Algebraic cryptanalysis

Algebraic Cryptanalysis

Volumn , Issue , 2009, Pages 1-356

  Bard, Gregory V ^a  

^a FORDHAM UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

EID: 84895289322     PISSN: None     EISSN: None     Source Type: Book    
DOI: 10.1007/978-0-387-88757-9     Document Type: Book

References (232)

1. BOINC: Berkeley open infrastructure for networked computing. Available at http://boinc.berkeley.edu/
2. Magma. Software Package. Available at http://magma.maths.usyd.edu.au/ magma/
3. Maple. Software Package. Available at http://www.maplesoft.com/
4. Mathematica. Software Package. Available at http://www.wolfram.com/ products/mathematica/index.html
5. Matlab. Software Package. Available at http://www.mathworks.com/
6. MiniSAT. Software Package. Available at http://www.cs.chalmers.se/Cs/ Research/FormalMethods/MiniSat/or http://minisat.se/Papers. html
7. Sage. Software Package. Available at http://www.sagemath.org/
8. SETI@home classic. See http://setiathome.berkeley.edu/classic.php
9. Singular. Software Package. Available at http://www.singular.uni-kl.de/
10. Specification for the Advanced Encryption Standard: Federal information processing standards publication 197 (FIPS-197). Tech. rep., National Institute of Standards and Technology (NIST) ( 2001)
11. Aggarwal, D., Maurer, U.: Breaking RSA generically is equivalent to factoring. In: A. Joux (ed.) Advances in Cryptology-Proc. of EUROCRYPT, Lecture Notes in Computer Science, vol. 5479, pp. 36-53. Springer-Verlag (2009)
12. Aho, A., Hopcroft, J., Ullman, J.: The Design and Analysis of Computer Algorithms, second edn. Addison-Wesley (1974)
13. Albrecht, M.: Algebraic attacks on the courtois toy cipher. Master's thesis, University of Bremen (Universität Bremen), Department of Computer Science (2006)
14. Albrecht, M., Bard, G., Hart, W.: Efficient multiplication of dense matrices over GF(2). Submitted to Transactions on Mathematical Software (2008). Available at http://www.math.umd.edu/bardg/albrecht-bard-hart.pdf
15. Albrecht, M., Cid, C.: Algebraic techniques in differential cryptanalysis. Cryptology ePrint Archive, Report 2008/177 (2008). Available at http://eprint.iacr.org/2008/177
16. Albright, B.: An introduction to simulated annealing. College Mathematics Journal 38(1), 37-42 (2007)
17. Apéry, R.: Irrationalité de ζ(2) et ζ(3). Astérisque 61, 11-13 (1979)
18. Arditti, D., Berbain, C., Billet, O., Gilbert, H.: Compact FPGA implementations of QUAD. In: F. Bao, S. Miller (eds.) Proceedings of the 2007 ACM Symposium on Information, Computer and Communications Security, (ASIACCS'07), pp. 347-349. ACM (2007)
19. Arditti, D., Berbain, C., Billet, O., Gilbert, H., Patarin, J.: QUAD: Overview and recent developments. In: E. Biham, H. Handschuh, S. Lucks, V. Rijmen (eds.) Symmetric Cryptography, Dagstuhl Seminar Proceedings, vol. 07021. Internationales Begegnungs-und Forschungszentrum fuer Informatik (IBFI), Schloss Dagstuhl, Germany (2007)
20. Arlazarov, V., Dinic, E., Kronrod, M., Faradzev, I.: On economical construction of the transitive closure of a directed graph. Dokl. Akad. Nauk. SSSR 194(11) (1970). (in Russian), English Translation in Soviet Math Dokl
21. Armknecht, F.: A linearization attack on the Bluetooth key stream generator. Cryptology ePrint Archive, Report 2002/191 (2002). Available at http://eprint.iacr.org/2002/191
22. Armknecht, F.: Improving fast algebraic attacks. In: B.K. Roy, W. Meier (eds.) Proc. of Fast Software Encryption (FSE'04), Lecture Notes in Computer Science, vol. 3017, pp. 65-82. Springer-Verlag (2004)
23. Armknecht, F., Ars, G.: Introducing a new variant of fast algebraic attacks and minimizing their successive data complexity. In: E. Dawson, S. Vaudenay (eds.) Proc. of Mycrypt, Lecture Notes in Computer Science, vol. 3715, pp. 16-32. Springer-Verlag (2005)
24. Armknecht, F., Krause, M.: Algebraic attacks on combiners with memory. In: D. Boneh (ed.) Advances in Cryptology-Proc. of CRYPTO, Lecture Notes in Computer Science, vol. 2729, pp. 162-175. Springer-Verlag (2003)
25. Ars, G., Faugère, J.C., Imai, H., Kawazoe, M., Sugita, M.: Comparison between XL and Gröbner Basis algorithms. In: P.J. Lee (ed.) Advances in Cryptology-Proc. of ASIACRYPT, Lecture Notes in Computer Science, vol. 3329, pp. 338-353. Springer-Verlag (2004)
26. Atkins, D., Graff, M., Lenstra, A.K., Leyland, P.C.: The magic words are squeamish os-sifrage. In: J. Pieprzyk, R. Safavi-Naini (eds.) Advances in Cryptology-Proc. of ASI-ACRYPT, Lecture Notes in Computer Science, vol. 917, pp. 263-277. Springer-Verlag (1994)
27. Atkinson, M., Santoro, N.: A practical algorithm for boolean matrix multiplication. Information Processing Letters (1988)
28. Bard, G.: Algorithms for fast matrix operations. Tech. rep., University of Maryland, Applied Mathematics and Scientific Computation Program (2005). Scholarly Paper for M.Sc. in Applied Math, available on the author's web-page
29. Bard, G.: Achieving a log(n) speed up for boolean matrix operations and calculating the complexity of the dense linear algebra step of algebraic stream cipher attacks and of integer factorization methods. Cryptology ePrint Archive, Report 2006/163 (2006). Available at http://eprint.iacr.org/2006/163
