number theory, 12(1), 128-138.
Adleman, L. M. (1980, October). On distinguishing prime numbers from composite numbers. In 21st Annual Symposium on Foundations of Computer Science (sfcs 1980) (pp. 387-406). IEEE.
Schnorr, C. P., & Lenstra, H. W. (1984). A Monte Carlo factoring algorithm with linear storage. Mathematics of Computation, 43(167), 289-311.
Chudnovsky, D. V., & Chudnovsky, G. V. (1986). Sequences of numbers generated by addition in formal groups and new primality and factorization tests. Advances in Applied Mathematics, 7(4), 385-434.
Lenstra Jr, H. W. (1987). Factoring integers with elliptic curves. Annals of mathematics, 649-673.
Montgomery, P. L. (1987). Speeding the Pollard and elliptic curve methods of factorization. Mathematics of computation, 48(177), 243-264.
Lenstra, A. K., Lenstra Jr, H. W., Manasse, M. S., & Pollard, J. M. (1990, April). The number field sieve. In Proceedings of the twenty-second annual ACM symposium on Theory of computing (pp. 564-572).
Brandt, J., Damgård, I., & Landrock, P. (1993). Speeding up prime number generation. In Advances in Cryptology—ASIACRYPT'91: International Conference on the Theory and Application of Cryptology Fujiyosida, Japan, November 1991 Proceedings 2 (pp. 440-449). Springer Berlin Heidelberg.
Shor, P. W. (1995). Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. Los Alamos Physics Preprint Archive.
Bernstein, D. J. (2004). Distinguishing prime numbers from composite numbers: the state of the art in 2004. URL: http://cr. yp. to/papers. html# prime2004, 23.
Bernstein, D. J. (2005). Factoring into coprimes in essentially linear time. Journal of Algorithms, 54(1), 1-30.
Bernstein, D. (2007). Proving primality in essentially quartic random time. Mathematics of computation, 76(257), 389-403.
Musha, T. (2015). Primality Testing and Factorization by using Fourier Spectrum of the Riemann Zeta Function. Theory and Applications of Mathematics & Computer Science, 5(2), 213.
Kim, T., & Barbulescu, R. (2016, July). Extended tower number field sieve: A new complexity for the medium prime case. In Annual international cryptology conference (pp. 543-571). Berlin, Heidelberg: Springer Berlin Heidelberg.
Pseudo-Random Number Generation Blum, L., Blum, M., & Shub, M. (1982). A simple secure pseudo-random number generator (Vol. 8). Electronics Research Laboratory, College of Engineering, University of California.
Blum, L., Blum, M., & Shub, M. (1983). Comparison of two pseudo-random number generators. In Advances in Cryptology: Proceedings of Crypto 82 (pp. 61-78). Boston, MA: Springer US.
Shamir, A. (1983). On the generation of cryptographically strong pseudorandom sequences. ACM Transactions on Computer Systems (TOCS), 1(1), 38-44.
Blum, M., & Micali, S. (1984). How to generate cryptographically strong sequences of pseudo-random bits. SIAM journal on computing (Print), 13(4), 850-864.
Hirschfeld, R. (1986). Pseudorandom generators and complexity classes (Doctoral dissertation, Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science).
Santha, M., & Vazirani, U. V. (1986). Generating quasi-random sequences from semi-random sources. Journal of computer and system sciences, 33(1), 75-87.
Goldreich, O., Goldwasser, S., & Micali, S. (1986). How to construct random functions. Journal of the ACM (JACM), 33(4), 792-807.
Impagliazzo, R., Levin, L. A., & Luby, M. (1989, February). Pseudo-random generation from one-way functions. In Proceedings of the twenty-first annual ACM symposium on Theory of computing (pp. 12-24).
Håstad, J. (1990, April). Pseudo-random generators under uniform assumptions. In Proceedings of the twenty-second annual ACM symposium on Theory of computing (pp. 395-404).
M’Raïhi, D., Naccache, D., Pointcheval, D., & Vaudenay, S. (1998, August). Computational alternatives to random number generators. In International Workshop on Selected Areas in Cryptography (pp. 72-80). Berlin, Heidelberg: Springer Berlin Heidelberg.
Kelsey, John, Bruce Schneier, and Niels Ferguson. "Yarrow-160: Notes on the design and analysis of the yarrow cryptographic pseudorandom number generator." International Workshop on Selected Areas in Cryptography. Berlin, Heidelberg: Springer Berlin Heidelberg, 1999.
Håstad, J., Impagliazzo, R., Levin, L. A., & Luby, M. (1999). A pseudorandom generator from any one-way function. SIAM Journal on Computing, 28(4), 1364-1396.
Kalai, A. T. (2003). Generating random factored numbers, easily. Journal of Cryptology, 16(4), 287-289.
Wikramaratna, R. S. (2008). The additive congruential random number generator—A special case of a multiple recursive generator. Journal of Computational and Applied Mathematics, 216(2), 371-387.
Halprin, R., & Naor, M. (2009, July). Games for extracting randomness. In Proceedings of the 5th Symposium on Usable Privacy and Security (pp. 1-12).
Harase, S. (2009). Maximally equidistributed pseudorandom number generators via linear output transformations. Mathematics and Computers in Simulation, 79(5), 1512-1519.
Smid, E. B., Leigh, S., Levenson, M., Vangel, M., DavidBanks, A., & JamesDray, S. (2010). A statistical test suite for random and pseudorandom number generators for cryptographic applications.
Vadhan, S., & Zheng, C. J. (2012, May). Characterizing pseudoentropy and simplifying pseudorandom generator constructions. In Proceedings of the forty-fourth annual ACM symposium on Theory of computing (pp. 817-836).
Dodis, Y., Shamir, A., Stephens-Davidowitz, N., & Wichs, D. (2017). How to eat your entropy and have it too: Optimal recovery strategies for compromised RNGs. Algorithmica, 79, 1196-1232.
Harase, S., & Kimoto, T. (2018). Implementing 64-bit maximally equidistributed F2-linear generators with Mersenne prime period. ACM Transactions on Mathematical Software (TOMS), 44(3), 1-11.
Harase, S. (2019). Conversion of Mersenne Twister to double-precision floating-point numbers. Mathematics and computers in simulation, 161, 76-83.
Mazor, N., & Pass, R. (2023, November). Counting unpredictable bits: A simple prg from one-way functions. In Theory of Cryptography Conference (pp. 191-218). Cham: Springer Nature Switzerland.
[TODO: Split various cryptosystems, signature schemes, and block cyphers into separate sections]
Luciano, D., & Prichett, G. (1987). Cryptology: From Caesar ciphers to public-key cryptosystems. The College Mathematics Journal, 18(1), 2-17.
Sawyers, R. (2021). The History of American Cryptology Prior to World War II.
Shannon, C. E. (1949). Communication theory of secrecy systems. The Bell system technical journal, 28(4), 656-715.
NO, T. S. American Cryptology during the Cold War, 1945-1989. TCS, 54649, 95. Book I
Book II
Book III
Book IV
Beginnings of Public Key Cryptography / Diffie-Hellman-Merkle (discrete log) Ellis, J. H. (1970). The possibility of secure non-secret digital encryption. UK Communications Electronics Security Group, 8. — Original
Cocks, C. C. (1973). A note on non-secret encryption. CESG Memo.
Williamson, M. J. (1974). Non–Secret encryption using a finite field (p. 2). Technical report, CESG.
Diffie, W., & Hellman, M. E. (1976). New Directions in Cryptography. IEEE Transaction on Information Theory, 22(6).
"one-way function" (credited to R. M. Needham, with a citation of M. V. Wilkes, Time-Sharing Computer Systems. New York: Elsevier, 1972.)
"trap-door one-way function"
cyphers are one-way functions
"A cryptosystem which is secure against a known plaintext attack can be used to produce a one-way function."
"A public key cryptosystem can be used to generate a one-way authentication system."
"A trap-door cryptosystem can be used to produce a public key distribution system."
"By definition, we will require that a trap-door problem be one in which it is computationally feasible to devise the trap door. This leaves room for yet a third type of entity for which we shall use the prefix “quasi.” For example a quasi one-way function is not one-way in that an easily computed inverse exists. However, it is computationally infeasible everrfor the designer, to find the easily computed inverse. Therefore a quasi one-way function can be used in place of a one-way function with essentially no loss in security."
Williamson, M. J. (1976). Thoughts on cheaper Non–Secret encryption (p. 3). Technical report, CESG.
Hellman, M. (1977). An extension of the Shannon theory approach to cryptography. IEEE Transactions on Information Theory, 23(3), 289-294.
Merkle, R. C. (1978). Secure communications over insecure channels. Communications of the ACM, 21(4), 294-299. — Allows two parties with an evesdropper to communicate a set of puzzles, intended to be solved in order to reveal a key which can be used for encryption. The second party must only solve one in order to communicate. The attacker must solve all of the puzzles in order to be sure they have the right key.
Hellman, M. (1978). An overview of public key cryptography. IEEE Communications Society Magazine, 16(6), 24-32.
Merkle., R. C. (1980) Protocols for Public Key Cryptosystems. In Proc. 1980 IEEE Symposium on Security. — mentions Merkle Tree signatures
Goldwasser, S., Micali, S., & Tong, P. (1982, November). Why and how to establish a private code on a public network. In 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982) (pp. 134-144). IEEE. — this is the paper that starts adding authentication tags to encrypted messages to prevent chosen cyphertext attack
Berger, R., Kannan, S., & Peralta, R. (1985, August). A framework for the study of cryptographic protocols. In Conference on the Theory and Application of Cryptographic Techniques (pp. 87-103). Berlin, Heidelberg: Springer Berlin Heidelberg.
Ellis, J. H. (1987). The story of non-secret encryption. CESG Report.
Diffie, W. (1988). The first ten years of public-key cryptography. Proceedings of the IEEE, 76(5), 560-577. — this is great!
Naor, M., & Yung, M. (1990, April). Public-key cryptosystems provably secure against chosen ciphertext attacks. In Proceedings of the twenty-second annual ACM symposium on Theory of computing (pp. 427-437).
Anderson, R., & Needham, R. (1995, August). Robustness principles for public key protocols. In Annual International Cryptology Conference (pp. 236-247). Berlin, Heidelberg: Springer Berlin Heidelberg.
Bellare, M., Boldyreva, A., & Micali, S. (2000). Public-key encryption in a multi-user setting: Security proofs and improvements. In Advances in Cryptology—EUROCRYPT 2000: International Conference on the Theory and Application of Cryptographic Techniques Bruges, Belgium, May 14–18, 2000 Proceedings 19 (pp. 259-274). Springer Berlin Heidelberg.
Adrian, D., Bhargavan, K., Durumeric, Z., Gaudry, P., Green, M., Halderman, J. A., ... & Zimmermann, P. (2015, October). Imperfect forward secrecy: How Diffie-Hellman fails in practice. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (pp. 5-17).
Wong, D. (2016). How to backdoor diffie-hellman. Cryptology ePrint Archive.
Feistel, H. (1974). U.S. Patent No. 3,798,359. Washington, DC: U.S. Patent and Trademark Office.
Feistel, H., Notz, W. A., & Smith, J. L. (1975). Some cryptographic techniques for machine-to-machine data communications. Proceedings of the IEEE, 63(11), 1545-1554.
Sorkin, A. (1984). Lucifer, a cryptographic algorithm. Cryptologia, 8(1), 22-42.
Diffie, W., & Hellman, M. E. (1977). Special feature exhaustive cryptanalysis of the NBS data encryption standard. Computer, 10(6), 74-84.
Zheng, Y., Matsumoto, T., & Imai, H. (1990). On the construction of block ciphers provably secure and not relying on any unproved hypotheses. In Advances in Cryptology—CRYPTO’89 Proceedings 9 (pp. 461-480). Springer New York.
Pub, F. I. P. S. (1999). Data encryption standard (des). FIPS PUB, 46-3.
Biham, Eli, and Shamir, Adi. Differential Cryptanalysis of the Data Encryption Standard. Germany, Springer-Verlag, 1993.
Matsui, M. (1993, May). Linear cryptanalysis method for DES cipher. In Workshop on the Theory and Application of of Cryptographic Techniques (pp. 386-397). Berlin, Heidelberg: Springer Berlin Heidelberg.
Biham, E., & Biryukov, A. (1997). An improvement of Davies’ attack on DES. Journal of Cryptology, 10, 195-205.
Nalini, N., & Rao, G. R. (2005, December). Cryptanalysis of simplified data encryption standard via optimization heuristics. In 2005 3rd International Conference on Intelligent Sensing and Information Processing (pp. 74-79). IEEE.
Alanazi, H., Zaidan, B. B., Zaidan, A. A., Jalab, H. A., Shabbir, M., & Al-Nabhani, Y. (2010). New comparative study between DES, 3DES and AES within nine factors. arXiv preprint arXiv:1003.4085.
Sharma, L., Pathak, B. K., & Sharma, N. (2012). Breaking of simplified data encryption standard using binary particle swarm optimization.
Merkle, R. C., & Hellman, M. E. (1981). On the security of multiple encryption. Communications of the ACM, 24(7), 465-467.
Karn, P., Metzger, P., & Simpson, W. (1995). The ESP triple DES transform (No. rfc1851).
Barker, E., & Mouha, N. (2017). Recommendation for the triple data encryption algorithm (TDEA) block cipher (No. NIST Special Publication (SP) 800-67 Rev. 2 (Draft)). National Institute of Standards and Technology. [Withdrawn]
Barker, E. (2019). AR Transitioning the Use of Cryptographic Algorithms and Key Lengths. National Institute of Standards and Technology: Washington, DC, USA.
Bhargavan, K., & Leurent, G. (2016, October). On the practical (in-) security of 64-bit block ciphers: Collision attacks on HTTP over TLS and OpenVPN. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (pp. 456-467).
Triple Diffie-Hellman (3DH) Blake-Wilson, S., Johnson, D., & Menezes, A. (1997, December). Key agreement protocols and their security analysis. In IMA international conference on cryptography and coding (pp. 30-45). Berlin, Heidelberg: Springer Berlin Heidelberg.
Kudla, C., & Paterson, K. G. (2005, December). Modular security proofs for key agreement protocols. In International conference on the theory and application of cryptology and information security (pp. 549-565). Berlin, Heidelberg: Springer Berlin Heidelberg.
Daemen, J., & Rijmen, V. (1999). AES proposal: Rijndael.
Evans, D. L., & Brown, K. H. (2001). FIPS 197 Federal Information Processing Standards Publication Advanced Encryption Standard (AES). Advanced Encryption Standard(AES).
Daemen, J., & Rijmen, V. (2002). The design of Rijndael (Vol. 2). New York: Springer-verlag.
Courtois, N. T., & Pieprzyk, J. (2002). Cryptanalysis of block ciphers with overdefined systems of equations. In Advances in Cryptology—ASIACRYPT 2002: 8th International Conference on the Theory and Application of Cryptology and Information Security Queenstown, New Zealand, December 1–5, 2002 Proceedings 8 (pp. 267-287). Springer Berlin Heidelberg.
Biryukov, A., Khovratovich, D., & Nikolić, I. (2009, August). Distinguisher and related-key attack on the full AES-256. In Annual International Cryptology Conference (pp. 231-249). Berlin, Heidelberg: Springer Berlin Heidelberg.
Biryukov, A., & Khovratovich, D. (2009). Related-key cryptanalysis of the full AES-192 and AES-256. In Advances in Cryptology–ASIACRYPT 2009: 15th International Conference on the Theory and Application of Cryptology and Information Security, Tokyo, Japan, December 6-10, 2009. Proceedings 15 (pp. 1-18). Springer Berlin Heidelberg.
Saha, D., Mukhopadhyay, D., & RoyChowdhury, D. (2009). A diagonal fault attack on the advanced encryption standard. Cryptology ePrint Archive.
Biryukov, A., Dunkelman, O., Keller, N., Khovratovich, D., & Shamir, A. (2010). Key recovery attacks of practical complexity on AES-256 variants with up to 10 rounds. In Advances in Cryptology–EUROCRYPT 2010: 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, French Riviera, May 30–June 3, 2010. Proceedings 29 (pp. 299-319). Springer Berlin Heidelberg.
Bogdanov, A., Khovratovich, D., & Rechberger, C. (2011). Biclique cryptanalysis of the full AES. In Advances in Cryptology–ASIACRYPT 2011: 17th International Conference on the Theory and Application of Cryptology and Information Security, Seoul, South Korea, December 4-8, 2011. Proceedings 17 (pp. 344-371). Springer Berlin Heidelberg.
Bonnetain, X., Naya-Plasencia, M., & Schrottenloher, A. (2019). Quantum security analysis of AES. IACR Transactions on Symmetric Cryptology, 2019(2), 55-93.
Crowley, P. (2005). Truncated differential cryptanalysis of five rounds of Salsa20. Cryptology ePrint Archive.
Tsunoo, Y., Saito, T., Kubo, H., Suzaki, T., & Nakashima, H. (2007, March). Differential cryptanalysis of Salsa20/8. In Workshop Record of SASC (Vol. 28).
Bernstein, D. J. (2008). The Salsa20 family of stream ciphers. In New stream cipher designs: the eSTREAM finalists (pp. 84-97). Berlin, Heidelberg: Springer Berlin Heidelberg.
Bernstein, D. J. (2008, January). ChaCha, a variant of Salsa20. In Workshop record of SASC (Vol. 8, No. 1, pp. 3-5).
Aumasson, J. P., Fischer, S., Khazaei, S., Meier, W., & Rechberger, C. (2008). New features of Latin dances: analysis of Salsa, ChaCha, and Rumba. In Fast Software Encryption: 15th International Workshop, FSE 2008, Lausanne, Switzerland, February 10-13, 2008, Revised Selected Papers 15 (pp. 470-488). Springer Berlin Heidelberg.
Bernstein, D. J. (2011, February). Extending the Salsa20 nonce. In Workshop record of Symmetric Key Encryption Workshop (Vol. 2011).
Procter, G. (2014). A Security Analysis of the Composition of ChaCha20 and Poly1305. Cryptology ePrint Archive.
Merkle, R., & Hellman, M. (1978). Hiding information and signatures in trapdoor knapsacks. IEEE transactions on Information Theory, 24(5), 525-530.
Shamir, A. (1980, April). The Cryptographic Security of Compact Knapsacks (Preliminary Report). In 1980 IEEE Symposium on Security and Privacy (pp. 94-94). IEEE.
Shamir, A. (1982). A polynomial time algorithm for breaking Merkle-Hellman cryptosystems. extended abstract) Research Announcement.
Adleman, L. M. (1983, December). On breaking generalized knapsack public key cryptosystems. In Proceedings of the fifteenth annual ACM symposium on Theory of computing (pp. 402-412).
Lagarias, J. C. (1984). Knapsack public key cryptosystems and diophantine approximation. In Advances in Cryptology: Proceedings of Crypto 83 (pp. 3-23). Springer US.
Brickell, E. F. (1984, August). Breaking iterated knapsacks. In Workshop on the Theory and Application of Cryptographic Techniques (pp. 342-358). Berlin, Heidelberg: Springer Berlin Heidelberg.
Goodman, R. M., & McAuley, A. J. (1985). A new trapdoor knapsack public key cryptosystem. In Advances in Cryptology: Proceedings of EUROCRYPT 84 A Workshop on the Theory and Application of Cryptographic Techniques Paris, France, April 9–11, 1984 3 (pp. 150-158). Springer Berlin Heidelberg.
Odlyzko, A. M. (1990). The rise and fall of knapsack cryptosystems. Cryptology and computational number theory, 42(2).
Okamoto, T., Tanaka, K., & Uchiyama, S. (2000, August). Quantum public-key cryptosystems. In Annual international cryptology conference (pp. 147-165). Berlin, Heidelberg: Springer Berlin Heidelberg.
Nguyễn, P. Q., & Stern, J. (2005). Adapting density attacks to low-weight knapsacks. In Advances in Cryptology-ASIACRYPT 2005: 11th International Conference on the Theory and Application of Cryptology and Information Security, Chennai, India, December 4-8, 2005. Proceedings 11 (pp. 41-58). Springer Berlin Heidelberg.
Murakami, Y., & Nasako, T. (2007). Knapsack public-key cryptosystem using chinese remainder theorem. Cryptology ePrint Archive. — An example knapsack problem that supposedly hasn't been broken.
Pohlig, S., & Hellman, M. (1978). An improved algorithm for computing logarithms over GF (p) and its cryptographic significance (corresp.). IEEE Transactions on information Theory, 24(1), 106-110.
Adleman, L. M., & DeMarrais, J. (1993). A subexponential algorithm for discrete logarithms over all finite fields. Mathematics of Computation, 61(203), 1-15.
Gordon, D. M. (1993). Discrete Logarithms in GF(P) Using the Number Field Sieve. SIAM Journal on Discrete Mathematics, 6(1), 124-138.
Young, A., & Yung, M. (1997). The prevalence of kleptographic attacks on discrete-log based cryptosystems. In Advances in Cryptology—CRYPTO'97: 17th Annual International Cryptology Conference Santa Barbara, California, USA August 17–21, 1997 Proceedings 17 (pp. 264-276). Springer Berlin Heidelberg.
Sakurai, K., & Shizuya, H. (1998). A structural comparison of the computational difficulty of breaking discrete log cryptosystems. Journal of Cryptology, 11(1), 29-43.
Covers: Diffie–Hellman Key Exchange Scheme, Bellare–Micali Noninteractive Oblivious Transfer Scheme, ElGamal Public-Key Cryptosystem, Okamoto Conference-Key Sharing Scheme, and Shamir 3-Pass Message Transmission Scheme (Massey-Omura)
Bernstein, D. J., & Lange, T. (2012). Computing small discrete logarithms faster. In Progress in Cryptology-INDOCRYPT 2012: 13th International Conference on Cryptology in India, Kolkata, India, December 9-12, 2012. Proceedings 13 (pp. 317-338). Springer Berlin Heidelberg.
