Knowledge (XXG)

1041: 1408:. Generally, these provisions mean that anything digitally signed legally binds the signer of the document to the terms therein. For that reason, it is often thought best to use separate key pairs for encrypting and signing. Using the encryption key pair, a person can engage in an encrypted conversation (e.g., regarding a real estate transaction), but the encryption does not legally sign every message he or she sends. Only when both parties come to an agreement do they sign a contract with their signing keys, and only then are they legally bound by the terms of a specific document. After signing, the document can be sent over the encrypted link. If a signing key is lost or compromised, it can be revoked to mitigate any future transactions. If an encryption key is lost, a backup or 964:). It can be arranged that the private key never leaves the smart card, although this is not always implemented. If the smart card is stolen, the thief will still need the PIN code to generate a digital signature. This reduces the security of the scheme to that of the PIN system, although it still requires an attacker to possess the card. A mitigating factor is that private keys, if generated and stored on smart cards, are usually regarded as difficult to copy, and are assumed to exist in exactly one copy. Thus, the loss of the smart card may be detected by the owner and the corresponding certificate can be immediately revoked. Private keys that are protected by software only may be easier to copy, and such compromises are far more difficult to detect. 38: 136:. In many instances, they provide a layer of validation and security to messages sent through a non-secure channel: Properly implemented, a digital signature gives the receiver reason to believe the message was sent by the claimed sender. Digital signatures are equivalent to traditional handwritten signatures in many respects, but properly implemented digital signatures are more difficult to forge than the handwritten type. Digital signature schemes, in the sense used here, are cryptographically based, and must be implemented properly to be effective. They can also provide 1289:. Other countries have also passed statutes or issued regulations in this area as well and the UN has had an active model law project for some time. These enactments (or proposed enactments) vary from place to place, have typically embodied expectations at variance (optimistically or pessimistically) with the state of the underlying cryptographic engineering, and have had the net effect of confusing potential users and specifiers, nearly all of whom are not cryptographically knowledgeable. 773:—if the bank's offices simply encrypted the messages they exchange, they could still be vulnerable to forgery. In other applications, such as software updates, the messages are not secret—when a software author publishes a patch for all existing installations of the software to apply, the patch itself is not secret, but computers running the software must verify the authenticity of the patch before applying it, lest they become victims to malware. 3685: 1324: 506: 484:, the first that could be proved to prevent even an existential forgery against a chosen message attack, which is the currently accepted security definition for signature schemes. The first such scheme which is not built on trapdoor functions but rather on a family of function with a much weaker required property of one-way permutation was presented by 1183:– a signature scheme that supports aggregation: Given n signatures on n messages from n users, it is possible to aggregate all these signatures into a single signature whose size is constant in the number of users. This single signature will convince the verifier that the n users did indeed sign the n original messages. A scheme by 1001: 851:. Very roughly this is analogous to a vendor who receives credit-cards first checking online with the credit-card issuer to find if a given card has been reported lost or stolen. Of course, with stolen key pairs, the theft is often discovered only after the secret key's use, e.g., to sign a bogus certificate for espionage purpose. 788:. For example, the branch office may legitimately request that bank transfer be issued once in a signed message. If the bank doesn't use a system of transaction ids in their messages to detect which transfers have already happened, someone could illegitimately reuse the same signed message many times to drain an account. 832:, or more specifically non-repudiation of origin, is an important aspect of digital signatures. By this property, an entity that has signed some information cannot at a later time deny having signed it. Similarly, access to the public key only does not enable a fraudulent party to fake a valid signature. 1276: 758: 1272: 1057: 1004: 794: 754: 1000: 1061: 955: 1268:), the possibility of mistaken attestation is non-trivial. Commercial PKI operators have suffered several publicly known problems. Such mistakes could lead to falsely signed, and thus wrongly attributed, documents. 