30. Bard, G.: Algorithms for the solution of linear and polynomial systems of equations over finite fields, with applications to cryptanalysis. Ph.D. thesis, Department of Applied Mathematics and Scientific Computation, University of Maryland at College Park (2007). Available at http://www.math.umd.edu/bardg/ bard-thesis.pdf
31. Bard, G.: Extending SAT-Solvers to low-degree extension fields of GF(2). Presented at the Central European Conference on Cryptography (2008). Available at http://www.math. umd.edu/bardg/extension-fields.pdf
32. Bard, G., Courtois, N., Jefferson, C.: Efficient methods for conversion and solution of sparse systems of low-degree multivariate polynomials over GF(2) via SAT-Solvers. Cryptology ePrint Archive, Report 2007/024 (2006). Available at http://eprint.iacr.org/2007/024.pdf
33. Bard, G., Miller, R., Vali, S.: Lowering fill-in for Gaussian Elimination on sparse matrices over finite fields. In preparation (2009)
34. Bard, G.V.: A challenging but feasible blockwise-adaptive chosen-plaintext attack on SSL. In: M. Malek, E. Fernández-Medina, J. Hernando (eds.) Proceedings of the International Conference on Security and Cryptography (SECRYPT'06), pp. 99-109. INSTICC Press (2006). Available at http://eprint.iacr.org/2006/136/
35. Barkan, E., Biham, E., Keller, N.: Instant ciphertext-only cryptanalysis of GSM Encrypted communication. In: D. Boneh (ed.) Advances in Cryptology-Proc. of CRYPTO, Lecture Notes in Computer Science, vol. 2729, pp. 600-616. Springer-Verlag (2003)
36. Barkee, B., Can, D.C., Ecks, J., Moriarty, T., Ree, R.F.: Why you cannot even hope to use Gröbner bases in public-key cryptography-an open letter to a scientist who failed and a challenge to those who have not yet failed. Journal of Symbolic Computations 18(6), 497-501 (1994)
37. Bartee, T.C.: Digital Computer Fundamentals, sixth edn. McGraw Hill (1985)
38. Baur, W., Strassen, V.: The complexity of partial derivatives. Theoretical Computer Science (1983)
39. Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A concrete security treatment of symmetric encryption: Analysis of the DES modes of operation. In: Proc. 38th Symposium on Foundations of Computer Science. IEEE (1997)
40. Bender, E., Canfield, E.R.: An approximate probabilistic model for structured Gaussian Elimination. The Journal of Algorithms (1999)
41. Berbain, C., Gilbert, H., Patarin, J.: QUAD: A practical stream cipher with provable security. In: S. Vaudenay (ed.) Advances in Cryptology-Proc. of EUROCRYPT, Lecture Notes in Computer Science, vol. 4004, pp. 109-128. Springer-Verlag (2006)
42. Bernstein, D.: Matrix inversion made difficult. Unpublished Manuscript (1995). Available on http://cr.yp.to/papers/mimd.ps
43. Bernstein, D.: Response to slid pairs in Salsa20 and Trivium. Technical Report: Available at: http://cr.yp.to/snuffle/reslid-20080925.pdf (2008)
44. Bernstein, D., Chen, T.R., Cheng, C.M., Lange, T., Yang, B.Y.: ECM on graphics cards. In: A. Joux (ed.) Advances in Cryptology-Proc. of EUROCRYPT, Lecture Notes in Computer Science, vol. 5479, pp. 483-501. Springer-Verlag (2009)
45. Berre, D.L., Simon, L.: Special volume on the SAT 2005 competitions and evaluations. Journal of Satisfiability (2006)
46. Biham, E., Dunkelman, O., Indesteege, S., Keller, N., Preneel, B.: How to steal cars-a practical attack on Keeloq (2008)
47. Biryukov, A., Shamir, A., Wagner, D.: Real time cryptanalysis of A5/1 on a PC. In: B. Schneier (ed.) Fast Software Encryption (FSE'00), Lecture Notes in Computer Science, vol. 1978, pp. 1-18. Springer-Verlag (2000)
48. Bogdanov, A.: Attacks on the Keeloq block cipher and authentication systems. In: 3rd Conference on RFID Security 2007 (RFIDSec'07) (2007)
49. Bogdanov, A.: Cryptanalysis of the Keeloq block cipher. Cryptology ePrint Archive, Report 2007/055 (2007). Available at http://eprint.iacr.org/2007/055/
50. Bogdanov, A.: Linear slide attacks on the Keeloq block cipher. In: D. Pei, M. Yung, D. Lin, C. Wu (eds.) INSCRYPT'07, Lecture Notes in Computer Science, vol. 4990, pp. 66-80. Springer-Verlag (2007)
51. Booth, K.S., Lueker, G.S.: Testing for the consecutive ones property, interval graphs, and graph planarity using PQ-tree algorithms. J. Comput. Systems Sci. 13, 335-379 (1976)
52. Boothby, T.J., Bradshaw, R.W.: Bitslicing and the method of four russians over larger finite fields. Submitted to a journal (2009). Available at http://arxiv.org/abs/0901. 1413
53. Bressourd, D.M.: Factorization and Primality Testing. Undergraduate Texts in Mathematics. Springer-Verlag (1989)
54. Bunch, J., Hopcroft, J.: Triangular factorization and inversion by fast matrix multiplication. Math Comp. 28(125) (1974)
55. Cannière, C.D.: Trivium: A stream cipher construction inspired by block cipher design principles. In: S.K. Katsikas, J. Lopez, M. Backes, S. Gritzalis, B. Preneel (eds.) Proceedings of the 9th International Conference on Information Security, ISC'06, Lecture Notes in Computer Science, vol. 4176, pp. 171-186. Springer-Verlag (2006)
56. Chaitin, G.J., Auslander, M.A., Chandra, A.K., Cocke, J., Hopkins, M.E., Markstein, P.W.: Register allocation via coloring. Computer Languages 6, 47-57 (1981)