Barbulescu, R., Gaudry, P., Joux, A., & Thomé, E. (2014, May). A heuristic quasi-polynomial algorithm for discrete logarithm in finite fields of small characteristic. In Annual International Conference on the Theory and Applications of Cryptographic Techniques (pp. 1-16). Berlin, Heidelberg: Springer Berlin Heidelberg.
ElGamal, T. (1985). A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE transactions on information theory, 31(4), 469-472.
Pointcheval, D., & Stern, J. (1996, May). Security proofs for signature schemes. In International conference on the theory and applications of cryptographic techniques (pp. 387-398). Berlin, Heidelberg: Springer Berlin Heidelberg.
Maurer, U. M. (1994, August). Towards the equivalence of breaking the Diffie-Hellman protocol and computing discrete logarithms. In Annual international cryptology conference (pp. 271-281). Berlin, Heidelberg: Springer Berlin Heidelberg.
Digital Signature Algorithm (DSA/DSS) Wikipedia. Digital Signature Algorithm.
Massey, J. L., & Omura, J. K. (1983). A new multiplicative algorithm over finite fields and its applicability in public key cryptography. EUROCRYPT’83 Udine, Italy.
Massey, J. L., & Omura, J. K. (1986). U.S. Patent No. 4,567,600. Washington, DC: U.S. Patent and Trademark Office.
Wang, C. C. (1986). A generalized algorithm to design finite field normal basis multipliers. The Telecommunications and Data Acquisition Report.
Haley, S. (2018). Non-commutative massey-omura encryption with symmetric groups.
Al Saffar, N. F. H., Al-Saiq, I. R., & Alsabeh, R. A. (2022). Asymmetric image encryption scheme based on Massey Omura scheme. International Journal of Electrical and Computer Engineering, 12(1), 1040-1047.
Gennaro, R., Jarecki, S., Krawczyk, H., & Rabin, T. (1999). Secure distributed key generation for discrete-log based cryptosystems. In Advances in Cryptology—EUROCRYPT’99: International Conference on the Theory and Application of Cryptographic Techniques Prague, Czech Republic, May 2–6, 1999 Proceedings 18 (pp. 295-310). Springer Berlin Heidelberg.
Guillevic, A., & Morain, F. (2017). Discrete logarithms. In Guide to pairing-based cryptography (pp. 9-1). Chapman and Hall/CRC.
Rivest, R. L., Shamir, A., & Adleman, L. (1978). A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2), 120-126. — Alternate MIT version
Blakley, G. R., & Borosh, I. (1979). Rivest-Shamir-Adleman public key cryptosystems do not always conceal messages. Computers & mathematics with applications, 5(3), 169-178.
Williams, H. (1980). A modification of the RSA public-key encryption procedure (Corresp.). IEEE Transactions on Information Theory, 26(6), 726-729.
Ben-Or, Chor, Shamir (1983). On the Security of RSA Bits. Proceedings of 15th ACM symposuim on Theory of Computation, 421-430.
Desmedt, Y., & Quisquater, J. J. (1986, August). Public-key systems based on the difficulty of tampering (is there a difference between DES and RSA?). In Conference on the Theory and Application of Cryptographic Techniques (pp. 111-117). Berlin, Heidelberg: Springer Berlin Heidelberg.
Alexi, W., Chor, B., Goldreich, O., & Schnorr, C. P. (1988). RSA and Rabin functions: Certain parts are as hard as the whole. SIAM Journal on Computing, 17(2), 194-209.
Wiener, M. J. (1990). Cryptanalysis of short RSA secret exponents. IEEE Transactions on Information theory, 36(3), 553-558.
Coppersmith, D. (1997). Small solutions to polynomial equations, and low exponent RSA vulnerabilities. Journal of cryptology, 10(4), 233-260.
Boneh, D. (1999). Twenty years of attacks on the RSA cryptosystem. Notices of the AMS, 46(2), 203-213.
Juels, A., & Guajardo, J. (2002). RSA key generation with verifiable randomness. In Public Key Cryptography: 5th International Workshop on Practice and Theory in Public Key Cryptosystems, PKC 2002 Paris, France, February 12–14, 2002 Proceedings 5 (pp. 357-374). Springer Berlin Heidelberg.
Yacobi, O., & Yacobi, Y. (2005). A new related message attack on RSA. In Public Key Cryptography-PKC 2005: 8th International Workshop on Theory and Practice in Public Key Cryptography, Les Diablerets, Switzerland, January 23-26, 2005. Proceedings 8 (pp. 1-8). Springer Berlin Heidelberg.
Finney, H (2006) Bleichenbacher's RSA signature forgery based on implementation error. Usenet.
Lenstra, A. K., Hughes, J. P., Augier, M., Bos, J. W., Kleinjung, T., & Wachter, C. (2012). Ron was wrong, Whit is right. Cryptology EPrint Archive. — duplicate modulii in the wild
Wong, D. (2015) Survey: Lattice Reduction Attacks on RSA
Barbulescu, M., Stratulat, A., Traista-Popescu, V., & Simion, E. (2016). RSA weak public keys available on the Internet. In Innovative Security Solutions for Information Technology and Communications: 9th International Conference, SECITC 2016, Bucharest, Romania, June 9-10, 2016, Revised Selected Papers 9 (pp. 92-102). Springer International Publishing.
Nemec, M. (2016). The properties of RSA key generation process in software libraries. Diss. Masarykova univerzita, Fakulta informatiky.
Nemec, M., Sys, M., Svenda, P., Klinec, D., & Matyas, V. (2017, October). The return of coppersmith's attack: Practical factorization of widely used RSA moduli. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (pp. 1631-1648).
Mumtaz, M., & Ping, L. (2019). Forty years of attacks on the RSA cryptosystem: A brief survey. Journal of Discrete Mathematical Sciences and Cryptography, 22(1), 9-29.
Böck, H. (2023). Fermat factorization in the wild. Cryptology ePrint Archive.
Pelofske, E. (2024). An Efficient All-to-All GCD Algorithm for Low Entropy RSA Key Factorization. arXiv preprint arXiv:2405.03166.
McEliece, R. J. (1978). A public key cryptosystem based on algebraic coding theory. DSN Prog. Re., 114-116.
Courtois, N. T., Finiasz, M., & Sendrier, N. (2001). How to achieve a McEliece-based digital signature scheme. In Advances in Cryptology—ASIACRYPT 2001: 7th International Conference on the Theory and Application of Cryptology and Information Security Gold Coast, Australia, December 9–13, 2001 Proceedings 7 (pp. 157-174). Springer Berlin Heidelberg.
Engelbert, D., Overbeck, R., & Schmidt, A. (2007). A summary of McEliece-type cryptosystems and their security. Journal of Mathematical Cryptology, 1(2), 151-199.
Bernstein, D. J., Lange, T., & Peters, C. (2008). Attacking and defending the McEliece cryptosystem. In Post-Quantum Cryptography: Second International Workshop, PQCrypto 2008 Cincinnati, OH, USA, October 17-19, 2008 Proceedings 2 (pp. 31-46). Springer Berlin Heidelberg.
Baldi, M., Bodrato, M., & Chiaraluce, F. (2008). A new analysis of the McEliece cryptosystem based on QC-LDPC codes. In Security and Cryptography for Networks: 6th International Conference, SCN 2008, Amalfi, Italy, September 10-12, 2008. Proceedings 6 (pp. 246-262). Springer Berlin Heidelberg.
Berger, T. P., Cayrel, P. L., Gaborit, P., & Otmani, A. (2009, June). Reducing key length of the McEliece cryptosystem. In International Conference on Cryptology in Africa (pp. 77-97). Berlin, Heidelberg: Springer Berlin Heidelberg.
Bernstein, D. J. (2010). Grover vs. mceliece. In Post-Quantum Cryptography: Third International Workshop, PQCrypto 2010, Darmstadt, Germany, May 25-28, 2010. Proceedings 3 (pp. 73-80). Springer Berlin Heidelberg.
Bernstein, D. J. (2011, May). List decoding for binary Goppa codes. In International Conference on Coding and Cryptology (pp. 62-80). Berlin, Heidelberg: Springer Berlin Heidelberg.
Gauthier, V., Otmani, A., & Tillich, J. P. (2012). A Distinguisher-based attack on a variant of McEliece's cryptosystem based on Reed-Solomon codes. arXiv preprint arXiv:1204.6459.
Landais, G., & Tillich, J. P. (2013). An efficient attack of a McEliece cryptosystem variant based on convolutional codes. In Post-Quantum Cryptography: 5th International Workshop, PQCrypto 2013, Limoges, France, June 4-7, 2013. Proceedings 5 (pp. 102-117). Springer Berlin Heidelberg.
Baldi, M., Chiaraluce, F., Rosenthal, J., Santini, P., & Schipani, D. (2019). Security of generalised Reed–Solomon code‐based cryptosystems. IET Information Security, 13(4), 404-410.
Lavauzelle, J., & Renner, J. (2020). Cryptanalysis of a system based on twisted Reed–Solomon codes. Designs, Codes and Cryptography, 88(7), 1285-1300.
Bernstein, D. J. (2022). Understanding binary-Goppa decoding. Cryptology ePrint Archive.
Narisada, S., Uemura, S., Okada, H., Furue, H., Aikawa, Y., & Fukushima, K. (2024). Revisiting the May--Meurer--Thomae Algorithm---Solving McEliece-1409 in One Day. Cryptology ePrint Archive.
H. Niederreiter (1986). "Knapsack-type cryptosystems and algebraic coding theory". Problems of Control and Information Theory. Problemy Upravlenija I Teorii Informacii. 15: 159–166.
Sidelnikov, V. M., & Shestakov, S. O. (1992). On insecurity of cryptosystems based on generalized Reed-Solomon codes. https://doi.org/10.1515/dma.1992.2.4.439
Li, Y. X., Deng, R. H., & Wang, X. M. (1994). On the equivalence of McEliece's and Niederreiter's public-key cryptosystems. IEEE Transactions on Information Theory, 40(1), 271-273.
Berger, T. P., & Loidreau, P. (2005). How to mask the structure of codes for a cryptographic use. Designs, Codes and Cryptography, 35, 63-79.
-Berger, T. P., & Loidreau, P. (2008) How to mask the structure of error-correcting codes for a cryptographical use.
Wieschebrink, C. (2006). An attack on a modified Niederreiter encryption scheme. In Public Key Cryptography-PKC 2006: 9th International Conference on Theory and Practice in Public-Key Cryptography, New York, NY, USA, April 24-26, 2006. Proceedings 9 (pp. 14-26). Springer Berlin Heidelberg.
Wieschebrink, C. (2009). Cryptanalysis of the Niederreiter public key scheme based on GRS subcodes. Cryptology ePrint Archive.
Márquez-Corbella, I., Martínez-Moro, E., & Pellikaan, R. (2013). The non-gap sequence of a subcode of a generalized Reed–Solomon code. Designs, codes and cryptography, 66, 317-333.
Couvreur, A., Gaborit, P., Gauthier-Umaña, V., Otmani, A., & Tillich, J. P. (2014). Distinguisher-based attacks on public-key cryptosystems using Reed–Solomon codes. Designs, Codes and Cryptography, 73, 641-666.
Gabidulin, E. M. (1985). Theory of codes with maximum rank distance. Problemy peredachi informatsii, 21(1), 3-16.
Chabaud, F., & Stern, J. (1996). The cryptographic security of the syndrome decoding problem for rank distance codes. In Advances in Cryptology—ASIACRYPT'96: International Conference on the Theory and Applications of Cryptology and Information Security Kyongju, Korea, November 3–7, 1996 Proceedings (pp. 368-381). Springer Berlin Heidelberg.
Gibson, K. (1996). The security of the Gabidulin public key cryptosystem. In Advances in Cryptology—EUROCRYPT’96: International Conference on the Theory and Application of Cryptographic Techniques Saragossa, Spain, May 12–16, 1996 Proceedings 15 (pp. 212-223). Springer Berlin Heidelberg.
Loidreau, P. (2005, March). A Welch–Berlekamp like algorithm for decoding Gabidulin codes. In International Workshop on Coding and Cryptography (pp. 36-45). Berlin, Heidelberg: Springer Berlin Heidelberg.
Gilbert, E. N., MacWilliams, F. J., & Sloane, N. J. (1974). Codes which detect deception. Bell System Technical Journal, 53(3), 405-424.
Wiesner, S. (1983). Conjugate coding. ACM Sigact News, 15(1), 78-88.
Yang, X., & Massey, J. L. (1994). The condition for a cyclic code to have a complementary dual. Discrete Mathematics, 126(1-3), 391-393.
Fitzpatrick, P. (1995). On the key equation. IEEE Transactions on Information Theory, 41(5), 1290-1302.
Sudan, M. (2000). List decoding: Algorithms and applications. ACM SIGACT News, 31(1), 16-27.
Duursma, I. M., & Park, S. (2010). Coset bounds for algebraic geometric codes. Finite Fields and Their Applications, 16(1), 36-55.
Wang, Y. (2016, July). Quantum resistant random linear code based public key encryption scheme RLCE. In 2016 IEEE International Symposium on Information Theory (ISIT) (pp. 2519-2523). IEEE.
Thiers, J. P., & Freudenberger, J. (2022). Code-based cryptography with generalized concatenated codes for restricted error values. IEEE Open Journal of the Communications Society, 3, 1528-1539.
Rivest, R. L., Adleman, L., & Dertouzos, M. L. (1978). On data banks and privacy homomorphisms. Foundations of secure computation, 4(11), 169-180.
Feigenbaum, J. (1985, August). Encrypting problem instances: or..., can you take advantage of someone without having to trust him?. In Conference on the Theory and Application of Cryptographic Techniques (pp. 477-488). Berlin, Heidelberg: Springer Berlin Heidelberg.
Benaloh, J. C. (1986, August). Secret sharing homomorphisms: Keeping shares of a secret secret. In Conference on the theory and application of cryptographic techniques (pp. 251-260). Berlin, Heidelberg: Springer Berlin Heidelberg.
Paillier, P. (1999, April). Public-key cryptosystems based on composite degree residuosity classes. In International conference on the theory and applications of cryptographic techniques (pp. 223-238). Berlin, Heidelberg: Springer Berlin Heidelberg.
Bogdanov, A., & Lee, C. H. (2011). Homomorphic encryption from codes. arXiv preprint arXiv:1111.4301.
Benzekki, K., El Fergougui, A., & El Alaoui, A. E. B. (2016). A secure cloud computing architecture using homomorphic encryption. International Journal of Advanced Computer Science and Applications, 7(2).
Boyle, E., Couteau, G., Gilboa, N., Ishai, Y., & Orrù, M. (2017, October). Homomorphic secret sharing: optimizations and applications. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (pp. 2105-2122).
Bos, J., Ducas, L., Kiltz, E., Lepoint, T., Lyubashevsky, V., Schanck, J. M., ... & Stehlé, D. (2018, April). CRYSTALS-Kyber: a CCA-secure module-lattice-based KEM. In 2018 IEEE European Symposium on Security and Privacy (EuroS&P) (pp. 353-367). IEEE.
Bossuat, J. P., Cammarota, R., Cheon, J. H., Chillotti, I., Curtis, B. R., Dai, W., ... & Yildiz, B. (2024). Security Guidelines for Implementing Homomorphic Encryption. Cryptology ePrint Archive.
Mondal, P., Kundu, S., Bhattacharya, S., Karmakar, A., & Verbauwhede, I. (2024, February). A practical key-recovery attack on LWE-based key-encapsulation mechanism schemes using Rowhammer. In International Conference on Applied Cryptography and Network Security (pp. 271-300). Cham: Springer Nature Switzerland.
Frot, R., & Zentai, D. (2024). A new attack against search-LWE using Diophantine approximations. Cryptology ePrint Archive.
Wenger, E., Saxena, E., Malhou, M., Thieu, E., & Lauter, K. (2024). Benchmarking Attacks on Learning with Errors. arXiv preprint arXiv:2408.00882.
Hermelink, J., Streit, S., Mårtensson, E., & Petri, R. (2024). A Generic Framework for Side-Channel Attacks against LWE-based Cryptosystems. Cryptology ePrint Archive.
Stevens, S., Wenger, E., Li, C., Nolte, N., Saxena, E., Charton, F., & Lauter, K. (2024). Salsa fresca: Angular embeddings and pre-training for ml attacks on learning with errors. arXiv preprint arXiv:2402.01082.
Cheon, J. H., Choe, H., Passelègue, A., Stehlé, D., & Suvanto, E. (2024). Attacks against the INDCPA-D security of exact FHE schemes. Cryptology ePrint Archive.
Lang, S., & Trotter, H. (1977). Primitive points on elliptic curves. Bull. Amer. Math. Soc., 83(6), 289-292.
Lang, S. (1978). Elliptic curves: Diophantine analysis (Vol. 231). Berlin: Springer-Verlag.
Elliptic Curve Cryptography Miller, V. S. (1985, August). Use of elliptic curves in cryptography. In Conference on the theory and application of cryptographic techniques (pp. 417-426). Berlin, Heidelberg: Springer Berlin Heidelberg.
Miller, V. (1986). Short programs for functions on curves. Unpublished manuscript, 97(101-102), 44.
Koblitz, N. (1987). Elliptic curve cryptosystems. Mathematics of computation, 48(177), 203-209.
Menezes, A., Vanstone, S., & Okamoto, T. (1991, January). Reducing elliptic curve logarithms to logarithms in a finite field. In Proceedings of the twenty-third annual ACM symposium on Theory of computing (pp. 80-89).
Menezes, A. J. (1993). Elliptic curve public key cryptosystems (Vol. 234). Springer Science & Business Media. — version of lecture notes by the author are available in Korean
Bosma, W., & Lenstra, H. W. (1995). Complete systems of two addition laws for elliptic curves. Journal of Number theory, 53(2), 229-240.
Jurišic, A., & Menezes, A. (1997). Elliptic curves and cryptography. Dr. Dobb’s Journal, 26-36.
Miller, V. S. (1998). Use of elliptic curves in cryptography. Exploratory Computer Science.
Miller, V. S. (1997, March). Elliptic Curves and their use in Cryptography. In DIMACS Workshop on Unusual Applications of Number Theory (Vol. 21). sn.
Boneh, D., Lynn, B., & Shacham, H. (2001, November). Short signatures from the Weil pairing. In International conference on the theory and application of cryptology and information security (pp. 514-532). Berlin, Heidelberg: Springer Berlin Heidelberg.
Hankerson, D., Menezes, A. J., & Vanstone, S. (2003). Guide to Elliptic Curve Cryptography.
Nguyen, P. Q., & Shparlinski, I. E. (2003). The insecurity of the elliptic curve digital signature algorithm with partially known nonces. Designs, codes and cryptography, 30, 201-217.
Eisenträger, K., Lauter, K., & Montgomery, P. L. (2004). Improved Weil and Tate pairings for elliptic and hyperelliptic curves. In Algorithmic Number Theory: 6th International Symposium, ANTS-VI, Burlington, VT, USA, June 13-18, 2004, Proceedings 6 (pp. 169-183). Springer Berlin Heidelberg.
Verheul, E. R. (2004). Evidence that XTR is more secure than supersingular elliptic curve cryptosystems. Journal of Cryptology, 17, 277-296.
Garefalakis, T. (2004). The generalized weil pairing and the discrete logarithm problem on elliptic curves. Theoretical computer science, 321(1), 59-72.
Bernstein, D. J. (2006). Curve25519: new Diffie-Hellman speed records. In Public Key Cryptography-PKC 2006: 9th International Conference on Theory and Practice in Public-Key Cryptography, New York, NY, USA, April 24-26, 2006. Proceedings 9 (pp. 207-228). Springer Berlin Heidelberg. — Curve25519
Gaudry, P., & Thomé, E. (2007). The mpFq library and implementing curve-based key exchanges. In SPEED: software performance enhancement for encryption and decryption (pp. 49-64). — Curve25519
Bernstein, D. J., & Lange, T. (2007). Faster addition and doubling on elliptic curves. In Advances in Cryptology–ASIACRYPT 2007: 13th International Conference on the Theory and Application of Cryptology and Information Security, Kuching, Malaysia, December 2-6, 2007. Proceedings 13 (pp. 29-50). Springer Berlin Heidelberg.
Bernstein, D. J., Birkner, P., Lange, T., & Peters, C. (2007). Optimizing double-base elliptic-curve single-scalar multiplication. In Progress in Cryptology–INDOCRYPT 2007: 8th International Conference on Cryptology in India, Chennai, India, December 9-13, 2007. Proceedings 8 (pp. 167-182). Springer Berlin Heidelberg.
Bernstein, D. J., & Lange, T. (2007). Analysis and optimization of elliptic-curve single-scalar multiplication. Cryptology ePrint Archive.
Edwards, H. (2007). A normal form for elliptic curves. Bulletin of the American mathematical society, 44(3), 393-422.
Brown, D. (2009). Standards for efficient cryptography, SEC 1: elliptic curve cryptography. Released Standard Version, 1. — ECDSA
Menezes, A. (2009). An introduction to pairing-based cryptography. Recent trends in cryptography, 477, 47-65.
Hişil, H. (2010). Elliptic curves, group law, and efficient computation (Doctoral dissertation, Queensland University of Technology).
Galbraith, S. D., Lin, X., & Scott, M. (2011). Endomorphisms for faster elliptic curve cryptography on a large class of curves. Journal of cryptology, 24(3), 446-469.
