# Scott A. Vanstone's research while affiliated with Motorola Mobility and other places

**What is this page?**

This page lists the scientific contributions of an author, who either does not have a ResearchGate profile, or has not yet added these contributions to their profile.

It was automatically created by ResearchGate to create a record of this author's body of work. We create such pages to advance our goal of creating and maintaining the most comprehensive scientific repository possible. In doing so, we process publicly available (personal) data relating to the author as a member of the scientific community.

If you're a ResearchGate member, you can follow this page to keep up with this author's work.

If you are this author, and you don't want us to display this page anymore, please let us know.

It was automatically created by ResearchGate to create a record of this author's body of work. We create such pages to advance our goal of creating and maintaining the most comprehensive scientific repository possible. In doing so, we process publicly available (personal) data relating to the author as a member of the scientific community.

If you're a ResearchGate member, you can follow this page to keep up with this author's work.

If you are this author, and you don't want us to display this page anymore, please let us know.

## Publications (115)

During generation of an implicit certificate for a requestor, a certificate authority incorporates information in the public-key reconstruction data, where the public-key reconstruction data is to be used to compute the public key of the requestor. The information may be related to one or more of the requestor, the certificate authority, and the im...

A wireless communication system includes a pager or similar device that communicates to a home terminal. The home terminal confirms the identity of the pager and attaches a certificate to the message for ongoing transmission. Where the recipient is also a pager, an associated home terminal verifies the transmission and forwards it in a trusted mann...

A method of determining the integrity of a message exchanged between a pair of correspondents. The message is secured by embodying the message in a function of a public key derived from a private key selected by one of the correspondents. The method comprises first obtaining the public key. The public key is then subjected to at least one mathemati...

During generation of a signature on a message to create a signed message, a signer determines one of the signature components such that particular information can be extracted from the signature component. The particular information may be related to one or more of the signer and the message to be signed. After receiving a signed message purported...

A method of representing crytographic values in text form is described. The text representation is formed from words selected from a vocabulary, which may include a collection of pseudowords. The text representations can be further transformed to a paragraph in an apparently grammatically correct form.

A cryptosystem prevents replay attacks within existing authentication protocols, susceptible to such attacks but containing a random component, without requiring modification to said protocols. The entity charged with authentication maintains a list of previously used bit patterns, extracted from a portion of the authentication message connected to...

A passport authentication protocol provides for encryption of sensitive data such as biometric data and transfer of the encryption key from the passport to the authentication authority to permit comparison to a reference value.

A signature scheme is provided in which a message is divided in to a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by...

A new trapdoor one-way function is provided. In a general sense, some quadratic algebraic integer z is used. One then finds a curve E and a rational map defining [z] on E. The rational map [z] is the trapdoor one-way function. A judicious selection of z will ensure that [z] can be efficiently computed, that it is difficult to invert, that determina...

A method for creating and authenticating a digital signature is provided, including selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a first mathematical function using the short term public key, selecting a second session pa...

A method of generating a public key in a secure digital communication system, having at least one trusted entity CA and subscriber entities A. The trusted entity selects a unique identity distinguishing each entity A. The trusted entity then generates a public key reconstruction public data of the entity A by mathematically combining public values...

A system and method are provided for enabling a symmetric key to be derived, the method comprising: obtaining a plurality of key parts, wherein the plurality of key parts when combined equal the symmetric key; encrypting a first of the key parts using a first cryptographic algorithm to generate a first encrypted value; encrypting one or more remain...

A method and system for distributed security for a plurality of devices in a communication network, each of the devices being responsible for generating, distributing and controlling its own keys for access to the communication network and using the keys to establish a trusted network, each device's membership to the communication network being che...

An authenticated RFID system is provided that uses elliptic curve cryptography (ECC) to reduce the signature size and read/write times when compared to traditional public key implementations such as RSA. Either ECDSA or ECPVS can be used to reduce the signature size and ECPVS can be used to hide a portion of the RFID tag that contains sensitive pro...

Improper re-use of a static Diffie-Hellman (DH) private key may leak information about the key. The leakage is prevented by a key derivation function (KDF), but standards do not agree on key derivation functions. The module for performing a DH private key operation must somehow support multiple different KDF standards. The present invention provide...