57. Cid, C., Albrecht, M., Augot, D., Canteaut, A., Weinmann, R.P.: Algebraic cryptanalysis of symmetric primitives. Tech. Rep. D.STVL.7, ECRYPT: The European Union Network of Excellence in Cryptography (2008)
58. Cohen, H.: A course in Computational Algebraic Number Theory. Springer-Verlag (1993)
59. Coppersmith, D.: Solving linear equations over GF(2): the Block Lanczos algorithm. Linear Algebra and its Applications 192, 33-60 (1993)
60. Coppersmith, D.: Solving homogeneous linear equations over GF(2) via Block Wiedemann algorithm. Mathematics of Computation 62(205), 333-350 (1994)
61. Coppersmith, D., Winograd, S.: Matrix multiplication via arithmetic progressions. J. of Symbolic Computation 9 (1990)
62. Cormen, T., Leiserson, C., Rivest, R., Stein, C.: Introduction to Algorithms, second edn. MIT Press, McGraw-Hill Book Company (2001)
63. Courtois, N.: The security of cryptographic primitives based on multivariate algebraic problems: MQ, MinRank, IP, HFE. Ph.D. thesis, Paris VI (2001). Available at http://www.nicolascourtois.net/phd.pdf
64. Courtois, N.: The security of Hidden Field Equations (HFE). In: D. Naccache (ed.) Cryptographers' Track, RSA Conference, Lecture Notes in Computer Science, vol. 2020, pp. 266-281. Springer-Verlag (2001)
65. Courtois, N.: Higher order correlation attacks, XL algorithm and cryptanalysis of Toyocrypt. In: P.J. Lee, C.H. Lim (eds.) Proc. of ICISC, Lecture Notes in Computer Science, vol. 2587, pp. 182-199. Springer-Verlag (2002)
66. Courtois, N.: Fast algebraic attacks on stream ciphers with linear feedback. In: D. Boneh (ed.) Advances in Cryptology-Proc. of CRYPTO, Lecture Notes in Computer Science, vol. 2729, pp. 176-194. Springer-Verlag (2003)
67. Courtois, N.: Generic attacks and the security of Quartz. In: Y. Desmedt (ed.) Public Key Cryptography (PKC'03), Lecture Notes in Computer Science, vol. 2567, pp. 351-364. Springer-Verlag (2003)
68. Courtois, N.: Algebraic attacks on combiners with memory and several outputs. In: C. Park, S. Chee (eds.) Proc. of ICISC, Lecture Notes in Computer Science, vol. 3506, pp. 3-20. Springer-Verlag (2004)
69. k), application to HFE Challenge 2 and Sflash-v2. In: F. Bao, R.H. Deng, J. Zhou (eds.) Public Key Cryptography (PKC'04), Lecture Notes in Computer Science, vol. 2947, pp. 201-217. Springer-Verlag (2004)
70. Courtois, N.: General principles of algebraic attacks and new design criteria for components of symmetric ciphers. In: H. Dobbertin, V. Rijmen, A. Sowa (eds.) Proc. AES 4 Conference, Lecture Notes in Computer Science, vol. 3373, pp. 67-83. Springer-Verlag (2004)
71. Courtois, N.: Short signatures, provable security, generic attacks, and computational security of multivariate polynomial schemes such as HFE, Quartz and Sflash. Cryptology ePrint Archive, Report 2004/143 (2004). Available at http://eprint.iacr.org/2004/143
72. Courtois, N.: How fast can be algebraic attacks on block ciphers? In: E. Biham, H. Hand-schuh, S. Lucks, V. Rijmen (eds.) Symmetric Cryptography, Dagstuhl Seminar Proceedings, vol. 07021. Internationales Begegnungs-und Forschungszentrum fuer Informatik (IBFI), Schloss Dagstuhl, Germany (2007)
73. Courtois, N., Bard, G.: Algebraic and slide attacks on Keeloq. Cryptology ePrint Archive, Report 2007/062 (2007). Available at http://eprint.iacr.org/ 2007/062
74. Courtois, N., Bard, G., Ault, S.: Statistics of random permutations and the cryptanalysis of periodic block ciphers. Cryptology ePrint Archive, Report 2009/186 (2009). Available at http://eprint.iacr.org/2009/186
75. Courtois, N., Bard, G.V.: Algebraic cryptanalysis of the data encryption standard. In: S.D. Galbraith (ed.) IMA International Conference on Cryptography and Coding Theory, Lecture Notes in Computer Science, vol. 4887, pp. 152-169. Springer-Verlag (2007). Available at http://eprint.iacr.org/2006/402
76. Courtois, N., Daum, M., Felke, P.: On the security of HFE, HFEv-and Quartz. In: Y. Desmedt (ed.) Public Key Cryptography (PKC'03), Lecture Notes in Computer Science, vol. 2567, pp. 337-350. Springer-Verlag (2003)
77. Courtois, N., Goubin, L., Patarin, J.: SFLASHv3, a fast asymmetric signature scheme. Cryp-tology ePrint Archive, Report 2003/211 (2003). Available at http://eprint.iacr. org/2003/211
78. Courtois, N., Meier, W.: Algebraic attacks on stream ciphers with linear feedback. In: E. Bi-ham (ed.) Advances in Cryptology-Proc. of EUROCRYPT, Lecture Notes in Computer Science, vol. 2656, pp. 345-359. Springer-Verlag (2003)
79. Courtois, N., Patarin, J.: About the XL algorithm over GF(2). In: M. Joye (ed.) Cryptographers' Track, RSA Conference, Lecture Notes in Computer Science, vol. 2612, pp. 141-157. Springer-Verlag (2003)
80. Courtois, N., Pieprzyk, J.: Cryptanalysis of block ciphers with overdefined systems of equations. In: Y. Zheng (ed.) Advances in Cryptology-Proc. of ASIACRYPT, Lecture Notes in Computer Science, vol. 2501, pp. 267-287. Springer-Verlag (2002). Available at http://eprint.iacr.org/2002/044/
81. Courtois, N., Shamir, A., Patarin, J., Klimov, A.: Efficient algorithms for solving overde-fined systems of multivariate polynomial equations. In: B. Preneel (ed.) Advances in Cryptology-Proc. of EUROCRYPT, Lecture Notes in Computer Science, vol. 1807, pp. 392-407. Springer-Verlag (2000)
