To access the contents, click the chapter and section titles.
`
`                
`
`Brief
`Full
` Advanced
`      Search
` Search Tips
`
`Applied Cryptography, Second Edition: Protocols, Algorthms, and Source
`Code in C (cloth)
`(Publisher: John Wiley & Sons, Inc.)
`Author(s): Bruce Schneier
`ISBN: 0471128457
`Publication Date: 01/01/96
`
`Search this book:
`
`Foreword by Whitfield Diffie
`
`Preface
`
`About the Author
`
`Chapter 1—Foundations
`1.1 Terminology
`1.2 Steganography
`1.3 Substitution Ciphers and Transposition Ciphers
`1.4 Simple XOR
`1.5 One-Time Pads
`1.6 Computer Algorithms
`1.7 Large Numbers
`
`Part I—Cryptographic Protocols
`
`Chapter 2—Protocol Building Blocks
`2.1 Introduction to Protocols
`2.2 Communications Using Symmetric Cryptography
`2.3 One-Way Functions
`2.4 One-Way Hash Functions
`2.5 Communications Using Public-Key Cryptography
`2.6 Digital Signatures
`
`Petitioner's Exhibit 1014, Page 1
`
` 
`

`

`2.7 Digital Signatures with Encryption
`2.8 Random and Pseudo-Random-Sequence Generation
`
`Chapter 3—Basic Protocols
`3.1 Key Exchange
`3.2 Authentication
`3.3 Authentication and Key Exchange
`3.4 Formal Analysis of Authentication and
`Key-Exchange Protocols
`3.5 Multiple-Key Public-Key Cryptography
`3.6 Secret Splitting
`3.7 Secret Sharing
`3.8 Cryptographic Protection of Databases
`
`Chapter 4—Intermediate Protocols
`4.1 Timestamping Services
`4.2 Subliminal Channel
`4.3 Undeniable Digital Signatures
`4.4 Designated Confirmer Signatures
`4.5 Proxy Signatures
`4.6 Group Signatures
`4.7 Fail-Stop Digital Signatures
`4.8 Computing with Encrypted Data
`4.9 Bit Commitment
`4.10 Fair Coin Flips
`4.11 Mental Poker
`4.12 One-Way Accumulators
`4.13 All-or-Nothing Disclosure of Secrets
`4.14 Key Escrow
`
`Chapter 5—Advanced Protocols
`5.1 Zero-Knowledge Proofs
`5.2 Zero-Knowledge Proofs of Identity
`5.3 Blind Signatures
`5.4 Identity-Based Public-Key Cryptography
`5.5 Oblivious Transfer
`5.6 Oblivious Signatures
`5.7 Simultaneous Contract Signing
`
`Petitioner's Exhibit 1014, Page 2
`
`

`

`5.8 Digital Certified Mail
`5.9 Simultaneous Exchange of Secrets
`
`Chapter 6—Esoteric Protocols
`6.1 Secure Elections
`6.2 Secure Multiparty Computation
`6.3 Anonymous Message Broadcast
`6.4 Digital Cash
`
`Part II—Cryptographic Techniques
`
`Chapter 7—Key Length
`7.1 Symmetric Key Length
`7.2 Public-Key Key Length
`7.3 Comparing Symmetric and Public-Key Key Length
`7.4 Birthday Attacks against One-Way Hash Functions
`7.5 How Long Should a Key Be?
`7.6 Caveat Emptor
`
`Chapter 8—Key Management
`8.1 Generating Keys
`8.2 Nonlinear Keyspaces
`8.3 Transferring Keys
`8.4 Verifying Keys
`8.5 Using Keys
`8.6 Updating Keys
`8.7 Storing Keys
`8.8 Backup Keys
`8.9 Compromised Keys
`8.10 Lifetime of Keys
`8.11 Destroying Keys
`8.12 Public-Key Key Management
`
`Chapter 9—Algorithm Types and Modes
`9.1 Electronic Codebook Mode
`9.2 Block Replay
`9.3 Cipher Block Chaining Mode
`9.4 Stream Ciphers
`
`Petitioner's Exhibit 1014, Page 3
`
`