An improved compression scheme for compressing an ECDSA signature is provided. The scheme substitutes the integer s in a signature (r, s) by a smaller value c. The value c is derived from s and another value d, d being small enough such that c is smaller than s. The compressed signature (r, c) is verified by computing a value using r and e, e being...

A method for communicating information between at least a pair of correspondents, the method comprising the steps of each of the correspondents selecting a plurality of cryptographic algorithms known to each of the correspondents. One of the correspondents applies the algorithms in a predetermined manner to a message for producing a set of processe...

Methods for choosing groups for a static Diffie-Hellman key agreement protocol to inhibit active attacks by an adversary are provided. In mod p groups, an even h is chosen of value approximately ( 9/16)(log2n)2, values r and n are determined using sieving and primality testing on r and n, and a value t is found to compute p=tn+1 wherein p is prime....

Undesirable electronic messages, such as the unsolicited broadcast e-mail known as spam, is not only a nuisance, but wastes both computer and user resources. Conversely, desirable electronic messages with sensitive content is important to secure, so that it is not forged, tampered or revealed. Accordingly, the present invention provides cryptograph...

A computer implemented method of compressing a digitally represented cryptographic value. The method comprising the steps of: (a) selecting a secret value; (b) performing a cryptographic operation on the secret value to generate the cryptographic value; (c) determining whether the cryptographic value satisfies the pre-determined criteria; and (d) r...

There is provided a method of one member of a first entity generating an intra-entity public key. The first entity has a plurality of members and the one member has a long-term private key and a corresponding long-term public key. The method includes generating a short-term private key and a corresponding short-term public key, computing an intra-e...

A method of certifying a correspondent in a data communication system by a certifying authority. The certifying authority includes a cryptographic unit. The method includes generating a random number and implicit certificate components based on the random number using the cryptographic unit. The implicit certificate components have a first componen...

A method and system are provided for authenticating and securing an embedded device using a secure boot procedure and a full non-volatile memory encryption process that implements Elliptic Curve Pinstov-Vanstone Signature (ECPV) scheme with message recovery on a personalized BIOS and master boot record. The signature includes code that is recovered...

A potential bias in the generation of a private key is avoided by selecting the key and comparing it against the system parameters. If a predetermined condition is attained it is accepted. If not it is rejected and a new key is generated.

To mitigate the effects of a weak random number generator (RNG) in a public key cryptosystem, a public key obtained from the RNG is encrypted using a deterministic cryptographic scheme before being made publicly available. A trusted party receiving the encrypted public key can recover the public key and combine it with other information so it is no...

A device and method are provided for a device that communicates security information to a user entering content into the device. In an aspect, the device may access content from a server over a connection through the network. The device displays the content on a user interface of the device. The device detects information entered into a field of th...

We show that the elliptic curve Qu-Vanstone implicit certificate scheme (ECQV), when composed with the Elliptic Curve Digital Signature Algorithm (ECDSA), is secure against passive adversaries under the combined assumption of the random oracle model and the generic group model. In contrast, we detail an attack on the composition of another implicit...

We present practical and realistic attacks on some standardized elliptic curve key establishment and public-key encryption
protocols that are effective if the receiver of an elliptic curve point does not check that the point lies on the appropriate
elliptic curve. The attacks combine ideas from the small subgroup attack of Lim and Lee, and the diff...

In this paper, we propose classes of Message Authentication Codes (MAC) based on error correcting-codes. We introduce a new
notion of error tolerant forgery of hash messages. These MACs allow full error recovery for all applications, while being
error-tolerant for less information-sensitive applications. The classes of the keyed hash functions are...

In this paper we give some computational results on the multiplicative orders of optimal normal basis generators in F2 n over F2 for n # 1200 whenever the complete factorization of 2 - 1 is known. Our results show that a subclass of optimal normal basis generators always have very high multiplicative orders and are very often primitive. For a given...

Three new trapdoor one-way functions are proposed that are based on elliptic curves over the ring Z_n. The first class of functions is a naive construction, which can be used only in a digital signature scheme, and not in a public-key cryptosystem. The second, preferred class of function, does not suffer from this problem and can be used for the sa...