82. Courtois, N.T., Bard, G.V., Bogdanov, A.: Periodic ciphers with small blocks and cryptanal-ysis of Keeloq. Tatra Mountains Mathematical Publications, Slovak Academy of Sciences 41, 167-188 (2008)
83. Courtois, N.T., Bard, G.V., Wagner, D.: Algebraic and slide attacks on Keeloq. In: K. Nyberg (ed.) Proc. of Fast Software Encryption (FSE'08), Lecture Notes in Computer Science, vol. 5086, pp. 97-115. Springer-Verlag (2008)
84. Courtois, N.T., Nohl, K., O'Neil, S.: Algebraic attacks on the Crypto-1 stream cipher in Mi-Fare Classic and Oyster Cards. Cryptology ePrint Archive, Report 2008/166 (2008). Available at http://eprint.iacr.org/2008/166
85. Cox, D., Little, J., O'Shea, D.: Ideals, Varieties, and Algorithms: An Introduction to Computational Algebraic Geometry and Commutative Algebra, second edn. Undergraduate Texts in Mathematics. Springer-Verlag (2006)
86. Creignou, N., Daude, H.: Satisfiability threshold for random XOR-CNF Formulas. Discrete Applied Mathematics (1999)
87. Curtin, M.: Brute Force: Cracking the Data Encryption Standard. Springer-Verlag (2005)
88. Daemen, J., Rijmen, V.: Rijndael. AES Proposal (1999). Available at http://csrc. nist.gov/CryptoToolkit/aes/rijndael/Rijndael-ammended.pdf
89. Danzig, G.: Maximization of a linear function of variables subject to linear inequalities. In: T.J.C. Koopmans (ed.) Activity Analysis of Production and Allocation, pp. 339-347. Wiley (1951)
90. Davis, M., Logemann, G., Loveland, D.: A machine program for theorem proving. Communications of the ACM 5(7), 394-397 (1962)
91. Davis, M., Putnam, H.: A computing procedure for quantification theory. Journal of the Association of Computing Machinery 7(3), 201-215 (1960)
92. Davis, T.: Direct Methods for Sparse Linear Systems. Society for Industrial and Applied Mathematics (2006)
93. Dawson, S.: Code hopping decoder using a PIC16C56. Tech. Rep. Technical Report AN642, Microchip Corporation. Available at http://www.keeloq.boom.ru/ decryption.pdf
94. Ding, J., Gower, J., Schmidt, D.: Zhuang-Zi: A new algorithm for solving multivariate polynomial equations over a finite field. Tech. rep., University of Cincinnati (2006)
95. Ding, J., Gower, J., Schmidt, D.: Zhuang-Zi: A new algorithm for solving multivariate polynomial equations over a finite field. Cryptology ePrint Archive, Report 2006/038 (2006). Available at http://eprint.iacr.org/2006/038, and presented at the IMA Annual Workshop on Algorithms in Algebraic Geometry
96. Ding, J., Gower, J.E., Schmidt, D.S.: Multivariate Public Key Cryptosystems. Springer Verlag (2006)
97. Dinur, I., Shamir, A.: Cube attacks on tweakable black box polynomials. In: A. Joux (ed.) Advances in Cryptology-Proc. of EUROCRYPT, Lecture Notes in Computer Science, vol. 5479, pp. 278-299. Springer-Verlag (2009)
98. Dixon, J.: Asymptotically fast factorization of integers. Mathematics of Computation 36, 255-260 (1981)
99. Dominus, M.J.: The universe of discourse, Friday 07 April 2006. Blog. See http://blog.plover.com/math/recorde.html
100. Dummit, D., Foote, R.: Abstract Algebra, third edn. Wiley (2003)
101. Een, N., Biere, A.: Effective preprocessing in SAT through variable and clause elimination. In: F. Bacchus, T. Walsh (eds.) Theory and Applications of Satisfiability Testing (SAT'05), Lecture Notes in Computer Science, vol. 3569, pp. 61-75. Springer-Verlag (2005)
102. Eén, N., Sörensson, N.: An extensible SAT-solver. In: E. Giunchiglia, A. Tacchella (eds.) Theory and Applications of Satisfiability Testing (SAT'03), Lecture Notes in Computer Science, vol. 2919, pp. 333-336. Springer-Verlag (2003)
103. Eén, N., Sörensson, N.: Minisat-a SAT solver with conflict-clause minimization. In: F. Bacchus, T. Walsh (eds.) Proc. Theory and Applications of Satisfiability Testing (SAT'05), Lecture Notes in Computer Science, vol. 3569, pp. 61-75. Springer-Verlag (2005)
104. Eibach, T., Pilz, E., Völkel, G.: Attacking Bivium using SAT solvers. In: H.K. Büning, X. Zhao (eds.) Theory and Applications of Satisfiability Testing (SAT '08), Lecture Notes in Computer Science, vol. 4996, pp. 63-76. Springer-Verlag (2008)
105. Eisenbarth, T., Kasper, T., Moradi, A., Paar, C., Salmasizadeh, M., Shalmani, M.T.M.: On the power of power analysis in the real world: A complete break of the KeeLoqCode Hopping Scheme. In: D. Wagner (ed.) CRYPTO, Lecture Notes in Computer Science, vol. 5157, pp. 203-220. Springer-Verlag (2008)
106. Erickson, J.: Algebraic cryptanalysis of SMS4. Tech. rep., Taylor University (2008)
107. Eschenauer, L., Gligor, V.: A key-management scheme for distributed sensor networks. In: V. Atluri (ed.) In Proceedings of the 9th ACM Conference on Computer and Communication Security (CCS'02), pp. 41-47. ACM (2002)
108. 4). Journal of Pure and Applied Algebra 139, 61-88 (1999)
109. 5). In: Workshop on Applications of Commutative Algebra. ACM Press, Catania, Italy (2002)
110. Faugère, J.C., Joux, A.: Algebraic cryptanalysis of Hidden Field Equation (HFE) cryptosys-tems using Gröbner Bases. In: D. Boneh (ed.) Advances in Cryptology-Proc. of CRYPTO, Lecture Notes in Computer Science, vol. 2729, pp. 44-60. Springer-Verlag (2003)