'Closed' PKI systems are more expensive, but less easily subverted in this way. 1040: 976:. Some card readers have their own numeric keypad. This is safer than using a card reader integrated into a PC, and then entering the PIN using that computer's keyboard. Readers with a numeric keypad are meant to circumvent the eavesdropping threat where the computer might be running a 734: 720: 1062: 208: 821:. In some signature schemes, given a signed message, it is easy to construct a public key under which the signed message will pass verification, even without knowledge of the private key that was used to make the signed message in the first place. 144: 750: 445: 661: 41: 50: 1736: 1017: 931: 73:, which include any electronic data that carries the intent of a signature, but not all electronic signatures use digital signatures. Electronic signatures have legal significance in some countries, including 682:. This forgery attack, then, only produces the padded hash function output that corresponds to σ, but not a message that leads to that value, which does not lead to an attack. In the random oracle model, 1924: 1178: 730: 843: 429: 1594: 480: 2413:"A digital signature scheme secure against adaptive chosen-message attacks.", Shafi Goldwasser, Silvio Micali, and Ronald Rivest. SIAM Journal on Computing, 17(2):281–308, Apr. 1988. 3665: 3495: 1954: 3125: 763: 1728: 1384: 2835: 992: 1830: 30: 1412: 3253: 214: 3348: 2115: 1920: 3248: 1864: 769: 1292: 2977: 1081: 1108: 710: 1662: 980:, potentially compromising the PIN code. Specialized card readers are also less vulnerable to tampering with their software or hardware and are often 3156: 3150: 2794: 2616: 1703: 666:, corresponding to that signature. In practice, however, this type of signature is not used directly, but rather, the message to be signed is first 205: 2694: 2548:. European Symposium on Research in Computer Security—ESORICS. Lecture Notes in Computer Science. Vol. 8713. Springer. pp. 313–326. 3274: 2828: 2747: 2729: 2573: 2511: 2478: 2184: 1638: 1587: 2346: 1950: 1805: 1198: 2892: 2447: 1565: 1345: 848: 523: 2960: 2917: 2882: 3718: 3341: 2436: 2431:"Modern Cryptography: Theory & Practice", Wenbo Mao, Prentice Hall Professional Technical Reference, New Jersey, 2004, pg. 308. 1371: 589: 2872: 1620: 1536: 784: 1770: 2821: 1308: 2950: 2897: 1256: 1228: 570: 3036: 1401: 177: 1400: 918: 874: 542: 3544: 3061: 2198: 1496: 1349: 957: 859: 527: 2945: 1838: 1893: 198: 1466: 1431: 1264:). For 'open' PKIs in which anyone can request such an attestation (universally embodied in a cryptographically protected 1219: 1049: 549: 3334: 3202: 3135: 2172: 1451: 59: 2877: 2791: 3660: 3615: 3428: 3299: 3192: 3041: 2955: 2940: 1385: 1122: 1076: 844: 770: 704: 667: 210: 1334: 643: 3713: 3539: 3051: 2922: 2785: 1153: 1136: 981: 556: 1353: 1338: 516: 3655: 3304: 3284: 1860: 1481: 1257: 1247: 1159: 1145: 1141: 1128: 1113: 961: 1224: 3645: 3635: 3490: 3243: 3014: 1100: 335: 133: 538: 2422: 3640: 3630: 3433: 3393: 3386: 3376: 3371: 3197: 2844: 1654: 1491: 1456: 691: 458: 158: 951:. Many smart cards are designed to be tamper-resistant (although some designs have been broken, notably by 140:, meaning that the signer cannot successfully claim they did not sign a message, while also claiming their 3381: 3279: 3130: 3069: 3004: 2590: 2213: 1486: 1446: 1265: 1234: 1149: 840: 671: 55: 2623: 1684: 1173: 3688: 3534: 3480: 3145: 2902: 2859: 1886:"LEY-19799 SOBRE DOCUMENTOS ELECTRONICOS, FIRMA ELECTRONICA Y SERVICIOS DE CERTIFICACION DE DICHA FIRMA" 1261: 1202: 1092: 736: 149:: examples include electronic mail, contracts, or a message sent via some other cryptographic protocol. 2686: 2156:"New Directions in Cryptography", IEEE Transactions on Information Theory, IT-22(6):644–654, Nov. 1976. 1005: 3650: 3574: 3056: 2867: 1461: 1168: 1132: 225: 70: 31: 2218: 3413: 3162: 2037:"Digital signature scheme for information non-repudiation in blockchain: a state of the art review" 1389: 1188: 940: 911: 731: 346: 2782: 1635: 3519: 3503: 3450: 3187: 3009: 2932: 2912: 2907: 2887: 2788: 2549: 2380:"A certified digital signature", Ralph Merkle, In Gilles Brassard, ed., Advances in Cryptology – 2231: 2066: 2017: 1441: 1206: 697: 627: 481: 2757: 2338: 563: 180: 3579: 3569: 3212: 3140: 3026: 2743: 2725: 2569: 2507: 2474: 2432: 2107: 2058: 2009: 1476: 1104: 977: 904: 897: 679: 454: 63: 2458: 1794: 3514: 3115: 2659: 2559: 2544: 2466: 2394: 2223: 2180: 2099: 2048: 2035: 1999: 1989: 1523: 1293: 952: 881: 683: 469: 422: 1260:(PKI) and the public key↔user association is attested by the operator of the PKI (called a 2176: 1642: 1624: 1436: 1071: 1014: 829: 603: 462: 442: 137: 1617: 1527: 795: 755: 3589: 3509: 3470: 3418: 3403: 2650: 2368: 2004: 1977: 1758: 1569: 1042: 973: 914: 835: 690: 610:, that is the product of two random secret distinct large primes, along with integers, 426: 366: 169: 126: 2663: 2103: 739:, and Stanford are publishing electronic student transcripts with digital signatures. 3707: 3670: 3625: 3584: 3564: 3460: 3423: 3398: 2384:'89, vol. 435 of Lecture Notes in Computer Science, pp. 218–238, Spring Verlag, 1990. 2070: 2021: 1519: 1471: 1282: 1184: 1163: 785: 686:(an idealized version of that practice where hash and padding combined have close to 477: 473: 430: 86: 714:). A hash function can be used to convert an arbitrary input into the proper format. 