, Complexity classes in communication complexity theory (preliminary version), 27th FOCS, vol.14, pp.337-347, 1986.
, An information statistics approach to data stream and communication complexity, 43rd FOCS, vol.14, pp.209-218, 2002.
, How to compress interactive communication, 42nd ACM STOC, p.19, 2010.
DOI : 10.1137/100811969
, Random oracles are practical: A paradigm for designing efficient protocols, ACM CCS 93, pp.62-73, 1993.
, Dual EC: A standardized back door, Cryptology ePrint Archive, 2015.
, On the impossibility of efficiently combining collision resistant hash functions, CRYPTO 2006, pp.570-583, 2006.
, Amplifying collision resistance: A complexity-theoretic treatment, CRYPTO 2007, pp.264-283, 2007.
DOI : 10.1007/978-3-540-74143-5_15
URL : https://link.springer.com/content/pdf/10.1007%2F978-3-540-74143-5_15.pdf
, The story of set disjointness, SIGACT News, vol.41, issue.3, pp.59-85, 2010.
, A systematic analysis of the juniper dual EC incident, ACM CCS 16, pp.468-479, 2016.
, On the practical exploitability of dual EC in TLS implementations, 23rd USENIX Security Symposium (USENIX Security 14), pp.319-335, 2014.
, Random oracles and nonuniformity. Cryptology ePrint Archive, 2017.
, New attacks on the concatenation and XOR hash combiners, EUROCRYPT 2016, Part I, pp.484-508, 2016.
, Fixing cracks in the concrete: Random oracles with auxiliary input, revisited, EUROCRYPT 2017, Part II, pp.473-495, 2017.
, How to prove yourself: Practical solutions to identification and signature problems, CRYPTO'86, pp.186-194, 1987.
DOI : 10.1007/3-540-47721-7_12
URL : http://dsns.csie.nctu.edu.tw/research/crypto/HTML/PDF/C86/186.PDF
, Security-amplifying combiners for collision-resistant hash functions, CRYPTO 2007, pp.224-243, 2007.
DOI : 10.1007/978-3-540-74143-5_13
URL : https://link.springer.com/content/pdf/10.1007%2F978-3-540-74143-5_13.pdf
, Robust multi-property combiners for hash functions, Journal of Cryptology, vol.27, issue.3, pp.397-428, 2014.
DOI : 10.1007/s00145-013-9148-7
, Foundations of Cryptography: Basic Tools, vol.1, 2001.
, Set disjointness lower bound via product distribution. Scribes for Information theory and its applications in theory of computation, vol.15, 2013.
, On the strength of the concatenated hash combiner when all the hash functions are weak, ICALP 2008, Part II, pp.616-630, 2008.
, Multicollisions in iterated hash functions. Application to cascaded constructions, CRYPTO 2004, p.13, 2004.
, Hash functions from defective ideal ciphers, CT-RSA 2015, pp.273-290, 2015.
DOI : 10.1007/978-3-319-16715-2_15
, Security of encryption schemes in weakened random oracle models, PKC 2010, p.13, 2010.
DOI : 10.1007/978-3-642-13013-7_24
URL : https://link.springer.com/content/pdf/10.1007%2F978-3-642-13013-7_24.pdf
, Communication complexity, vol.13, 1997.
, On the Security of Hash Function Combiners, vol.12, 2010.
, The sum can be weaker than each part, EUROCRYPT 2015, Part I, p.13, 2015.
DOI : 10.1007/978-3-662-46800-5_14
URL : https://hal.archives-ouvertes.fr/hal-01105129
, Constructing an ideal hash function from weak ideal compression functions, SAC 2006, pp.358-375, 2007.
DOI : 10.1007/978-3-540-74462-7_25
URL : https://link.springer.com/content/pdf/10.1007%2F978-3-540-74462-7_25.pdf
, A failure-friendly design principle for hash functions, ASIACRYPT 2005, pp.474-494, 2005.
DOI : 10.1007/11593447_26
URL : https://link.springer.com/content/pdf/10.1007%2F11593447_26.pdf
, A hardcore lemma for computational indistinguishability: Security amplification for arbitrarily weak PRGs with optimal stretch, TCC 2010, vol.23, pp.237-254, 2010.
DOI : 10.1007/978-3-642-11799-2_15
URL : https://link.springer.com/content/pdf/10.1007%2F978-3-642-11799-2_15.pdf
, MD5 is weaker than weak: Attacks on concatenated combiners, ASIACRYPT 2009, pp.144-161, 2009.
DOI : 10.1007/978-3-642-10366-7_9
URL : https://link.springer.com/content/pdf/10.1007%2F978-3-642-10366-7_9.pdf
, Cryptophia's short combiner for collision-resistant hash functions, ACNS 13, p.13, 2013.
DOI : 10.1007/978-3-642-38980-1_9
URL : http://eprint.iacr.org/2013/210.pdf
, Communication complexity. Scribes for Advanced Complexity Theory, vol.15, 2012.
, Security of digital signature schemes in weakened random oracle models, PKC 2008, pp.268-287, 2008.
DOI : 10.1007/978-3-540-78440-1_16
URL : https://link.springer.com/content/pdf/10.1007%2F978-3-540-78440-1_16.pdf
, Notions of reducibility between cryptographic primitives, TCC 2004, pp.1-20, 2004.
, Cryptographic hash-function basics: Definitions, implications, and separations for preimage resistance, second-preimage resistance, and collision resistance, FSE 2004, vol.10, pp.371-388, 2004.
, Finding collisions on a one-way street: Can secure hash functions be based on general assumptions, EUROCRYPT'98, pp.334-345, 1998.
, Random oracles and auxiliary input, CRYPTO 2007, pp.205-223, 2007.
DOI : 10.1007/978-3-540-74143-5_12
URL : https://link.springer.com/content/pdf/10.1007%2F978-3-540-74143-5_12.pdf
, Some complexity questions related to distributive computing(preliminary report), Proceedings of the Eleventh Annual ACM Symposium on Theory of Computing, vol.13, pp.209-213, 1979.