111. Fedin, S.S., Kulikov, A.S.: Automated proofs of upper bounds on the running time of splitting algorithms [English translation, original is in Russian]. Journal of Mathematical Sciences 134(5), 2383-2391 (2006)
112. Ferguson, N., Schroeppel, R., Whiting, D.: A simple algebraic representation of Rijndael. In: S. Vaudenay, A.M. Youssef (eds.) Proc. Selected Areas in Cryptography (SAC01), Lecture Notes in Computer Science, vol. 2259, pp. 103-111. Springer-Verlag (2001)
113. Fiorini, C., Martinelli, E., Massacci, F.: How to fake an RSA signature by encoding modular root finding as a SAT problem. Discrete Applied Mathematics 130(2), 101-127 (2003)
114. Fischer, S.: Analysis of lightweight stream ciphers. Ph.D. thesis, École Polytechnique Fédéral de Lausanne (2008)
115. Flajolet, P., Sedgewick, R.: Analytic Combinatorics. Cambridge University Press (2008). http://algo.inria.fr/flajolet/Publications/book.pdf
116. Fleischmann, P., Michler, G., Roelse, P., Rosenboom, J., Staszewski, R., Wagner, C., Weller, M.: Linear algebra over small finite fields on parallel machines. Tech. rep., Universität Essen, Fachbereich Mathematik, Essen (1995)
117. Fulkerson, D.R., Gross, O.A.: Incidence matrices and interval graphs. Pacific Journal of Mathematics 15, 835-855 (1965)
118. Gallian, J.A.: Contemporary Abstract Algebra. Heath (1986)
119. Garfinkel, S., Spafford, G.: Practical Unix & Internet Security, 2nd edn. O'Reilly (1996)
120. von zur Gathen, J., Gerhard, J.: Modern Computer Algebra, second edn. Cambridge University Press ( 2003)
121. Gerver, J.: Factoring large numbers with a quadratic sieve. Mathematics of Computation 41, 287-294 (1983)
122. Giusti, M.: Some effectivity problems in polynomial ideal theory. In: J. Fitch (ed.) Proc. of EUROSAM 84, Lecture Notes in Computer Science, vol. 174, pp. 159-171. Springer-Verlag (1984)
123. Goldstein, R.: Incompleteness: The Proof and Paradox of Kurt Gödel. Great Discoveries. W. W. Norton & Company (2005)
124. Golomb, S.W.: Shift Register Sequences. Agean Park Press (1981)
125. Golub, G., Loan, C.V.: Matrix Computations, third edn. Johns Hopkins University Press (1996)
126. Goubin, L., Courtois, N.: Cryptanalysis of the TTM Cryptosystem. In: T. Okamoto (ed.) Advances in Cryptology-Proc. of ASIACRYPT, Lecture Notes in Computer Science, vol. 1976, pp. 44-57. Springer-Verlag (2000)
127. Granboulan, L., Pornin, T.: Perfect block ciphers with small blocks. In: A. Biryukov (ed.) Proc. of Fast Software Encryption (FSE'07), Lecture Notes in Computer Science, vol. 4593, pp. 452-463. Springer-Verlag (2007)
128. Gray, F.: Pulse code communication (1953). USA Patent 2, 632, 058
129. Greenberg, H.J.: Klee-Minty Polytope shows exponential time complexity of simplex method. Tech. rep., University of Colorado at Denver (1997). Available at http://glossary.computing.society.informs.org/notes/Klee-Minty.pdf
130. Greub, W.: Linear Algebra, fourth edn. Graduate Texts in Mathematics. Springer-Verlag (1981)
131. Hårvard, Semaev, I.: New technique for solving sparse equation systems. Cryptology ePrint Archive, Report 2006/475 (2006). Available at http://eprint.iacr.org/2006/475
132. Havas, G., Wagner, C.: Some performance studies in exact linear algebra, english summary. In: G. Cooperman, E. Jessen, G.O. Michler (eds.) Worksop on Wide Area Networks and High Performance Computing, Lecture Notes in Control and Information Science, vol. 249, pp. 161-170. Springer-Verlag, Essen (1998)
133. Hawkes, P., Rose, G.: Rewriting variables: The complexity of fast algebraic attacks on stream ciphers. In: Advances in Cryptology-Proc. of CRYPTO, Lecture Notes in Computer Science, vol. 3152, pp. 390-406. Springer-Verlag (2004)
134. Hietalahti, M., Massacci, F., Niemelä, I.: DES: A challenge problem for nonmonotonic reasoning systems. In: Proc. 8th International Workshop on Non-Monotonic Reasoning (2000)
135. Higham, N.: Accuracy and Stability of Numerical Algorithms, second edn. Society for Industrial and Applied Mathematics (2002)
136. Hirsch, E.A.: New worst-case upper bounds for SAT. Journal of Automated Reasoning 24(4), 397-420 (2000)
137. Hofmeister, T., Schöning, U., Schuler, R., Watanabe, O.: A probabilistic 3-SAT algorithm further improved. In: H. Alt, A. Ferreira (eds.) 19th Annual Symposium on Theoretical Aspects of Computer Sciences (STACS'02), Lecture Notes in Computer Science, vol. 2285, pp. 192-202. Springer-Verlag (2002)
138. Hojsík, M., Rudolf, B.: Differential fault analysis of Trivium. In: K. Nyberg (ed.) Fast Software Encryption (FSE'08), Lecture Notes in Computer Science, vol. 5086, pp. 158-172. Springer-Verlag (2008)
139. Hojsík, M., Rudolf, B.: Floating fault analysis of Trivium. In: D.R. Chowdhury, V. Rij-men, A. Das (eds.) Progress in Cryptology (INDOCRYPT'08), Lecture Notes in Computer Science, vol. 5365, pp. 239-250. Springer-Verlag (2008)
140. Ibara, O.H., Moran, S., Hui, R.: A generalization of the fast LUP matrix decomposition algorithm and applications. Journal of Algorithms 1(3), 45-56 (1982)