3620: 3465: 3455: 3445: 3408: 3357: 3309: 3289: 2499: 2235: 2086: 1994: 1921:"Major Standards and Compliance of Digital Signatures – A World-Wide Consideration" 1699: 1046: 110: 82: 37: 2239: 1277: 1201:– are signature schemes that facilitate efficient cryptographic protocols such as 742: 453: 2564: 2397:, Technical Report MIT/LCS/TR-212, MIT Laboratory for Computer Science, Jan. 1979 1885: 58: 17: 3599: 3207: 3084: 2595: 1802: 1323: 505: 447: 438: 141: 118: 2053: 2036: 3559: 3529: 3524: 3485: 3233: 2965: 1409: 1301: 1286: 1019: 948: 766: 530: in this Method section. Unsourced material may be challenged and removed. 434: 2527: 2470: 2169: 2111: 2062: 3549: 1421: 1297: 489: 485: 146: 102: 2013: 606:. To create signature keys, generate an RSA key pair containing a modulus, 2227: 1242: 799: 3594: 3554: 3294: 3228: 3099: 3094: 3089: 2970: 2459:"The Exact Security of Digital Signatures-How to Sign with RSA and Rabin" 1685:"Electronic Communications and Transactions Act [No. 25 of 2002]" 1023: 2199:"A Method for Obtaining Digital Signatures and Public-Key Cryptosystems" 191: 3120: 3079: 1388: 1192: 1118: 1035: 796: 114: 90: 27: 3475: 3238: 2381: 907: 106: 94: 78: 74: 2797: 1944: 1942: 1914: 1912: 1910: 2687:"Technology roadmap – Schnorr signatures and signature aggregation" 2528: 2170: 1233: 972: 163: 3074: 3031: 2999: 2992: 2987: 2982: 2554: 1978:"Digital signature schemes with strong existential unforgeability" 1426: 1405: 1086: 900: 122: 98: 36: 1026: 1278: 62:, and in other cases where it is important to detect forgery or 3330: 2817: 1514: 1512: 867: 3167: 3021: 1317: 499: 405: 2533:(Technical report). IACR Cryptology ePrint Archive. 2020/823. 2457: 2367:"Constructing digital signatures from a one-way function.", 936: 2617:"Chip and Skim: cloning EMV cards with the pre-play attack" 1304:, and so on what the engineering is attempting to provide. 947: 461:(also known as "Merkle trees" or simply "Hash trees"), and 2393:"Digitalized signatures as intractable as factorization." 1951:"Recommendations for Providing Digital Signature Services" 235: 2041: 1976: 1560: 1558: 1556: 2742:(1. publ. ed.), Cambridge : Cambridge Univ. Press, 2591:"Signature misuse vulnerability in draft-barnes-acme-04" 2371:, Technical Report CSL-98, SRI International, Oct. 1979. 939: 2645: 2643: 2494: 2492: 2490: 996: 334: 3496: 218: 2530: 2506:(3rd ed.). Chapman & Hall/CRC. p. 281. 1655:"Secure Electronic Signature Regulations SOR/2005-30" 1281: 450: 2805: 2799: 813:, but not the other way around—prior knowledge of a 3608: 3364: 3262: 3221: 3180: 3108: 3050: 2931: 2858: 2851: 2147: 1835: 1396: 602:One digital signature scheme (of many) is based on 2740:Foundations of cryptography II: Basic Applications 2085: 885:They also describe a hierarchy of attack results: 54:Digital signatures are a standard element of most 2087:"Securing digital signatures for non-repudiation" 1572:(2007). "Chapter 12: Digital Signature Schemes". 1053:Digital signatures versus ink on paper signatures 1009:Using a network attached hardware security module 968:Using smart card readers with a separate keyboard 1526:(July 2008). "Chapter 10: Digital signatures". 69:Digital signatures are often used to implement 1214:The current state of use – legal and practical 215:National Institute of Standards and Technology 3342: 2829: 2164: 2162: 771:selective modifications like changing a digit 8: 2409: 2407: 2405: 2403: 2197:Rivest, R.; Shamir, A.; Adleman, L. (1978). 1890:Ley Chile – Biblioteca del Congreso Nacional 1352:. Unsourced material may be challenged and 893:results in the recovery of the signing key. 817:cannot be used to verify authenticity of a 224:In the following discussion, 1 refers to a 3349: 3335: 3327: 2855: 2836: 2822: 2814: 2810: 2806: 2722:Foundations of cryptography I: Basic Tools 2546:Bitcoin Transaction Malleability and MtGox 792:Uniqueness and malleability of signatures. 2724:, Cambridge: Cambridge University Press, 2563: 2553: 2465:. Berlin, Heidelberg: Springer: 399–416. 2217: 2134: 2132: 2052: 2003: 1993: 1372:Learn how and when to remove this message 590:Learn how and when to remove this message 1769:(in Turkish). Resmî Gazete. 2004-01-23. 1103:as the predecessor to DSA, and variants 809:can be used to verify authenticity of a 670:to produce a short digest, that is then 254:(key-generator) generates a public key ( 1508: 927:Putting the private key on a smart card 654:, and the signer's secret key contains 2463:Advances in Cryptology — EUROCRYPT ’96 1811:from the original on 18 September 2017 1804:. The Gazette of India Extraordinary. 1795:"THE INFORMATION TECHNOLOGY ACT, 2000" 1013:One of the main differences between a 646:. The signer's public key consists of 2652:Information Security Technical Report 2315:is a valid signature of the product, 1739:from the original on November 5, 2018 1665:from the original on 28 February 2020 1109:Pointcheval–Stern signature algorithm 7: 3157:Naccache–Stern knapsack cryptosystem 1957:from the original on 9 February 2016 1927:from the original on 9 February 2016 1350:adding citations to reliable sources 528:adding citations to reliable sources 258:), and a corresponding private key ( 1761:[Electronic Signature Law] 1574:Introduction to Modern Cryptography 1402:1999 EU digital signature directive 1199:Signatures with efficient protocols 674:to larger width comparable to  2697:from the original on 24 March 2018 1733:Official Journal, February 1, 2015 849:Online Certificate Status Protocol 381:denotes the set of the queries on 276:, on the inputs: the private key ( 202:Two main properties are required: 25: 2504:Cryptography: Theory and Practice 2339:"The History of Notes and Domino" 1709:from the original on 1 April 2019 1066:Some digital signature algorithms 3684: 3683: 2502:(2006). "7: Signature Schemes". 