`

`9.5 Self-Synchronizing Stream Ciphers
`9.6 Cipher-Feedback Mode
`9.7 Synchronous Stream Ciphers
`9.8 Output-Feedback Mode
`9.9 Counter Mode
`9.10 Other Block-Cipher Modes
`9.11 Choosing a Cipher Mode
`9.12 Interleaving
`9.13 Block Ciphers versus Stream Ciphers
`
`Chapter 10—Using Algorithms
`10.1 Choosing an Algorithm
`10.2 Public-Key Cryptography versus Symmetric
`Cryptography
`10.3 Encrypting Communications Channels
`10.4 Encrypting Data for Storage
`10.5 Hardware Encryption versus Software Encryption
`10.6 Compression, Encoding, and Encryption
`10.7 Detecting Encryption
`10.8 Hiding Ciphertext in Ciphertext
`10.9 Destroying Information
`
`Part III—Cryptographic Algorithms
`
`Chapter 11—Mathematical Background
`11.1 Information Theory
`11.2 Complexity Theory
`11.3 Number Theory
`11.4 Factoring
`11.5 Prime Number Generation
`11.6 Discrete Logarithms in a Finite Field
`
`Chapter 12—Data Encryption Standard (DES)
`12.1 Background
`12.2 Description of DES
`12.3 Security of DES
`12.4 Differential and Linear Cryptanalysis
`12.5 The Real Design Criteria
`
`Petitioner's Exhibit 1014, Page 4
`
`

`

`12.6 DES Variants
`12.7 How Secure Is DES Today?
`
`Chapter 13—Other Block Ciphers
`13.1 Lucifer
`13.2 Madryga
`13.3 NewDES
`13.4 FEAL
`13.5 REDOC
`13.6 LOKI
`13.7 Khufu and Khafre
`13.8 RC2
`13.9 IDEA
`13.10 MMB
`13.11 CA-1.1
`13.12 Skipjack
`
`Chapter 14—Still Other Block Ciphers
`14.1 GOST
`14.2 CAST
`14.3 Blowfish
`14.4 SAFER
`14.5 3-Way
`14.6 Crab
`14.7 SXAL8/MBAL
`14.8 RC5
`14.9 Other Block Algorithms
`14.10 Theory of Block Cipher Design
`14.11 Using one-Way Hash Functions
`14.12 Choosing a Block Algorithm
`
`Chapter 15—Combining Block Ciphers
`15.1 Double Encryption
`15.2 Triple Encryption
`15.3 Doubling the Block Length
`15.4 Other Multiple Encryption Schemes
`15.5 CDMF Key Shortening
`15.6 Whitening
`
`Petitioner's Exhibit 1014, Page 5
`
`

`

`15.7 Cascading Multiple Block Algorithms
`15.8 Combining Multiple Block Algorithms
`
`Chapter 16—Pseudo-Random-Sequence
`Generators and Stream Ciphers
`16.1 Linear Congruential Generators
`16.2 Linear Feedback Shift Registers
`16.3 Design and Analysis of Stream Ciphers
`16.4 Stream Ciphers Using LFSRs
`16.5 A5
`16.6 Hughes XPD/KPD
`16.7 Nanoteq
`16.8 Rambutan
`16.9 Additive Generators
`16.10 Gifford
`16.11 Algorithm M
`16.12 PKZIP
`
`Chapter 17—Other Stream Ciphers and Real
`Random-Sequence Generators
`17.1 RC4
`17.2 SEAL
`17.3 WAKE
`17.4 Feedback with Carry Shift Registers
`17.5 Stream Ciphers Using FCSRs
`17.6 Nonlinear-Feedback Shift Registers
`17.7 Other Stream Ciphers
`17.8 System-Theoretic Approach to Stream-Cipher
`Design
`17.9 Complexity-Theoretic Approach to Stream-Cipher
`Design
`17.10 Other Approaches to Stream-Cipher Design
`17.11 Cascading Multiple Stream Ciphers
`17.12 Choosing a Stream Cipher
`17.13 Generating Multiple Streams from a Single
`Pseudo-Random-Sequence Generator
`17.14 Real Random-Sequence Generators
`
`Petitioner's Exhibit 1014, Page 6
`
`