141. Indesteege, S., Keller, N., Dunkelman, O., Biham, E., Preneel, B.: A practical attack on Keeloq. In: N.P. Smart (ed.) Advances in Cryptology-Proc. of EUROCRYPT, Lecture Notes in Computer Science, vol. 4965, pp. 1-18. Springer-Verlag (2008)
142. Jovanovic, D., Janicic, P.: Logical analysis of hash functions. In: B. Gramlich (ed.) Proceedings of the Frontiers of Combining Systems, Lecture Notes in Artificial Intelligence, vol. 3717, pp. 200-215. Springer-verlag (2005)
143. Joyner, D., Kreminski, R., Turisco, J.: Applied Abstract Algebra. Free Internet Textbook (2002). Available at http://www.usna.edu/wdj/book/book.html
144. Kahn, D.: The Codebreakers, The Comprehensive History of Secret Communication from Ancient Times to the Internet, 2nd edn. Scribner (1996). First published in 1967
145. Kaltofen, E.: Analysis of Coppersmith's Block Wiedemann algorithm for the parallel solution of sparse linear systems. Mathematics of Computation 64(210), 777-806 (1995)
146. Kaltofen, E., Saunders, B.D.: On Wiedemann's method of solving sparse linear systems. In: H.F. Mattson, T. Mora, T.R.N. Rao (eds.) Proceedings of the 9th International Symposium on Applied Algebra, Algebraic Algorithms and Error-Correcting Codes, Lecture Notes in Computer Science, vol. 539, pp. 29-38. Springer-Verlag (1991)
147. Karp, R.: Reducibility among combinatorial problems. In: Proc. of Symposium on Complexity of Computer Computations, pp. 85-103. IBM Thomas J. Watson Res. Center, Plenum, Yorktown Heights, New York (1972)
148. Knuth, D.E.: The Art of Computer Programming, Volume 4A: Enumeration and Backtracking. Addison-Wesley (2004)
149. Krantz, S.G.: A Primer of Mathematical Writing: Being a Disquisition on Having Your Ideas Recorded, Typeset, Published, Read & Appreciated. American Mathematical Society (1997)
150. Krantz, S.G.: How to Teach Mathematics, second edn. American Mathematical Society (1999)
151. Krantz, S.G.: A Mathematician's Survival Guide: Graduate School and Early Career Development. American Mathematical Society (2003)
152. Krantz, S.G.: Mathematical Publishing: A Guidebook. American Mathematical Society (2005)
153. Krishnamurthy, E.V.: Error-Free Polynomial Matrix Computations. Springer-Verlag (1985)
154. Kutz, M.: The complexity of boolean matrix root computation. In: T. Warnow, B. Zhu (eds.) Proc. of Computing and Combinatorics, Lecture Notes in Computer Science, vol. 2697, pp. 212-221. Springer-Verlag (2003)
155. LaMacchia, B., Odlyzko, A.: Solving large sparse linear systems over finite fields. In: A. Menezes, S.A. Vanstone (eds.) Advances in Cryptology-Proc. of CRYPTO, Lecture Notes in Computer Science, vol. 537, pp. 109-133. Springer-Verlag (1990)
156. Lambert, R.J.: Computational aspects of discrete logarithms. Ph.D. thesis, University of Waterloo (1996)
157. Lazard, D.: Gröbner-bases, Gaussian Elimination and resolution of systems of algebraic equations. In: J.A. van Hulzen (ed.) EUROCAL 1983, Lecture Notes in Computer Science, vol. 162, pp. 146-156. Springer-Verlag (1983)
158. Lenstra, A.K., Jr., H.W.L.: The Development of the Number Field Sieve. Lecture Notes in Mathematics. Springer-Verlag (1993)
159. Lewis, R.: The Dixon Resultant following Kapur-Saxena-Yung. Tech. rep., Fordham University (2002). Available at http://fordham.academia.edu/RobertLewis/ Papers
160. Lewis, R.: Heuristics to accelerate the dixon resultant. Mathematics and Computers in Simulation 77(4), 400-407 (2008)
161. Lewis, R., Wester, M.: Comparison of polynomial-oriented computer algebra systems. SIGSAM Bulletin 33(4), 5-13 (1999)
162. Lewis, R.H., Bridgett, S.: Conic tangency equations and Apollonius problems in biochemistry and pharmacology. Mathematics and Computers in Simulation 61(2), 101-114 (2003)
163. Lidl, R., Niederreiter, H.: Introduction to Finite Fields and Their Applications, revised edn. Cambridge University Press (1994)
164. Lidl, R., Niederreiter, H.: Finite Fields. Encyclopedia of Mathematics and its Applications. Cambridge University Press (2008)
165. van Lint, J.H., Wilson, R.M.: A Course in Combinatorics, second edn. Cambridge University Press (2001)
166. q. In: J. Buchmann, J. Ding (eds.) Post-Quantum Cryptography (PQC'08), Lecture Notes in Computer Science, vol. 5299, pp. 181-202. Springer-Verlag (2008)
167. Lovász, L.: Normal hypergraphs and the perfect graph conjecture. Discrete Mathematics 2, 253-267 (1972)
168. Markowitz, H.M.: The elimination form of the inverse and its application to linear programming. Management Science 3(3), 255-269 (1957)
169. Marques-Silva, J.P., Sakallah, K.A.: GRASP: a search algorithm for propositional satisfiability. IEEE Transactions on Computers 45(5), 506-521 (1999)
170. Marraro, L., Massacci, F.: Towards the formal verification of ciphers: Logical cryptanaly-sis of DES. In: Proc. Third LICS Workshop on Formal Methods and Security Protocols, Federated Logic Conferences (FLOC-99) (1999)
171. Massacci, F.: Using Walk-SAT and Rel-SAT for cryptographic key search. In: T. Dean (ed.) Proc. 16th International Joint Conference on Artificial Intelligence, pp. 290-295. Morgan Kaufmann Publishing (1999)
172. Massacci, F., Marraro, L.: Logical cryptanalysis as a SAT-problem: Encoding and analysis of the US data encryption standard. Journal of Automated Reasoning 24 (2000)