2084:Zhou, J.; Lam, K.Y. (May 1999). 1322: 1309:ABA digital signature guidelines 1237:) with mistake(s) will not work. 504: 3188:Discrete logarithm cryptography 2693:. Bitcoin Core. 23 March 2017. 2349:from the original on 2013-03-05 2287:, of any two valid signatures, 2118:from the original on 2023-07-01 1896:from the original on 2019-12-26 1867:from the original on 2018-02-02 1776:from the original on 2022-03-22 1600:from the original on 2011-05-22 1542:from the original on 2022-04-20 1251:digital signatures of anything. 922:Additional security precautions 678:, then signed with the reverse 515:needs additional citations for 298:on the inputs: the public key ( 3545:Information-theoretic security 1995:10.12688/f1000research.72910.1 1636:National Archives of Australia 1497:Probabilistic signature scheme 958:personal identification number 393:, and the security parameter, 389:, which knows the public key, 330:A digital signature scheme is 1: 2664:10.1016/S0167-4048(98)80005-8 2104:10.1016/s0140-3664(99)00031-6 1529:Lecture Notes on Cryptography 1467:Electronic signatures and law 1432:Advanced electronic signature 1406:2014 EU follow-on legislation 1220:Electronic signatures and law 3203:Non-commutative cryptography 2565:10.1007/978-3-319-11212-1_18 1831:"Electronic Transaction Law" 1452:Digital signature in Estonia 1218:For International uses, see 960:or PIN code (thus providing 803:Authenticating a public key. 60:contract management software 3661:Message authentication code 3616:Cryptographic hash function 3429:Cryptographic hash function 3300:Identity-based cryptography 3193:Elliptic-curve cryptography 2589:Ayer, Andrew (2015-08-11). 1386:Automotive Network Exchange 845:certificate revocation list 839:prior to its usage. Public 759:acting on it. A forger who 211:Digital Signature Algorithm 3735: 3540:Harvest now, decrypt later 2054:10.1186/s13638-020-01665-w 1892:(in Spanish). 2002-04-12. 1306: 1217: 1033: 266:is the security parameter. 156: 132:Digital signatures employ 29: 3679: 3656:Post-quantum cryptography 3326: 3305:Post-quantum cryptography 3254:Post-Quantum Cryptography 2813: 2809: 2262:For example any integer, 2206:Communications of the ACM 1641:November 9, 2014, at the 1482:Public key infrastructure 1258:public key infrastructure 1114:Rabin signature algorithm 962:two-factor authentication 272:(signing) returns a tag, 173:algorithm that selects a 125:and the countries of the 3719:Cryptographic primitives 3646:Quantum key distribution 3636:Authenticated encryption 3491:Random number generation 2759:A Course in Cryptography 2738:Goldreich, Oded (2004), 2720:Goldreich, Oded (2001), 2471:10.1007/3-540-68339-9_34 1759:"ELEKTRONİK İMZA KANUNU" 1700:Republic of South Africa 1160:quantum-resistant scheme 1146:quantum-resistant scheme 1129:quantum-resistant scheme 1101:ElGamal signature scheme 988:Other smart card designs 644:Euler's totient function 233:digital signature scheme 221:of a signing algorithm. 213:(DSA), developed by the 3641:Public-key cryptography 3631:Symmetric-key algorithm 3434:Key derivation function 3394:Cryptographic primitive 3387:Authentication protocol 3377:Outline of cryptography 3372:History of cryptography 3198:Hash-based cryptography 2845:Public-key cryptography 2092:Computer Communications 1492:Server-based signatures 1457:Electronic lab notebook 1121:-based schemes such as 879:adaptive chosen message 837:not having been revoked 692:chosen-plaintext attack 630: 1 (mod  159:Public-key cryptography 134:asymmetric cryptography 3382:Cryptographic protocol 1588:"US ESIGN Act of 2000" 1487:Public key fingerprint 1447:Public key certificate 1266:public key certificate 1127:CRYSTALS-Dilithium, a 56:cryptographic protocol 43: 3535:End-to-end encryption 3481:Cryptojacking malware 2860:Integer factorization 2228:10.1145/359340.359342 1767:Mevzuat Bilgi Sistemi 1262:certificate authority 1203:zero-knowledge proofs 1169:Undeniable signatures 805:Prior knowledge of a 737:University of Chicago 262:), on input 1, where 71:electronic signatures 40: 3651:Quantum cryptography 3575:Trusted timestamping 1841:on 17 September 2017 1659:Justice Laws Website 1462:Electronic signature 1346:improve this section 524:improve this article 513:This Method section 482:GMR signature scheme 290:(verifying) outputs 32:Electronic signature 3414:Cryptographic nonce 3163:Three-pass protocol 1390:healthcare industry 1174:Aggregate signature 912:existential forgery 855:Notions of security 732:electronic document 539:"Digital signature" 196:signature verifying 178:uniformly at random 3520:Subliminal channel 3504:Pseudorandom noise 3451:Key (cryptography) 2933:Discrete logarithm 2175:2022-09-08 at the 1692:Government Gazette 1623:2006-09-25 at the 1442:Detached signature 1314:Industry standards 1207:secure computation 455:Lamport signatures 365:has access to the 44: 3714:Digital signature 3701: 3700: 3697: 3696: 3580:Key-based routing 3570:Trapdoor function 3441:Digital signature 3322: 3321: 3318: 3317: 3270:Digital signature 3213:Trapdoor function 3176: 3175: 2893:Goldwasser–Micali 2749:978-0-521-83084-3 2731:978-0-511-54689-1 2575:978-3-319-11212-1 2513:978-1-58488-508-5 2480:978-3-540-68339-1 2274:and the product, 1702:. 