`

`Chapter 18—One-Way Hash Functions
`18.1 Background
`18.2 Snefru
`18.3 N- Hash
`18.4 MD4
`18.5 MD5
`18.6 MD2
`18.7 Secure Hash Algorithm (SHA)
`18.8 RIPE-MD
`18.9 HAVAL
`18.10 Other One-Way Hash Functions
`18.11 One-Way Hash Functions Using Symmetric Block
`Algorithms
`18.12 Using Public-Key Algorithms
`18.13 Choosing a One-Way Hash Function
`18.14 Message Authentication Codes
`
`Chapter 19—Public-Key Algorithms
`19.1 Background
`19.2 Knapsack Algorithms
`19.3 RSA
`19.4 Pohlig-Hellman
`19.5 Rabin
`19.6 ElGamal
`19.7 McEliece
`19.8 Elliptic Curve Cryptosystems
`19.9 LUC
`19.10 Finite Automaton Public-Key Cryptosystems
`
`Chapter 20—Public-Key Digital Signature
`Algorithms
`20.1 Digital Signature Algorithm (DSA)
`20.2 DSA Variants
`20.3 Gost Digital Signature Algorithm
`20.4 Discrete Logarithm Signature Schemes
`20.5 Ong-Schnorr-Shamir
`20.6 ESIGN
`
`Petitioner's Exhibit 1014, Page 7
`
`

`

`20.7 Cellular Automata
`20.8 Other Public-Key Algorithms
`
`Chapter 21—Identification Schemes
`21.1 Feige-Fiat-Shamir
`21.2 Guillou-Quisquater
`21.3 Schnorr
`21.4 Converting Identification Schemes to Signature
`Schemes
`
`Chapter 22—Key-Exchange Algorithms
`22.1 Diffie-Hellman
`22.2 Station-to-Station Protocol
`22.3 Shamir’s Three-Pass Protocol
`22.4 COMSET
`22.5 Encrypted Key Exchange
`22.6 Fortified Key Negotiation
`22.7 Conference Key Distribution and Secret
`Broadcasting
`
`Chapter 23—Special Algorithms for Protocols
`23.1 Multiple-Key Public-Key Cryptography
`23.2 Secret-Sharing Algorithms
`23.3 Subliminal Channel
`23.4 Undeniable Digital Signatures
`23.5 Designated Confirmer Signatures
`23.6 Computing with Encrypted Data
`23.7 Fair Coin Flips
`23.8 One-Way Accumulators
`23.9 All-or-Nothing Disclosure of Secrets
`23.10 Fair and Failsafe Cryptosystems
`23.11 Zero-Knowledge Proofs of Knowledge
`23.12 Blind Signatures
`23.13 Oblivious Transfer
`23.14 Secure Multiparty Computation
`23.15 Probabilistic Encryption
`23.16 Quantum Cryptography
`
`Petitioner's Exhibit 1014, Page 8
`
`

`

`Part IV—The Real World
`
`Chapter 24—Example Implementations
`24.1 IBM Secret-Key Management Protocol
`24.2 MITRENET
`24.3 ISDN
`24.4 STU-III
`24.5 Kerberos
`24.6 KryptoKnight
`24.7 SESAME
`24.8 IBM Common Cryptographic Architecture
`24.9 ISO Authentication Framework
`24.10 Privacy-Enhanced Mail (PEM)
`24.11 Message Security Protocol (MSP)
`24.12 Pretty Good Privacy (PGP)
`24.13 Smart Cards
`24.14 Public-Key Cryptography Standards (PKCS)
`24.15 Universal Electronic Payment System (UEPS)
`24.16 Clipper
`24.17 Capstone
`24.18 AT&ampT Model 3600 Telephone Security
`Device (TSD)
`
`Chapter 25—Politics
`25.1 National Security Agency (NSA)
`25.2 National Computer Security Center (NCSC)
`25.3 National Institute of Standards and Technology
`(NIST)
`25.4 RSA Data Security, Inc.
`25.5 Public Key Partners
`25.6 International Association for Cryptologic Research
`(IACR)
`25.7 RACE Integrity Primitives Evaluation (RIPE)
`25.8 Conditional Access for Europe (CAFE)
`25.9 ISO/IEC 9979
`25.10 Professional, Civil Liberties, and Industry Groups
`25.11 Sci.crypt
`25.12 Cypherpunks
`
`Petitioner's Exhibit 1014, Page 9
`
`