173. Maximov, A., Biryukov, A.: Two trivial attacks on Trivium. In: C.M. Adams, A. Miri, M.J. Wiener (eds.) Proc. Selected Areas in Cryptography (SAC07), Lecture Notes in Computer Science, vol. 4876, pp. 36-55. Springer-Verlag (2007). Available from http://eprint. iacr.org/2007/021
174. McDonald, C., Charnes, C., Pieprzyk, J.: An algebraic analysis of Trivium ciphers based on the boolean satisfiability problem. Cryptology ePrint Archive, Report 2007/129 (2007). Available at http://eprint.iacr.org/2007/129, and presented at the International Conference on Boolean Functions: Cryptography and Applications (BFCA'2008)
175. Mironov, I., Zhang, L.: Applications of SAT solvers to cryptanalysis of hash functions. In: A. Biere, C.P. Gomes (eds.) Proc. Theory and Applications of Satisfiability Testing (SAT'06), Lecture Notes in Computer Science, vol. 4121, pp. 102-115. Springer-Verlag (2006). Also available as IACR E-print 2006/254
176. Montgomery, P.L.: A Block Lanczos algorithm for finding dependencies over GF(2). In: L.C. Guillou, J.J. Quisquater (eds.) Advances in Cryptology-Proc. of EUROCRYPT, Lecture Notes in Computer Science, vol. 921, pp. 106-120. Springer-Verlag (1995)
177. Moore, E.: On the reciprocal of the general algebraic matrix. Bulletin of the American Mathematical Society 26 (1920)
178. Morgenstern, J.: How to compute fast a function and all its derivatives: a variation on the theorem of Baur-Strassen. SIGACT News 16(4), 60-62 (1985). DOI http://doi.acm.org/10. 1145/382242.382836
179. 7. Mathematics of Computation 29, 183-205 (1975)
180. Moskewicz, M.W., Madigan, C.F., Zhao, Y., Zhang, L., Malik, S.: Chaff: Engineering an efficient SAT Solver. In: Proc. of 28th Design Automation Conference (DAC'01), pp. 530-535. ACM (2001)
181. Odlyzko, A.M.: Discrete logarithms in finite fields and their cryptographic significance. In: N. Cot (ed.) Advances in Cryptology-Proc. of EUROCRYPT, Lecture Notes in Computer Science, vol. 209, pp. 224-316. Springer-Verlag (1984)
182. Paar, C.: Remote keyless entry system for cars and buildings is hacked; rub security experts discover major vulnerability; access from a distance of 300 feet without traces. Tech. rep., University of Bochum, Germany (2008)
183. Pan, V.: How to Multiply Matrices Faster. No. 179 in Lecture Notes in Computer Science. Springer-Verlag (1984)
184. Papadimitriou, C.H.: On selecting a satisfying truth assignment. In: Proceedings of the Conference on the Foundations of Computer Science (FOCS'91), pp. 163-169. IEEE (1991)
185. Patarin, J.: Hidden Field Equations (HFE) and Isomorphisms of Polynomials (IP): two new families of asymmetric algorithms. In: N. Koblitz (ed.) Advances in Cryptology-Proc. of EUROCRYPT, Lecture Notes in Computer Science, vol. 1070, pp. 33-48. Springer-Verlag (1996)
186. Paturi, R., Pudlák, P., Saks, M.E., Zane, F.: An improved exponential-time algorithm for k-SAT. The Journal of the Association of Computing Machinery 52(3), 337-364 (2005)
187. Penrose, R.: A generalized inverse for matrices. Proc. of the Cambridge Phil. Soc. 51 (1955)
188. Pernet, C.: Implementation of Winograds algorithm over finite fields using ATLAS Level 3 BLAS. Tech. rep., ID-Laboratory (2001)
189. Pilz, E.: Boolsche gleichungssysteme, SAT Solver und stromchiffren. Master's thesis, Uni-versität Ulm, Institut für Theoretische Informatik (2008)
190. Pomerance, C.: A tale of two sieves. Notices of the American Mathematical Society 43(12), 1473-1485 (1996)
191. Pomerance, C., Smith, J.W.: Reduction of huge, sparse matrices over finite fields via created catastrophes. Experimental Mathematics 1(2), 89-94 (1992)
192. Preneel, B., Biryukov, A., Cannière, C.D., Ors, S.B., Oswald, E., van Rompay, B., Granboulan, L., Dottax, E., Martinet, G., Murphy, S., Dent, A., Shipsey, R., Swart, C., White, J., Dichtl, M., Pyka, S., Schafheutle, M., Serf, P., Biham, E., Barkan, E., Braziler, Y., Dunkelman, O., Furman, V., Kenigsberg, D., Stolin, J., Quisquater, J.J., Ciet, M., Sica, F.: NESSIE: Final report of european project number IST-1999-12324, named new european schemes for signatures, integrity, and encryption. Final Technical Report: Available at: https://www.cosic.esat.kuleuven.be/nessie/Bookv015.pdf (2004)
193. Priemuth-Schmid, D., Biryukov, A.: Slid pairs in Salsa20 and Trivium. In: D.R. Chowd-hury, V. Rijmen, A. Das (eds.) Progress in Cryptology-INDOCRYPT'08, Lecture Notes in Computer Science, vol. 5365, pp. 1-14. Springer-Verlag (2008)
194. Raddum, H.: Cryptanalytic results on Trivium. eStream Report: 2006/039" (2006). Available at www.ecrypt.eu.org/stream/papersdir/2006/039. ps
195. Raddum, H., Semaev, I.: Solving multiple right hand sides linear equations. Des. Codes Cryptography 49(1-3), 147-160 (2008)
196. Raz, R., Shpilka, A.: Lower bounds for matrix product, in bounded depth circuits with arbitrary gates. In: STOC, pp. 409-418 (2001)
197. Raz, R., Shpilka, A.: Lower bounds for matrix product in bounded depth circuits with arbitrary gates. SIAM J. Comput. 32(2), 488-513 (2003)
198. Riedel, M.R.: Random permutation statistics. Paper available on the Internet (2006). http://www.geocities.com/markoriedelde/papers/randperms.pdf