2 August 2002. 1661:. 10 March 2011. 1524:Goldwasser, Shafi 1477:GNU Privacy Guard 1382: 1381: 1374: 1191:may be used with 1105:Schnorr signature 905:selective forgery 898:universal forgery 707:For compatibility 680:trapdoor function 600: 599: 592: 574: 459:Merkle signatures 314:For correctness, 280:), and a string ( 48:digital signature 18:Digital Signature 16:(Redirected from 3726: 3687: 3686: 3515:Insecure channel 3351: 3344: 3337: 3328: 3159: 3060: 3055: 3015:signature scheme 2918:Okamoto–Uchiyama 2856: 2838: 2831: 2824: 2815: 2811: 2807: 2802:Free open source 2772: 2771: 2769: 2764: 2752: 2734: 2707: 2706: 2704: 2702: 2683: 2677: 2674: 2668: 2667: 2647: 2638: 2637: 2635: 2634: 2628: 2622:. Archived from 2621: 2613: 2607: 2606: 2604: 2603: 2586: 2580: 2579: 2567: 2557: 2541: 2535: 2534: 2524: 2518: 2517: 2500:Stinson, Douglas 2496: 2485: 2484: 2454: 2448: 2445: 2439: 2429: 2423: 2420: 2414: 2411: 2398: 2395:Michael O. Rabin 2391: 2385: 2378: 2372: 2365: 2359: 2358: 2356: 2354: 2335: 2329: 2260: 2254: 2253: 2251: 2250: 2244: 2238:. Archived from 2221: 2203: 2194: 2188: 2181:Anna Lysyanskaya 2166: 2157: 2154: 2148: 2145: 2139: 2136: 2127: 2126: 2124: 2123: 2089: 2081: 2075: 2074: 2056: 2032: 2026: 2025: 2007: 1997: 1973: 1967: 1966: 1964: 1962: 1953:. Cryptomathic. 1946: 1937: 1936: 1934: 1932: 1923:. Cryptomathic. 1916: 1905: 1904: 1902: 1901: 1882: 1876: 1875: 1873: 1872: 1857: 1851: 1850: 1848: 1846: 1837:. Archived from 1827: 1821: 1820: 1818: 1816: 1810: 1799: 1791: 1785: 1784: 1782: 1781: 1775: 1764: 1755: 1749: 1748: 1746: 1744: 1725: 1719: 1718: 1716: 1714: 1708: 1689: 1681: 1675: 1674: 1672: 1670: 1651: 1645: 1633: 1627: 1615: 1609: 1608: 1606: 1605: 1599: 1592: 1584: 1578: 1577: 1562: 1551: 1550: 1548: 1547: 1541: 1534: 1516: 1377: 1370: 1366: 1363: 1357: 1326: 1318: 1294:interoperability 1182: 978:keystroke logger 595: 588: 584: 581: 575: 573: 532: 508: 500: 470:Shafi Goldwasser 463:Rabin signatures 423:Whitfield Diffie 21: 3734: 3733: 3729: 3728: 3727: 3725: 3724: 3723: 3704: 3703: 3702: 3693: 3675: 3604: 3360: 3355: 3314: 3258: 3222:Standardization 3217: 3172: 3155: 3104: 3052:Lattice/SVP/CVP 3046: 2927: 2873:Blum–Goldwasser 2847: 2842: 2779: 2777:Further reading 2767: 2765: 2762: 2755: 2750: 2737: 2732: 2719: 2716: 2711: 2710: 2700: 2698: 2691:bitcoincore.org 2685: 2684: 2680: 2675: 2671: 2649: 2648: 2641: 2632: 2630: 2626: 2619: 2615: 2614: 2610: 2601: 2599: 2588: 2587: 2583: 2576: 2543: 2542: 2538: 2526: 2525: 2521: 2514: 2498: 2497: 2488: 2481: 2456: 2455: 2451: 2446: 2442: 2430: 2426: 2421: 2417: 2412: 2401: 2392: 2388: 2379: 2375: 2366: 2362: 2352: 2350: 2337: 2336: 2332: 2327: 2321: 2314: 2307: 2300: 2293: 2286: 2280: 2261: 2257: 2248: 2246: 2242: 2219:10.1.1.607.2677 2201: 2196: 2195: 2191: 2177:Wayback Machine 2167: 2160: 2155: 2151: 2146: 2142: 2138:Pass, def 135.1 2137: 2130: 2121: 2119: 2083: 2082: 2078: 2034: 2033: 2029: 1975: 1974: 1970: 1960: 1958: 1948: 1947: 1940: 1930: 1928: 1918: 1917: 1908: 1899: 1897: 1884: 1883: 1879: 1870: 1868: 1859: 1858: 1854: 1844: 1842: 1829: 1828: 1824: 1814: 1812: 1808: 1797: 1793: 1792: 1788: 1779: 1777: 1773: 1762: 1757: 1756: 1752: 1742: 1740: 1727: 1726: 1722: 1712: 1710: 1706: 1687: 1683: 1682: 1678: 1668: 1666: 1653: 1652: 1648: 1643:Wayback Machine 1634: 1630: 1625:Wayback Machine 1616: 1612: 1603: 1601: 1597: 1590: 1586: 1585: 1581: 1570:Lindell, Yehuda 1564: 1563: 1554: 1545: 1543: 1539: 1535:. p. 168. 1532: 1518: 1517: 1510: 1505: 1437:Blind signature 1418: 1398: 1378: 1367: 1361: 1358: 1343: 1327: 1316: 1311: 1222: 1216: 1176: 1068: 1055: 1047:Torben Pedersen 1038: 1032: 1011: 998: 990: 970: 943:of the computer 929: 924: 857: 830:Non-repudiation 827: 825:Non-repudiation 779: 748: 728: 596: 585: 579: 576: 533: 531: 521: 509: 498: 419: 247:), satisfying: 161: 155: 138:non-repudiation 35: 28: 23: 22: 15: 12: 11: 5: 3732: 3730: 3722: 3721: 3716: 3706: 3705: 3699: 3698: 3695: 3694: 3692: 3691: 3680: 3677: 3676: 3674: 3673: 3668: 3666:Random numbers 3663: 3658: 3653: 3648: 3643: 3638: 3633: 3628: 3623: 3618: 3612: 3610: 3606: 3605: 3603: 3602: 3597: 3592: 3590:Garlic routing 3587: 3582: 3577: 3572: 3567: 3562: 3557: 3552: 3547: 3542: 3537: 3532: 3527: 3522: 3517: 3512: 3510:Secure channel 3507: 3501: 3500: 3499: 3488: 3483: 3478: 3473: 3471:Key stretching 3468: 3463: 3458: 3453: 3448: 3443: 3438: 3437: 3436: 3431: 3421: 3419:Cryptovirology 3416: 3411: 3406: 3404:Cryptocurrency 3401: 3396: 3391: 3390: 3389: 3379: 3374: 3368: 3366: 3362: 3361: 3356: 3354: 3353: 3346: 3339: 3331: 3324: 3323: 3320: 3319: 3316: 3315: 3313: 3312: 3307: 3302: 3297: 3292: 3287: 3282: 3277: 3272: 3266: 3264: 3260: 3259: 3257: 3256: 3251: 3246: 3241: 3236: 3231: 3225: 3223: 3219: 3218: 3216: 3215: 3210: 3205: 3200: 3195: 3190: 3184: 3182: 3178: 3177: 3174: 3173: 3171: 3170: 3165: 