In this article we presented a little introduction to the elliptic curves and it use in the cryptography. We described the concepts of digital signature, we presented the algorithm ECDSA (Elliptic Curves Digital Signature Algorithm) and we make a parallel of this with DSA (Digital Signature Algorithm). Follow we presented an application developed w...

Optimal mail certificates, introduced by L. Pintsov and S. Vanstone [FC 2000, Lect. Notes Comput. Sci. 1962, 105–120 (2001; Zbl 0999.68560)], are efficient types of implicit certificates which offer many advantages over traditional (explicit) certificates. For example, an optimal mail certificate is small enough to fit on a two-dimensional digital...

The fundamental operation in elliptic curve cryptographic schemes is the multiplication of an elliptic curve point by an integer. This paper describes a new method for accelerating this operation on classes of elliptic curves that have efficiently-computable endomorphisms. One advantage of the new method is that it is applicable to a larger class o...

. In recent years postal revenue collection underwent a major transformation due to widespread transition to digital methods of communication. This transition directly aected not only telecommunications which form an integral part of the postal revenue collection but also, and in a much more profound way, postage evidencing. Traditional postage evi...

Since the introduction of public-key cryptography by Diffie and Hellman in 1976, the potential for the use of the discrete logarithm problem in public-key cryptosystems has been recognized. Although the discrete logarithm problem as first employed by Diffie and Hellman was defined explicitly as the problem of finding logarithms with respect to a ge...

It is well known that the set of all ‘even’ spanning subgraphs of a connected graph G on n vertices with m edges forms a binary linear code with parameters [m,m−n+1,g], where g is the girth of G. Such codes were first studied by Bredeson and Hakimi; IEEE Trans. Inform. Theory 13 (1967) 348–349 and Hakimi and Bredeson, IEEE Trans. Inform. Theory 14...

Ternary graphical codes / D. Jungnickel, S. A. Vanstone. - In: Journal of combinatorial mathemathics and combinatorial computing. 29. 1999. S. 17-31

We present a key exchange scheme similar to that of Diffie and Hellman using the infrastructure of quadratic function fields of even characteristic. This is a modification of the results of Scheidler, Stein and Williams who used quadratic function fields of odd characteristic. We also extend these results to give a digital signature scheme similar...

This article presents a personal view on the current status of an important new area of cryptography — Elliptic Curves.Only three classes of public-key cryptosystems are today considered both secure and efficient: Integer Factorization Systems, Discrete Logarithm Systems, and the Elliptic Curve Cryptosystem (ECC). While the security of all three is...

We present a new cryptosystem based on elliptic curves over the
ring Z<sub>n</sub>, where n=pq, in which the message is held in the
exponent and not the group element. The security of this system is based
on the difficulty of factoring n. A digital signature scheme and
ID-based key exchange system are also given

By using difference sets, we give an answer to the following problem concerning graphical codes: When is the binary code generated by the complete graph Kn contained in some binary Hamming code? It turns out that this holds if and only if n is one of the numbers 2, 3 and 6.

The set of all even subgraphs of a connected graph G on p vertices
with q edges forms a binary linear code C=C<sub>E</sub>(G) with
parameters [q,q-p+1,g], where g is the girth of G. Such codes were
studied systematically by Bredeson and Hakimi (1967) and Hakimi and
Bredeson (1968) who were concerned with the problems of augmenting C to
a larger [q,...

From the Publisher:
A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols; more than 200 tables and figures; more than 1,000 numbered definitions, facts, examples, n...

We consider the problem of embedding the even graphical code based on the complete graph on n vertices into a shortening of a Hamming code of length 2m
- 1, where m = h(n) should be as small as possible. As it turns out, this problem is equivalent to the existence problem for optimal codes with minimum distance 5, and optimal embeddings can always...

Graphical codes - a tutorial / Dieter Jungnickel ; S. A. Vanstone. - In: Institute of Combinatorics and Its Applications <Winnipeg, Manitoba>: Bulletin of the ... 18. 1996. S. 45-64

Cryptography, in particular public-key cryptography, has emerged in the last 20 years as an important discipline that is not only the subject of an enormous amount of research, but provides the foundation for information security in many applications. Standards are emerging to meet the demands for cryptographic protection in most areas of data comm...