199. Rijmen, V., Oswald, E.: Representations and Rijndael descriptions. In: H. Dobbertin, V. Ri-jmen, A. Sowa (eds.) 4th International Conference on the Advanced Encryption Standard (AES'04), Lecture Notes in Computer Science, vol. 3373, pp. 148-158. Springer-Verlag (2004)
200. Ryser, H.J.: Combinatorial properties of matrices of zeros and ones. Canadian Journal of Mathematics 9, 371-377 (1957)
201. Saad, Y.: Iterative Methods for Sparse Linear Systems. PWS Publishing Company (1996)
202. Santoro, N.: Extending the Four-Russians bound to general matrix multiplication. Information Processing Letters (1979)
203. Santoro, N., Urrutia, J.: An improved algorithm for boolean matrix multiplication. Computing 36 (1986)
204. Schönhage, A.: Partial and total matrix multiplication. Journal of Computing 10(3) (1981)
205. Selman, B., Kautz, H., Cohen, B.: Local search strategies for satisfiability testing. In: D.S. Johnson, M.A. Trick (eds.) Cliques, Coloring, and Satisfiability: Second DIMACS Implementation Challenge (DIMACS'93), vol. 26. AMS (1996)
206. Selman, B., Levesque, H.J., Mitchell, D.G.: A new method for solving hard satisfiability problems. In: 10th National Conference on Artificial Intelligence (AAAI'92), pp. 440-446 (1992)
207. Semaev, I.: On solving sparse algebraic equations over finite fields II. Cryptology ePrint Archive, Report 2007/280 (2007). Available at http://eprint.iacr.org/2007/280, and presented at the Eleventh International Workshop on Algebraic and Combinatorial Coding Theory (ACCT'2008)
208. Semaev, I.: On solving sparse algebraic equations over finite fields. Designs Codes and Cryptography 49(1-3), 47-60 (2008)
209. Stamp, M., Low, R.M.: Applied Cryptanalysis: Breaking Ciphers in the Real World. Wiley-IEEE Press (2007)
210. Strassen, V.: Gaussian Elimination is not optimal. Numerische Mathematik 13(3) (1969)
211. Strassen, V.: Relative bilinear complexity and matrix multiplication. J. Reine Angew. Math. 375-376 (1987). This article is so long that it is split among two volumes.
212. Swenson, C.: Modern Cryptanalysis: Techniques for Advanced Code Breaking. Wiley (2008)
213. Tang, X., Feng, Y.: A new efficient algorithm for solving systems of multivariate polynomial equations. Cryptology ePrint Archive, Report 2005/312 (2005). Available at http://eprint.iacr.org/2005/312
214. Trappe, W., Washington, L.C.: Introduction to Cryptography with Coding Theory, second edn. Pearson Prentice-Hall (2006)
215. Trefethen, L., III, D.B.: Numerical Linear Algebra. Society for Industrial and Applied Mathematics (1997)
216. Vielhaber, M.: Breaking One.Fivium by AIDA an algebraic IV differential attack. Cryptol-ogy ePrint Archive, Report 2007/413 (2007). Available at http://eprint.iacr.org/2007/413
217. Villard, G.: Further analysis of Coppersmith's Block Wiedemann algorithm using matrix polynomials. In: Proceedings of the 1997 international symposium on Symbolic and algebraic computation (ISSAC'97), pp. 32-39 (1997)
218. Warner, M., Benson, R.L.: Venona and beyond: Thoughts on work undone. Intelligence and National Security 12(3), 1-13 (1997)
219. Warren, H.S.: Hacker's Delight. Addison-Wesley Longman Publishing Co., Inc., Boston, MA, USA (2002)
220. Watkins, D.: Fundamentals of Matrix Computations, second edn. Wiley (2002)
221. Weisstein, E.W.: Apéry's constant. From MathWorld-A Wolfram Web Resource. Available at http://mathworld.wolfram.com/AperysConstant.html
222. Weisstein, E.W.: Apollonius problem. From MathWorld-A Wolfram Web Resource. Available at http://mathworld.wolfram.com/PrimeNumberTheorem.html
223. Weisstein, E.W.: Berlekamp-Massey algorithm. From MathWorld-A Wolfram Web Resource. Available at http://mathworld.wolfram.com/PrimeNumberTheorem. html
224. Weisstein, E.W.: Prime number theorem. From MathWorld-A Wolfram Web Resource. Available at http://mathworld.wolfram.com/PrimeNumberTheorem.html
225. Weisstein, E.W.: Relatively prime. From MathWorld-A Wolfram Web Resource. Available at http://mathworld.wolfram.com/RelativelyPrime.html
226. Weisstein, E.W.: Sylvester matrix. From MathWorld-A Wolfram Web Resource. Available at http://mathworld.wolfram.com/SylvesterMatrix.html
227. Whaley, R.C., Petitet, A., Dongarra, J.: Automated empirical optimization of software and the ATLAS Project. Parallel Computing 27(1-2), 3-35 (2001)
228. Wiedemann, D.H.: Solving sparse linear equations over finite fields. IEEE Transactions on Information Theory 32(1), 54-62 (1986)
229. Wong, K., Bard, G., Lewis, R.: Partitioning multivariate polynomial equations via vertex cuts for algebraic cryptanalysis and other applications. Submitted to a journal (2008). Available at http://www.math.umd.edu/bardg/wong- bard-lewis.pdf
230. Yang, B.Y., Chen, O.C.H., Bernstein, D.J., Chen, J.M.: Analysis of QUAD. In: A. Biryukov (ed.) Proc. of Fast Software Encryption (FSE'07), Lecture Notes in Computer Science, vol. 4593, pp. 290-308. Springer-Verlag (2007)
231. Zeitlhofer, T., Wess, B.: List-coloring of interval graphs with application to register assignment for heterogeneous register-set architectures. Signal Processing 83(7), 1411-1425 (2003)
232. Zetter, K.: Researchers crack Keeloq code for car keys. Wired Magazine (2007)