Bernstein, D. J., Duif, N., Lange, T., Schwabe, P., & Yang, B. Y. (2012). High-speed high-security signatures. Journal of cryptographic engineering, 2(2), 77-89. — Ed25519
Pornin, T. (2013). Deterministic usage of the digital signature algorithm (DSA) and elliptic curve digital signature algorithm (ECDSA) (No. rfc6979).
Bernstein, D. J., Hamburg, M., Krasnova, A., & Lange, T. (2013, November). Elligator: elliptic-curve points indistinguishable from uniform random strings. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security (pp. 967-980).
Lindell, Y. (2017). Fast secure two-party ECDSA signing. In Advances in Cryptology–CRYPTO 2017: 37th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 20–24, 2017, Proceedings, Part II 37 (pp. 613-644). Springer International Publishing.
Wahby, R. S., & Boneh, D. (2019). Fast and simple constant-time hashing to the BLS12-381 elliptic curve. Cryptology ePrint Archive.
Bowe, S. (2019). Faster subgroup checks for BLS12-381. Cryptology ePrint Archive.
Banerjee, U., & Chandrakasan, A. P. (2021). A low-power bls12-381 pairing cryptoprocessor for internet-of-things security applications. IEEE Solid-State Circuits Letters, 4, 190-193.
Gao, Y., Wang, J., Hu, H., & He, B. (2024). Attacking ECDSA with Nonce Leakage by Lattice Sieving: Bridging the Gap with Fourier Analysis-based Attacks. Cryptology ePrint Archive.
Bernstein, D. J., & Lange, T. (2024). Safe curves for elliptic-curve cryptography. Cryptology ePrint Archive.
One-way functions / Trapdoors / Signatures Lamport, L. (1979). Constructing digital signatures from a one way function.
Rabin, M. O. (1979). Digitalized signatures and public-key functions as intractable as factorization.
Merkle, R. C. (1979, August). A certified digital signature. In Conference on the Theory and Application of Cryptology (pp. 218-238). New York, NY: Springer New York. — This is the mythical Merkle Tree Signature paper from 1979.
Yao, A. C. (1982, November). Theory and application of trapdoor functions. In 23rd Annual Symposium on Foundations of Computer Science (SFCS 1982) (pp. 80-91). IEEE.
Brassard, G. (1983). On computationally secure authentication tags requiring short secret shared keys. In Advances in Cryptology: Proceedings of Crypto 82 (pp. 79-86). Boston, MA: Springer US.
Chaum, D. (1983, August). Blind signatures for untraceable payments. In Advances in Cryptology: Proceedings of Crypto 82 (pp. 199-203). Boston, MA: Springer US.
Merkle, R. C. (1987, August). A digital signature based on a conventional encryption function. In Conference on the theory and application of cryptographic techniques (pp. 369-378). Berlin, Heidelberg: Springer Berlin Heidelberg.
Ziv, J. (1987). In Search of a One-Way Function. Open Problems in Communication and Computation, 104-105. — Google Books
Damgård, I. B. (1987, April). Collision free hash functions and public key signature schemes. In Workshop on the Theory and Application of of Cryptographic Techniques (pp. 203-216). Berlin, Heidelberg: Springer Berlin Heidelberg.
Goldwasser, S., Micali, S., & Rivest, R. L. (1988). A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on computing, 17(2), 281-308.
Chaum, D. (1988). Blinding for unanticipated signatures. In Advances in Cryptology—EUROCRYPT’87: Workshop on the Theory and Application of Cryptographic Techniques Amsterdam, The Netherlands, April 13–15, 1987 Proceedings 6 (pp. 227-233). Springer Berlin Heidelberg.
Even, S., Goldreich, O., & Micali, S. (1989, August). On-line/off-line digital signatures. In Conference on the Theory and Application of Cryptology (pp. 263-275). New York, NY: Springer New York.
Naor, M., & Yung, M. (1989, February). Universal one-way hash functions and their cryptographic applications. In Proceedings of the twenty-first annual ACM symposium on Theory of computing (pp. 33-43).
Merkle, R. C. (1989, August). A certified digital signature. In Conference on the Theory and Application of Cryptology (pp. 218-238). New York, NY: Springer New York.
Goldreich, O., & Levin, L. A. (1989, February). A hard-core predicate for all one-way functions. In Proceedings of the twenty-first annual ACM symposium on Theory of computing (pp. 25-32).
Rompel, J. (1990, April). One-way functions are necessary and sufficient for secure signatures. In Proceedings of the twenty-second annual ACM symposium on Theory of computing (pp. 387-394).
De Santis, A., & Yung, M. (1990, May). On the design of provably-secure cryptographic hash functions. In Workshop on the Theory and Application of of Cryptographic Techniques (pp. 412-431). Berlin, Heidelberg: Springer Berlin Heidelberg.
Zheng, Y., Matsumoto, T., & Imai, H. (1990). Connections among several versions of one-way hash functions. IEICE TRANSACTIONS (1976-1990), 73(7), 1092-1099.
Chaum, D., & Van Antwerpen, H. (1990). Undeniable signatures. In Advances in Cryptology—CRYPTO’89 Proceedings 9 (pp. 212-216). Springer New York.
Chaum, D., & Van Heyst, E. (1991). Group signatures. In Advances in Cryptology—EUROCRYPT’91: Workshop on the Theory and Application of Cryptographic Techniques Brighton, UK, April 8–11, 1991 Proceedings 10 (pp. 257-265). Springer Berlin Heidelberg.
Zheng, Y., Matsumoto, T., & Imai, H. (1991). Duality between two cryptographic primitives. In Applied Algebra, Algebraic Algorithms and Error-Correcting Codes: 8th International Conference, AAECC-8 Tokyo, Japan, August 20–24, 1990 Proceedings 8 (pp. 379-390). Springer Berlin Heidelberg.
Zheng, Y., Matsumoto, T., & Imai, H. (1991). Structural properties of one-way hash functions. In Advances in Cryptology-CRYPTO’90: Proceedings 10 (pp. 285-302). Springer Berlin Heidelberg.
Bos, J. N., & Chaum, D. (1992, August). Provably unforgeable signatures. In Annual International Cryptology Conference (pp. 1-14). Berlin, Heidelberg: Springer Berlin Heidelberg.
Chaum, D., van Heijst, E., & Pfitzmann, B. (1992). Cryptographically strong undeniable signatures, unconditionally secure for the signer (pp. 470-484). Springer Berlin Heidelberg.
Kearns, M., & Valiant, L. (1994). Cryptographic limitations on learning boolean formulae and finite automata. Journal of the ACM (JACM), 41(1), 67-95.
Bleichenbacher, D., & Maurer, U. M. (1994, August). Directed acyclic graphs, one-way functions and digital signatures. In Annual International Cryptology Conference (pp. 75-82). Berlin, Heidelberg: Springer Berlin Heidelberg.
Bakhtiari, S., Safavi-Naini, R., & Pieprzyk, J. (1995). Cryptographic hash functions: A survey (Vol. 4). Technical Report 95-09, Department of Computer Science, University of Wollongong.
Russell, A. (1995). Necessary and sufficient conditions for collision-free hashing. Journal of Cryptology, 8(2), 87-99.
Bellare, M., Guérin, R., & Rogaway, P. (1995, August). XOR MACs: New methods for message authentication using finite pseudorandom functions. In Annual International Cryptology Conference (pp. 15-28). Berlin, Heidelberg: Springer Berlin Heidelberg.
Bleichenbacher, D., & Maurer, U. M. (1996). Optimal tree-based one-time digital signature schemes. In STACS 96: 13th Annual Symposium on Theoretical Aspects of Computer Science Grenoble, France, February 22–24, 1996 Proceedings 13 (pp. 361-374). Springer Berlin Heidelberg.
Bleichenbacher, D., & Maurer, U. (1996). On the efficiency of one-time digital signatures. In Advances in Cryptology—ASIACRYPT'96: International Conference on the Theory and Applications of Cryptology and Information Security Kyongju, Korea, November 3–7, 1996 Proceedings (pp. 145-158). Springer Berlin Heidelberg.
Dobbertin, H., Bosselaers, A., & Preneel, B. (1996, February). RIPEMD-160: A strengthened version of RIPEMD. In International Workshop on Fast Software Encryption (pp. 71-82). Berlin, Heidelberg: Springer Berlin Heidelberg.
Herzberg, A., Jakobsson, M., Jarecki, S., Krawczyk, H., & Yung, M. (1997, April). Proactive public key and signature systems. In Proceedings of the 4th ACM Conference on Computer and Communications Security (pp. 100-110).
Camenisch, J., & Stadler, M. (1997, August). Efficient group signature schemes for large groups. In Annual international cryptology conference (pp. 410-424). Berlin, Heidelberg: Springer Berlin Heidelberg.
Gennaro, R., Halevi, S., & Rabin, T. (1999). Secure hash-and-sign signatures without the random oracle. In Advances in Cryptology—EUROCRYPT’99: International Conference on the Theory and Application of Cryptographic Techniques Prague, Czech Republic, May 2–6, 1999 Proceedings 18 (pp. 123-139). Springer Berlin Heidelberg.
Rohatgi, P. (1999, November). A compact and fast hybrid signature scheme for multicast packet authentication. In Proceedings of the 6th ACM Conference on Computer and Communications Security (pp. 93-100).
Joux, A. (2000, July). A one round protocol for tripartite Diffie–Hellman. In International algorithmic number theory symposium (pp. 385-393). Berlin, Heidelberg: Springer Berlin Heidelberg.
Coron, J. S. (2000, August). On the exact security of full domain hash. In Annual International Cryptology Conference (pp. 229-235). Berlin, Heidelberg: Springer Berlin Heidelberg.
Perrig, A. (2001, November). The BiBa one-time signature and broadcast authentication protocol. In Proceedings of the 8th ACM Conference on Computer and Communications Security (pp. 28-37).
Reyzin, L., & Reyzin, N. (2002, June). Better than BiBa: Short one-time signatures with fast signing and verifying. In Australasian Conference on Information Security and Privacy (pp. 144-153). Berlin, Heidelberg: Springer Berlin Heidelberg.
Levin, L. A. (2003). The tale of one-way functions. Problems of Information Transmission, 39(1), 92-103.
Bellare, Namprempre, Pointcheval, & Semanko. (2003). The one-more-RSA-inversion problems and the security of Chaum's blind signature scheme. Journal of Cryptology, 16, 185-215.
Jakobsson, M., Leighton, T., Micali, S., & Szydlo, M. (2003). Fractal Merkle tree representation and traversal. In Topics in Cryptology—CT-RSA 2003: The Cryptographers’ Track at the RSA Conference 2003 San Francisco, CA, USA, April 13–17, 2003 Proceedings (pp. 314-326). Springer Berlin Heidelberg.
Szydlo, M. (2004). Merkle tree traversal in log space and time. In Advances in Cryptology-EUROCRYPT 2004: International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, May 2-6, 2004. Proceedings 23 (pp. 541-554). Springer Berlin Heidelberg.
Rogaway, P., & Shrimpton, T. (2004). Cryptographic hash-function basics: Definitions, implications, and separations for preimage resistance, second-preimage resistance, and collision resistance. In Fast Software Encryption: 11th International Workshop, FSE 2004, Delhi, India, February 5-7, 2004. Revised Papers 11 (pp. 371-388). Springer Berlin Heidelberg.
Lucks, S. (2004). Design principles for iterated hash functions. Cryptology ePrint Archive.
Pagh, R., & Rodler, F. F. (2004). Cuckoo hashing. Journal of Algorithms, 51(2), 122-144.
Coronado García, L. C. (2005). Provably secure and practical signature schemes (Doctoral dissertation, Technische Universität).
Garcıa, L. C. (2005). On the security and the efficiency of the Merkle signature scheme. Technical Report 2005/192, Cryptology ePrint Archive.
Seys, S., & Preneel, B. (2005, August). Power consumption evaluation of efficient digital signature schemes for low power devices. In WiMob'2005), IEEE International Conference on Wireless And Mobile Computing, Networking And Communications, 2005. (Vol. 1, pp. 79-86). IEEE.
Dods, C., Smart, N. P., & Stam, M. (2005). Hash based digital signature schemes. In Cryptography and Coding: 10th IMA International Conference, Cirencester, UK, December 19-21, 2005. Proceedings 10 (pp. 96-115). Springer Berlin Heidelberg.
Naor, D., Shenhav, A., & Wool, A. (2005). One-time signatures revisited: Have they become practical?. Cryptology ePrint Archive.
Charles, D., Jain, K., & Lauter, K. (2006, March). Signatures for network coding. In 2006 40th Annual Conference on Information Sciences and Systems (pp. 857-863). IEEE.
Buchmann, J., García, L. C. C., Dahmen, E., Döring, M., & Klintsevich, E. (2006). CMSS–an improved Merkle signature scheme. In Progress in Cryptology-INDOCRYPT 2006: 7th International Conference on Cryptology in India, Kolkata, India, December 11-13, 2006. Proceedings 7 (pp. 349-363). Springer Berlin Heidelberg. — this provides some much needed perspective on hashing functions.
Buchmann, J., Dahmen, E., Klintsevich, E., Okeya, K., & Vuillaume, C. (2007). Merkle signatures with virtually unlimited signature capacity. In Applied Cryptography and Network Security: 5th International Conference, ACNS 2007, Zhuhai, China, June 5-8, 2007. Proceedings 5 (pp. 31-45). Springer Berlin Heidelberg.
Bernstein, D. J. (2008). RSA signatures and Rabin–Williams signatures: the state of the art.
Hohenberger, S., & Waters, B. (2009, August). Short and stateless signatures from the RSA assumption. In Annual International Cryptology Conference (pp. 654-670). Berlin, Heidelberg: Springer Berlin Heidelberg.
Gennaro, R., Katz, J., Krawczyk, H., & Rabin, T. (2010). Secure network coding over the integers. In Public Key Cryptography–PKC 2010: 13th International Conference on Practice and Theory in Public Key Cryptography, Paris, France, May 26-28, 2010. Proceedings 13 (pp. 142-160). Springer Berlin Heidelberg.
Buchmann, J., Dahmen, E., & Hülsing, A. (2011). XMSS-a practical forward secure signature scheme based on minimal security assumptions. In Post-Quantum Cryptography: 4th International Workshop, PQCrypto 2011, Taipei, Taiwan, November 29–December 2, 2011. Proceedings 4 (pp. 117-129). Springer Berlin Heidelberg. — has even more Merkle tree based signatures
Hülsing, A. (2013). W-OTS+–shorter signatures for hash-based signature schemes. In Progress in Cryptology–AFRICACRYPT 2013: 6th International Conference on Cryptology in Africa, Cairo, Egypt, June 22-24, 2013. Proceedings 6 (pp. 173-188). Springer Berlin Heidelberg.
Buchmann, J., Dahmen, E., Ereth, S., Hülsing, A., & Rückert, M. (2013). On the security of the Winternitz one-time signature scheme. International Journal of Applied Cryptography, 3(1), 84-96.
Bogdanov, A., & Rosen, A. (2017). Pseudorandom functions: Three decades later. In Tutorials on the Foundations of Cryptography: Dedicated to Oded Goldreich (pp. 79-158). Cham: Springer International Publishing.
O’Connor, J., Aumasson, J. P., Neves, S., & Wilcox-O’Hearn, Z. Blake3: one function, fast everywhere
Zentai, D., Plesa, M., & Frot, R. (2023). A Multiparty Commutative Hashing Protocol based on the Discrete Logarithm Problem. arXiv preprint arXiv:2311.17498.
Wegman, M. N., & Carter, J. L. (1979, October). New classes and applications of hash functions. In 20th Annual Symposium on Foundations of Computer Science (sfcs 1979) (pp. 175-182). IEEE. — has applications to proofs
Wegman, M. N., & Carter, J. L. (1981). New hash functions and their use in authentication and set equality. Journal of computer and system sciences, 22(3), 265-279.
Benaloh, J., & de Mare, M. (1991). Eficient broadcast time-stamping. Clarkson University Department of Mathematics and Computer Science TR, 91-1.
Haber, S., & Stornetta, W. S. (1991). How to time-stamp a digital document (pp. 437-455). Springer Berlin Heidelberg.
Benaloh, J., & De Mare, M. (1993, May). One-way accumulators: A decentralized alternative to digital signatures. In Workshop on the Theory and Application of of Cryptographic Techniques (pp. 274-285). Berlin, Heidelberg: Springer Berlin Heidelberg.
Bayer, D., Haber, S., & Stornetta, W. S. (1993). Improving the efficiency and reliability of digital time-stamping. In Sequences II: Methods in Communication, Security, and Computer Science (pp. 329-334). Springer New York.
Nyberg, K. (1996, February). Fast accumulated hashing. In International Workshop on Fast Software Encryption (pp. 83-87). Berlin, Heidelberg: Springer Berlin Heidelberg.
Haber, S., & Stornetta, W. S. (1997, April). Secure names for bit-strings. In Proceedings of the 4th ACM Conference on Computer and Communications Security (pp. 28-35).
Barić, N., & Pfitzmann, B. (1997, May). Collision-free accumulators and fail-stop signature schemes without trees. In International (conference on the theory and applications of cryptographic techniques (pp. 480-494). Berlin, Heidelberg: Springer Berlin Heidelberg.
Camenisch, J., & Lysyanskaya, A. (2002). Dynamic accumulators and application to efficient revocation of anonymous credentials. In Advances in Cryptology—CRYPTO 2002: 22nd Annual International Cryptology Conference Santa Barbara, California, USA, August 18–22, 2002 Proceedings 22 (pp. 61-76). Springer Berlin Heidelberg.
Fazio, N., & Nicolosi, A. (2002). Cryptographic accumulators: Definitions, constructions and applications. Paper written for course at New York University: www. cs. nyu. edu/nicolosi/papers/accumulators. pdf, 24.
Goodrich, M. T., Tamassia, R., & Hasić, J. (2002, September). An efficient dynamic and distributed cryptographic accumulator. In International Conference on Information Security (pp. 372-388). Berlin, Heidelberg: Springer Berlin Heidelberg.
Nguyen, L. (2005). Accumulators from bilinear pairings and applications. In Topics in Cryptology–CT-RSA 2005: The Cryptographers’ Track at the RSA Conference 2005, San Francisco, CA, USA, February 14-18, 2005. Proceedings (pp. 275-292). Springer Berlin Heidelberg.
Becker, G. (2008). Merkle signature schemes, merkle trees and their cryptanalysis. Ruhr-University Bochum, Tech. Rep, 12, 19.
Camenisch, J., Kohlweiss, M., & Soriente, C. (2009). An accumulator based on bilinear maps and efficient revocation for anonymous credentials. In Public Key Cryptography–PKC 2009: 12th International Conference on Practice and Theory in Public Key Cryptography, Irvine, CA, USA, March 18-20, 2009. Proceedings 12 (pp. 481-500). Springer Berlin Heidelberg.
Crosby, S. A., & Wallach, D. S. (2009, August). Efficient data structures for tamper-evident logging. In USENIX security symposium (pp. 317-334).
Kumar, A., Lafourcade, P., & Lauradoux, C. (2014, September). Performances of cryptographic accumulators. In 39th Annual IEEE Conference on Local Computer Networks (pp. 366-369). IEEE.
Reyzin, L., & Yakoubov, S. (2016). Efficient asynchronous accumulators for distributed PKI. In Security and Cryptography for Networks: 10th International Conference, SCN 2016, Amalfi, Italy, August 31–September 2, 2016, Proceedings 10 (pp. 292-309). Springer International Publishing.
Boneh, D., Bünz, B., & Fisch, B. (2019). Batching techniques for accumulators with applications to IOPs and stateless blockchains. In Advances in Cryptology–CRYPTO 2019: 39th Annual International Cryptology Conference. — this is an important read for a potential way of managing group membership and updates to objects along with Merkle Mountain Ranges
Bünz, B., Chiesa, A., Mishra, P., & Spooner, N. (2020). Proof-carrying data from accumulation schemes. Cryptology ePrint Archive.
Ramabaja, L., & Avdullahu, A. (2020). Compact merkle multiproofs. arXiv preprint arXiv:2002.07648.
Champine, L. (2021). Streaming Merkle proofs within binary numeral trees. Cryptology ePrint Archive.
Barthoulot, A., Blazy, O., & Canard, S. (2024, July). Cryptographic accumulators: new definitions, enhanced security, and delegatable proofs. In International Conference on Cryptology in Africa (pp. 94-119). Cham: Springer Nature Switzerland. — lots of great citations to fold in
Security of Chat Applications Rottermanner, C., Kieseberg, P., Huber, M., Schmiedecker, M., & Schrittwieser, S. (2015, December). Privacy and data protection in smartphone messengers. In Proceedings of the 17th International Conference on Information Integration and Web-based Applications & Services (pp. 1-10).
Unger, N., Dechand, S., Bonneau, J., Fahl, S., Perl, H., Goldberg, I., & Smith, M. (2015, May). SoK: secure messaging. In 2015 IEEE Symposium on Security and Privacy (pp. 232-249). IEEE.
Frosch, T., Mainka, C., Bader, C., Bergsma, F., Schwenk, J., & Holz, T. (2016, March). How secure is TextSecure?. In 2016 IEEE European Symposium on Security and Privacy (EuroS&P) (pp. 457-472). IEEE.
Schröder, S., Huber, M., Wind, D., & Rottermanner, C. (2016, July). When SIGNAL hits the fan: On the usability and security of state-of-the-art secure mobile messaging. In European Workshop on Usable Security. IEEE (pp. 1-7).
Ermoshina, K., Musiani, F., & Halpin, H. (2016). End-to-end encrypted messaging protocols: An overview. In Internet Science: Third International Conference, INSCI 2016, Florence, Italy, September 12-14, 2016, Proceedings 3 (pp. 244-254). Springer International Publishing.
