Advances in Cryptology — EUROCRYPT 2001: International Conference on the Theory and Application of Cryptographic Techniques Innsbruck, Austria, May 6–10, 2001 Proceedings

Frederik Vercauteren, Bart Preneel, Joos Vandewalle (auth.), Birgit Pfitzmann (eds.)3540420703, 9783540420705

EUROCRYPT 2001, the 20th annual Eurocrypt conference, was sponsored by the IACR, the International Association for Cryptologic Research, see http://www. iacr. org/, this year in cooperation with the Austrian Computer – ciety (OCG). The General Chair, Reinhard Posch, was responsible for local or- nization, and registration was handled by the IACR Secretariat at the University of California, Santa Barbara. In addition to the papers contained in these proceedings, we were pleased that the conference program also included a presentation by the 2001 IACR d- tinguished lecturer, Andrew Odlyzko, on “Economics and Cryptography” and an invited talk by Silvio Micali, “Zero Knowledge Has Come of Age. ” Furthermore, there was the rump session for presentations of recent results and other (p- sibly satirical) topics of interest to the crypto community, which Jean-Jacques Quisquater kindly agreed to run. The Program Committee received 155 submissions and selected 33 papers for presentation; one of them was withdrawn by the authors. The review process was therefore a delicate and challenging task for the committee members, and I wish to thank them for all the e?ort they spent on it. Each committee member was responsible for the review of at least 20 submissions, so each paper was carefully evaluated by at least three reviewers, and submissions with a program committee member as a (co-)author by at least six.

---

Table of contents :
A Memory Efficient Version of Satoh’s Algorithm….Pages 1-13
Finding Secure Curves with the Satoh-FGH Algorithm and an Early-Abort Strategy….Pages 14-29
How Secure Are Elliptic Curves over Composite Extension Fields?….Pages 30-39
Efficient and Non-interactive Non-malleable Commitment….Pages 40-59
How to Convert the Flavor of a Quantum Bit Commitment….Pages 60-77
Cryptographic Counters and Applications to Electronic Voting….Pages 78-92
An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation….Pages 93-118
Priced Oblivious Transfer: How to Sell Digital Goods….Pages 119-135
A Secure Three-Move Blind Signature Scheme for Polynomially Many Signatures….Pages 136-151
Practical Threshold RSA Signatures without a Trusted Dealer….Pages 152-165
Hash Functions: From Merkle-Damgård to Shoup….Pages 166-181
Key Recovery and Message Attacks on NTRU-Composite….Pages 182-194
Evidence that XTR Is More Secure than Supersingular Elliptic Curve Cryptosystems….Pages 195-210
NSS: An NTRU Lattice-Based Signature Scheme….Pages 211-228
The Bit Security of Paillier’s Encryption Scheme and Its Applications….Pages 229-243
Assumptions Related to Discrete Logarithms: Why Subtleties Make a Real Difference….Pages 244-261
On Adaptive vs. Non-adaptive Security of Multiparty Protocols….Pages 262-279
Multiparty Computation from Threshold Homomorphic Encryption….Pages 280-300
On Perfect and Adaptive Security in Exposure-Resilient Cryptography….Pages 301-324
Cryptanalysis of Reduced-Round MISTY….Pages 325-339
The Rectangle Attack — Rectangling the Serpent….Pages 340-357
Efficient Amplification of the Security of Weak Pseudo-random Function Generators….Pages 358-372
Min-round Resettable Zero-Knowledge in the Public-Key Model….Pages 373-393
Structural Cryptanalysis of SASAS….Pages 395-405
Hyper-bent Functions….Pages 406-419
New Method for Upper Bounding the Maximum Average Linear Hull Probability for SPNs….Pages 420-436
Lower Bounds for Multicast Message Authentication….Pages 437-452
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels….Pages 453-474
Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords….Pages 475-494
Identification Protocols Secure against Reset Attacks….Pages 495-511
Does Encryption with Redundancy Provide Authenticity?….Pages 512-528
Encryption Modes with Almost Free Message Integrity….Pages 529-544