An application of coding theory to a problem in graphical enumeration / Dieter Jungnickel ; Scott A. Vanstone. - In: Archiv der Mathematik. 65. 1995. S. 461- 464

Recently Niederreiter described a new method for factoring polynomials over finite fields. As with the Berlekamp technique, the method requires the construction of a linear subspace whose dimension is precisely the number of irreducible factors of the polynomial being considered. This paper explores the connection between these subspaces and gives...

This paper deals with the problem of generating RSA moduli having a predetermined set of bits. It would appear to be of practical interest if one could construct their modulus so that, for example, some of the bits are the ASCII representation of their identification information (i.e., name, address, etc.). This could lead to a savings in both band...

Elliptic curves have been extensively studied for many years. Recent interest has revolved around their applicability to factoring integers, primality testing, and to cryptography. In this paper we explore the feasibility of implementing in hardware an arithmetic processor for doing elliptic curve computations over finite fields. Of special interes...

This article is concerned with various arithmetic operations in GF(2m). In particular we discuss techniques for computing multiplicative inverses and doing exponentiation. The method used for exponentiation is highly suited to parallel computation. All methods achieve much of their efficiency from exploiting a normal basis representation in the fie...

Codes obtained from algebraic curves have attracted much attention from mathematicians and engineers alike since the remarkable work of Tsfasman et al. [17] who showed that the longstAnding Gilbert-Varshamov lower bound can be exceeded for alphabet sizes larger than 49. The Gilbert-Varshamov bound, established in 1952, is a lower bound on the infor...

Elliptic curves have been intensively studied in algebraic geometry and number theory. Recently, they have been used in devising efficient algorithms for factoring integers [8, 9], for primality proving [2, 11, 12] and for the construction of pseudorAndom bit generators [4]. In Chapter 8 we study how elliptic curves can be used in constructing effi...

A polynomial of degree n over a finite field F
q is an expression in an indeterminate x having the form $$f(x) = \sum\limits_{i = 0}^n {{a_i}{x^1}} $$ where n is a non-negative integer, a
i
∈ F
q
, 0 ≤ i ≤ n and a
n
≠ 0. To be more precise, f (x) is called a univariate polynomial to distinguish the more general situation where more indeterminates a...

In this chapter some of the basic concepts of algebraic geometry needed for algebraic geometric codes will be presented. Since the theory of algebraic geometry is both vast and deep, we can only give a rough outline here. Emphasis will be placed on making the ideas intuitive and clear enough to enable the reader to understAnd the algebraic geometri...

Interest in normal bases over finite fields stems from both purely mathematical curiosity and practical applications. The practical aspects of normal bases will be treated in Chapter 5. In the present chapter, we discuss the theoretical aspects of normal bases over finite fields.

In this paper we present an implementation of Schoof's algorithm for
computing the number of {F_{{2^m}}} -points of an elliptic curve that
is defined over the finite field {F_{{2^m}}} . We have implemented some
heuristic improvements, and give running times for various problem
instances.

Let G be a finite cyclic group, and let a be a generator for G. Then $$G = \{ {\alpha ^i}|0 \leqslant i\# G\} $$, where #G is the order of G. The discrete logarithm (logarithm) of an element β to the base α in G is an integer x such that α
x
= β. If x is restricted to the interval 0 ≤ x < #G then the discrete logarithm of β to the base α is unique....

1 Introduction to Finite Fields and Bases.- 2 Factoring Polynomials over Finite Fields.- 3 Construction of Irreducible Polynomials.- 4 Normal Bases.- 5 Optimal Normal Bases.- 6 The Discrete Logarithm Problem.- 7 Elliptic Curves over Finite Fields.- 8 Elliptic Curve Cryptosystems.- 9 Introduction to Algebraic Geometry.- 10 Codes From Algebraic Geome...

This introductory chapter contains some basic results on bases for finite fields that will be of interest or use throughout the book. The concentration is on the existence of certain types of bases, their duals and their enumeration. There has been considerable activity in this area in the past decade and while many of the questions are resolved, a...