Cohn-Gordon, K., Cremers, C., Dowling, B., Garratt, L., & Stebila, D. (2020). A formal security analysis of the signal messaging protocol. Journal of Cryptology, 33, 1914-1983.
Extended Triple Diffie-Hellman (X3DH) Marlinspike, Moxie, and Trevor Perrin. "The x3dh key agreement protocol." Open Whisper Systems 283.10 (2016).
Hashimoto, K., Katsumata, S., Kwiatkowski, K., & Prest, T. (2022). An efficient and generic construction for signal’s handshake (X3DH): post-quantum, state leakage secure, and deniable. Journal of Cryptology, 35(3), 17.
Marlinspike, M., & Perrin, T. (2016). The x3dh key agreement protocol. Open Whisper Systems, 283(10).
Perrin, T., & Marlinspike, M. (2016). The double ratchet algorithm. GitHub wiki, 112.
Bhargavan, K., Jacomme, C., Kiefer, F., & Schmidt, R. (2024, August). Formal verification of the PQXDH Post-Quantum key agreement protocol for end-to-end secure messaging. In 33rd USENIX Security Symposium.
Bellare, M., & Rogaway, P. (1993, December). Random oracles are practical: A paradigm for designing efficient protocols. In Proceedings of the 1st ACM Conference on Computer and Communications Security (pp. 62-73).
Young, A., & Yung, M. (1997). Kleptography: Using cryptography against cryptography. In Advances in Cryptology—EUROCRYPT’97: International Conference on the Theory and Application of Cryptographic Techniques Konstanz, Germany, May 11–15, 1997 Proceedings 16 (pp. 62-74). Springer Berlin Heidelberg.
Cramer, R., & Shoup, V. (1998). A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In Advances in Cryptology—CRYPTO'98: 18th Annual International Cryptology Conference Santa Barbara, California, USA August 23–27, 1998 Proceedings 18 (pp. 13-25). Springer Berlin Heidelberg.
Fujisaki, E., & Okamoto, T. (1999, August). Secure integration of asymmetric and symmetric encryption schemes. In Annual international cryptology conference (pp. 537-554). Berlin, Heidelberg: Springer Berlin Heidelberg.
Joux, A., & Nguyen, K. (2003). Separating decision Diffie–Hellman from computational Diffie–Hellman in cryptographic groups. Journal of cryptology, 16, 239-247.
Cramer, R., & Shoup, V. (2003). Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM Journal on Computing, 33(1), 167-226.
Gasarch, W. (2004). A survey on private information retrieval. Bulletin of the EATCS, 82(72-107), 113.
Hamburg, M. (2015). Decaf: Eliminating cofactors through point compression. In Advances in Cryptology--CRYPTO 2015: 35th Annual Cryptology Conference, Santa Barbara, CA, USA, August 16-20, 2015, Proceedings, Part I 35 (pp. 705-723). Springer Berlin Heidelberg.
Menezes, A., Sarkar, P., & Singh, S. (2016, December). Challenges with assessing the impact of NFS advances on the security of pairing-based cryptography. In International Conference on Cryptology in Malaysia (pp. 83-108). Cham: Springer International Publishing.
Martínez-Peñas, U. (2016). On the similarities between generalized rank and Hamming weights and their applications to network coding. IEEE Transactions on Information Theory, 62(7), 4081-4095.
Bestavros, A., Lapets, A., & Varia, M. (2017). User-centric distributed solutions for privacy-preserving analytics. Communications of the ACM, 60(2), 37-39.
Degabriele, J. P., & Stam, M. (2018). Untagging tor: a formal treatment of onion encryption. In Advances in Cryptology–EUROCRYPT 2018: 37th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tel Aviv, Israel, April 29-May 3, 2018 Proceedings, Part III 37 (pp. 259-293). Springer International Publishing.
Zahn, P. (2018). Blockchain and Ex-Ante Exclusion Mechanisms. — private information agreggation
Aumasson, J. P. (2019). Too much crypto. Cryptology EPrint Archive.
Bernstein, D. J. (2023). Quantifying risks in cryptographic selection processes. Cryptology ePrint Archive.
Biryukov, A., Fisch, B., Herold, G., Khovratovich, D., Leurent, G., Naya-Plasencia, M., & Wesolowski, B. (2024). Cryptanalysis of Algebraic Verifiable Delay Functions. Cryptology ePrint Archive.
Pulles, L. N., & Tibouchi, M. (2024). Cryptanalysis of EagleSign. Cryptology ePrint Archive.
https://eprint.iacr.org/search?q=lwe&title=&authors=&category=ATTACKS&submittedafter=&submittedbefore=&revisedafter=&revisedbefore=
Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S., & Yang, K. (2012). On the (im) possibility of obfuscating programs. Journal of the ACM (JACM), 59(2), 1-48.
Jain, A., Lin, H., & Sahai, A. (2022, May). Indistinguishability obfuscation from LPN over F p, DLIN, and PRGs in NC 0. In Annual International Conference on the Theory and Applications of Cryptographic Techniques (pp. 670-699). Cham: Springer International Publishing.
Shamir, A., Rivest, R. L., & Adleman, L. M. (1981). Mental poker (pp. 37-43). Springer US.
Blum, M. (1982). Coin flipping by telephone. In IEEE COMPCON.
Goldwasser, S., & Micali, S. (1982, May). Probabilistic encryption & how to play mental poker keeping secret all partial information. In Proceedings of the fourteenth annual ACM symposium on Theory of computing (pp. 365-377).
Crépeau, C. (1985, August). A secure poker protocol that minimizes the effect of player coalitions. In Conference on the Theory and Application of Cryptographic Techniques (pp. 73-86). Berlin, Heidelberg: Springer Berlin Heidelberg.
Crépeau, C. (1986, August). A zero-knowledge poker protocol that achieves confidentiality of the players’ strategy or how to achieve an electronic poker face. In Conference on the Theory and Application of Cryptographic Techniques (pp. 239-247). Berlin, Heidelberg: Springer Berlin Heidelberg.
Cleve, R. (1986, November). Limits on the security of coin flips when half the processors are faulty. In Proceedings of the eighteenth annual ACM symposium on Theory of computing (pp. 364-369).
Goldreich, O., Micali, S., & Wigderson, A. (1987, January). How to play ANY mental game. In Proceedings of the nineteenth annual ACM symposium on Theory of computing (pp. 218-229).
Schindelhauer, C. (1998). A toolbox for mental card games. Medizinische Universität Lübeck.
Chou, J. S., & Yeh, Y. S. (2002). Mental poker game based on a bit commitment scheme through network. Computer Networks, 38(2), 247-255.
Stamer, H. (2005). Efficient electronic gambling: an extended implementation of the toolbox for mental card games. In WEWoRC 2005–Western European Workshop on Research in Cryptology (pp. 1-12). Gesellschaft für Informatik eV. — this is an excellent overview of the whole history of mental card games
Golle, P. (2005, April). Dealing cards in poker games. In International Conference on Information Technology: Coding and Computing (ITCC'05)-Volume II (Vol. 1, pp. 506-511). IEEE.
Castellà-Roca, J. (2006). Contributions to mental poker. Universitat Autònoma de Barcelona,.
Rabin, M. O. (1981). How to exchange secrets with oblivious transfer. Cryptology ePrint Archive.
Berger, R., Peralta, R., & Tedrick, T. (1984, April). A provably secure oblivious transfer protocol. In Workshop on the Theory and Application of of Cryptographic Techniques (pp. 379-386). Berlin, Heidelberg: Springer Berlin Heidelberg.
Crépeau, C. (1987, August). Equivalence between two flavours of oblivious transfers. In Conference on the Theory and Application of Cryptographic Techniques (pp. 350-354). Berlin, Heidelberg: Springer Berlin Heidelberg.
Brassard, G., Crépeau, C., & Robert, J. M. (1986, August). All-or-nothing disclosure of secrets. In Conference on the Theory and Application of Cryptographic Techniques (pp. 234-238). Berlin, Heidelberg: Springer Berlin Heidelberg.
Kilian, J. (1988, January). Founding crytpography on oblivious transfer. In Proceedings of the twentieth annual ACM symposium on Theory of computing (pp. 20-31).
Ishai, Y., & Kushilevitz, E. (1997, June). Private simultaneous messages protocols with applications. In Proceedings of the Fifth Israeli Symposium on Theory of Computing and Systems (pp. 174-183). IEEE.
Naor, M., & Pinkas, B. (1999, August). Oblivious transfer with adaptive queries. In Annual International Cryptology Conference (pp. 573-590). Berlin, Heidelberg: Springer Berlin Heidelberg.
Di Crescenzo, G., Ostrovsky, R., & Rajagopalan, S. (1999). Conditional oblivious transfer and timed-release encryption. In Advances in Cryptology—EUROCRYPT’99: International Conference on the Theory and Application of Cryptographic Techniques Prague, Czech Republic, May 2–6, 1999 Proceedings 18 (pp. 74-89). Springer Berlin Heidelberg.
Di Crescenzo, G., Malkin, T., & Ostrovsky, R. (2000). Single database private information retrieval implies oblivious transfer. In Advances in Cryptology—EUROCRYPT 2000: International Conference on the Theory and Application of Cryptographic Techniques Bruges, Belgium, May 14–18, 2000 Proceedings 19 (pp. 122-138). Springer Berlin Heidelberg.
Aiello, B., Ishai, Y., & Reingold, O. (2001, April). Priced oblivious transfer: How to sell digital goods. In International Conference on the Theory and Applications of Cryptographic Techniques (pp. 119-135). Berlin, Heidelberg: Springer Berlin Heidelberg.
Ishai, Y., Kilian, J., Nissim, K., & Petrank, E. (2003, August). Extending oblivious transfers efficiently. In Annual International Cryptology Conference (pp. 145-161). Berlin, Heidelberg: Springer Berlin Heidelberg.
Freedman, M. J., Ishai, Y., Pinkas, B., & Reingold, O. (2005). Keyword search and oblivious pseudorandom functions. In Theory of Cryptography: Second Theory of Cryptography Conference, TCC 2005, Cambridge, MA, USA, February 10-12, 2005. Proceedings 2 (pp. 303-324). Springer Berlin Heidelberg.
Naor, M., & Pinkas, B. (2006). Oblivious polynomial evaluation. SIAM Journal on Computing, 35(5), 1254-1281.
Nielsen, J. B. (2007). Extending oblivious transfers efficiently-how to get robustness almost for free. Cryptology ePrint Archive.
Shankar, B., Srinathan, K., & Rangan, C. P. (2008). Alternative protocols for generalized oblivious transfer. In Distributed Computing and Networking: 9th International Conference, ICDCN 2008, Kolkata, India, January 5-8, 2008. Proceedings 9 (pp. 304-309). Springer Berlin Heidelberg.
Tassa, T. (2011). Generalized oblivious transfer by secret sharing. Designs, Codes and Cryptography, 58, 11-21.
Kolesnikov, V., & Kumaresan, R. (2013). Improved OT extension for transferring short secrets. In Advances in Cryptology–CRYPTO 2013: 33rd Annual Cryptology Conference, Santa Barbara, CA, USA, August 18-22, 2013. Proceedings, Part II (pp. 54-70). Springer Berlin Heidelberg.
Chou, T., & Orlandi, C. (2015). The simplest protocol for oblivious transfer. In Progress in Cryptology--LATINCRYPT 2015: 4th International Conference on Cryptology and Information Security in Latin America, Guadalajara, Mexico, August 23-26, 2015, Proceedings 4 (pp. 40-58). Springer International Publishing.
Keller, M., Orsini, E., & Scholl, P. (2015, August). Actively secure OT extension with optimal overhead. In Annual Cryptology Conference (pp. 724-741). Berlin, Heidelberg: Springer Berlin Heidelberg.
Asharov, G., Lindell, Y., Schneider, T., & Zohner, M. (2015, April). More efficient oblivious transfer extensions with security for malicious adversaries. In Annual International Conference on the Theory and Applications of Cryptographic Techniques (pp. 673-701). Berlin, Heidelberg: Springer Berlin Heidelberg.
Shamir, A. (1985). Identity-based cryptosystems and signature schemes. In Advances in Cryptology: Proceedings of CRYPTO 84 4 (pp. 47-53). Springer Berlin Heidelberg.
Fiat, A., & Shamir, A. (1986, August). How to prove yourself: Practical solutions to identification and signature problems. In Conference on the theory and application of cryptographic techniques (pp. 186-194). Berlin, Heidelberg: Springer Berlin Heidelberg.
Fiege, U., Fiat, A., & Shamir, A. (1987, January). Zero knowledge proofs of identity. In Proceedings of the nineteenth annual ACM symposium on Theory of computing (pp. 210-217).
Tanaka, H. (1988). A realization scheme for the identity-based cryptosystem. In Advances in Cryptology—CRYPTO’87: Proceedings 7 (pp. 340-349). Springer Berlin Heidelberg.
Ohta, K., & Okamoto, T. (1990). A modification of the Fiat-Shamir scheme. In Advances in Cryptology—CRYPTO’88: Proceedings 8 (pp. 232-243). Springer New York.
Guillou, L. C., & Quisquater, J. J. (1990). A “paradoxical” indentity-based signature scheme resulting from zero-knowledge. In Advances in Cryptology—CRYPTO’88: Proceedings 8 (pp. 216-231). Springer New York.
Maurer, U. M., & Yacobi, Y. (1991, April). Non-interactive public-key cryptography. In Workshop on the Theory and Application of of Cryptographic Techniques (pp. 498-507). Berlin, Heidelberg: Springer Berlin Heidelberg. — presents a distributed take on Shamir's Identity-based cryptosystems
Girault, M. (1991). An identity-based identification scheme based on discrete logarithms modulo a composite number. In Advances in Cryptology—EUROCRYPT’90: Workshop on the Theory and Application of Cryptographic Techniques Aarhus, Denmark, May 21–24, 1990 Proceedings 9 (pp. 481-486). Springer Berlin Heidelberg.
Schnorr, C. P. (1991). Efficient signature generation by smart cards. Journal of cryptology, 4, 161-174.
Okamoto, T. (1992, August). Provably secure and practical identification schemes and corresponding signature schemes. In Annual international cryptology conference (pp. 31-53). Berlin, Heidelberg: Springer Berlin Heidelberg.
Boneh, D., & Franklin, M. (2001, August). Identity-based encryption from the Weil pairing. In Annual international cryptology conference (pp. 213-229). Berlin, Heidelberg: Springer Berlin Heidelberg.
Hess, F. (2003). Efficient identity based signature schemes based on pairings. In Selected Areas in Cryptography: 9th Annual International Workshop, SAC 2002 St. John’s, Newfoundland, Canada, August 15–16, 2002 Revised Papers 9 (pp. 310-324). Springer Berlin Heidelberg.
Baek, J., & Zheng, Y. (2004, April). Identity-based threshold signature scheme from the bilinear pairings. In International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004. (Vol. 1, pp. 124-128). IEEE.
Kurosawa, K., & Heng, S. H. (2004). From digital signature to ID-based identification/signature. In Public Key Cryptography–PKC 2004: 7th International Workshop on Theory and Practice in Public Key Cryptography, Singapore, March 1-4, 2004. Proceedings 7 (pp. 248-261). Springer Berlin Heidelberg.
Goldwasser, S., & Kalai, Y. T. (2003, October). On the (in) security of the Fiat-Shamir paradigm. In 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings. (pp. 102-113). IEEE.
Barreto, P. S., Libert, B., McCullagh, N., & Quisquater, J. J. (2005). Efficient and provably-secure identity-based signatures and signcryption from bilinear maps. In Advances in Cryptology-ASIACRYPT 2005: 11th International Conference on the Theory and Application of Cryptology and Information Security, Chennai, India, December 4-8, 2005. Proceedings 11 (pp. 515-532). Springer Berlin Heidelberg.
Bellare, M., & Neven, G. (2007, February). Identity-based multi-signatures from RSA. In Cryptographers’ Track at the RSA Conference (pp. 145-162). Berlin, Heidelberg: Springer Berlin Heidelberg.
Liu, J., Sun, R., Kou, W., & Wang, X. (2007). Efficient ID-based signature without trusted PKG. Cryptology ePrint Archive.
Bellare, M., Namprempre, C., & Neven, G. (2009). Security proofs for identity-based identification and signature schemes. Journal of Cryptology, 22(1), 1-61.
Meshram, C., & Agrawal, S. S. (2010). An ID-Based Public Key Cryptosystem based on Integer Factoring and Double Discrete Logarithm Problem. Information Assurance and Security Letters, 1, 29-34.
Meshram, C. (2015). An efficient ID-based cryptographic encryption based on discrete logarithm problem and integer factorization problem. Information Processing Letters, 115(2), 351-358.
Tan, C. H., Prabowo, T. F., & Le, D. P. (2016). Breaking an ID-based encryption based on discrete logarithm and factorization problems. Information Processing Letters, 116(2), 116-119.
Backendal, M., Bellare, M., Sorrell, J., & Sun, J. (2018, November). The Fiat-Shamir zoo: relating the security of different signature variants. In Nordic Conference on Secure IT Systems (pp. 154-170). Cham: Springer International Publishing.
Yuan, Q., Sun, C., & Takagi, T. (2024, July). Revisiting the security of Fiat-Shamir signature schemes under superposition attacks. In Australasian Conference on Information Security and Privacy (pp. 164-184). Singapore: Springer Nature Singapore.
Goldreich, O., Pfitzmann, B., & Rivest, R. L. (1998). Self-delegation with controlled propagation—or—what if you lose your laptop. In Advances in Cryptology—CRYPTO'98: 18th Annual International Cryptology Conference Santa Barbara, California, USA August 23–27, 1998 Proceedings 18 (pp. 153-168). Springer Berlin Heidelberg.
Paillier, P., & Yung, M. (1999, December). Self-escrowed public-key infrastructures. In International Conference on Information Security and Cryptology (pp. 257-268). Berlin, Heidelberg: Springer Berlin Heidelberg.
Koga, S., & Sakurai, K. (2003, April). Decentralization methods of certification authority using the digital signature schemes. In 2nd Annual PKI Research Workshop–Pre-Proceedings (pp. 54-64).
Tzvetkov, V. (2004, April). Disaster coverable PKI model based on Majority Trust principle. In International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004. (Vol. 2, pp. 118-119). IEEE.
Kim, B. M., Choi, K. Y., & Lee, D. H. (2006). Disaster coverable pki model utilizing the existing pki structure. In On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops: OTM Confederated International Workshops and Posters, AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET, OnToContent, ORM, PerSys, OTM Academy Doctoral Consortium, RDDS, SWWS, and SeBGIS 2006, Montpellier, France, October 29-November 3, 2006. Proceedings, Part I (pp. 537-545). Springer Berlin Heidelberg.
Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., & Polk, W. (2008). Internet X. 509 public key infrastructure certificate and certificate revocation list (CRL) profile (No. rfc5280).
Braun, J., Hülsing, A., Wiesmaier, A., Vigil, M. A., & Buchmann, J. (2013). How to Avoid the Breakdown of Public Key Infrastructures: Forward Secure Signatures for Certificate Authorities. In Public Key Infrastructures, Services and Applications: 9th European Workshop, EuroPKI 2012, Pisa, Italy, September 13-14, 2012, Revised Selected Papers 9 (pp. 53-68). Springer Berlin Heidelberg.
Allen, C., Brock, A., Buterin, V., Callas, J., Dorje, D., Lundkvist, C., ... & Wood, H. T. (2015). Decentralized public key infrastructure. A White Paper from Rebooting the Web of Trust.
Housley, R., & O’Donoghue, K. (2016). Problems with the public key infrastructure (PKI) for the world wide web. IETF Draft. Feb.
Sivakumar, P., & Singh, K. (2017). Privacy based decentralized public key infrastructure (PKI) implementation using smart contract in blockchain. National Institute of Technology, 6.
Baturin, D. (2018) Key signing parties considered useless. baturin.org. 21 March.
Boyen, X., Herath, U., McKague, M., & Stebila, D. (2021). Associative blockchain for decentralized PKI transparency. Cryptography, 5(2), 14.
Halder, R., Das Roy, D., & Shin, D. (2024). A Blockchain-Based Decentralized Public Key Infrastructure Using the Web of Trust. Journal of Cybersecurity and Privacy, 4(2), 196-222.
Needham, R. M., & Schroeder, M. D. (1978). Using encryption for authentication in large networks of computers. Communications of the ACM, 21(12), 993-999.
Burrows, M., Abadi, M., & Needham, R. (1990). A logic of authentication. ACM Transactions on Computer Systems (TOCS), 8(1), 18-36.
Abadi, M., & Tuttle, M. R. (1991, July). A semantics for a logic of authentication. In Proceedings of the tenth annual ACM symposium on Principles of distributed computing (pp. 201-216).
Bird, R., Gopal, I., Herzberg, A., Janson, P., Kutten, S., Molva, R., & Yung, M. (1992). Systematic design of two-party authentication protocols. In Advances in Cryptology—CRYPTO’91: Proceedings 11 (pp. 44-61). Springer Berlin Heidelberg.
Rogaway, P. (2002, November). Authenticated-encryption with associated-data. In Proceedings of the 9th ACM Conference on Computer and Communications Security (pp. 98-107).
Gupta, K. D., Rahman, M. L., Dasgupta, D., & Poudyal, S. (2020, January). Shamir's secret sharing for authentication without reconstructing password. In 2020 10th Annual Computing and Communication Workshop and Conference (CCWC) (pp. 0958-0963). IEEE.
[There may be Verifiable Secret Sharing papers in this list since I separated those out into a different section based on title alone.]