`

`25.13 Patents
`25.14 U.S. Export Rules
`25.15 Foreign Import and Export of Cryptography
`25.16 Legal Issues
`
`Afterword by Matt Blaze
`
`Part V—Source Code
`
`References
`
`Index
`
`Products |  Contact Us |  About Us |  Privacy  |  Ad Info  |  Home
`
`Use of this site is subject to certain Terms & Conditions, Copyright © 1996-2000 EarthWeb Inc.
`All rights reserved. Reproduction whole or in part in any form or medium without express written permission of EarthWeb is
`prohibited. Read EarthWeb's privacy statement.
`
`Petitioner's Exhibit 1014, Page 10
`
`

`

`To access the contents, click the chapter and section titles.
`
`                
`
`Brief
`Full
` Advanced
`      Search
` Search Tips
`
`Applied Cryptography, Second Edition: Protocols, Algorthms, and Source
`Code in C (cloth)
`(Publisher: John Wiley & Sons, Inc.)
`Author(s): Bruce Schneier
`ISBN: 0471128457
`Publication Date: 01/01/96
`
`Search this book:
`
`Previous Table of Contents Next
`
`Foreword By Whitfield Diffie
`
`The literature of cryptography has a curious history. Secrecy, of course, has
`always played a central role, but until the First World War, important
`developments appeared in print in a more or less timely fashion and the field
`moved forward in much the same way as other specialized disciplines. As late
`as 1918, one of the most influential cryptanalytic papers of the twentieth
`century, William F. Friedman’s monograph The Index of Coincidence and Its
`Applications in Cryptography, appeared as a research report of the private
`Riverbank Laboratories [577]. And this, despite the fact that the work had been
`done as part of the war effort. In the same year Edward H. Hebern of Oakland,
`California filed the first patent for a rotor machine [710], the device destined to
`be a mainstay of military cryptography for nearly 50 years.
`
`After the First World War, however, things began to change. U.S. Army and
`Navy organizations, working entirely in secret, began to make fundamental
`advances in cryptography. During the thirties and forties a few basic papers
`did appear in the open literature and several treatises on the subject were
`published, but the latter were farther and farther behind the state of the art. By
`the end of the war the transition was complete. With one notable exception, the
`public literature had died. That exception was Claude Shannon’s paper “The
`Communication Theory of Secrecy Systems,” which appeared in the Bell
`System Technical Journal in 1949 [1432]. It was similar to Friedman’s 1918
`paper, in that it grew out of wartime work of Shannon’s. After the Second
`World War ended it was declassified, possibly by mistake.
`
`From 1949 until 1967 the cryptographic literature was barren. In that year a
`different sort of contribution appeared: David Kahn’s history, The
`Codebreakers [794]. It didn’t contain any new technical ideas, but it did
`contain a remarkably complete history of what had gone before, including
`
`Petitioner's Exhibit 1014, Page 11
`
` 
`

`

`mention of some things that the government still considered secret. The
`significance of The Codebreakers lay not just in its remarkable scope, but also
`in the fact that it enjoyed good sales and made tens of thousands of people,
`who had never given the matter a moment’s thought, aware of cryptography. A
`trickle of new cryptographic papers began to be written.
`
`At about the same time, Horst Feistel, who had earlier worked on identification
`friend or foe devices for the Air Force, took his lifelong passion for
`cryptography to the IBM Watson Laboratory in Yorktown Heights, New York.
`There, he began development of what was to become the U.S. Data Encryption
`Standard; by the early 1970s several technical reports on this subject by Feistel
`and his colleagues had been made public by IBM [1482,1484,552].
`
`This was the situation when I entered the field in late 1972. The cryptographic
`literature wasn’t abundant, but what there was included some very shiny
`nuggets.
`
`Cryptology presents a difficulty not found in normal academic disciplines: the
`need for the proper interaction of cryptography and cryptanalysis. This arises
`out of the fact that in the absence of real communications requirements, it is
`easy to propose a system that appears unbreakable. Many academic designs are
`so complex that the would–be cryptanalyst doesn’t know where to start;
`exposing flaws in these designs is far harder than designing them in the first
`place. The result is that the competitive process, which is one strong
`motivation in academic research, cannot take hold.
`
`When Martin Hellman and I proposed public–key cryptography in 1975 [496],
`one of the indirect aspects of our contribution was to introduce a problem that
`does not even appear easy to solve. Now an aspiring cryptosystem designer
`could produce something that would be recognized as clever—something that
`did more than just turn meaningful text into nonsense. The result has been a
`spectacular increase in the number of people working in cryptography, the
`number of meetings held, and the number of books and papers published.
`
`In my acceptance speech for the Donald E. Fink award—given for the best
`expository paper to appear in an IEEE journal—which I received jointly with
`Hellman in 1980, I told the audience that in writing “Privacy and
`Authentication,” I had an experience that I suspected was rare even among the
`prominent scholars who populate the IEEE awards ceremony: I had written the
`paper I had wanted to study, but could not find, when I first became seriously
`interested in cryptography. Had I been able to go to the Stanford bookstore and
`pick up a modern cryptography text, I would probably have learned about the
`field years earlier. But the only things available in the fall of 1972 were a few
`classic papers and some obscure technical reports.
`
`The contemporary researcher has no such problem. The problem now is
`choosing where to start among the thousands of papers and dozens of books.
`The contemporary researcher, yes, but what about the contemporary
`programmer or engineer who merely wants to use cryptography? Where does
`that person turn? Until now, it has been necessary to spend long hours hunting
`out and then studying the research literature before being able to design the
`sort of cryptographic utilities glibly described in popular articles.
`
`Petitioner's Exhibit 1014, Page 12
`
`

