Quote: shouldn't unnecessarily divulge information, e.g., public keys should remain secret from non-users [»giffDK4_1982]

Quote: if an adversary can get a user to sign arbitrary messages, can decrypt public key messages or forge signatures [»dennDE4_1984]

Quote: prevent a public key attack by signing all messages with a one-way public function [»dennDE4_1984]

Quote: public-key cryptosystems are vulnerable to forgery and man-in-the-middle attacks [»zimmPR_1995]

Quote: need a trusted public key directory, otherwise cannot trust a digital signature [»gelbB12_2000]

Quote: for public key infrastructure choose locally meaningful identifiers, avoid revocation, use freshness guarantee, design for a purpose [»gutmP8_2002]

Quote: a public password is a written digest of the authentication server's public key; needed for password protocols [»haleS8_1999]

Quote: mutual authentication using public-key cryptology; with a smart card, the users' secrets are not exposed to the certification center [»leePJ1_1990]

Quote: can allow for compromised keys if the authentication server adds a signed copy of the sender's public key to the message [»bootKS11_1981]

Quote: a public-key certificate is a secure answer to a predetermined query; may broadcast via an untrusted systems; generate on a tightly secured system [»lampBW6_2004]

Quote: to sign a public key, you should require your own independent firsthand knowledge of who owns that key [»zimmPR_1995]

Quote: never trust a public key that isn't signed by someone you trust, i.e., someone whose trusted public key is on your key ring [»zimmPR_1995]

Quote: protect public keys by an audit trail giving registrations of keys, signatures, and compromised keys [»dennDE2_1983]

Quote: a self-certified public key includes an encrypted certification; secret keys are unknown to the authority (unlike identity-based schemes) [»giraM4_1991]

Quote: prevent public key forgery with signed public key certificates from mutually trusted friends; allows centralized and decentralized approaches [»zimmPR_1995]

Quote: secure communication and authentication in Taos with certificates, credentials, shared keys, and public keys [»wobbE2_1994]

Quote: use key continuity for public-key management; a known, good key confirms a remote party's identity; e.g., SSH [»gutmP2_2004]

Quote: key continuity is vulnerable to man-in-the-middle attacks; unlikely; e.g., credit cards have not been intercepted [»gutmP2_2004]

Quote: SSH loses key continuity when reinstalled; could generate a successor key for future use; reestablish continutity with an old-with-new key exchange [»gutmP2_2004]

Quote: use a public originator key instead of a GUID; use to sign a component assembly [»meijE10_2002]

Quote: encryption protocols similar from public-key and conventional algorithms; public-key only has advantage for signed communications [»needRM12_1979]

Quote: digital signatures work well for business-to-business transactions with secure computers; but then a public key infrastructure is not needed [»elliC2_2000]

Quote: all strong password mechanisms use public-key techniques to resist password-guessing attacks; probably necessary [»haleS8_1999]

QuoteRef: muelC_1982 ;;487 design for a secure local network based on DES and public-key cryptography.

Quote: ideal properties for public-key encryption are security against adaptive attacks, fast encryption and decryption, ciphertext same length as plaintext, large plaintext space, and small memory size [»nishM12_2001]

Quote: performance testing of cryptographic algorithms written in optimized assembly code [»prenB12_1998]

Quote: CryptoLib is a portable and efficient library for public and private key encryption systems [»lacyJB10_1993]

Quote: a public-key encryption system based on Diophantine equations; a vector product to send, and several multiplications and modulus operations to receive [»linCH1_1995]

Quote: how to optimize RSA encryption and decryption; software often faster than hardware implementations [»wienMJ2_2000]

Quote: fast public-key encryption based on modular squaring; secure against an adaptive chosen-ciphertext attack [»nishM12_2001]