Blakley, G. R. (1979, December). Safeguarding cryptographic keys. In Managing requirements knowledge, international workshop on (pp. 313-313). IEEE Computer Society.
Shamir, A. (1979). How to share a secret. Communications of the ACM, 22(11), 612-613.
McEliece, R. J., & Sarwate, D. V. (1981). On sharing secrets and Reed-Solomon codes. Communications of the ACM, 24(9), 583-584.
Blum, M. (1983). How to exchange (secret) keys. AcM Transactions on computer systems (Tocs), 1(2), 175-193.
Yao, A. C. C. (1986, October). How to generate and exchange secrets. In 27th annual symposium on foundations of computer science (Sfcs 1986) (pp. 162-167). IEEE.
Tompa, Martin, and Heather Woll. "How to share a secret with cheaters." journal of Cryptology 1, no. 3 (1989): 133-138.
Benaloh, J., & Leichter, J. (1990). Generalized secret sharing and monotone functions (pp. 27-35). Springer New York.
Krawczyk, H. (1993, August). Secret sharing made short. In Annual international cryptology conference (pp. 136-146). Berlin, Heidelberg: Springer Berlin Heidelberg.
Massey, J. L. (1993, August). Minimal codewords and secret sharing. In Proceedings of the 6th joint Swedish-Russian international workshop on information theory (pp. 276-279).
Dawson, E., & Donovan, D. (1994). The breadth of Shamir's secret-sharing scheme. Computers & Security, 13(1), 69-78.
Herzberg, A., Jarecki, S., Krawczyk, H., & Yung, M. (1995). Proactive secret sharing or: How to cope with perpetual leakage. In Advances in Cryptology—CRYPT0’95: 15th Annual International Cryptology Conference Santa Barbara, California, USA, August 27–31, 1995 Proceedings 15 (pp. 339-352). Springer Berlin Heidelberg.
Ogata, W., & Kurosawa, K. (1996). Optimum secret sharing scheme secure against cheating. In Advances in Cryptology—EUROCRYPT’96: International Conference on the Theory and Application of Cryptographic Techniques Saragossa, Spain, May 12–16, 1996 Proceedings 15 (pp. 200-211). Springer Berlin Heidelberg.
Rivest, R. L., Shamir, A., & Tauman, Y. (2001). How to leak a secret. In Advances in Cryptology—ASIACRYPT 2001: 7th International Conference on the Theory and Application of Cryptology and Information Security Gold Coast, Australia, December 9–13, 2001 Proceedings 7 (pp. 552-565). Springer Berlin Heidelberg.
Beimel, A., & Ishai, Y. (2001, June). On the power of nonlinear secret-sharing. In Proceedings 16th annual IEEE conference on computational complexity (pp. 188-202). IEEE.
Cabello, S., Padró, C., & Sáez, G. (2002). Secret sharing schemes with detection of cheaters for a general access structure. Designs, Codes and Cryptography, 25, 175-188.
Sahasranand, K. R., Nagaraj, N., & Rajan, S. (2010). How not to share a set of secrets. arXiv preprint arXiv:1001.1877.
dela Cruz, R., Meyer, A., & Solé, P. (2010, August). An extension of Massey scheme for secret sharing. In 2010 IEEE Information Theory Workshop (pp. 1-5). IEEE.
Sun, H. M., Wang, H., Ku, B. H., & Pieprzyk, J. (2010). Decomposition construction for secret sharing schemes with graph access structures in polynomial time. SIAM Journal on Discrete Mathematics, 24(2), 617-638.
Parakh, A., & Kak, S. (2011). Space efficient secret sharing for implicit data security. Information Sciences, 181(2), 335-341.
Cevallos, A., Fehr, S., Ostrovsky, R., & Rabani, Y. (2012, April). Unconditionally-secure robust secret sharing with compact shares. In Annual International Conference on the Theory and Applications of Cryptographic Techniques (pp. 195-208). Berlin, Heidelberg: Springer Berlin Heidelberg.
Kurihara, J., Uyematsu, T., & Matsumoto, R. (2012). Secret sharing schemes based on linear codes can be precisely characterized by the relative generalized Hamming weight. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 95(11), 2067-2075.
Castagnos, G., Renner, S., & Zémor, G. (2013). High-order masking by using coding theory and its application to AES. In Cryptography and Coding: 14th IMA International Conference, IMACC 2013, Oxford, UK, December 17-19, 2013. Proceedings 14 (pp. 193-212). Springer Berlin Heidelberg.
Cascudo, I., Cramer, R., Mirandola, D., Padró, C., & Xing, C. (2015). On secret sharing with nonlinear product reconstruction. SIAM Journal on Discrete Mathematics, 29(2), 1114-1131.
Abspoel, M. A., Cramer, R., & Mirandola, D. (2016). Shamir’s scheme is the only strongly multiplicative LSSS with maximal adversary (Doctoral dissertation, Master’s thesis, Universiteit Leiden, 2016. Preprint: https://www. math. leidenuniv. nl/scripties/MasterAbspoel. pdf).
Huang, W., Langberg, M., Kliewer, J., & Bruck, J. (2016). Communication efficient secret sharing. IEEE Transactions on Information Theory, 62(12), 7195-7206.
(2017) SLIP-0039 : Shamir's Secret-Sharing for Mnemonic Codes
Boyle, E., Couteau, G., Gilboa, N., Ishai, Y., & Orrù, M. (2017, October). Homomorphic secret sharing: optimizations and applications. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (pp. 2105-2122).
Bu, L., Nguyen, H. D., & Kinsy, M. A. (2017, October). RASSS: a perfidy-aware protocol for designing trustworthy distributed systems. In 2017 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFT) (pp. 1-6). IEEE.
Martínez-Peñas, U. (2018). Communication efficient and strongly secure secret sharing schemes based on algebraic geometry codes. IEEE Transactions on Information Theory, 64(6), 4191-4206.
Shor, R., Yadgar, G., Huang, W., Yaakobi, E., & Bruck, J. (2018, June). How to best share a big secret. In Proceedings of the 11th ACM International Systems and Storage Conference (pp. 76-88).
Matsumoto, R. (2019). Strongly secure ramp secret sharing with more participants based on Reed-Solomon codes. IEICE Communications Express, 8(9), 399-403.
Cheraghchi, M. (2019). Nearly optimal robust secret sharing. Designs, Codes and Cryptography, 87, 1777-1796.
Kacsmar, B., Komlo, C. H., Kerschbaum, F., & Goldberg, I. (2020). Mind the gap: Ceremonies for applied secret sharing. Proceedings on Privacy Enhancing Technologies.
Hineman, A., & Blaum, M. (2021). An efficient implementation of the Shamir secret sharing scheme. arXiv preprint arXiv:2108.05982.
Maji, H. K., Nguyen, H. H., Paskin-Cherniavsky, A., Suad, T., & Wang, M. (2021, June). Leakage-resilience of the shamir secret-sharing scheme against physical-bit leakages. In Annual International Conference on the Theory and Applications of Cryptographic Techniques (pp. 344-374). Cham: Springer International Publishing.
Agrikola, T., Couteau, G., & Maier, S. (2022, November). Anonymous whistleblowing over authenticated channels. In Theory of Cryptography Conference (pp. 685-714). Cham: Springer Nature Switzerland.
Francati, D., & Venturi, D. (2023). Evolving Secret Sharing Made Short. Cryptology ePrint Archive.
Wang, C., Peng, Y., Liang, Z., Wang, Y., Ke, G., & Jin, Z. (2023). Reversible extended secret image sharing with ability to correct errors based on Chinese remainder theorem. Heliyon, 9(4).
Komlo, C., Goldberg, I., & Stebila, D. (2023). A formal treatment of distributed key generation, and new constructions. Cryptology ePrint Archive.
Bellovin, S. M., & Merritt, M. (1992, May). Encrypted key exchange: Password-based protocols secure against dictionary attacks. In S&P (pp. 72-84). — EKE
Bellare, M., & Rogaway, P. (1993, August). Entity authentication and key distribution. In Annual international cryptology conference (pp. 232-249). Berlin, Heidelberg: Springer Berlin Heidelberg. — EAKD
Bellare, M., & Rogaway, P. (1995, May). Provably secure session key distribution: the three party case. In Proceedings of the twenty-seventh annual ACM symposium on Theory of computing (pp. 57-66).
Krawczyk, H. (1996, February). SKEME: A versatile secure key exchange mechanism for internet. In Proceedings of Internet Society Symposium on Network and Distributed Systems Security (pp. 114-127). IEEE.
Bellare, M., Canetti, R., & Krawczyk, H. (1998, May). A modular approach to the design and analysis of authentication and key exchange protocols. In Proceedings of the thirtieth annual ACM symposium on Theory of computing (pp. 419-428).
Bellare, M., Pointcheval, D., & Rogaway, P. (2000, May). Authenticated key exchange secure against dictionary attacks. In International conference on the theory and applications of cryptographic techniques (pp. 139-155). Berlin, Heidelberg: Springer Berlin Heidelberg. — AKW, EKE2
Abdalla, M., & Bellare, M. (2000, October). Increasing the lifetime of a key: a comparative analysis of the security of re-keying techniques. In International Conference on the Theory and Application of Cryptology and Information Security (pp. 546-559). Berlin, Heidelberg: Springer Berlin Heidelberg.
Law, L., Menezes, A., Qu, M., Solinas, J., & Vanstone, S. (2003). An efficient protocol for authenticated key agreement. Designs, Codes and Cryptography, 28, 119-134.
Dent, A. W. (2003, December). A designer’s guide to KEMs. In IMA International Conference on Cryptography and Coding (pp. 133-151). Berlin, Heidelberg: Springer Berlin Heidelberg.
Di Raimondo, M., Gennaro, R., & Krawczyk, H. (2006, October). Deniable authentication and key exchange. In Proceedings of the 13th ACM conference on Computer and communications security (pp. 400-409).
Rogaway, P., & Shrimpton, T. (2006, May). A provable-security treatment of the key-wrap problem. In Annual international conference on the theory and applications of cryptographic techniques (pp. 373-390). Berlin, Heidelberg: Springer Berlin Heidelberg.
Rogaway, P., & Shrimpton, T. (2007, August). Deterministic authenticated-encryption. In Advances in Cryptology–EUROCRYPT (Vol. 6).
Gutoski, G., & Stebila, D. (2014). Hierarchical deterministic Bitcoin wallets that tolerate key leakage. Cryptology ePrint Archive.
Abdalla, M., Benhamouda, F., & MacKenzie, P. (2015, May). Security of the J-PAKE password-authenticated key exchange protocol. In 2015 IEEE Symposium on Security and Privacy (pp. 571-587). IEEE.
Lipp, B. (2020). An analysis of hybrid public key encryption (Doctoral dissertation, IACR Cryptology ePrint Archive).
Barnes, R., Bhargavan, K., Lipp, B., & Wood, C. A. (2022). Hybrid public key encryption. Internet Research Task Force (IRTF), RFC, 9180.
Boyle, E., Gilboa, N., & Ishai, Y. (2016, October). Function secret sharing: Improvements and extensions. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (pp. 1292-1303).
Servan-Schreiber, S., Beyzerov, S., Yablon, E., & Park, H. (2023, May). Private access control for function secret sharing. In 2023 IEEE Symposium on Security and Privacy (SP) (pp. 809-828). IEEE. — has access control built in
Reed, I. S., & Solomon, G. (1960). Polynomial codes over certain finite fields. Journal of the society for industrial and applied mathematics, 8(2), 300-304.
Welch, L. R., & Berlekamp, E. R. (1986). U.S. Patent No. 4,633,470. Washington, DC: U.S. Patent and Trademark Office.
Guruswami, V., & Sudan, M. (1998, November). Improved decoding of Reed-Solomon and algebraic-geometric codes. In Proceedings 39th Annual Symposium on Foundations of Computer Science (Cat. No. 98CB36280) (pp. 28-37). IEEE.
Gao, S. (2003). A new algorithm for decoding Reed-Solomon codes. In Communications, information and network security (pp. 55-68). Boston, MA: Springer US.
Koetter, R., & Vardy, A. (2003). Algebraic soft-decision decoding of Reed-Solomon codes. IEEE Transactions on Information Theory, 49(11), 2809-2825.
Andrews, K. S., Divsalar, D., Dolinar, S., Hamkins, J., Jones, C. R., & Pollara, F. (2007). The development of turbo and LDPC codes for deep-space applications. Proceedings of the IEEE, 95(11), 2142-2156.
Code, R. S. Open Source Soft-Decision Decoder for the JT65 (63, 12).
Feng, G. (2020). The Berlekamp-Welch Algorithm: A Guide
Tang, N., & Han, Y. S. (2022). A new decoding method for Reed–Solomon codes based on FFT and modular approach. IEEE Transactions on Communications, 70(12), 7790-7801.
Brakensiek, J., Gopi, S., & Makam, V. (2023, June). Generic reed-solomon codes achieve list-decoding capacity. In Proceedings of the 55th Annual ACM Symposium on Theory of Computing (pp. 1488-1501).
Guo, Z., & Zhang, Z. (2023, November). Randomly punctured reed-solomon codes achieve the list decoding capacity over polynomial-size alphabets. In 2023 IEEE 64th Annual Symposium on Foundations of Computer Science (FOCS) (pp. 164-176). IEEE.
Byzantine Generals / Fault Tolerance Lamport, L., Shostak, R., & Pease, M. (1982). The Byzantine Generals Problem. ACM Transactions on Programming Languages and Systems, 4(3), 382-401.
Lamport, L., & Fischer, M. (1982). Byzantine generals and transaction commit protocols.
Dolev, D. (1982). The Byzantine generals strike again. Journal of algorithms, 3(1), 14-30.
Rabin, M. O. (1983, November). Randomized byzantine generals. In 24th annual symposium on foundations of computer science (sfcs 1983) (pp. 403-409). IEEE.
Bracha, G. (1987). An O (log n) expected rounds randomized byzantine generals protocol. Journal of the ACM (JACM), 34(4), 910-920.
Castro, M., & Liskov, B. (1999, February). Practical byzantine fault tolerance. In OsDI (Vol. 99, No. 1999, pp. 173-186).
Vandiver, B., Balakrishnan, H., Liskov, B., & Madden, S. (2007, October). Tolerating byzantine faults in transaction processing systems using commit barrier scheduling. In Proceedings of twenty-first ACM SIGOPS symposium on Operating Systems Principles (pp. 59-72).
Lamport, L. (2011). Brief announcement: Leaderless byzantine paxos. In Distributed Computing: 25th International Symposium, DISC 2011, Rome, Italy, September 20-22, 2011. Proceedings 25 (pp. 141-142). Springer Berlin Heidelberg.
Ongaro, D., & Ousterhout, J. (2014). In search of an understandable consensus algorithm. In 2014 USENIX annual technical conference (USENIX ATC 14) (pp. 305-319).
Secure Computation / Multiparty Computation Yao, A. C. (1982, November). Protocols for secure computations. In 23rd annual symposium on foundations of computer science (sfcs 1982) (pp. 160-164). IEEE.
Banerjee, P., & Abraham, J. A. (1984). Fault-secure algorithms for multiple-processor systems. ACM SIGARCH Computer Architecture News, 12(3), 279-287.
Cohen, J. D., & Fischer, M. J. (1985). A robust and verifiable cryptographically secure election scheme (pp. 372-382). Yale University. Department of Computer Science.
Benaloh, J. C., & Yung, M. (1986, November). Distributing the power of a government to enhance the privacy of voters. In Proceedings of the fifth annual ACM symposium on Principles of distributed computing (pp. 52-62).
Galil, Z., Haber, S., & Yung, M. (1987, August). Cryptographic computation: Secure fault-tolerant protocols and the public-key model. In Conference on the Theory and Application of Cryptographic Techniques (pp. 135-155). Berlin, Heidelberg: Springer Berlin Heidelberg. — this has some important references to check out
Ben-Or, M., Goldwasser, S., & Wigderson, A. (1988, January). Completeness theorems for non-cryptographic fault-tolerant distributed computation. In Proceedings of the twentieth annual ACM symposium on Theory of computing (pp. 1-10).
Abadi, M., & Feigenbaum, J. (1988). A simple protocol for secure circuit evaluation. In STACS 88: 5th Annual Symposium on Theoretical Aspects of Computer Science Bordeaux, France, February 11–13, 1988 Proceedings 5 (pp. 264-272). Springer Berlin Heidelberg.
Chaum, D., Damgård, I. B., & Van de Graaf, J. (1988). Multiparty computations ensuring privacy of each party’s input and correctness of the result. In Advances in Cryptology—CRYPTO’87: Proceedings 7 (pp. 87-119). Springer Berlin Heidelberg.
Chaum, D., Crépeau, C., & Damgard, I. (1988, January). Multiparty unconditionally secure protocols. In Proceedings of the twentieth annual ACM symposium on Theory of computing (pp. 11-19).
Beaver, D., Micali, S., & Rogaway, P. (1990, April). The round complexity of secure protocols. In Proceedings of the twenty-second annual ACM symposium on Theory of computing (pp. 503-513).
Franklin, M., & Yung, M. (1992, July). Communication complexity of secure computation. In Proceedings of the twenty-fourth annual ACM symposium on Theory of computing (pp. 699-710). — Introduces the multi-secret sharing scheme (MSSS).
Canetti, R., & Herzberg, A. (1994, August). Maintaining security in the presence of transient faults. In Annual International Cryptology Conference (pp. 425-438). Berlin, Heidelberg: Springer Berlin Heidelberg.
Canetti, R., Feige, U., Goldreich, O., & Naor, M. (1996, July). Adaptively secure multi-party computation. In Proceedings of the twenty-eighth annual ACM symposium on Theory of computing (pp. 639-648).
Goldwasser, S. (1997, August). Multi party computations: past and present. In Proceedings of the sixteenth annual ACM symposium on Principles of distributed computing (pp. 1-6). — fold in references
Goldreich, O. (1998). Secure multi-party computation. Manuscript. Preliminary version, 78(110), 1-108.
Canetti, R., Lindell, Y., Ostrovsky, R., & Sahai, A. (2002, May). Universally composable two-party and multi-party secure computation. In Proceedings of the thiry-fourth annual ACM symposium on Theory of computing (pp. 494-503).
Kolesnikov, V. (2005). Gate evaluation secret sharing and secure one-round two-party computation. In Advances in Cryptology-ASIACRYPT 2005: 11th International Conference on the Theory and Application of Cryptology and Information Security, Chennai, India, December 4-8, 2005. Proceedings 11 (pp. 136-155). Springer Berlin Heidelberg.
Chen, H., Cramer, R., Goldwasser, S., De Haan, R., & Vaikuntanathan, V. (2007, May). Secure computation from random error correcting codes. In Annual International Conference on the Theory and Applications of Cryptographic Techniques (pp. 291-310). Berlin, Heidelberg: Springer Berlin Heidelberg.
Bogetoft, P., Christensen, D. L., Damgård, I., Geisler, M., Jakobsen, T., Krøigaard, M., ... & Toft, T. (2009, February). Secure multiparty computation goes live. In International Conference on Financial Cryptography and Data Security (pp. 325-343). Berlin, Heidelberg: Springer Berlin Heidelberg.
Ishai, Y., Ostrovsky, R., & Seyalioglu, H. (2012). Identifying cheaters without an honest majority. In Theory of Cryptography: 9th Theory of Cryptography Conference, TCC 2012, Taormina, Sicily, Italy, March 19-21, 2012. Proceedings 9 (pp. 21-38). Springer Berlin Heidelberg.
Kolesnikov, V., & Kumaresan, R. (2012, September). Improved secure two-party computation via information-theoretic garbled circuits. In International Conference on Security and Cryptography for Networks (pp. 205-221). Berlin, Heidelberg: Springer Berlin Heidelberg.
Nielsen, J. B., Nordholt, P. S., Orlandi, C., & Burra, S. S. (2012, August). A new approach to practical active-secure two-party computation. In Annual Cryptology Conference (pp. 681-700). Berlin, Heidelberg: Springer Berlin Heidelberg.
Ishai, Y., Ostrovsky, R., & Zikas, V. (2014). Secure multi-party computation with identifiable abort. In Advances in Cryptology–CRYPTO 2014: 34th Annual Cryptology Conference, Santa Barbara, CA, USA, August 17-21, 2014, Proceedings, Part II 34 (pp. 369-386). Springer Berlin Heidelberg.
Shen, E., Varia, M., Cunningham, R. K., & Vesey, W. K. (2015). Cryptographically secure computation. Computer, 48(4), 78-81.
Couteau, G. (2016). Revisiting covert multiparty computation. Cryptology ePrint Archive.
Parno, B., Howell, J., Gentry, C., & Raykova, M. (2016). Pinocchio: Nearly practical verifiable computation. Communications of the ACM, 59(2), 103-112.
Raeini, M. G., & Nojoumian, M. (2018, January). Secure error correction using multiparty computation. In 2018 IEEE 8th Annual Computing and Communication Workshop and Conference (CCWC) (pp. 468-473). IEEE.
Lindell, Y. (2020). Secure multiparty computation. Communications of the ACM, 64(1), 86-96. — fold in citations to this list
Keeler, D., Komlo, C., Lepert, E., Veitch, S., & He, X. (2023). DPrio: Efficient Differential Privacy with High Utility for Prio. Proceedings on Privacy Enhancing Technologies, 2023(3), 375-390.
Verifiable Secret Sharing Chor, B., Goldwasser, S., Micali, S., & Awerbuch, B. (1985, October). Verifiable secret sharing and achieving simultaneity in the presence of faults. In 26th Annual Symposium on Foundations of Computer Science (sfcs 1985) (pp. 383-395). IEEE.
Feldman, P. (1987, October). A practical scheme for non-interactive verifiable secret sharing. In 28th Annual Symposium on Foundations of Computer Science (sfcs 1987) (pp. 427-438). IEEE.