`

`This is the gap that Bruce Schneier’s Applied Cryptography has come to fill.
`Beginning with the objectives of communication security and elementary
`examples of programs used to achieve these objectives, Schneier gives us a
`panoramic view of the fruits of 20 years of public research. The title says it all;
`from the mundane objective of having a secure conversation the very first time
`you call someone to the possibilities of digital money and cryptographically
`secure elections, this is where you’ll find it.
`
`Not satisfied that the book was about the real world merely because it went all
`the way down to the code, Schneier has included an account of the world in
`which cryptography is developed and applied, and discusses entities ranging
`from the International Association for Cryptologic Research to the NSA.
`
`When public interest in cryptography was just emerging in the late seventies
`and early eighties, the National Security Agency (NSA), America’s official
`cryptographic organ, made several attempts to quash it. The first was a letter
`from a long–time NSA employee allegedly, avowedly, and apparently acting
`on his own. The letter was sent to the IEEE and warned that the publication of
`cryptographic material was a violation of the International Traffic in Arms
`Regulations (ITAR). This viewpoint turned out not even to be supported by the
`regulations themselves—which contained an explicit exemption for published
`material—but gave both the public practice of cryptography and the 1977
`Information Theory Workshop lots of unexpected publicity.
`
`A more serious attempt occurred in 1980, when the NSA funded the American
`Council on Education to examine the issue with a view to persuading Congress
`to give it legal control of publications in the field of cryptography. The results
`fell far short of NSA’s ambitions and resulted in a program of voluntary
`review of cryptographic papers; researchers were requested to ask the NSA’s
`opinion on whether disclosure of results would adversely affect the national
`interest before publication.
`
`As the eighties progressed, pressure focused more on the practice than the
`study of cryptography. Existing laws gave the NSA the power, through the
`Department of State, to regulate the export of cryptographic equipment. As
`business became more and more international and the American fraction of the
`world market declined, the pressure to have a single product in both domestic
`and offshore markets increased. Such single products were subject to export
`control and thus the NSA acquired substantial influence not only over what
`was exported, but also over what was sold in the United States.
`
`As this is written, a new challenge confronts the public practice of
`cryptography. The government has augmented the widely published and
`available Data Encryption Standard, with a secret algorithm implemented in
`tamper–resistant chips. These chips will incorporate a codified mechanism of
`government monitoring. The negative aspects of this “key–escrow” program
`range from a potentially disastrous impact on personal privacy to the high cost
`of having to add hardware to products that had previously encrypted in
`software. So far key escrow products are enjoying less than stellar sales and
`the scheme has attracted widespread negative comment, especially from the
`independent cryptographers. Some people, however, see more future in
`programming than politicking and have redoubled their efforts to provide the
`
`Petitioner's Exhibit 1014, Page 13
`
`

