1.

N. Asokan, V. Shoup, and M. Waidner. Optimistic fair exchange of digital signatures. In *Advances in Cryptology-Eurocrypt '98*, 1998.

2.

M. Bellare, R. Canetti, and H. Krawczyk. A modular approach to the design and analysis of authentication and key exchange protocols. In *30th Annual ACM Symposium on Theory of Computing*, 1998.

3.

M. Bellare and P. Rogaway. Random oracles are practical: a paradigm for designing efficient protocols. In *First ACM Conference on Computer and Communications Security*, pages 62–73, 1993.

4.

M. Bellare and P. Rogaway. Optimal asymmetric encryption. In *Advances in Cryptology — Crypto '94*, pages 92–111, 1994.

5.

M. Bellare and P. Rogaway. Collision-resistant hashing: towards making UOWHFs practical. In *Advances in Cryptology-Crypto '97*, 1997.

6.

D. Boneh and R. Venkatesan. Hardness of computing the most significant bits of secret keys in Diffie-Hellman and related schemes. In *Advances in Cryptology-Crypto '96*, pages 129–142, 1996.

7.

R. Canetti, O. Goldreich, and S. Halevi. The random oracle model, revisted. In *30th Annual ACM Symposium on Theory of Computing*, 1998. To appear.

8.

I. Damgard. Towards practical public key cryptosystems secure against chosen ciphertext attacks. In *Advances in Cryptology-Crypto '91*, pages 445–456, 1991.

9.

D. Dolev, C. Dwork, and M. Naor. Non-malleable cryptography. In *23rd Annual ACM Symposium on Theory of Computing*, pages 542–552, 1991.

10.

D. Dolev, C. Dwork, and M. Naor. Non-malleable cryptography, 1998. Manuscript (updated, full length version of STOC paper).

11.

C. Dwork and M. Naor. Method for message authentication from non-malleable cryptosystems, 1996. U. S. Patent No. 05539826.

12.

T. El Gamal. A public key cryptosystem and signature scheme based on discrete logarithms.

*IEEE Trans. Inform. Theory*, 31:469–472, 1985.

MathSciNetCrossRef13.

Y. Frankel and M. Yung. Cryptanalysis of immunized LL public key systems. In *Advances in Cryptology-Crypto '95*, pages 287–296, 1995.

14.

S. Goldwasser and S. Micali. Probabilistic encryption.

*Journal of Computer and System Sciences*, 28:270–299, 1984.

MATHMathSciNetCrossRef15.

R. Impagliazzo, L. Levin, and M. Luby. Pseudo-random number generation from any one-way function. In *21st Annual ACM Symposium on Theory of Computing*, pages 12–24, 1989.

16.

C. H. Lim and P. J. Lee. Another method for attaining security against adaptively chosen ciphertext attacks. In *Advances in Cryptology-Crypto '93*, pages 420–434, 1993.

17.

M. Naor and O. Reingold. Number-theoretic constructions of efficient pseudo-random functions. In *38th Annual Symposium on Foundations of Computer Science*, 1997.

18.

M. Naor and M. Yung. Universal one-way hash functions and their cryptographic applications. In *21st Annual ACM Symposium on Theory of Computing*, 1989.

19.

M. Naor and M. Yung. Public-key cryptosystems provably secure against chosen ciphertext attacks. In *22nd Annual ACM Symposium on Theory of Computing*, pages 427–437, 1990.

20.

C. Rackoff and D. Simon. Noninteractive zero-knowledge proof of knowledge and chosen ciphertext attack. In *Advances in Cryptology-Crypto '91*, pages 433–444, 1991.

21.

V. Shoup. Lower bounds for discrete logarithms and related problems. In *Advances in Cryptology-Eurocrypt '97*, 1997.

22.

V. Shoup and R. Gennaro. Securing threshold cryptosystems against chosen ciphertext attack. In *Advances in Cryptology-Eurocrypt '98*, 1998.

23.

M. Stadler. Publicly verifiable secrete sharing. In *Advances in Cryptology-Eurocrypt '96*, pages 190–199, 1996.

24.

Y. Zheng and J. Seberry. Practical approaches to attaining security against adaptively chosen ciphertext attacks. In *Advances in Cryptology-Crypto '92*, pages 292–304, 1992.