3160: 3153: 3151:Merkle–Hellman 3148: 3143: 3138: 3133: 3128: 3123: 3118: 3112: 3110: 3106: 3105: 3103: 3102: 3097: 3092: 3087: 3082: 3077: 3072: 3066: 3064: 3048: 3047: 3045: 3044: 3039: 3034: 3029: 3024: 3019: 3018: 3017: 3007: 3002: 2997: 2996: 2995: 2990: 2980: 2975: 2974: 2973: 2968: 2958: 2953: 2948: 2943: 2937: 2935: 2929: 2928: 2926: 2925: 2920: 2915: 2910: 2905: 2900: 2898:Naccache–Stern 2895: 2890: 2885: 2880: 2875: 2870: 2864: 2862: 2853: 2849: 2848: 2843: 2841: 2840: 2833: 2826: 2818: 2804: 2803: 2795: 2792: 2789: 2786: 2783: 2778: 2775: 2774: 2773: 2756:Pass, Rafael, 2753: 2748: 2735: 2730: 2715: 2712: 2709: 2708: 2678: 2669: 2639: 2608: 2598:(Mailing list) 2581: 2574: 2536: 2519: 2512: 2486: 2479: 2449: 2440: 2424: 2415: 2399: 2386: 2373: 2369:Leslie Lamport 2360: 2345:. 2007-11-14. 2343:developerWorks 2330: 2325: 2319: 2312: 2305: 2298: 2291: 2284: 2278: 2255: 2212:(2): 120–126. 2189: 2183:, PhD thesis, 2158: 2149: 2140: 2128: 2098:(8): 710–716. 2076: 2027: 1968: 1938: 1919:Turner, Dawn. 1906: 1877: 1852: 1822: 1786: 1750: 1720: 1676: 1646: 1628: 1610: 1579: 1576:. p. 399. 1566:Katz, Jonathan 1552: 1520:Bellare, Mihir 1507: 1506: 1504: 1501: 1500: 1499: 1494: 1489: 1484: 1479: 1474: 1469: 1464: 1459: 1454: 1449: 1444: 1439: 1434: 1429: 1424: 1417: 1414: 1397: 1394: 1380: 1379: 1330: 1328: 1321: 1315: 1312: 1270: 1269: 1254: 1252: 1245: 1243: 1240: 1238: 1231: 1229: 1215: 1212: 1211: 1210: 1196: 1171: 1166: 1164:hash functions 1156: 1139: 1125: 1116: 1111: 1098: 1097:ECDSA with SHA 1095: 1089: 1084: 1079: 1074: 1067: 1064: 1054: 1051: 1043:Peter Landrock 1034:Main article: 1031: 1028: 1010: 1007: 997: 994: 989: 986: 974:numeric keypad 969: 966: 945: 944: 937: 928: 925: 923: 920: 916: 915: 908: 901: 894: 883: 882: 875: 868: 856: 853: 838: 826: 823: 815:signed message 811:signed message 778: 775: 747: 746:Authentication 744: 727: 724: 723: 722: 718: 715: 708: 705: 702: 701:For efficiency 684:hash-then-sign 598: 597: 512: 510: 503: 497: 494: 427:Martin Hellman 418: 415: 355: 354: 328: 327: 312: 311: 306:), and a tag ( 285: 267: 200: 199: 192: 185: 170:key generation 157:Main article: 154: 151: 127:European Union 26: 24: 14: 13: 10: 9: 6: 4: 3: 2: 3731: 3720: 3717: 3715: 3712: 3711: 3709: 3690: 3682: 3681: 3678: 3672: 3671:Steganography 3669: 3667: 3664: 3662: 3659: 3657: 3654: 3652: 3649: 3647: 3644: 3642: 3639: 3637: 3634: 3632: 3629: 3627: 3626:Stream cipher 3624: 3622: 3619: 3617: 3614: 3613: 3611: 3607: 3601: 3598: 3596: 3593: 3591: 3588: 3586: 3585:Onion routing 3583: 3581: 3578: 3576: 3573: 3571: 3568: 3566: 3565:Shared secret 3563: 3561: 3558: 3556: 3553: 3551: 3548: 3546: 3543: 3541: 3538: 3536: 3533: 3531: 3528: 3526: 3523: 3521: 3518: 3516: 3513: 3511: 3508: 3505: 3502: 3497: 3494: 3493: 3492: 3489: 3487: 3484: 3482: 3479: 3477: 3474: 3472: 3469: 3467: 3464: 3462: 3461:Key generator 3459: 3457: 3454: 3452: 3449: 3447: 3444: 3442: 3439: 3435: 3432: 3430: 3427: 3426: 3425: 3424:Hash function 3422: 3420: 3417: 3415: 3412: 3410: 3407: 3405: 3402: 3400: 3399:Cryptanalysis 3397: 3395: 3392: 3388: 3385: 3384: 3383: 3380: 3378: 3375: 3373: 3370: 3369: 3367: 3363: 3359: 3352: 3347: 3345: 3340: 3338: 3333: 3332: 3329: 3325: 3311: 3308: 3306: 3303: 3301: 3298: 3296: 3293: 3291: 3288: 3286: 3283: 3281: 3278: 3276: 3273: 3271: 3268: 3267: 3265: 3261: 3255: 3252: 3250: 3247: 3245: 3242: 3240: 3237: 3235: 3232: 3230: 3227: 3226: 3224: 3220: 3214: 3211: 3209: 3206: 3204: 3201: 3199: 3196: 3194: 3191: 3189: 3186: 3185: 3183: 3179: 3169: 3166: 3164: 3161: 3158: 3154: 3152: 3149: 3147: 3144: 3142: 3139: 3137: 3134: 3132: 3129: 3127: 3124: 3122: 3119: 3117: 3114: 3113: 3111: 3107: 3101: 3098: 3096: 3093: 3091: 3088: 3086: 3083: 3081: 3078: 3076: 3073: 3071: 3068: 3067: 3065: 3063: 3058: 3053: 3049: 3043: 3040: 3038: 3035: 3033: 3030: 3028: 3025: 3023: 3020: 3016: 3013: 3012: 3011: 3008: 3006: 3003: 3001: 2998: 2994: 2991: 2989: 2986: 2985: 2984: 2981: 2979: 2976: 2972: 2969: 2967: 2964: 2963: 2962: 2959: 2957: 2954: 2952: 2949: 2947: 2944: 2942: 2939: 2938: 2936: 2934: 2930: 2924: 2923:Schmidt–Samoa 2921: 2919: 2916: 2914: 2911: 2909: 2906: 2904: 2901: 2899: 2896: 2894: 2891: 2889: 2886: 2884: 2883:Damgård–Jurik 2881: 2879: 2878:Cayley–Purser 2876: 2874: 2871: 2869: 2866: 2865: 2863: 2861: 2857: 2854: 2850: 2846: 2839: 2834: 2832: 2827: 2825: 2820: 2819: 2816: 2812: 2808: 2801: 2800: 2796: 2793: 2790: 2787: 2784: 2781: 2780: 2776: 2761: 2760: 2754: 2751: 2745: 2741: 2736: 2733: 2727: 2723: 2718: 2717: 2713: 2696: 2692: 2688: 2682: 2679: 2673: 2670: 2665: 2661: 2657: 2653: 2646: 2644: 2640: 2629:on 2018-05-16 2625: 2618: 2612: 2609: 2597: 2596: 2592: 2585: 2582: 2577: 2571: 2566: 2561: 2556: 2551: 2547: 2540: 2537: 2532: 2531: 2523: 2520: 2515: 2509: 2505: 2501: 2495: 2493: 2491: 2487: 2482: 2476: 2472: 2468: 2464: 2460: 2453: 2450: 2444: 2441: 2438: 2437:0-13-066943-1 2434: 2428: 2425: 2419: 2416: 2410: 2408: 2406: 2404: 2400: 2396: 2390: 2387: 2383: 2377: 2374: 2370: 2364: 2361: 2348: 2344: 2340: 2334: 2331: 2324: 2318: 2311: 2304: 2297: 2290: 2283: 2277: 2273: 2269: 2265: 2259: 2256: 2245:on 2008-12-17 2241: 2237: 2233: 2229: 2225: 2220: 2215: 2211: 2207: 2200: 2193: 2190: 2186: 2182: 2178: 2174: 2171: 2165: 2163: 2159: 2153: 2150: 2144: 2141: 2135: 2133: 