`

`world with strong cryptography that is accessible to public scrutiny.
`
`A sharp step back from the notion that export control law could supersede the
`First Amendment seemed to have been taken in 1980 when the Federal
`Register announcement of a revision to ITAR included the statement:
`“...provision has been added to make it clear that the regulation of the export
`of technical data does not purport to interfere with the First Amendment rights
`of individuals.” But the fact that tension between the First Amendment and the
`export control laws has not gone away should be evident from statements at a
`conference held by RSA Data Security. NSA’s representative from the export
`control office expressed the opinion that people who published cryptographic
`programs were “in a grey area” with respect to the law. If that is so, it is a grey
`area on which the first edition of this book has shed some light. Export
`applications for the book itself have been granted, with acknowledgement that
`published material lay beyond the authority of the Munitions Control Board.
`Applications to export the enclosed programs on disk, however, have been
`denied.
`
`The shift in the NSA’s strategy, from attempting to control cryptographic
`research to tightening its grip on the development and deployment of
`cryptographic products, is presumably due to its realization that all the great
`cryptographic papers in the world do not protect a single bit of traffic. Sitting
`on the shelf, this volume may be able to do no better than the books and papers
`that preceded it, but sitting next to a workstation, where a programmer is
`writing cryptographic code, it just may.
`
`Whitfield Diffie
`Mountain View,
`CA
`
`Previous Table of Contents Next
`
`Products |  Contact Us |  About Us |  Privacy  |  Ad Info  |  Home
`
`Use of this site is subject to certain Terms & Conditions, Copyright © 1996-2000 EarthWeb Inc.
`All rights reserved. Reproduction whole or in part in any form or medium without express written permission of EarthWeb is
`prohibited. Read EarthWeb's privacy statement.
`
`Petitioner's Exhibit 1014, Page 14
`
`

`

`To access the contents, click the chapter and section titles.
`
`                
`
`Brief
`Full
` Advanced
`      Search
` Search Tips
`
`Applied Cryptography, Second Edition: Protocols, Algorthms, and Source
`Code in C (cloth)
`(Publisher: John Wiley & Sons, Inc.)
`Author(s): Bruce Schneier
`ISBN: 0471128457
`Publication Date: 01/01/96
`
`Search this book:
`
`Preface
`
`Previous Table of Contents Next
`
`There are two kinds of cryptography in this world: cryptography that will stop
`your kid sister from reading your files, and cryptography that will stop major
`governments from reading your files. This book is about the latter.
`
`If I take a letter, lock it in a safe, hide the safe somewhere in New York, then
`tell you to read the letter, that’s not security. That’s obscurity. On the other
`hand, if I take a letter and lock it in a safe, and then give you the safe along
`with the design specifications of the safe and a hundred identical safes with
`their combinations so that you and the world’s best safecrackers can study the
`locking mechanism—and you still can’t open the safe and read the
`letter—that’s security.
`
`For many years, this sort of cryptography was the exclusive domain of the
`military. The United States’ National Security Agency (NSA), and its
`counterparts in the former Soviet Union, England, France, Israel, and
`elsewhere, have spent billions of dollars in the very serious game of securing
`their own communications while trying to break everyone else’s. Private
`individuals, with far less expertise and budget, have been powerless to protect
`their own privacy against these governments.
`
`During the last 20 years, public academic research in cryptography has
`exploded. While classical cryptography has been long used by ordinary
`citizens, computer cryptography was the exclusive domain of the world’s
`militaries since World War II. Today, state–of–the–art computer cryptography
`is practiced outside the secured walls of the military agencies. The layperson
`can now employ security practices that can protect against the most powerful
`of adversaries—security that may protect against military agencies for years to
`come.
`
`Petitioner's Exhibit 1014, Page 15
`
` 
`