Rabin, T., & Ben-Or, M. (1989, February). Verifiable secret sharing and multiparty protocols with honest majority. In Proceedings of the twenty-first annual ACM symposium on Theory of computing (pp. 73-85).
Rabin, T., & Ben-Or, M. (1989, February). Verifiable secret sharing and multiparty protocols with honest majority. In Proceedings of the twenty-first annual ACM symposium on Theory of computing (pp. 73-85).
Pedersen, T. P. (1991, August). Non-interactive and information-theoretic secure verifiable secret sharing. In Annual international cryptology conference (pp. 129-140). Berlin, Heidelberg: Springer Berlin Heidelberg. — introduces Pedersen commitments
Schoenmakers, B. (1999, August). A simple publicly verifiable secret sharing scheme and its application to electronic voting. In Annual International Cryptology Conference (pp. 148-164). Berlin, Heidelberg: Springer Berlin Heidelberg.
Cramer, R., Damgård, I., & Fehr, S. (2001, August). On the cost of reconstructing a secret, or VSS with optimal reconstruction phase. In Annual International Cryptology Conference (pp. 503-523). Berlin, Heidelberg: Springer Berlin Heidelberg.
Tang, C., Pei, D., Liu, Z., & He, Y. (2004). Non-interactive and information-theoretic secure publicly verifiable secret sharing. Cryptology ePrint Archive.
Liu, Y., Zhang, F., & Zhang, J. (2016). Attacks to some verifiable multi-secret sharing schemes and two improved schemes. Information Sciences, 329, 524-539.
Das, S., Xiang, Z., Tomescu, A., Spiegelman, A., Pinkas, B., & Ren, L. (2023). Verifiable secret sharing simplified. Cryptology ePrint Archive.
Atapoor, S., Baghery, K., Cozzo, D., & Pedersen, R. (2023, December). VSS from distributed ZK proofs and applications. In International Conference on the Theory and Application of Cryptology and Information Security (pp. 405-440). Singapore: Springer Nature Singapore.
Cook, S. A. (1971, May). The complexity of theorem-proving procedures. In Proceedings of the third annual ACM symposium on Theory of computing (pp. 151-158).
Левин, Л. А. (1973). Универсальные задачи перебора. Проблемы передачи информации, 9(3), 115-116.
Translated to English in Levin, L. A. (1984). Universal search problems. Annals of the History of Computing, 6(4), 399-400.
Karp, R. M., Miller, R. E., & Thatcher, J. W. (1975). Reducibility Among Combinatorial Problems. Journal of Symbolic Logic, 40(4).
Baker, T., Gill, J., & Solovay, R. (1975). Relativizations of the P=?NP question. SIAM Journal on computing, 4(4), 431-442.
Schnorr, C. P. (1978). Satisfiability is quasilinear complete in NQL. Journal of the ACM (JACM), 25(1), 136-145.
Goldwasser, S., Micali, S., & Rackoff, C. (1985, December). The knowledge complexity of interactive proof-systems. In Proceedings of the seventeenth annual ACM symposium on Theory of computing (pp. 291-304).
Cook, S. A. (1988). Short propositional formulas represent nondeterministic computations. Information Processing Letters, 26(5), 269-270.
Ben-David, S., Chor, B., & Goldreich, O. (1989, February). On the theory of average case complexity. In Proceedings of the twenty-first annual ACM symposium on Theory of computing (pp. 204-216).
Feige, U., & Shamir, A. (1990, April). Witness indistinguishable and witness hiding protocols. In Proceedings of the twenty-second annual ACM symposium on Theory of computing (pp. 416-426). — Helps to know about zero knowledge proofs, but the techniques are applicable outside of zk.
Babai, L., Fortnow, L., Levin, L. A., & Szegedy, M. (1991, January). Checking computations in polylogarithmic time. In Proceedings of the twenty-third annual ACM symposium on Theory of computing (pp. 21-32).
Babai, L., Fortnow, L., & Lund, C. (1991). Non-deterministic exponential time has two-prover interactive protocols. Computational complexity, 1, 3-40.
Lund, C., Fortnow, L., Karloff, H., & Nisan, N. (1992). Algebraic methods for interactive proof systems. Journal of the ACM (JACM), 39(4), 859-868.
Razborov, A. A., & Rudich, S. (1994, May). Natural proofs. In Proceedings of the twenty-sixth annual ACM symposium on Theory of computing (pp. 204-213).
Ronald Cramer, Ivan Damgard, and Berry Schoenmakers. Proofs of partial knowledge and simplified design of witness hiding protocols. In Yvo Desmedt, editor, Advances in Cryptology – CRYPTO ’94, pages 174–187, Berlin, 1994. SpringerVerlag. Lecture Notes in Computer Science Volume 839.
Feige, U., Goldwasser, S., Lovász, L., Safra, S., & Szegedy, M. (1996). Interactive proofs and the hardness of approximating cliques. Journal of the ACM (JACM), 43(2), 268-292.
Goldreich, O. (1997). Notes on Levin's Theory of Average-Case Complexity.
Chang, R., Chor, B., Goldreich, O., Hartmanis, J., Håstad, J., Ranjan, D., & Rohatgi, P. (1994). The random oracle hypothesis is false. Journal of Computer and System Sciences, 49(1), 24-39.
Camenisch, J., & Stadler, M. (1997). Proof systems for general statements about discrete logarithms. Technical Report/ETH Zurich, Department of Computer Science, 260. — this is a great overview of a few toy systems
Arora, S., & Safra, S. (1998). Probabilistic checking of proofs: A new characterization of NP. Journal of the ACM (JACM), 45(1), 70-122.
Arora, S., Lund, C., Motwani, R., Sudan, M., & Szegedy, M. (1998). Proof verification and the hardness of approximation problems. Journal of the ACM (JACM), 45(3), 501-555.
Goldreich, O., Vadhan, S., & Wigderson, A. (2002). On interactive proofs with a laconic prover. computational complexity, 11, 1-53.
Dinur, I. (2007). The PCP theorem by gap amplification. Journal of the ACM (JACM), 54(3), 12-es.
Thaler, J. (2022). Proofs, arguments, and zero-knowledge. Foundations and Trends® in Privacy and Security, 4(2–4), 117-660.
Diamond, B. E., & Posen, J. (2023). Succinct arguments over towers of binary fields. Cryptology ePrint Archive. — binius
Brassard, G., & Crépeau, C. (1986, August). Zero-knowledge simulation of boolean circuits. In Conference on the Theory and Application of Cryptographic Techniques (pp. 223-233). Berlin, Heidelberg: Springer Berlin Heidelberg.
Chaum, D. (1986, August). Demonstrating that a public predicate can be satisfied without revealing any information about how. In Conference on the Theory and Application of Cryptographic Techniques (pp. 195-199). Berlin, Heidelberg: Springer Berlin Heidelberg.
Goldreich, O., Micali, S., & Wigderson, A. (1987). How to prove all NP statements in zero-knowledge and a methodology of cryptographic protocol design. In Advances in Cryptology—CRYPTO’86: Proceedings 6 (pp. 171-185). Springer Berlin Heidelberg.
Chaum, D., Evertse, J. H., van de Graaf, J., & Peralta, R. (1987). Demonstrating possession of a discrete logarithm without revealing it. In Advances in Cryptology—CRYPTO’86: Proceedings 6 (pp. 200-212). Springer Berlin Heidelberg.
Chaum, D., Evertse, J. H., & Van De Graaf, J. (1988). An improved protocol for demonstrating possession of discrete logarithms and some generalizations. In Advances in Cryptology—EUROCRYPT’87: Workshop on the Theory and Application of Cryptographic Techniques Amsterdam, The Netherlands, April 13–15, 1987 Proceedings 6 (pp. 127-141). Springer Berlin Heidelberg.
Brassard, G., Chaum, D., & Crépeau, C. (1988). Minimum disclosure proofs of knowledge. Journal of computer and system sciences, 37(2), 156-189. — introduces bit commitments and arguments; discusses oblivious transfer
Guillou, L. C., & Quisquater, J. J. (1988). A practical zero-knowledge protocol fitted to security microprocessor minimizing both transmission and memory. In Advances in Cryptology—EUROCRYPT’88: Workshop on the Theory and Application of Cryptographic Techniques Davos, Switzerland, May 25–27, 1988 Proceedings 7 (pp. 123-128). Springer Berlin Heidelberg.
Goldwasser, S., Micali, S., & Rackoff, C. (1989). The Knowledge Complexity of Interactive Proof Systems. SIAM Journal on Computing, 18(1), 186.
Brassard, G., Crépeau, C., & Yung, M. (1989). Everything in NP can be argued in perfect zero-knowledge in a bounded number of rounds. In Automata, Languages and Programming: 16th International Colloquium Stresa, Italy, July 11–15, 1989 Proceedings 16 (pp. 123-136). Springer Berlin Heidelberg.
Bellare, M., & Goldwasser, S. (1989, August). New paradigms for digital signatures and message authentication based on non-interactive zero knowledge proofs. In Conference on the Theory and Application of Cryptology (pp. 194-211). New York, NY: Springer New York.
Ben-Or, M., Goldreich, O., Goldwasser, S., Håstad, J., Kilian, J., Micali, S., & Rogaway, P. (1990). Everything provable is provable in zero-knowledge. In Advances in Cryptology—CRYPTO’88: Proceedings 8 (pp. 37-56). Springer New York.
Goldreich, O., & Krawczyk, H. (1990). On the composition of zero-knowledge proof systems. In Automata, Languages and Programming: 17th International Colloquium Warwick University, England, July 16–20, 1990 Proceedings 17 (pp. 268-282). Springer Berlin Heidelberg. — alternate version from 1989
Blum, M., Feldman, P., & Micali, S. (1990). Proving security against chosen ciphertext attacks. In Advances in Cryptology—CRYPTO’88: Proceedings 8 (pp. 256-268). Springer New York.
Goldreich, O., Micali, S., & Wigderson, A. (1991). Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems. Journal of the ACM (JACM), 38(3), 690-728.
Blum, M., De Santis, A., Micali, S., & Persiano, G. (1991). Noninteractive zero-knowledge. SIAM Journal on Computing, 20(6), 1084-1118.
Dolev, D., Dwork, C., & Naor, M. (1991, January). Non-malleable cryptography. In Proceedings of the twenty-third annual ACM symposium on Theory of computing (pp. 542-552).
Rackoff, C., & Simon, D. R. (1991, August). Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In Annual international cryptology conference (pp. 433-444). Berlin, Heidelberg: Springer Berlin Heidelberg.
Naor, M. (1991). Bit commitment using pseudorandomness. Journal of cryptology, 4, 151-158.
Kilian, J. (1992, July). A note on efficient zero-knowledge proofs and arguments. In Proceedings of the twenty-fourth annual ACM symposium on Theory of computing (pp. 723-732).
De Santis, A., Di Crescenzo, G., & Persiano, G. (1993, August). Secret sharing and perfect zero knowledge. In Annual International Cryptology Conference (pp. 73-84). Berlin, Heidelberg: Springer Berlin Heidelberg.
De Santis, A., Di Crescenzo, G., Persiano, G., & Yung, M. (1994, November). On monotone formula closure of SZK. In Proceedings 35th Annual Symposium on Foundations of Computer Science (pp. 454-465). IEEE.
Cramer, R., Damgård, I., & Schoenmakers, B. (1994, August). Proofs of partial knowledge and simplified design of witness hiding protocols. In Annual International Cryptology Conference (pp. 174-187). Berlin, Heidelberg: Springer Berlin Heidelberg.
Fujisaki, E., & Okamoto, T. (1997). Statistical zero knowledge protocols to prove modular polynomial relations. In Advances in Cryptology—CRYPTO'97: 17th Annual International Cryptology Conference Santa Barbara, California, USA August 17–21, 1997 Proceedings 17 (pp. 16-30). Springer Berlin Heidelberg.
Kent, A. (1999). Unconditionally secure bit commitment. Physical Review Letters, 83(7), 1447.
Micali, S. (2000). Computationally sound proofs. SIAM Journal on Computing, 30(4), 1253-1298.
Barak, B. (2001, October). How to go beyond the black-box simulation barrier. In Proceedings 42nd IEEE Symposium on Foundations of Computer Science (pp. 106-115). IEEE.
Canetti, R., & Fischlin, M. (2001). Universally composable commitments. In Advances in Cryptology—CRYPTO 2001: 21st Annual International Cryptology Conference, Santa Barbara, California, USA, August 19–23, 2001 Proceedings 21 (pp. 19-40). Springer Berlin Heidelberg.
Goldwasser, S., & Kalai, Y. T. (2003, October). On the (in) security of the Fiat-Shamir paradigm. In 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings. (pp. 102-113). IEEE.
Rosen, A. (2004, February). A note on constant-round zero-knowledge proofs for NP. In Theory of Cryptography Conference (pp. 191-202). Berlin, Heidelberg: Springer Berlin Heidelberg.
Kent, A. (2005). Secure classical bit commitment using fixed capacity communication channels. Journal of Cryptology, 18(4), 313-335.
Lindell, Y., & Pinkas, B. (2009). A proof of security of Yao’s protocol for two-party computation. Journal of cryptology, 22, 161-188.
Groth, J. (2009, August). Linear algebra with sub-linear zero-knowledge arguments. In Annual International Cryptology Conference (pp. 192-208). Berlin, Heidelberg: Springer Berlin Heidelberg.
Barak, B., & Goldreich, O. (2009). Universal arguments and their applications. SIAM Journal on Computing, 38(5), 1661-1694.
Kate, A., Zaverucha, G. M., & Goldberg, I. (2010). Constant-size commitments to polynomials and their applications. In Advances in Cryptology-ASIACRYPT 2010: 16th International Conference on the Theory and Application of Cryptology and Information Security, Singapore, December 5-9, 2010. Proceedings 16 (pp. 177-194). Springer Berlin Heidelberg.
Groth, J. (2011, December). Efficient zero-knowledge arguments from two-tiered homomorphic commitments. In International Conference on the Theory and Application of Cryptology and Information Security (pp. 431-448). Berlin, Heidelberg: Springer Berlin Heidelberg.
Seo, J. H. (2011, March). Round-efficient sub-linear zero-knowledge arguments for linear algebra. In International Workshop on Public Key Cryptography (pp. 387-402). Berlin, Heidelberg: Springer Berlin Heidelberg.
Bernhard, D., Pereira, O., & Warinschi, B. (2012). How not to prove yourself: Pitfalls of the fiat-shamir heuristic and applications to helios. In Advances in Cryptology–ASIACRYPT 2012: 18th International Conference on the Theory and Application of Cryptology and Information Security, Beijing, China, December 2-6, 2012. Proceedings 18 (pp. 626-643). Springer Berlin Heidelberg.
Bayer, S., & Groth, J. (2013). Zero-knowledge argument for polynomial evaluation with application to blacklists. In Advances in Cryptology–EUROCRYPT 2013: 32nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Athens, Greece, May 26-30, 2013. Proceedings 32 (pp. 646-663). Springer Berlin Heidelberg.
Catalano, D., & Fiore, D. (2013). Vector commitments and their applications. In Public-Key Cryptography–PKC 2013: 16th International Conference on Practice and Theory in Public-Key Cryptography, Nara, Japan, February 26–March 1, 2013. Proceedings 16 (pp. 55-72). Springer Berlin Heidelberg.
Demirel, D., & Lancrenon, J. (2015). How to securely prolong the computational bindingness of pedersen commitments. Cryptology ePrint Archive.
Ben-Sasson, E., Chiesa, A., Green, M., Tromer, E., & Virza, M. (2015, May). Secure sampling of public parameters for succinct zero knowledge proofs. In 2015 IEEE Symposium on Security and Privacy (pp. 287-304). IEEE.
Goldwasser, S., Kalai, Y. T., & Rothblum, G. N. (2015). Delegating computation: interactive proofs for muggles. Journal of the ACM (JACM), 62(4), 1-64.
Bootle, J., Cerulli, A., Chaidos, P., Groth, J., & Petit, C. (2016). Efficient zero-knowledge arguments for arithmetic circuits in the discrete log setting. In Advances in Cryptology–EUROCRYPT 2016: 35th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Vienna, Austria, May 8-12, 2016, Proceedings, Part II 35 (pp. 327-357). Springer Berlin Heidelberg. — gives a a good overview of related work and the history behind it
Groth, J. (2016). On the size of pairing-based non-interactive arguments. In Advances in Cryptology–EUROCRYPT 2016: 35th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Vienna, Austria, May 8-12, 2016, Proceedings, Part II 35 (pp. 305-326). Springer Berlin Heidelberg.
Ben-Sasson, E., Chiesa, A., & Spooner, N. (2016). Interactive oracle proofs. In Theory of Cryptography: 14th International Conference, TCC 2016-B, Beijing, China, October 31-November 3, 2016, Proceedings, Part II 14 (pp. 31-60). Springer Berlin Heidelberg.
Groth, J., & Maller, M. (2017, July). Snarky signatures: Minimal signatures of knowledge from simulation-extractable SNARKs. In Annual International Cryptology Conference (pp. 581-612). Cham: Springer International Publishing.
Metere, R., & Dong, C. (2017). Automated cryptographic analysis of the pedersen commitment scheme. In Computer Network Security: 7th International Conference on Mathematical Methods, Models, and Architectures for Computer Network Security, MMM-ACNS 2017, Warsaw, Poland, August 28-30, 2017, Proceedings 7 (pp. 275-287). Springer International Publishing.
Hao, F. (2017). Schnorr non-interactive zero-knowledge proof (No. rfc8235).
Bowe, S., Gabizon, A., & Miers, I. (2017). Scalable multi-party computation for zk-SNARK parameters in the random beacon model. Cryptology ePrint Archive.
Bünz, B., Bootle, J., Boneh, D., Poelstra, A., Wuille, P., & Maxwell, G. (2018, May). Bulletproofs: Short proofs for confidential transactions and more. In 2018 IEEE symposium on security and privacy (SP) (pp. 315-334). IEEE.
Ben-Sasson, E., Bentov, I., Horesh, Y., & Riabzev, M. (2018). Scalable, transparent, and post-quantum secure computational integrity. Cryptology ePrint Archive. — introduces the terms Scalable and Transparent IOP of Knowledge (STIK), Scalable Transparent ARgument of Knowledge (STARK) as a realization of STIK
Ashur, T., & Dhooghe, S. (2018). MARVELlous: a STARK-friendly family of cryptographic primitives. Cryptology ePrint Archive.
Ben-Sasson, E., Chiesa, A., Riabzev, M., Spooner, N., Virza, M., & Ward, N. P. (2019). Aurora: Transparent succinct arguments for R1CS. In Advances in Cryptology–EUROCRYPT 2019: 38th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Darmstadt, Germany, May 19–23, 2019, Proceedings, Part I 38 (pp. 103-128). Springer International Publishing.
Kattis, A., Panarin, K., & Vlasov, A. (2019). RedShift: Transparent SNARKs from List Polynomial Commitment IOPs. IACR Cryptol. ePrint Arch., 2019, 1400.
Gabizon, A., Williamson, Z. J., & Ciobotaru, O. (2019). Plonk: Permutations over lagrange-bases for oecumenical noninteractive arguments of knowledge. Cryptology ePrint Archive.
Bowe, S., Grigg, J., & Hopwood, D. (2019). Recursive proof composition without a trusted setup. Cryptology ePrint Archive.
Maller, M., Bowe, S., Kohlweiss, M., & Meiklejohn, S. (2019, November). Sonic: Zero-knowledge SNARKs from linear-size universal and updatable structured reference strings. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (pp. 2111-2128).
Boneh, D., Drake, J., Fisch, B., & Gabizon, A. (2020). Efficient polynomial commitment schemes for multiple points and polynomials. Cryptology ePrint Archive. — improves on [KZG10]
Chiesa, A., Hu, Y., Maller, M., Mishra, P., Vesely, N., & Ward, N. (2020). Marlin: Preprocessing zkSNARKs with universal and updatable SRS. In Advances in Cryptology–EUROCRYPT 2020: 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, May 10–14, 2020, Proceedings, Part I 39 (pp. 738-768). Springer International Publishing.
Chiesa, A., Ojha, D., & Spooner, N. (2020). Fractal: Post-quantum and transparent recursive proofs from holography. In Advances in Cryptology–EUROCRYPT 2020: 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, May 10–14, 2020, Proceedings, Part I 39 (pp. 769-793). Springer International Publishing.
Grassi, L., Khovratovich, D., Rechberger, C., Roy, A., & Schofnegger, M. (2021). Poseidon: A new hash function for {Zero-Knowledge} proof systems. In 30th USENIX Security Symposium (USENIX Security 21) (pp. 519-535).
Mouris, D., & Tsoutsos, N. G. (2021). Masquerade: Verifiable multi-party aggregation with secure multiplicative commitments. Cryptology ePrint Archive. — could be interesting to use this to add secret ballots
Kohlweiss, M., Maller, M., Siim, J., & Volkhov, M. (2021). Snarky ceremonies. In Advances in Cryptology–ASIACRYPT 2021: 27th International Conference on the Theory and Application of Cryptology and Information Security, Singapore, December 6–10, 2021, Proceedings, Part III 27 (pp. 98-127). Springer International Publishing.
Aranha, D. F., Bennedsen, E. M., Campanelli, M., Ganesh, C., Orlandi, C., & Takahashi, A. (2022, February). ECLIPSE: enhanced compiling method for Pedersen-committed zkSNARK engines. In IACR International Conference on Public-Key Cryptography (pp. 584-614). Cham: Springer International Publishing.
Zapico, A., Buterin, V., Khovratovich, D., Maller, M., Nitulescu, A., & Simkin, M. (2022, November). Caulk: Lookup arguments in sublinear time. In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security (pp. 3121-3134).