2129: 2117: 2113: 2109: 2105: 2101: 2097: 2093: 2088: 2080: 2077: 2072: 2068: 2064: 2060: 2055: 2050: 2046: 2042: 2038: 2031: 2028: 2023: 2019: 2015: 2011: 2006: 2001: 1996: 1991: 1987: 1983: 1982:F1000Research 1979: 1972: 1969: 1956: 1952: 1945: 1943: 1939: 1926: 1922: 1915: 1913: 1911: 1907: 1895: 1891: 1887: 1881: 1878: 1866: 1862: 1861:"Cómo se usa" 1856: 1853: 1840: 1836: 1832: 1826: 1823: 1807: 1803: 1796: 1790: 1787: 1772: 1768: 1760: 1754: 1751: 1738: 1734: 1730: 1724: 1721: 1705: 1701: 1697: 1693: 1686: 1680: 1677: 1664: 1660: 1656: 1650: 1647: 1644: 1640: 1637: 1632: 1629: 1626: 1622: 1619: 1614: 1611: 1596: 1589: 1583: 1580: 1575: 1571: 1567: 1561: 1559: 1557: 1553: 1538: 1531: 1530: 1525: 1521: 1515: 1513: 1509: 1502: 1498: 1495: 1493: 1490: 1488: 1485: 1483: 1480: 1478: 1475: 1473: 1472:eSign (India) 1470: 1468: 1465: 1463: 1460: 1458: 1455: 1453: 1450: 1448: 1445: 1443: 1440: 1438: 1435: 1433: 1430: 1428: 1425: 1423: 1420: 1419: 1415: 1413: 1411: 1407: 1403: 1395: 1393: 1391: 1387: 1376: 1373: 1365: 1355: 1351: 1347: 1341: 1340: 1336: 1331:This section 1329: 1325: 1320: 1319: 1313: 1310: 1305: 1303: 1299: 1295: 1290: 1288: 1284: 1283:Massachusetts 1280: 1274: 1267: 1263: 1259: 1255: 1253: 1250: 1246: 1244: 1241: 1239: 1236: 1232: 1230: 1227: 1226: 1225: 1221: 1213: 1208: 1204: 1200: 1197: 1194: 1190: 1189:Gregory Neven 1186: 1185:Mihir Bellare 1180: 1175: 1172: 1170: 1167: 1165: 1161: 1157: 1155: 1151: 1147: 1143: 1140: 1138: 1134: 1130: 1126: 1124: 1120: 1117: 1115: 1112: 1110: 1106: 1102: 1099: 1096: 1094: 1090: 1088: 1085: 1083: 1080: 1078: 1075: 1073: 1070: 1069: 1065: 1063: 1059: 1052: 1050: 1048: 1044: 1037: 1029: 1027: 1025: 1021: 1016: 1008: 1006: 1002: 995: 993: 987: 985: 983: 979: 975: 967: 965: 963: 959: 954: 953:Ross Anderson 950: 942: 938: 935: 934: 933: 926: 921: 919: 913: 909: 906: 902: 899: 895: 892: 888: 887: 886: 880: 876: 873: 872:known message 869: 866: 862: 861: 860: 854: 852: 850: 846: 842: 836: 833: 831: 824: 822: 820: 816: 812: 808: 804: 800: 798: 793: 789: 787: 786:replay attack 783: 776: 774: 772: 768: 764: 762: 756: 752: 745: 743: 740: 738: 733: 725: 719: 717:For integrity 716: 713: 709: 706: 703: 700: 699: 698: 695: 693: 689: 685: 681: 677: 673: 669: 665: 659: 657: 653: 649: 645: 641: 637: 633: 629: 625: 621: 617: 613: 609: 605: 594: 591: 583: 572: 569: 565: 562: 558: 555: 551: 548: 544: 541: –  540: 536: 535:Find sources: 529: 525: 519: 518: 511: 507: 502: 501: 495: 493: 491: 487: 483: 479: 478:Ronald Rivest 475: 474:Silvio Micali 471: 466: 464: 460: 456: 451: 449: 444: 441:invented the 440: 436: 432: 431:Ronald Rivest 428: 424: 416: 414: 412: 408: 404: 400: 396: 392: 388: 384: 380: 376: 372: 368: 364: 361:denotes that 360: 352: 348: 344: 343: 342: 341: 337: 333: 325: 324: 323: 322:must satisfy 321: 317: 309: 305: 302:), a string ( 301: 297: 293: 289: 286: 283: 279: 275: 271: 268: 265: 261: 257: 253: 250: 249: 248: 246: 242: 238: 234: 229: 227: 222: 220: 219:many examples 216: 212: 206: 203: 197: 193: 190: 186: 183: 179: 176: 172: 171: 166: 165: 164: 160: 152: 150: 148: 143: 139: 135: 130: 128: 124: 120: 116: 112: 108: 104: 100: 96: 92: 88: 87:United States 84: 80: 76: 72: 67: 65: 61: 57: 52: 49: 39: 33: 19: 3621:Block cipher 3466:Key schedule 3456:Key exchange 3446:Kleptography 3440: 3409:Cryptosystem 3358:Cryptography 3310:OpenPGP card 3290:Web of trust 3269: 2946:Cramer–Shoup 2798: 2766:, retrieved 2758: 2739: 2721: 2699:. Retrieved 2690: 2681: 2672: 2658:(2): 55–61. 2655: 2651: 2631:. Retrieved 2624:the original 2611: 2600:. Retrieved 2594: 2584: 2545: 2539: 2529: 2522: 2503: 2462: 2452: 2443: 2427: 2418: 2389: 2376: 2363: 2353:17 September 2351:. Retrieved 2342: 2333: 2322: 2316: 2309: 2302: 2295: 2288: 2281: 2275: 2271: 2267: 2263: 2258: 2247:. Retrieved 2240:the original 2209: 2205: 2192: 2152: 2143: 2120:. Retrieved 2095: 2091: 2079: 2044: 2040: 2030: 1985: 1981: 1971: 1959:. Retrieved 1929:. Retrieved 1898:. Retrieved 1889: 1880: 1869:. Retrieved 1855: 1845:17 September 1843:. Retrieved 1839:the original 1834: 1825: 1815:17 September 1813:. Retrieved 1801: 1789: 1778:. Retrieved 1766: 1753: 1743:February 20, 1741:. Retrieved 1732: 1723: 1713:23 September 1711:. Retrieved 1695: 1691: 1679: 1667:. Retrieved 1658: 1649: 1631: 1613: 1602:. Retrieved 1582: 1573: 1544:. Retrieved 1528: 1399: 1383: 1368: 1362:January 2015 1359: 1344:Please help 1332: 1291: 1275: 1271: 1248: 1223: 1158:SPHINCS+, a 1060: 1056: 1039: 1022:level 3 and 1012: 1003: 999: 991: 971: 946: 930: 917: 890: 884: 878: 871: 864: 858: 834: 828: 818: 814: 810: 806: 802: 801: 791: 790: 781: 780: 765: 760: 757: 753: 749: 741: 729: 726:Applications 711: 696: 687: 675: 663: 660: 655: 651: 647: 639: 635: 631: 623: 619: 618:, such that 615: 611: 607: 601: 586: 580:January 2022 577: 567: 560: 553: 546: 534: 522:Please help 517:verification 514: 467: 452: 420: 410: 406: 402: 398: 394: 390: 386: 382: 378: 374: 370: 362: 358: 356: 350: 339: 331: 329: 319: 315: 313: 307: 303: 299: 295: 291: 287: 281: 277: 273: 269: 263: 259: 255: 251: 244: 240: 236: 232: 231:Formally, a 230: 226:unary number 223: 217:, is one of 207: 204: 201: 195: 188: 181: 174: 168: 162: 131: 111:Saudi Arabia 83:South Africa 68: 53: 47: 45: 3609:Mathematics 3600:Mix network 3280:Fingerprint 3244:NSA Suite B 3208:RSA problem 3085:NTRUEncrypt 2768:31 December 1949:JA, Ashiq. 