`

`Do average people really need this kind of security? Yes. They may be
`planning a political campaign, discussing taxes, or having an illicit affair. They
`may be designing a new product, discussing a marketing strategy, or planning
`a hostile business takeover. Or they may be living in a country that does not
`respect the rights of privacy of its citizens. They may be doing something that
`they feel shouldn’t be illegal, but is. For whatever reason, the data and
`communications are personal, private, and no one else’s business.
`
`This book is being published in a tumultuous time. In 1994, the Clinton
`administration approved the Escrowed Encryption Standard (including the
`Clipper chip and Fortezza card) and signed the Digital Telephony bill into law.
`Both of these initiatives try to ensure the government’s ability to conduct
`electronic surveillance.
`
`Some dangerously Orwellian assumptions are at work here: that the
`government has the right to listen to private communications, and that there is
`something wrong with a private citizen trying to keep a secret from the
`government. Law enforcement has always been able to conduct
`court–authorized surveillance if possible, but this is the first time that the
`people have been forced to take active measures to make themselves available
`for surveillance. These initiatives are not simply government proposals in
`some obscure area; they are preemptive and unilateral attempts to usurp
`powers that previously belonged to the people.
`
`Clipper and Digital Telephony do not protect privacy; they force individuals to
`unconditionally trust that the government will respect their privacy. The same
`law enforcement authorities who illegally tapped Martin Luther King Jr.’s
`phones can easily tap a phone protected with Clipper. In the recent past, local
`police authorities have either been charged criminally or sued civilly in
`numerous jurisdictions—Maryland, Connecticut, Vermont, Georgia, Missouri,
`and Nevada—for conducting illegal wiretaps. It’s a poor idea to deploy a
`technology that could some day facilitate a police state.
`
`The lesson here is that it is insufficient to protect ourselves with laws; we need
`to protect ourselves with mathematics. Encryption is too important to be left
`solely to governments.
`
`This book gives you the tools you need to protect your own privacy;
`cryptography products may be declared illegal, but the information will never
`be.
`
`How to Read This Book
`
`I wrote Applied Cryptography to be both a lively introduction to the field of
`cryptography and a comprehensive reference. I have tried to keep the text
`readable without sacrificing accuracy. This book is not intended to be a
`mathematical text. Although I have not deliberately given any false
`information, I do play fast and loose with theory. For those interested in
`formalism, there are copious references to the academic literature.
`
`Chapter 1 introduces cryptography, defines many terms, and briefly discusses
`precomputer cryptography.
`
`Petitioner's Exhibit 1014, Page 16
`
`

`

`Chapters 2 through 6 (Part I) describe cryptographic protocols: what people
`can do with cryptography. The protocols range from the simple (sending
`encrypted messages from one person to another) to the complex (flipping a
`coin over the telephone) to the esoteric (secure and anonymous digital money
`exchange). Some of these protocols are obvious; others are almost amazing.
`Cryptography can solve a lot of problems that most people never realized it
`could.
`
`Chapters 7 through 10 (Part II) discuss cryptographic techniques. All four
`chapters in this section are important for even the most basic uses of
`cryptography. Chapters 7 and 8 are about keys: how long a key should be in
`order to be secure, how to generate keys, how to store keys, how to dispose of
`keys, and so on. Key management is the hardest part of cryptography and often
`the Achilles’ heel of an otherwise secure system. Chapter 9 discusses different
`ways of using cryptographic algorithms, and Chapter 10 gives the odds and
`ends of algorithms: how to choose, implement, and use algorithms.
`
`Chapters 11 through 23 (Part III) list algorithms. Chapter 11 provides the
`mathematical background. This chapter is only required if you are interested in
`public–key algorithms. If you just want to implement DES (or something
`similar), you can skip ahead. Chapter 12 discusses DES: the algorithm, its
`history, its security, and some variants. Chapters 13, 14, and 15 discuss other
`block algorithms; if you want something more secure than DES, skip to the
`section on IDEA and triple–DES. If you want to read about a bunch of
`algorithms, some of which may be more secure than DES, read the whole
`chapter. Chapters 16 and 17 discuss stream algorithms. Chapter 18 focuses on
`one–way hash functions; MD5 and SHA are the most common, although I
`discuss many more. Chapter 19 discusses public–key encryption algorithms,
`Chapter 20 discusses public–key digital signature algorithms, Chapter 21
`discusses public–key identification algorithms, and Chapter 22 discusses
`public–key key exchange algorithms. The important algorithms are RSA,
`DSA, Fiat–Shamir, and Diffie–Hellman, respectively. Chapter 23 has more
`esoteric public–key algorithms and protocols; the math in this chapter is quite
`complicated, so wear your seat belt.
`
`Chapters 24 and 25 (Part IV) turn to the real world of cryptography. Chapter
`24 discusses some of the current implementations of these algorithms and
`protocols, while Chapter 25 touches on some of the political issues
`surrounding cryptography. These chapters are by no means intended to be
`comprehensive.
`
`Also included are source code listings for 10 algorithms discussed in Part III. I
`was unable to include all the code I wanted to due to space limitations, and
`cryptographic source code cannot otherwise be exported. (Amazingly enough,
`the State Department allowed export of the first edition of this book with
`source code, but denied export for a computer disk with the exact same source
`code on it. Go figure.) An associated source code disk set includes much more
`source code than I could fit in this book; it is probably the largest collection of
`cryptographic source code outside a military institution. I can only send source
`code disks to U.S. and Canadian citizens living in the U.S. and Canada, but
`hopefully that will change someday. If you are interested in implementing or
`playing with the cryptographic algorithms in this book, get the disk. See the
`
`Petitioner's Exhibit 1014, Page 17
`
`