As we have seen in Section 6.1, the elements of a finite cyclic group G may be used to implement several cryptographic schemes, provided that finding logarithms of elements in G is infeasible. We may take G to be a cyclic subgroup of E(F
q
), the group of F
q
-rational points of an elliptic curve defined over F
q
; this was first suggested by N. Ko...

With the development of coding theory and the appearance of several cryptosystems using finite fields, the implementation of finite field arithmetic, in either hardware or software, is required. Work in this area has resulted in several hardware and software designs or implementations [7, 8, 22, 23, 24, 27], including single-chip exponentiators for...

This chapter is devoted to the problem of constructing irreducible polynomials over a given finite field. Such polynomials are used to implement arithmetic in extension fields and are found in many applications, including coding theory [5], cryptography [13], computer algebra systems [11], multivariate polynomial factorization [21], and parallel po...

This paper is concerned with pair-splitting sets in AG(k)(m, q), the design obtained from the points and k-flats in AG(m, q). A pair-splitting set is a set of parallel classes {R1, R2,..., R(s)} such that there is no pair of distinct points a, b such that a, b are contained in a common k-flat of each of the s parallel classes. It is easy to prove t...

Twenty-eight non-isomorphic KTS(33) with an automorphism of order 11 are constructed from the 84 cyclic STS(33).

In some applications of public-key cryptography it is desirable, and perhaps even necessary, that the key size be as small
as possible. Moreover, the cryptosystem just needs to be secure enough so that breaking it is not cost-effective. The purpose
of this paper is to investigate the security and practicality of elliptic curve cryptosystems with sm...

This paper presents a generalization of Moenck’s root finding algorithm over $GF(q)$, for q a prime or prime power. The generalized algorithm, like its predecessor, is deterministic, given a primitive element $\omega $ for $GF(q)$. If $q - 1$ is b-smooth, where $b = (\log q)^{O(1)} $, then the algorithm runs in polynomial time. An analogue of this...

We show how the discrete logarithm problem in some flnite cyclic groups can easily be reduced to the discrete logarithm problem in a flnite fleld. The cyclic groups that we consider are the set of points on a singular elliptic curve over a flnite fleld, the set of points on a genus 0 curve over a flnite fleld given by the Pell equation, and certain...

Let G be a cyclic Singer group for the Desarguesian projective plane P = PG(2, q). Then there exists a cyclic Steiner triple system on the point set of P which is invariant under G and the blocks of which are triangles of P.

Three new trapdoor one-way functions are proposed that are based on elliptic curves over the ring ℤ n . The first class of functions is a naive construction, which can be used only in a digital signature scheme, and not in a public-key cryptosystem. The second, preferred class of function, does not suffer from this problem and can be used for the s...

A ?-hyperfactorization ofK2n is a collection of 1-factors ofK2n for which each pair of disjoint edges appears in precisely ? of the 1-factors. We call a ?-hyperfactorizationtrivial if it contains each 1-factor ofK2n with the same multiplicity ? (then ?=?(2n-5)!!). A ?-hyperfactorization is calledsimple if each 1-factor ofK2n appears at most once. P...

A simple systolic array for achieving the effect of modular reduction, in linear time, is described. This circuit, in conjunction with Atrubin’s multiplier, performs modular multiplication in linear time.

In this paper, we present new constructions for resolvable and near resolvable (v,3,2)-BIBDs. These constructions use balanced tournament designs and odd balanced tournament designs. We then use balanced tournament designs with almost orthogonal resolutions and odd balanced tournament designs with orthogonal resolutions to generalize these construc...

LET E = GF (Q,) BE THE M-DIMENSIONAL EXTENSION OF F = GF (Q). WE ARE CONCERNED WITH THE NUMBERS SD(M; Q) AND SDN(M; Q) OF SELF-DUAL BASES AND SELF-DUAL NORMAL BASES OF E OVER F, RESPECTIVELY. WE COMPLETELY DETERMINE SD(M; Q), EN ROUTE GIVING A VERY SIMPLE PROOF FOR THE LEMPEL-SEROUSSI THEOREM WHICH STATES THAT SD(M; Q) = 0 Ifi Q IS ODD AND M IS EVE...