1729:"Law 15-04" 1618:State of WI 1302:key lengths 1177: [ 1058:difficult. 984:certified. 891:total break 847:or via the 777:Limitations 448:Lotus Notes 439:Len Adleman 175:private key 142:private key 119:Switzerland 3708:Categories 3560:Ciphertext 3530:Decryption 3525:Encryption 3486:Ransomware 3234:IEEE P1363 2852:Algorithms 2714:References 2633:2018-04-06 2602:2023-06-12 2266:, "signs" 2249:2012-11-27 2122:2020-10-26 1900:2020-01-21 1871:2018-02-01 1780:2022-03-11 1604:2006-05-10 1546:2023-06-11 1410:key escrow 1307:See also: 1287:California 1020:FIPS 140-2 949:smart card 841:revocation 819:public key 807:public key 767:Encryption 638:)), where 550:newspapers 435:Adi Shamir 182:public key 153:Definition 3550:Plaintext 2555:1403.6676 2214:CiteSeerX 2112:0140-3664 2071:212613803 2063:1687-1499 2022:239387758 1961:7 January 1931:7 January 1698:(23708). 1422:21 CFR 11 1333:does not 1298:algorithm 1162:based on 1148:based on 1131:based on 1091:RSA with 490:Moti Yung 486:Moni Naor 468:In 1988, 421:In 1976, 345:Pr < 336:adversary 147:bitstring 103:Indonesia 64:tampering 3689:Category 3595:Kademlia 3555:Codetext 3498:(CSPRNG) 3295:Key size 3229:CRYPTREC 3146:McEliece 3100:RLWE-SIG 3095:RLWE-KEX 3090:NTRUSign 2903:Paillier 2695:Archived 2676:RFC 5758 2347:Archived 2173:Archived 2116:Archived 2014:36798451 1955:Archived 1925:Archived 1894:Archived 1865:Archived 1806:Archived 1771:Archived 1737:Archived 1704:Archived 1663:Archived 1639:Archived 1621:Archived 1595:Archived 1537:Archived 1416:See also 1300:choice, 1235:protocol 1154:lattices 1137:lattices 1024:FIPS 201 941:security 865:key-only 782:Replays. 385:made by 326:Pr = 1. 296:rejected 292:accepted 42:message. 3365:General 3141:Lamport 3121:CEILIDH 3080:NewHope 3027:Schnorr 3010:ElGamal 2988:Ed25519 2868:Benaloh 2701:1 April 2236:2873616 2187:, 2002. 2005:9925878 1988:: 931. 1354:removed 1339:sources 1249:perfect 1193:Bitcoin 1119:Pairing 1036:WYSIWYS 1030:WYSIWYS 797:Bitcoin 761:doesn't 564:scholar 417:History 377:, · ), 189:signing 115:Uruguay 91:Algeria 3476:Keygen 3263:Topics 3239:NESSIE 3181:Theory 3109:Others 2966:X25519 2746:  2728:  2572:  2510:  2477:  2435:  2382:CRYPTO 2234:  2216:  2110:  2069:  2061:  2020:  2012:  2002:  1669:19 May 1142:Falcon 877:In an 721:order. 672:padded 668:hashed 626:  622:  566:  559:  552:  545:  537:  496:Method 476:, and 437:, and 397:, and 367:oracle 357:where 332:secure 107:Mexico 95:Turkey 85:, the 79:Canada 75:Brazil 3506:(PRN) 3075:Kyber 3070:BLISS 3032:SPEKE 3000:ECMQV 2993:Ed448 2983:EdDSA 2978:ECDSA 2908:Rabin 2763:(PDF) 2627:(PDF) 2620:(PDF) 2550:arXiv 2243:(PDF) 2232:S2CID 2202:(PDF) 2067:S2CID 2047:(1). 2018:S2CID 1809:(PDF) 1798:(PDF) 1774:(PDF) 1763:(PDF) 1707:(PDF) 1688:(PDF) 1598:(PDF) 1591:(PDF) 1540:(PDF) 1533:(PDF) 1503:Notes 1427:X.509 1181:] 1087:EdDSA 1082:ECDSA 1015:cloud 870:In a 863:In a 571:JSTOR 557:books 409:, on 123:Chile 99:India 3275:OAEP 3249:CNSA 3126:EPOC 2971:X448 2961:ECDH 2770:2015 2744:ISBN 2726:ISBN 2703:2018 2570:ISBN 2508:ISBN 2475:ISBN 2433:ISBN 2355:2014 2108:ISSN 2059:ISSN 2045:2020 2010:PMID 1963:2016 1933:2016 1847:2017 1817:2017 1745:2018 1715:2019 1671:2020 1404:and 1337:any 1335:cite 1285:and 1279:Utah 1187:and 1144:, a 1107:and 1045:and 982:EAL3 650:and 614:and 543:news 488:and 425:and 347:negl 318:and 3285:PKI 3168:XTR 3136:IES 3131:HFE 3062:SIS 3057:LWE 3042:STS 3037:SRP 3022:MQV 3005:EKE 2956:DSA 2941:BLS 2913:RSA 2888:GMR 2660:doi 2560:doi 2467:doi 2301:of 2224:doi 2185:MIT 2179:", 2100:doi 2049:doi 2000:PMC 1990:doi 1696:446 1348:by 1205:or 1152:in 1150:CVP 1135:in 1133:LWE 1123:BLS 1093:SHA 1077:DSA 1072:RSA 910:An 642:is 604:RSA 526:by 443:RSA 294:or 101:, 77:, 3710:: 3116:AE 2951:DH 2689:. 2654:. 2642:^ 2593:. 2568:. 2558:. 2489:^ 2473:. 2461:. 2402:^ 2341:. 2308:, 2294:, 2230:. 2222:. 2210:21 2208:. 2204:. 2161:^ 2131:^ 2114:. 2106:. 2096:22 2094:. 2090:. 2065:. 2057:. 2043:. 2039:. 2016:. 2008:. 1998:. 1986:10 1984:. 1980:. 1941:^ 1909:^ 1888:. 1863:. 1833:. 1800:. 1765:. 1735:. 1731:. 1694:. 1690:. 1657:. 1593:. 1568:; 1555:^ 1522:; 1511:^ 1392:. 1296:, 1179:ru 903:A 896:A 889:A 694:. 658:. 492:. 472:, 465:. 457:, 433:, 413:. 401:∉ 391:pk 375:sk 369:, 353:), 338:, 310:). 300:pk 284:). 278:sk 260:sk 256:pk 243:, 239:, 228:. 194:A 187:A 167:A 129:. 121:, 117:, 113:, 109:, 105:, 97:, 93:, 89:, 81:, 66:. 46:A 3350:e 3343:t 3336:v 3059:/ 3054:/ 2837:e 2830:t 2823:v 2705:. 2666:. 2662:: 2656:3 2636:. 2605:. 2578:. 2562:: 2552:: 2516:. 2483:. 2469:: 2357:. 2328:. 2326:2 2323:m 2320:1 2317:m 2313:2 2310:m 2306:1 2303:m 2299:2 2296:s 2292:1 2289:s 2285:2 2282:s 2279:1 2276:s 2272:r 2270:= 2268:m 2264:r 2252:. 2226:: 2168:" 2125:. 2102:: 2073:. 2051:: 2024:. 1992:: 1965:. 1935:. 1903:. 1874:. 1849:. 1819:. 1783:. 1747:. 1717:. 1673:. 1607:. 1549:. 1375:) 1369:( 1364:) 1360:( 1356:. 1342:. 1209:. 1195:. 712:N 688:N 676:N 664:m 656:d 652:e 648:N 640:φ 636:N 634:( 632:φ 628:≡ 624:d 620:e 616:d 612:e 608:N 593:) 587:( 582:) 578:( 568:· 561:· 554:· 547:· 520:. 411:S 407:x 403:Q 399:x 395:n 387:A 383:S 379:Q 373:( 371:S 363:A 359:A 351:n 349:( 340:A 320:V 316:S 308:t 304:x 288:V 282:x 274:t 270:S 264:n 252:G 245:V 241:S 237:G 184:. 34:. 20:)