Haböck, U., Levit, D., & Papini, S. (2024). Circle STARKs. Cryptology ePrint Archive.
Ben-Sasson, E., Bentov, I., Horesh, Y., & Riabzev, M. (2018). Fast reed-solomon interactive oracle proofs of proximity. In 45th international colloquium on automata, languages, and programming (icalp 2018). Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik. Ben-Sasson, E., Carmon, D., Kopparty, S., & Levit, D. (2021). Elliptic curve fast fourier transform (ECFFT) part I: fast polynomial algorithms over all finite fields. arXiv preprint arXiv:2107.08473. Ben–Sasson, E., Carmon, D., Kopparty, S., & Levit, D. (2022, November). Scalable and Transparent Proofs over All Large Fields, via Elliptic Curves: (ECFFT Part II). In Theory of Cryptography Conference (pp. 467-496). Cham: Springer Nature Switzerland. Haböck, U., Lubarov, D., & Nabaglo, J. (2023). Reed-Solomon codes over the circle group. Cryptology ePrint Archive.
Ong, H., & Schnorr, C. P. (1991). Fast signature generation with a Fiat Shamir—like scheme. In Advances in Cryptology—EUROCRYPT’90: Workshop on the Theory and Application of Cryptographic Techniques Aarhus, Denmark, May 21–24, 1990 Proceedings 9 (pp. 432-440). Springer Berlin Heidelberg.
De Rooij, P. (1991). On the security of the Schnorr scheme using preprocessing. In Advances in Cryptology—EUROCRYPT’91: Workshop on the Theory and Application of Cryptographic Techniques Brighton, UK, April 8–11, 1991 Proceedings 10 (pp. 71-80). Springer Berlin Heidelberg.
Seurin, Y. (2012, April). On the exact security of Schnorr-type signatures in the random oracle model. In Annual International Conference on the Theory and Applications of Cryptographic Techniques (pp. 554-571). Berlin, Heidelberg: Springer Berlin Heidelberg.
Tibouchi, M. (2017, November). Attacks on Schnorr signatures with biased nonces. In NTT Secure Platform Laboratories, ECC Workshop.
Crites, E., Komlo, C., & Maller, M. (2023, August). Fully adaptive schnorr threshold signatures. In Annual International Cryptology Conference (pp. 678-709). Cham: Springer Nature Switzerland.
https://eprint.iacr.org/search?q=schnorr&title=&authors=&category=ATTACKS&submittedafter=&submittedbefore=&revisedafter=&revisedbefore=
Okamoto, T. (1988). A digital multisignature scheme using bijective public-key cryptosystems. ACM Transactions on Computer Systems (TOCS), 6(4), 432-441.
Ohta, K., Okamoto, T. (1993). A digital multisignature scheme based on the Fiat-Shamir scheme. In: Imai, H., Rivest, R.L., Matsumoto, T. (eds) Advances in Cryptology — ASIACRYPT '91. ASIACRYPT 1991. Lecture Notes in Computer Science, vol 739. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-57332-1_11
Ohta, K., & Okamoto, T. (1999). Multi-signature schemes secure against active insider attacks. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 82(1), 21-31.
Micali, S., Ohta, K., & Reyzin, L. (2001, November). Accountable-subgroup multisignatures. In Proceedings of the 8th ACM Conference on Computer and Communications Security (pp. 245-254).
Boldyreva, A. (2002, December). Threshold signatures, multisignatures and blind signatures based on the gap-Diffie-Hellman-group signature scheme. In International Workshop on Public Key Cryptography (pp. 31-46). Berlin, Heidelberg: Springer Berlin Heidelberg.
Chen, T. S., Huang, K. H., & Chung, Y. F. (2004). Digital multi-signature scheme based on the elliptic curve cryptosystem. Journal of Computer Science and Technology, 19, 570-573.
Durán Díaz, R., Hernández Álvarez, F., Hernández Encinas, L., & Queiruga Dios, A. (2010). A review of multisignatures based on RSA.
Çalkavur, Selda. "A study on multisecret-sharing schemes based on linear codes." Emerging Science Journal 4, no. 4 (2020): 263-271.
Horster, P., Michels, M., & Petersen, H. (1995, May). Meta-multisignature schemes based on the discrete logarithm problem. In Information Security—the Next Decade: Proceedings of the IFIP TC11 eleventh international conference on information security, IFIP/Sec’95 (pp. 128-142). Boston, MA: Springer US.
Pedersen, T. P. (1991). A threshold cryptosystem without a trusted party. In Advances in Cryptology—EUROCRYPT’91: Workshop on the Theory and Application of Cryptographic Techniques Brighton, UK, April 8–11, 1991 Proceedings 10 (pp. 522-526). Springer Berlin Heidelberg.
Desmedt, Y. (1992, December). Threshold cryptosystems. In International Workshop on the Theory and Application of Cryptographic Techniques (pp. 1-14). Berlin, Heidelberg: Springer Berlin Heidelberg.
Harn, L. (1994). Group-oriented (t, n) threshold digital signature scheme and digital multisignature. IEE Proceedings-Computers and Digital Techniques, 141(5), 307-313.
Li, C. M., Hwang, T., & Lee, N. Y. (1995). Threshold-multisignature schemes where suspected forgery implies traceability of adversarial shareholders. In Advances in Cryptology—EUROCRYPT'94: Workshop on the Theory and Application of Cryptographic Techniques Perugia, Italy, May 9–12, 1994 Proceedings 13 (pp. 194-204). Springer Berlin Heidelberg.
Park, C., & Kurosawa, K. (1996). New EIGamal type threshold digital signature scheme. IEICE transactions on fundamentals of electronics, communications and computer sciences, 79(1), 86-93.
Gennaro, R., Jarecki, S., Krawczyk, H., & Rabin, T. (1996). Robust threshold DSS signatures. In Advances in Cryptology—EUROCRYPT’96: International Conference on the Theory and Application of Cryptographic Techniques Saragossa, Spain, May 12–16, 1996 Proceedings 15 (pp. 354-371). Springer Berlin Heidelberg.
Shoup, V. (2000). Practical threshold signatures. In Advances in Cryptology—EUROCRYPT 2000: International Conference on the Theory and Application of Cryptographic Techniques Bruges, Belgium, May 14–18, 2000 Proceedings 19 (pp. 207-220). Springer Berlin Heidelberg.
Doerner, J., Kondi, Y., Lee, E., & Shelat, A. (2018, May). Secure two-party threshold ECDSA from ECDSA assumptions. In 2018 IEEE Symposium on Security and Privacy (SP) (pp. 980-997). IEEE.
Gennaro, R., & Goldfeder, S. (2018, October). Fast multiparty threshold ECDSA with fast trustless setup. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (pp. 1179-1194).
Doerner, J., Kondi, Y., Lee, E., & Shelat, A. (2019, May). Threshold ECDSA from ECDSA assumptions: The multiparty case. In 2019 IEEE Symposium on Security and Privacy (SP) (pp. 1051-1066). IEEE.
Aumasson, J. P., Hamelink, A., & Shlomovits, O. (2020). A survey of ECDSA threshold signing. Cryptology ePrint Archive.
Castagnos, G., Catalano, D., Laguillaumie, F., Savasta, F., & Tucker, I. (2020, April). Bandwidth-efficient threshold EC-DSA. In IACR International Conference on Public-Key Cryptography (pp. 266-296). Cham: Springer International Publishing.
Gągol, A., Kula, J., Straszak, D., & Świętek, M. (2020). Threshold ECDSA for decentralized asset custody. Cryptology ePrint Archive.
Canetti, R., Gennaro, R., Goldfeder, S., Makriyannis, N., & Peled, U. (2020, October). UC non-interactive, proactive, threshold ECDSA with identifiable aborts. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (pp. 1769-1787).
Gennaro, R., & Goldfeder, S. (2020). One round threshold ECDSA with identifiable abort. Cryptology ePrint Archive.
Canetti, R., Gennaro, R., Goldfeder, S., Makriyannis, N., & Peled, U. (2020, October). UC non-interactive, proactive, threshold ECDSA with identifiable aborts. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (pp. 1769-1787).
Aumasson, J. P., Hamelink, A., & Shlomovits, O. (2020). A survey of ECDSA threshold signing. Cryptology ePrint Archive.
Tillem, G., Burundukov, O., & Team, I. N. G. D. L. T. Threshold Signatures using Secure Multiparty Computation.
Komlo, C., & Goldberg, I. (2021). FROST: flexible round-optimized Schnorr threshold signatures. In Selected Areas in Cryptography: 27th International Conference, Halifax, NS, Canada (Virtual Event), October 21-23, 2020, Revised Selected Papers 27 (pp. 34-65). Springer International Publishing.
Doerner, J. (2022). Three Useful Threshold Cryptography Problems With Efficient Solutions (Doctoral dissertation, Northeastern University).
Damgård, I., Jakobsen, T. P., Nielsen, J. B., Pagter, J. I., & Østergaard, M. B. (2022). Fast threshold ECDSA with honest majority. Journal of Computer Security, 30(1), 167-196.
Abram, D., Nof, A., Orlandi, C., Scholl, P., & Shlomovits, O. (2022, May). Low-bandwidth threshold ECDSA via pseudorandom correlation generators. In 2022 IEEE Symposium on Security and Privacy (SP) (pp. 2554-2572). IEEE.
Crites, E., Komlo, C., & Maller, M. (2023, August). Fully adaptive schnorr threshold signatures. In Annual International Cryptology Conference (pp. 678-709). Cham: Springer Nature Switzerland.
Chu, H., Gerhart, P., Ruffing, T., & Schröder, D. (2023, August). Practical schnorr threshold signatures without the algebraic group model. In Annual International Cryptology Conference (pp. 743-773). Cham: Springer Nature Switzerland.
Haitner, I., Lindell, Y., Nof, A., & Ranellucci, S. (2018). Fast Secure Multiparty ECDSA with Practical Distributed Key Generation and Applications to Cryptocurrency Custody. Cryptology ePrint Archive.
Doerner, J., Kondi, Y., & Lee, E. (2023). Threshold ECDSA in Three Rounds. Cryptology ePrint Archive.
Komlo, C., & Goldberg, I. (2024). Arctic: Lightweight and Stateless Threshold Schnorr Signatures. Cryptology ePrint Archive.
Connolly, D., Komlo, C., Goldberg, I., & Wood, C. A. (2024). RFC 9591: The Flexible Round-Optimized Schnorr Threshold (FROST) Protocol for Two-Round Schnorr Signatures.
Aumasson, J. P., & Shlomovits, O. (2020). Attacking threshold wallets. Cryptology ePrint Archive.
Forget-And-Forgive Attack, key resharing in GG18
Lather, Rinse, Repeat Attack, attacks Lindell 2017
Golden Shoe Attack, MtA Share Conversion in GG18
Tymokhanov, D., & Shlomovits, O. (2021). Alpha-rays: Key extraction attacks on threshold ecdsa implementations. Cryptology ePrint Archive. — relates to GG18 & GG20
Nguyen, D. H., Nguyen, A. K., Nguyen, H. G., Nguyen, T., & Nguyen, A. Q. (2023). New Key Extraction Attacks on Threshold ECDSA Implementations.
GG18 and GG20 Paillier Key Vulnerability [CVE-2023-33241]: Technical Report
Lindell17 Abort Vulnerability [CVE-2023-33242]: Technical Report
Couveignes, J. M. (2006). Hard homogeneous spaces.
Rostovtsev, A., & Stolbunov, A. (2006). Public-key cryptosystem based on isogenies. Cryptology ePrint Archive.
Stolbunov, A. (2010). Constructing public-key cryptographic schemes based on class group action on a set of isogenous elliptic curves. Adv. Math. Commun., 4(2), 215-235.
Stolbunov, A. (2012). Cryptographic schemes based on isogenies.
Childs, A., Jao, D., & Soukharev, V. (2014). Constructing elliptic curve isogenies in quantum subexponential time. Journal of Mathematical Cryptology, 8(1), 1-29.
De Feo, L. (2017). Mathematics of isogeny based cryptography. arXiv preprint arXiv:1711.04062.
Galbraith, S. D., Petit, C., & Silva, J. (2017). Identification protocols and signature schemes based on supersingular isogeny problems. In Advances in Cryptology–ASIACRYPT 2017: 23rd International Conference on the Theory and Applications of Cryptology and Information Security, Hong Kong, China, December 3-7, 2017, Proceedings, Part I 23 (pp. 3-33). Springer International Publishing.
Castryck, W., Lange, T., Martindale, C., Panny, L., & Renes, J. (2018). CSIDH: an efficient post-quantum commutative group action. In Advances in Cryptology–ASIACRYPT 2018: 24th International Conference on the Theory and Application of Cryptology and Information Security, Brisbane, QLD, Australia, December 2–6, 2018, Proceedings, Part III 24 (pp. 395-427). Springer International Publishing.
De Feo, L., & Galbraith, S. D. (2019). SeaSign: compact isogeny signatures from class group actions. In Advances in Cryptology–EUROCRYPT 2019: 38th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Darmstadt, Germany, May 19–23, 2019, Proceedings, Part III 38 (pp. 759-789). Springer International Publishing.
Beullens, W., Kleinjung, T., & Vercauteren, F. (2019, November). CSI-FiSh: efficient isogeny based signatures through class group computations. In International conference on the theory and application of cryptology and information security (pp. 227-247). Cham: Springer International Publishing.
Peng, C., Chen, J., Zhou, L., Choo, K. K. R., & He, D. (2020). CsiIBS: a post-quantum identity-based signature scheme based on isogenies. Journal of information Security and Applications, 54, 102504.
Cozzo, D., & Smart, N. P. (2020). Sashimi: cutting up CSI-FiSh secret keys to produce an actively secure distributed signing protocol. In Post-Quantum Cryptography: 11th International Conference, PQCrypto 2020, Paris, France, April 15–17, 2020, Proceedings 11 (pp. 169-186). Springer International Publishing.
De Feo, L., Kohel, D., Leroux, A., Petit, C., & Wesolowski, B. (2020). SQISign: compact post-quantum signatures from quaternions and isogenies. In Advances in Cryptology–ASIACRYPT 2020: 26th International Conference on the Theory and Application of Cryptology and Information Security, Daejeon, South Korea, December 7–11, 2020, Proceedings, Part I 26 (pp. 64-93). Springer International Publishing.
Bernstein, D. J., De Feo, L., Leroux, A., & Smith, B. (2020). Faster computation of isogenies of large prime degree. Open Book Series, 4(1), 39-55.
Baghery, K., Cozzo, D., & Pedersen, R. (2021, December). An isogeny-based ID protocol using structured public keys. In IMA International Conference on Cryptography and Coding (pp. 179-197). Cham: Springer International Publishing.
Beullens, W., Disson, L., Pedersen, R., & Vercauteren, F. (2021, July). CSI-RAShi: distributed key generation for CSIDH. In International Conference on Post-Quantum Cryptography (pp. 257-276). Cham: Springer International Publishing.
Atapoor, S., Baghery, K., Cozzo, D., & Pedersen, R. (2023, June). CSI-SharK: CSI-FiSh with sharing-friendly keys. In Australasian Conference on Information Security and Privacy (pp. 471-502). Cham: Springer Nature Switzerland.
Rabin, M. O. (1989). Efficient dispersal of information for security, load balancing, and fault tolerance. Journal of the ACM (JACM), 36(2), 335-348.
Mazieres, D., & Shasha, D. (2002, July). Building secure file systems out of Byzantine storage. In Proceedings of the twenty-first annual symposium on Principles of distributed computing (pp. 108-117).
Krohn, M. N., Freedman, M. J., & Mazieres, D. (2004, May). On-the-fly verification of rateless erasure codes for efficient content distribution. In IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004 (pp. 226-240). IEEE.
Zhao, F., Kalker, T., Médard, M., & Han, K. J. (2007, June). Signatures for content distribution with network coding. In 2007 IEEE international symposium on information theory (pp. 556-560). IEEE.
Wilcox-O'Hearn, Z., & Warner, B. (2008, October). Tahoe: the least-authority filesystem. In Proceedings of the 4th ACM international workshop on Storage security and survivability (pp. 21-26).
Parakh, A., & Kak, S. (2009). Online data storage using implicit security. Information Sciences, 179(19), 3323-3331.
Monteiro, J. (2010). Modeling and analysis of reliable peer-to-peer storage systems (Doctoral dissertation, Université Nice Sophia Antipolis).
Huchton, S. (2011). Secure mobile distributed file system (MDFS) (Doctoral dissertation, Monterey, California. Naval Postgraduate School).
Resch, J. K., & Plank, J. S. (2011). {AONT-RS}: Blending Security and Performance in Dispersed Storage Systems. In 9th USENIX Conference on File and Storage Technologies (FAST 11).
Benet, J. (2014). Ipfs-content addressed, versioned, p2p file system. arXiv preprint arXiv:1407.3561.
Rivest, R. L., Shamir, A., & Wagner, D. A. (1996). Time-lock puzzles and timed-release crypto.
Bitansky, N., Goldwasser, S., Jain, A., Paneth, O., Vaikuntanathan, V., & Waters, B. (2016, January). Time-lock puzzles from randomized encodings. In Proceedings of the 2016 ACM Conference on Innovations in Theoretical Computer Science (pp. 345-356).
Huberman, B. A., Franklin, M., & Hogg, T. (1999, November). Enhancing privacy and trust in electronic communities. In Proceedings of the 1st ACM conference on Electronic commerce (pp. 78-86).
Pinkas, B., Schneider, T., Segev, G., & Zohner, M. (2015). Phasing: Private set intersection using permutation-based hashing. In 24th USENIX Security Symposium (USENIX Security 15) (pp. 515-530).
Kolesnikov, V., Kumaresan, R., Rosulek, M., & Trieu, N. (2016, October). Efficient batched oblivious PRF with applications to private set intersection. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (pp. 818-829).
Pinkas, B., Schneider, T., & Zohner, M. (2018). Scalable private set intersection based on OT extension. ACM Transactions on Privacy and Security (TOPS), 21(2), 1-35.
Chaum, D. L. (1981). Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 24(2), 84-90. — introduces the mix and cascade
Even, S., Goldreich, O., & Lempel, A. (1985). A randomized protocol for signing contracts. Communications of the ACM, 28(6), 637-647.
Ben-Or, M., Goldreich, O., Micali, S., & Rivest, R. L. (1990). A fair protocol for signing contracts. IEEE Transactions on Information Theory, 36(1), 40-46.
Chaum, D., & Pedersen, T. P. (1992, August). Wallet databases with observers. In Annual international cryptology conference (pp. 89-105). Berlin, Heidelberg: Springer Berlin Heidelberg.
Laurie, B. (2003). Lucre: Anonymous Electronic Tokens v1. 8. Bericht, Juni.
Laur, S., & Lipmaa, H. (2007, June). A new protocol for conditional disclosure of secrets and its applications. In International Conference on Applied Cryptography and Network Security (pp. 207-225). Berlin, Heidelberg: Springer Berlin Heidelberg.
Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system.
Landa, R., Griffin, D., Clegg, R. G., Mykoniati, E., & Rio, M. (2009, April). A sybilproof indirect reciprocity mechanism for peer-to-peer networks. In IEEE INFOCOM 2009 (pp. 343-351). IEEE.
Wolchok, S., Hofmann, O. S., Heninger, N., Felten, E. W., Halderman, J. A., Rossbach, C. J., ... & Witchel, E. (2010, February). Defeating Vanish with Low-Cost Sybil Attacks Against Large DHTs. In NDSS.
Seuken, S., & Parkes, D. C. (2011). On the Sybil-proofness of accounting mechanisms.
Seuken, S., & Parkes, D. C. (2014). Sybil-proof accounting mechanisms with transitive trust. Proceedings of the International Foundation for Autonomous Agents and Multiagent Systems.
Wood, G. (2014). Ethereum: A secure decentralised generalised transaction ledger. Ethereum project yellow paper, 151(2014), 1-32.
Verbücheln, S. (2015). How perfect offline wallets can still leak bitcoin private keys. arXiv preprint arXiv:1501.00447.
Koblitz, N., & Menezes, A. J. (2016). Cryptocash, cryptocurrencies, and cryptocontracts. Designs, Codes and Cryptography, 78, 87-102.
Hopwood, D., Bowe, S., Hornby, T., & Wilcox, N. (2016). Zcash protocol specification. GitHub: San Francisco, CA, USA, 4(220), 32.
Arapinis, M., Gkaniatsou, A., Karakostas, D., & Kiayias, A. (2019). A formal treatment of hardware wallets. In Financial Cryptography and Data Security: 23rd International Conference, FC 2019, Frigate Bay, St. Kitts and Nevis, February 18–22, 2019, Revised Selected Papers 23 (pp. 426-445). Springer International Publishing.
Kumar, B., & Bhuyan, B. (2020). Game theoretical defense mechanism against reputation based sybil attacks. Procedia Computer Science, 167, 2465-2477.
Truong, N., Lee, G. M., Sun, K., Guitton, F., & Guo, Y. (2021). A blockchain-based trust system for decentralised applications: When trustless needs trust. Future Generation Computer Systems, 124, 68-79.
Attacks, Vulnerabilities, & Countermeasures Kocher, P. C. (1996). Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In Advances in Cryptology—CRYPTO’96: 16th Annual International Cryptology Conference Santa Barbara, California, USA August 18–22, 1996 Proceedings 16 (pp. 104-113). Springer Berlin Heidelberg.
Bleichenbacher, D. (1998). Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS# 1. In Advances in Cryptology—CRYPTO'98: 18th Annual International Cryptology Conference Santa Barbara, California, USA August 23–27, 1998 Proceedings 18 (pp. 1-12). Springer Berlin Heidelberg.