Let E = G F ( q m ) E = GF({q^m}) be the m m -dimensional extension of F = G F ( q ) F = GF(q) . We are concerned with the numbers s d ( m , q ) sd(m,q) and s d n ( m , q ) sdn(m,q) of self-dual bases and self-dual normal bases of E E over F F , respectively. We completely determine s d ( m , q ) sd(m,q) , en route giving a very simple proof for th...

In this paper we construct a resolvable (k(k + 1), k, k −1)-BIBD for each k ⩾3, k a prime or prime power. For k ⩾ 5 such a design was previously unknown. In fact, for these parameters we show that there are at least k − 1 nonisomorphic resolutions of the constructed design and that a pair of orthogonal resolutions exist.

A normal basis in GF(qm) is a basis of the form {β,βq,βq2,…,βqm−1}, i.e., a basis of conjugate elements in the field. In GF(2m) squaring with respect to a normal basis representation becomes simply a cyclic shift of the vector. For hardware design this is one of the very attractive features of these bases. Multiplication with respect to a normal ba...

Let F=GF(q) and let E = GF(qk) be the field extension of degree k of F. We show that the following statement holds for all but finitely many exceptional pairs (q, k): Given any element aϵF∗ there exists a primitive element ω of E with trace . Equivalently, the coefficient of xk − 1 in a primitive polynomial of degree k over GF(q) may be arbitrarily...

The theory of error detecting and correcting codes is that branch of engineering and mathematics which deals with the reliable transmission and storage of data. Information media are not 100% reliable in practice, in the sense that noise (any form of interference) frequently causes data to be distorted. To deal with this undesirable but inevitable...

1 Introduction and Fundamentals.- 2 Finite Fields.- 3 Linear Codes.- 4 Some Special Linear Codes.- Chapters 5 Cyclic Codes.- 6 BCH Codes and Bounds for Cyclic Codes.- 7 Error Correction Techniques and Digital Audio Recording.- A: Review of Vector Spaces.- B: The Division Algorithm and the Euclidean Algorithm.- C: The Chinese Remainder Theorem.- D:...

In this chapter, we consider a special class of BCH codes and several important techniques available to enhance error correction capabilities. In particular, we introduce the well known Reed-Solomon codes, and discuss the ideas of channel erasures and interleaving. While these concepts are of general interest, we find it motivating to focus our dis...

A monic polynomial g(x)∈ GF(q)[x] is said to split in the extension field GF(q
m
) of GF(q) if g(x) can be factored as a product of linear polynomials in GF(q
m
), i.e. if we can write $$ g(x) = (x - {\alpha _1})(x - {\alpha _2})...(x - {\alpha _n}) $$
where αi ∈ GF(q
m
). Here GF(q
m
) is called a splitting field of g(x).In general, we refer to th...

In succeeding chapters we shall make extensive use of the algebraic structure known as a finite field. The reader already familiar with the elementary properties of finite fields may wish to proceed directly to Chapter 3. As the material regarding minimal polynomials (§2.4) and Zech’s log tables (§2.6) is not referenced until §5.8, other readers ma...

One of the most important classes of linear codes is the class of cyclic codes. In general these codes are much easier to implement and hence have great practical importance. From an algebraic viewpoint they are also of considerable interest. Many of the codes we have already investigated are cyclic or derived from cyclic codes. We begin our study...

In this chapter we describe two special classes of linear codes. One reason for our interest in them is the fact that they both have been used in space exploration projects. The first class we consider was used to transmit photographs from the Mariner 9 spacecraft in January of 1972. The second class was used to transmit colour photographs of Jupit...

In this chapter we introduce linear codes. The algebraic structure of linear codes provides a framework from which efficient encoding and decoding algorithms can be constructed. Many error-correcting codes in use and under investigation are subclasses of linear codes defined by imposing additional structural constraints. The cyclic codes of Chapter...

In this paper, we have described a protocol for interactive data exchange which provides strong mutual authentication of the
users and data integrity. The protocols used are based on a cryptographic system using discrete exponentiation for public
key exchange and conventional data exchange. The protocol is robust to data/protocol errors and active...

