Academic
Latest Papers:
Courses
Cryptography Pages
Algorithms
Encryption
Random Number Generation
Hash
Papers by Subject
AI/LLMs
- Assessing the Neutrality of Edits on Wikipedia
- How Will Advanced AI Systems Impact Democracy?
- AI Will Increase the Quantity — and Quality — of Phishing Scams
- Devising and Detecting Phishing Emails Using Large Language Models
- Demonstrations of the Potential of AI-based Political Issue Polling
- Machine Learning Featurizations for AI Hacking of Political Systems
- The Coming AI Hackers
Algorithm Analyses
- Second Preimages on n-bit Hash Functions for Much Less than 2n Work
- Improved Cryptanalysis of Rijndael
- Amplified Boomerang Attacks Against Reduced-Round MARS and Serpent
- Security Weaknesses in Maurer-Like Randomized Stream Ciphers
- MARS Attacks! Preliminary Cryptanalysis of Reduced-Round MARS Variants
- Preliminary Cryptanalysis of Reduced-Round Serpent
- Side Channel Cryptanalysis of Product Ciphers
- Key-Schedule Cryptanalysis of DEAL
- Cryptanalysis of Magenta
- Cryptanalysis of FROG
- Key Schedule Weakness in SAFER+
- Mod n Cryptanalysis, with Applications against RC5P and M6
- Cryptanalysis of SPEED
- Cryptanalysis of ORYX
- Cryptanalysis of SPEED (Extended Abstract)
- Cryptanalysis of TWOPRIME
- Related-Key Cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X, NewDES, RC2, and TEA
- Cryptanalysis of the Cellular Message Encryption Algorithm
- Cryptanalysis of Akelarre
- Key-Schedule Cryptanalysis of 3-WAY, IDEA, G-DES, RC4, SAFER, and Triple-DES
Cipher Design
- Building PRFs from PRPs
- Secure Applications of Low-Entropy Keys
- Fast Software Encryption: Designing Encryption Algorithms for Optimal Software Speed on the Intel Pentium Processor
- Unbalanced Feistel Networks and Block Cipher Design
- Minimal Key Lengths for Symmetric Ciphers to Provide Adequate Commercial Security
Miscellaneous Papers
- A Bold New Plan for Preserving Online Privacy and Security
- Platforms, Encryption, and the CFAA: The Case of WhatsApp v NSO Group
- Bugs in our Pockets: The Risks of Client-Side Scanning
- Rechanneling Beliefs: How Information Flows Hinder or Help Democracy
- Chinese Technology Platforms Operating in the United States
- Legal Risks of Adversarial Machine Learning Research
- The Reverse Cascade: Enforcing Security on the Global IoT Supply Chain
- Privacy Threats in Intimate Relationships
- Weaponizing Digital Health Intelligence
- Politics of Adversarial Machine Learning
- Superheroes on Screen: Real Life Lessons for Security Debates
- Common-Knowledge Attacks on Democracy
- Taking Stock: Estimating Vulnerability Rediscovery
- Encryption Workarounds
- Making Democracy Harder to Hack: Should Elections Be Classified as ‘Critical Infrastructure?’
- A Proportional Voting System for Awards Nominations Resistant to Voting Blocs
- A Worldwide Survey of Encryption Products
- Don't Panic: Making Progress on the "Going Dark" Debate
- Keys Under Doormats: Mandating Insecurity by Requiring Government Access to All Data and Communications
- Surreptitiously Weakening Cryptographic Systems
New Algorithms
- The Skein Hash Function Family
- Provable Security Support for the Skein Hash Family
- Phelix
- Helix: Fast Encryption and Authentication in a Single Cryptographic Primitive
- Key Separation in Twofish
- A Twofish Retreat: Related-Key Attacks Against Reduced-Round Twofish
- Yarrow-160
- Impossible Differentials in Twofish
- Further Observations on the Key Schedule of Twofish
- New Results on the Twofish Encryption Algorithm
- The Twofish Encryption Algorithm
- Improved Twofish Implementations
- Empirical Verification of Twofish Key Uniqueness Properties
- Upper Bounds on Differential Characteristics in Twofish
- On the Twofish Key Schedule
- Twofish: A 128-Bit Block Cipher
- The Blowfish Encryption Algorithm—One Year Later
- The MacGuffin Block Cipher Algorithm
- Description of a New Variable-Length Key, 64-Bit Block Cipher (Blowfish)
Protocol Analyses
- A Cryptographic Evaluation of IPsec
- Implementation of Chosen-Ciphertext Attacks against PGP and GnuPG
- A Chosen Ciphertext Attack against Several E-Mail Encryption Protocols
- Cryptanalysis of Microsoft's PPTP Authentication Extensions (MS-CHAPv2)
- Reaction Attacks Against Several Public-Key Cryptosystems
- Cryptanalysis of Microsoft's Point-to-Point Tunneling Protocol (PPTP)
- Protocol Interactions and the Chosen Protocol Attack
- Analysis of the SSL 3.0 Protocol
Protocol Designs
- Minimizing Bandwidth for Remote Access to Cryptographically Protected Audit Logs
- The Street Performer Protocol and Digital Copyrights
- A Certified E-Mail Protocol with No Trusted Third Party
- The Street Performer Protocol
- Environmental Key Generation towards Clueless Agents
- Cryptographic Support for Secure Logs on Untrusted Machines
- An Improved E-Mail Security Protocol
- Remote Electronic Gambling
- The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption
- Conditional Purchase Orders
- Remote Auditing of Software Outputs Using a Trusted Coprocessor
- An Authenticated Camera
- A Peer-to-Peer Software Metering System
- Distributed Proctoring
- Authenticating Outputs of Computer Software Using a Cryptographic Coprocessor
- Automatic Event-Stream Notarization Using Digital Signatures
Twofish
- Key Separation in Twofish
- A Twofish Retreat: Related-Key Attacks Against Reduced-Round Twofish
- Impossible Differentials in Twofish
- Further Observations on the Key Schedule of Twofish
- New Results on the Twofish Encryption Algorithm
- The Twofish Encryption Algorithm
- Improved Twofish Implementations
- Empirical Verification of Twofish Key Uniqueness Properties
- Upper Bounds on Differential Characteristics in Twofish
- On the Twofish Key Schedule
- Twofish: A 128-Bit Block Cipher
Sidebar photo of Bruce Schneier by Joe MacInnis.