In this comment we show that a recently proposed public key cryptosystem is not safe for most of the practical cases. Furthermore, it is shown that the security of this system is closely connected with the problem of computing logarithms over a finite field.

Various constructions of authentication codes using spaces related to the general linear group have been proposed and analyzed. In the paper the authors describe two new constructions of Cartesian authentication codes using symplectic spaces. This illustrates the feasibility of codes from spaces based on geometries of the other classical groups.

Group authentication schemes as introduced by Boyd and by Desmedt and Frankel are cryptographic schemes in which only certain designated groups can provide messages with authentication information. In this paper we study unconditionally secure group authentication schemes based on linear perfect secret sharing and authentication schemes, for which we give expressions for the probabilities of succe

The long standing question whether the free distance of fixed rate convolutional codes is as good as the Costello bound was almost solved by K.S. Zigangirov and J.L. Massey (1987). They proved that this is indeed the case for codes with long branch length and rates 2/c, c>or=5. It is shown that there exist fixed convolutional codes of rate 2/4 whose free distance d/sub free/ meets the Costello bou

The frequently assumed "freshness" constraint on the source states in multiple authentication schemes is not necessary if one allows the encoding rule to change between subsequent transmissions. In the paper it is shown that the main existing lower bounds on the probabilities of successful attack on multiple authentication schemes also hold for this new setup. Furthermore, Stinson's (1988) bound f

In this paper a simple method is presented to derive formulas for the number of polynomials over GF(2) which factor into two, three, and four prime polynomials only. A table is given, summarizing the above numbers for polynomials of degree up to 127. Furthermore, the computed values are compared with an asymptotic approximation for these values.

The threat of hardware Trojans has been widely recognized by academia, industry, and government agencies. A Trojan can compromise security of a system in spite of cryptographic protection. The damage caused by a Trojan may not be limited to a business or reputation, but could have a severe impact on public safety, national economy, or national security. An extremely stealthy way of implementing ha

The Networked Society is built on a complex and intricate infrastructure that brings distributed services, data processing and communication together, combining them into an innovative and more meaningful set of services for people, business and society. Trusted computing technologies will play a crucial role in meeting the security expectations of users, regulators and infrastructure owners. User

Compression of the repeat request data in ARQ protocols was studied. Focus was on the problem of compressing the output of the block box (ARQ algorithm) with unknown input signal (error sequence). Towards finding a practical solution, it was found that the main statistical properties of error sequences and xn are more less the same.

One of the major challenges when applying (serial) universal source coding to 2-dimensional data, e.g., images, is to determine suitable context data. For this reason the concept of Context Mapping Function (CMF) has been introduced. In this paper we discuss the foundation for CMFs as well an off-line construction method via a combinatorial optimization method.

The P-context algorithm as introduced by Weinberger and Seroussi (see IEEE Trans. Inform. Theory, p.1697-1706, 1996) offers a way to reduce the parameter description costs. This paper concerns a possible improvement of the P-context algorithm. By using weighting techniques an accurate redundancy bound is derived and a possible implementation is proposed.

Over the past years there have been few attempts to construct digital signature schemes based on the intractability of the decoding of linear error-correcting codes. Unfortunately all these attempts failed. In this paper we suggest a new approach based on a seemingly unknown before fact that the set of correctable syndroms being nonlinear nevertheless contains a rather large linear subspace.

New bounds are derived for the probabilities of successful attack on multiple authentication schemes by removing the frequently assumed 'freshness' constraint on the source states. We prove that the overall probability of successful deception, PD(L), for a sequences of L uses of the authentication channel, is bounded from below by max(k/v, 1/√b). We also show that if PD{L) = 1/√b, then the key ent

In this paper we present a new algorithm for the recovery of the initial state of a linear feedback shift register when a noisy output sequence is given. Our work is focussed on the investigation of the asymptotical behaviour of the recovery process rather than on the construction of an optimal recovery procedure. Our results show the importance of low-weight checks and show also that the complexi

In this paper we consider cipher systems that provide both secrecy and security for a given number of (subsequent) transmissions. We show that there exists a broad class of situations in which we can do better (less key requirement) than just concatenating a perfect secrecy cipher and an authentication code.

A windmill generator is a high-speed sequence generator capable of producing blocks of v consecutive symbols in parallel. It consists of v feedback-shift registers linked into a ring. The sequences are identical to those produced by a linear feedback-shift register with feedback polynomial of the special ('windmill') form f(t) = α(tv) - tLβ(t-v), where α(t) and β(t) are polynomials of degree less

The windmill technique has several practical advantageous over other techniques for high-speed generation or blockwise generation of pn-sequences. In this paper we generalize previous results by showing that if f(t)=α(t v) − β(t −v)t L is the minimal polynomial of a pn-sequence, then the sequence can be generated by a windmill generator. For L = 1,..127, and ν = 4, 8, 16 such that L ≡ ±3 mod 8 no