`

`last page of the book for details.
`
`One criticism of this book is that its encyclopedic nature takes away from its
`readability. This is true, but I wanted to provide a single reference for those
`who might come across an algorithm in the academic literature or in a product.
`For those who are more interested in a tutorial, I apologize. A lot is being done
`in the field; this is the first time so much of it has been gathered between two
`covers. Even so, space considerations forced me to leave many things out. I
`covered topics that I felt were important, practical, or interesting. If I couldn’t
`cover a topic in depth, I gave references to articles and papers that did.
`
`I have done my best to hunt down and eradicate all errors in this book, but
`many have assured me that it is an impossible task. Certainly, the second
`edition has far fewer errors than the first. An errata listing is available from me
`and will be periodically posted to the Usenet newsgroup sci.crypt. If any
`reader finds an error, please let me know. I’ll send the first person to find each
`error in the book a free copy of the source code disk.
`
`Previous Table of Contents Next
`
`Products |  Contact Us |  About Us |  Privacy  |  Ad Info  |  Home
`
`Use of this site is subject to certain Terms & Conditions, Copyright © 1996-2000 EarthWeb Inc.
`All rights reserved. Reproduction whole or in part in any form or medium without express written permission of EarthWeb is
`prohibited. Read EarthWeb's privacy statement.
`
`Petitioner's Exhibit 1014, Page 18
`
`

`

`To access the contents, click the chapter and section titles.
`
`                
`
`Brief
`Full
` Advanced
`      Search
` Search Tips
`
`Applied Cryptography, Second Edition: Protocols, Algorthms, and Source
`Code in C (cloth)
`(Publisher: John Wiley & Sons, Inc.)
`Author(s): Bruce Schneier
`ISBN: 0471128457
`Publication Date: 01/01/96
`
`Search this book:
`
`Previous Table of Contents Next
`
`About the Author
`
`BRUCE SCHNEIER is president of Counterpane Systems, an Oak Park,
`Illinois consulting firm specializing in cryptography and computer security.
`Bruce is also the author of E–Mail Security (John Wiley & Sons, 1995) and
`Protect Your Macintosh (Peachpit Press, 1994); and has written dozens of
`articles on cryptography for major magazines. He is a contributing editor to
`Dr. Dobb’s Journal, where he edits the “Algorithms Alley” column, and a
`contributing editor to Computer and Communications Security Reviews. Bruce
`serves on the board of directors of the International Association for
`Cryptologic Research, is a member of the Advisory Board for the Electronic
`Privacy Information Center, and is on the program committee for the New
`Security Paradigms Workshop. In addition, he finds time to give frequent
`lectures on cryptography, computer security, and privacy.
`
`Acknowledgments
`
`The list of people who had a hand in this book may seem unending, but all are
`worthy of mention. I would like to thank Don Alvarez, Ross Anderson, Dave
`Balenson, Karl Barrus, Steve Bellovin, Dan Bernstein, Eli Biham, Joan Boyar,
`Karen Cooper, Whit Diffie, Joan Feigenbaum, Phil Karn, Neal Koblitz, Xuejia
`Lai, Tom Leranth, Mike Markowitz, Ralph Merkle, Bill Patton, Peter Pearson,
`Charles Pfleeger, Ken Pizzini, Bart Preneel, Mark Riordan, Joachim
`Schurman, and Marc Schwartz for reading and editing all or parts of the first
`edition; Marc Vauclair for translating the first edition into French; Abe
`Abraham, Ross Anderson, Dave Banisar, Steve Bellovin, Eli Biham, Matt
`Bishop, Matt Blaze, Gary Carter, Jan Camenisch