Kocher, P., Jaffe, J., & Jun, B. (1999). Differential power analysis. In Advances in Cryptology—CRYPTO’99: 19th Annual International Cryptology Conference Santa Barbara, California, USA, August 15–19, 1999 Proceedings 19 (pp. 388-397). Springer Berlin Heidelberg.
Howgrave-Graham, N. A., & Smart, N. P. (2001). Lattice attacks on digital signature schemes. Designs, Codes and Cryptography, 23, 283-290.
Page, D. (2002). Theoretical use of cache memory as a cryptanalytic side-channel. Cryptology ePrint Archive.
Vaudenay, S. (2002, April). Security flaws induced by CBC padding—applications to SSL, IPSEC, WTLS... In International Conference on the Theory and Applications of Cryptographic Techniques (pp. 534-545). Berlin, Heidelberg: Springer Berlin Heidelberg.
Paul, S., & Preneel, B. (2004, February). A New Weakness in the RC4 Keystream Generator and an Approach to Improve the Security of the Cipher. In International Workshop on Fast Software Encryption (pp. 245-259). Berlin, Heidelberg: Springer Berlin Heidelberg.
Maximov, A. (2005). Two linear distinguishing attacks on VMPC and RC4A and weakness of RC4 family of stream ciphers. In Fast Software Encryption: 12th International Workshop, FSE 2005, Paris, France, February 21-23, 2005, Revised Selected Papers 12 (pp. 342-358). Springer Berlin Heidelberg.
Bernstein, D. J. (2005, February). The Poly1305-AES message-authentication code. In International workshop on fast software encryption (pp. 32-49). Berlin, Heidelberg: Springer Berlin Heidelberg. — a very efficient and secure implementation of a MAC that strives for no cache misses
Brumley, D., & Boneh, D. (2005). Remote timing attacks are practical. Computer Networks, 48(5), 701-716.
Molnar, D., Piotrowski, M., Schultz, D., & Wagner, D. (2006). The program counter security model: Automatic detection and removal of control-flow side channel attacks. In Information Security and Cryptology-ICISC 2005: 8th International Conference, Seoul, Korea, December 1-2, 2005, Revised Selected Papers 8 (pp. 156-168). Springer Berlin Heidelberg.
Osvik, D. A., Shamir, A., & Tromer, E. (2006). Cache attacks and countermeasures: the case of AES. In Topics in Cryptology–CT-RSA 2006: The Cryptographers’ Track at the RSA Conference 2006, San Jose, CA, USA, February 13-17, 2005. Proceedings (pp. 1-20). Springer Berlin Heidelberg.
Aciiçmez, O. (2007, November). Yet another microarchitectural attack: exploiting I-cache. In Proceedings of the 2007 ACM workshop on Computer security architecture (pp. 11-18).
Sotirov, A., Stevens, M., Appelbaum, J., Lenstra, A. K., Molnar, D., Osvik, D. A., & de Weger, B. (2008). MD5 considered harmful today, creating a rogue CA certificate. In 25th Annual Chaos Communication Congress.
Stevens, M., Sotirov, A., Appelbaum, J., Lenstra, A., Molnar, D., Osvik, D. A., & De Weger, B. (2009). Short chosen-prefix collisions for MD5 and the creation of a rogue CA certificate. In Advances in Cryptology-CRYPTO 2009: 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16-20, 2009. Proceedings (pp. 55-69). Springer Berlin Heidelberg.
Käsper, E., & Schwabe, P. (2009, September). Faster and timing-attack resistant AES-GCM. In International Workshop on Cryptographic Hardware and Embedded Systems (pp. 1-17). Berlin, Heidelberg: Springer Berlin Heidelberg.
Albrecht, M. R., Paterson, K. G., & Watson, G. J. (2009, May). Plaintext recovery attacks against SSH. In 2009 30th IEEE Symposium on Security and Privacy (pp. 16-26). IEEE.
Tromer, E., Osvik, D. A., & Shamir, A. (2010). Efficient cache attacks on AES, and countermeasures. Journal of Cryptology, 23, 37-71.
Brumley, B. B., & Tuveri, N. (2011, September). Remote timing attacks are still practical. In European Symposium on Research in Computer Security (pp. 355-371). Berlin, Heidelberg: Springer Berlin Heidelberg. — attacks TLS with ECDSA in OpenSSL, fixed in version OpenSSL 1.0.0e
Gullasch, D., Bangerter, E., & Krenn, S. (2011, May). Cache games--bringing access-based cache attacks on AES to practice. In 2011 IEEE Symposium on Security and Privacy (pp. 490-505). IEEE.
AlFardan, N., & Paterson, K. G. (2012, February). Plaintext-recovery attacks against datagram TLS. In Network and distributed system security symposium (NDSS 2012).
Bernstein, D. J., Lange, T., & Schwabe, P. (2012). The security impact of a new cryptographic library. In Progress in Cryptology–LATINCRYPT 2012: 2nd International Conference on Cryptology and Information Security in Latin America, Santiago, Chile, October 7-10, 2012. Proceedings 2 (pp. 159-176). Springer Berlin Heidelberg. — Priase of the design of NaCl, but also addresses the security concerns in other libraries that necessitate those design decisions.
Heninger, N., Durumeric, Z., Wustrow, E., & Halderman, J. A. (2012). Mining your Ps and Qs: Detection of widespread weak keys in network devices. In 21st USENIX Security Symposium (USENIX Security 12) (pp. 205-220).
Almeida, J. B., Barbosa, M., Pinto, J. S., & Vieira, B. (2013). Formal verification of side-channel countermeasures using self-composition. Science of Computer Programming, 78(7), 796-812.
Vratonjic, N., Freudiger, J., Bindschaedler, V., & Hubaux, J. P. (2013). The inconvenient truth about web certificates. In Economics of information security and privacy iii (pp. 79-117). Springer New York.
Yarom, Y., & Falkner, K. (2014). {FLUSH+ RELOAD}: A high resolution, low noise, l3 cache {Side-Channel} attack. In 23rd USENIX security symposium (USENIX security 14) (pp. 719-732).
Benger, N., Van de Pol, J., Smart, N. P., & Yarom, Y. (2014). “Ooh Aah... Just a Little Bit”: a small amount of side channel can go a long way. In Cryptographic Hardware and Embedded Systems–CHES 2014: 16th International Workshop, Busan, South Korea, September 23-26, 2014. Proceedings 16 (pp. 75-92). Springer Berlin Heidelberg. — attacks secp256k1 from bitcoin
Yarom, Y., & Falkner, K. (2014). {FLUSH+ RELOAD}: A high resolution, low noise, l3 cache {Side-Channel} attack. In 23rd USENIX security symposium (USENIX security 14) (pp. 719-732).
Yarom, Y., & Benger, N. (2014). Recovering OpenSSL ECDSA nonces using the FLUSH+ RELOAD cache side-channel attack. Cryptology ePrint Archive.
Durumeric, Z., Li, F., Kasten, J., Amann, J., Beekman, J., Payer, M., ... & Halderman, J. A. (2014, November). The matter of heartbleed. In Proceedings of the 2014 conference on internet measurement conference (pp. 475-488).
Wong, D. (2015). Timing and Lattice Attacks on a Remote ECDSA OpenSSL Server: How Practical Are They Really?. Cryptology ePrint Archive.
Castellucci, R. (2015). Cracking cryptocurrency brainwallets.
Pessl, P., Gruss, D., Maurice, C., Schwarz, M., & Mangard, S. (2016). {DRAMA}: Exploiting {DRAM} addressing for {Cross-CPU} attacks. In 25th USENIX security symposium (USENIX security 16) (pp. 565-581).
Canella, C., Van Bulck, J., Schwarz, M., Lipp, M., Von Berg, B., Ortner, P., ... & Gruss, D. (2019). A systematic evaluation of transient execution attacks and defenses. In 28th USENIX Security Symposium (USENIX Security 19) (pp. 249-266). — Spectre & Meltdown
Islam, S., Moghimi, A., Bruhns, I., Krebbel, M., Gulmezoglu, B., Eisenbarth, T., & Sunar, B. (2019). {SPOILER}: Speculative load hazards boost rowhammer and cache attacks. In 28th USENIX Security Symposium (USENIX Security 19) (pp. 621-637).
Govindavajhala, S., & Appel, A. W. (2003, May). Using memory errors to attack a virtual machine. In 2003 Symposium on Security and Privacy, 2003. (pp. 154-165). IEEE. Schroeder, B., Pinheiro, E., & Weber, W. D. (2009). DRAM errors in the wild: a large-scale field study. ACM SIGMETRICS Performance Evaluation Review, 37(1), 193-204. Kim, Y., Daly, R., Kim, J., Fallin, C., Lee, J. H., Lee, D., ... & Mutlu, O. (2014). Flipping bits in memory without accessing them: An experimental study of DRAM disturbance errors. ACM SIGARCH Computer Architecture News, 42(3), 361-372. Kim, Y., Daly, R., Kim, J., Fallin, C., Lee, J. H., Lee, D., ... & Mutlu, O. (2016). Rowhammer: Reliability analysis and security implications. arXiv preprint arXiv:1603.00747. Gruss, D., Maurice, C., & Mangard, S. (2016). Rowhammer.js: A remote software-induced fault attack in javascript. In Detection of Intrusions and Malware, and Vulnerability Assessment: 13th International Conference, DIMVA 2016, San Sebastián, Spain, July 7-8, 2016, Proceedings 13 (pp. 300-321). Springer International Publishing. Van Der Veen, V., Fratantonio, Y., Lindorfer, M., Gruss, D., Maurice, C., Vigna, G., ... & Giuffrida, C. (2016, October). Drammer: Deterministic rowhammer attacks on mobile platforms. In Proceedings of the 2016 ACM SIGSAC conference on computer and communications security (pp. 1675-1689). Razavi, K., Gras, B., Bosman, E., Preneel, B., Giuffrida, C., & Bos, H. (2016). Flip feng shui: Hammering a needle in the software stack. In 25th USENIX Security Symposium (USENIX Security 16) (pp. 1-18). Frigo, P., Giuffrida, C., Bos, H., & Razavi, K. (2018, May). Grand pwning unit: Accelerating microarchitectural attacks with the GPU. In 2018 ieee symposium on security and privacy (sp) (pp. 195-210). IEEE. Tatar, A., Konoth, R. K., Athanasopoulos, E., Giuffrida, C., Bos, H., & Razavi, K. (2018). Throwhammer: Rowhammer attacks over the network and defenses. In 2018 USENIX Annual Technical Conference (USENIX ATC 18) (pp. 213-226). Van der Veen, V., Lindorfer, M., Fratantonio, Y., Padmanabha Pillai, H., Vigna, G., Kruegel, C., ... & Razavi, K. (2018). Guardion: Practical mitigation of dma-based rowhammer attacks on arm. In Detection of Intrusions and Malware, and Vulnerability Assessment: 15th International Conference, DIMVA 2018, Saclay, France, June 28–29, 2018, Proceedings 15 (pp. 92-113). Springer International Publishing. Cojocar, L., Razavi, K., Giuffrida, C., & Bos, H. (2019, May). Exploiting correcting codes: On the effectiveness of ecc memory against rowhammer attacks. In 2019 IEEE Symposium on Security and Privacy (SP) (pp. 55-71). IEEE. Lipp, M., Schwarz, M., Raab, L., Lamster, L., Aga, M. T., Maurice, C., & Gruss, D. (2020, September). Nethammer: Inducing rowhammer faults through network requests. In 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) (pp. 710-719). IEEE. Frigo, P., Vannacc, E., Hassan, H., Van Der Veen, V., Mutlu, O., Giuffrida, C., ... & Razavi, K. (2020, May). TRRespass: Exploiting the many sides of target row refresh. In 2020 IEEE Symposium on Security and Privacy (SP) (pp. 747-762). IEEE. de Ridder, F., Frigo, P., Vannacci, E., Bos, H., Giuffrida, C., & Razavi, K. (2021). {SMASH}: Synchronized many-sided rowhammer attacks from {JavaScript}. In 30th USENIX Security Symposium (USENIX Security 21) (pp. 1001-1018). Jattke, P., Van Der Veen, V., Frigo, P., Gunter, S., & Razavi, K. (2022, May). Blacksmith: Scalable rowhammering in the frequency domain. In 2022 IEEE Symposium on Security and Privacy (SP) (pp. 716-734). IEEE. Kogler, A., Juffinger, J., Qazi, S., Kim, Y., Lipp, M., Boichat, N., ... & Gruss, D. (2022). {Half-Double}: Hammering from the next row over. In 31st USENIX Security Symposium (USENIX Security 22) (pp. 3807-3824). Jattke, P., Wipfli, M., Solt, F., Marazzi, M., Bölcskei, M., & Razavi, K. (2024). Zenhammer: Rowhammer attacks on amd zen-based platforms. In 33rd USENIX Security Symposium (USENIX Security 2024). Marazzi, M., & Razavi, K. (2024, June). RISC-H: Rowhammer Attacks on RISC-V. In 4th Workshop on DRAM Security (DRAMSec) co-located with ISCA 2024.
Lipp, M., Schwarz, M., Gruss, D., Prescher, T., Haas, W., Horn, J., ... & Strackx, R. (2020). Meltdown: Reading kernel memory from user space. Communications of the ACM, 63(6), 46-56.
Kocher, P., Horn, J., Fogh, A., Genkin, D., Gruss, D., Haas, W., ... & Yarom, Y. (2020). Spectre attacks: Exploiting speculative execution. Communications of the ACM, 63(7), 93-101.
CVE-2017-5753 CVE-2017-5715 CVE-2018-3640 CVE-2018-3639 CVE-2018-3665 CVE-2018-3693 Koruyeh, E. M., Khasawneh, K. N., Song, C., & Abu-Ghazaleh, N. (2018). Spectre returns! speculation attacks using the return stack buffer. In 12th USENIX Workshop on Offensive Technologies (WOOT 18). Maisuradze, G., & Rossow, C. (2018, October). ret2spec: Speculative execution using return stack buffers. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (pp. 2109-2122). Schwarz, M., Schwarzl, M., Lipp, M., Masters, J., & Gruss, D. (2019). Netspectre: Read arbitrary memory over network. In Computer Security–ESORICS 2019: 24th European Symposium on Research in Computer Security, Luxembourg, September 23–27, 2019, Proceedings, Part I 24 (pp. 279-299). Springer International Publishing. Sun, P., Gabrielli, G., & Jones, T. M. (2021, June). Speculative vectorisation with selective replay. In 2021 ACM/IEEE 48th Annual International Symposium on Computer Architecture (ISCA) (pp. 223-236). IEEE. Karuppanan, S., & Ajorpaz, S. M. (2023). An Attack on The Speculative Vectorization: Leakage from Higher Dimensional Speculation. arXiv preprint arXiv:2302.01131.
Hebrok, S., Nachtigall, S., Maehren, M., Erinola, N., Merget, R., Somorovsky, J., & Schwenk, J. (2023). We really need to talk about session tickets: A {Large-Scale} analysis of cryptographic dangers with {TLS} session tickets. In 32nd USENIX Security Symposium (USENIX Security 23) (pp. 4877-4894).
Pfeiffer, S., & Tihanyi, N. (2023). D(HE)at: A Practical Denial-of-Service Attack on the Finite Field Diffie-Hellman Key Exchange. IEEE Access.
Castryck, W., & Decru, T. (2023, April). An efficient key recovery attack on SIDH. In Annual International Conference on the Theory and Applications of Cryptographic Techniques (pp. 423-447). Cham: Springer Nature Switzerland.
Grandamme, P., Tissot, P. A., Bossuet, L., Dutertre, J. M., Colombier, B., & Grosso, V. (2024). Switching Off your Device Does Not Protect Against Fault Attacks. IACR Transactions on Cryptographic Hardware and Embedded Systems.
Strenzke, F., & Roth, J. (2024). Legacy Encryption Downgrade Attacks against LibrePGP and CMS. Cryptology ePrint Archive.
Langhout, T., Chen, H., & Liang, K. (2024). File-Injection Attacks on Searchable Encryption, Based on Binomial Structures. Cryptology ePrint Archive.
Li, Y., Liu, F., & Wang, G. (2024, April). New Records in Collision Attacks on SHA-2. In Annual International Conference on the Theory and Applications of Cryptographic Techniques (pp. 158-186). Cham: Springer Nature Switzerland.
Dunkelman, O., Ghosh, S., Keller, N., Leurent, G., Marmor, A., & Mollimard, V. (2024, April). Partial sums meet FFT: Improved attack on 6-round AES. In Annual International Conference on the Theory and Applications of Cryptographic Techniques (pp. 128-157). Cham: Springer Nature Switzerland.
Bariant, A., Boeuf, A., Lemoine, A., Ayala, I. M., Øygarden, M., Perrin, L., & Raddum, H. (2024). The Algebraic Freelunch Efficient Gröbner Basis Attacks Against Arithmetization-Oriented Primitives. Cryptology ePrint Archive.
McKinney, E. H. (1966). Generalized birthday problem. The American Mathematical Monthly, 73(4), 385-387.
Coppersmith, D. (1985, August). Another birthday attack. In Conference on the Theory and Application of Cryptographic Techniques (pp. 14-17). Berlin, Heidelberg: Springer Berlin Heidelberg.
Cohen, M. G. R., & Campana, M. (1998). A generalized birthday attack.
Wagner, D. (2002, August). A generalized birthday problem. In Annual International Cryptology Conference (pp. 288-304). Berlin, Heidelberg: Springer Berlin Heidelberg.
Bellare, M., & Kohno, T. (2004). Hash function balance and its impact on birthday attacks. In Advances in Cryptology-EUROCRYPT 2004: International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, May 2-6, 2004. Proceedings 23 (pp. 401-418). Springer Berlin Heidelberg.
Wiener, M. J. (2005). Bounds on birthday attack times. Cryptology ePrint Archive.
Bernstein, D. J. (2007). Better price-performance ratios for generalized birthday attacks. In Workshop Record of SHARCS (Vol. 7, p. 160).
Bernstein, D. J., Lange, T., Niederhagen, R., Peters, C., & Schwabe, P. (2009). FSBday: Implementing Wagner’s generalized birthday attack against the SHA-3 round-1 candidate FSB. In Progress in Cryptology-INDOCRYPT 2009: 10th International Conference on Cryptology in India, New Delhi, India, December 13-16, 2009. Proceedings 10 (pp. 18-38). Springer Berlin Heidelberg.
Kirchner, P. (2011). Improved generalized birthday attack. Cryptology ePrint Archive.
Iwamoto, M., Peyrin, T., & Sasaki, Y. (2013). Limited-birthday distinguishers for hash functions: Collisions beyond the birthday bound can be meaningful. In Advances in Cryptology-ASIACRYPT 2013: 19th International Conference on the Theory and Application of Cryptology and Information Security, Bengaluru, India, December 1-5, 2013, Proceedings, Part II 19 (pp. 504-523). Springer Berlin Heidelberg.
Kelsey, J., Schneier, B., Wagner, D., & Hall, C. (1998, March). Cryptanalytic attacks on pseudorandom number generators. In International workshop on fast software encryption (pp. 168-188). Berlin, Heidelberg: Springer Berlin Heidelberg.
Gutterman, Z., Pinkas, B., & Reinman, T. (2006, May). Analysis of the linux random number generator. In 2006 IEEE Symposium on Security and Privacy (S&P'06) (pp. 15-pp). IEEE.
Dorrendorf, L., Gutterman, Z., & Pinkas, B. (2009). Cryptanalysis of the random number generator of the windows operating system. ACM Transactions on Information and System Security (TISSEC), 13(1), 1-32.
Kopf, G. (2010). Non-obvious bugs by example. In 27th Chaos Communication Congress CCC.
(2012) Why seeding with System.currentTimeMillis() is not a good idea.... Java Security and Related Topics. January.
Argyros, G., & Kiayias, A. (2012). I forgot your password: Randomness attacks against {PHP} applications. In 21st USENIX Security Symposium (USENIX Security 12) (pp. 81-96).
Michaelis, K., Meyer, C., & Schwenk, J. (2013, February). Randomly failed! The state of randomness in current Java implementations. In Cryptographers’ Track at the RSA Conference (pp. 129-144). Berlin, Heidelberg: Springer Berlin Heidelberg.
Cohney, S. N., Green, M. D., & Heninger, N. (2018, October). Practical state recovery attacks against legacy RNG implementations. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (pp. 265-280).
Gjøsteen, K. (2006). Comments on dual-ec-drbg/nist sp 800-90, draft december 2005.
Brown, D. R. (2006). Conjectured security of the ANSI-NIST Elliptic Curve RNG. Cryptology ePrint Archive.
Schoenmakers, B., & Sidorenko, A. (2006). Cryptanalysis of the dual elliptic curve pseudorandom generator. Cryptology ePrint Archive.
Brown, D. R., & Gjøsteen, K. (2007). A security analysis of the NIST SP 800-90 elliptic curve random number generator. In Advances in Cryptology-CRYPTO 2007: 27th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2007. Proceedings 27 (pp. 466-481). Springer Berlin Heidelberg.
Checkoway, S., Niederhagen, R., Everspaugh, A., Green, M., Lange, T., Ristenpart, T., ... & Fredrikson, M. (2014). On the practical exploitability of dual {EC} in {TLS} implementations. In 23rd USENIX security symposium (USENIX security 14) (pp. 319-335).
Bernstein, D. J., Lange, T., & Niederhagen, R. (2016). Dual EC: A standardized back door. In The New Codebreakers: Essays Dedicated to David Kahn on the Occasion of His 85th Birthday (pp. 256-281). Berlin, Heidelberg: Springer Berlin Heidelberg.