We investigate the combinatorial properties of threshold schemes. Informally, a (t, w)-threshold scheme is a way of distributing partial information (shadows) to w participants, so that any t of them can easily calculate a key, but no subset of fewer than t participants can determine the key. Our interest is in perfect threshold schemes: no subset...

A skew resolution in AG(n, q) is a partition of the lines of the geometry into classes (skew resolution classes) such that any two distinct lines in a class are disjoint and not parallel. In this paper we consider a special type of skew resolution. A hyperplane skew resolution R is a skew resolution having the property that for each class S of R th...

## Citations

... The 8-bit S-boxes are widely used in modern cryptography; for example, they are used in symmetric ciphers to complicate the functional dependence of plaintext and ciphertext [41]. Some cryptographic indicators of ciphers are directly determined by indicators of S-boxes [2]. ...

... However, pre-installment of key material requires the existence of a trusted third party (TTP), who becomes in the possession of all the security material and thus makes the system vulnerable of key escrow attacks. Therefore, implicit based certificate schemes like e.g. the Elliptic Curve Qu-Vanstone (ECQV) [26] provide an efficient method to allow the generation of a private-public key pair without a TTP being able to derive the private key itself. ...

... Unlike the x and y values of an ECC public key, r and s are not points on the curve and therefore cannot be compressed in the same way. There are however patented solutions for compressing ECDSA signatures, for example Compressed ECDSA signatures (patent number US 8631240 B2) [22], where the s value is replaced by a smaller value c. Within 6LoWPAN networks, we omit the signatureAlgorithm value (as it is fixed) and compress the signature by encoding it to the CBOR format, which reduces the size from 75 to 66 bytes. ...

... This slows the sender down so that mass mailings become impractical. We found one patent application mentioning this possibility [194] but no related work reporting on the effectiveness of such approaches. ...

... The function α −1 is semi-algebraic. From Proposition 2.11 in [6] (see also Proposition 2.6.1 in [2]), there exists r 1 r 0 and an integer q 0 such that α(r) −1 < r q for every r r 1 and every integer q q 0 . This implies that for every x in F ∩ E r1 and for q q 0 , f q (x) = (1 + ρ(x)) q f (x)1. ...

... The elliptic curve over finite field EðGFÞ is a cubic curve defined by the general Weierstrass Eq. (1) [2] over GF where a i 2 GF and GF is a finite field. ...

... In this paper, we use Scyther to analyze the security requirements of the DLP [17] based group authentication protocols proposed in [2], which are claimed to be secure against passive adversaries, against impersonation attacks, to provide implicit authentication and forward and backward secrecy. The first innovation in this paper is that it evaluates new features, such as implicit key authentication, against impersonation attack (more details in Subsection IV-A). ...

... New requirements for digital signature solutions such as short digital signatures, fast processing speeds, message authentication without transmissions, and digital signature on short message and low bandwidth channel transmissions are essential for today's applications [1][2][3][4][5]. To date, short digital signature solutions and signature authentication using the calculation of an elliptic curve, such as ECDSA, Elliptic Curve-based Schnorr Digital Signature Algorithm (ECSDSA), or Edwards-Curve Digital Signature Algorithm (EdDSA) have been applied widely in commercial products [1,2,[6][7][8][9]. Among these, the digital signature solution with a short digital signature using the calculation of Weil and Tate bilinear pairing of the authors Boneh, Lynn, Schacham (2001) (denoted by the BLS short digital signature scheme) proves to meet the requirements [2,10]. ...

... Normal bases and related concepts such as optimal normal bases and self-dual normal bases find several applications, both theoretical and practical. We refer the interested reader to [1], [6], and [16] for more on this topic. ...

... (See also [11] for a tutorial treatment using the Petersen graph and its codes as an extended example.) In a subsequent paper [13], we have investigated how far our methods could be adapted to obtain corresponding progress in the ternary case. This turned out to work quite nicely for the augmentation problem, but seemed to be rather diicult as far as decoding the circulation code is concerned, where we were only able to obtain a connection to an apparently diicult optimization problem. ...

Reference: q-ary graphical codes