DOCSLIB.ORG

Higher Order Derivatives and Differential Cryptanalysis

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Higher Order Derivatives and Differential Cryptanalysis See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/246375728 Higher Order Derivatives and Differential Cryptanalysis Article · January 1994 DOI: 10.1007/978-1-4615-2694-0_23 CITATIONS READS 175 369 1 author: Xuejia Lai Shanghai Jiao Tong University 112 PUBLICATIONS 2,829 CITATIONS SEE PROFILE All content following this page was uploaded by Xuejia Lai on 04 May 2016. The user has requested enhancement of the downloaded file. All in-text references underlined in blue are added to the original document and are linked to publications on ResearchGate, letting you access and read them immediately. Reprint of pp Communications and Cryptography Ed RBlahut et al Kluwer Academic Publishers Higher Order Derivatives and Dierential Cryptanalysis Xuejia Lai R Security Engineering AG CH Aathal Switzerland lairch Abstract Highorder derivatives of multivariable functions are studied in this pap er as a natural generalization of the basic concept used in dierential cryptanalysis Possible applications of such derivatives in cryptology are discussed I Intro duction In just after Jim and I published at Euro crypt our new blo ck cipher PES the previous version of the IDEA cipher dierential cryptanalysis was prop osed byBiham and Shamir as a chosenplaintext attack to nd the secretkey of an iterated blo ck cipher In Biham and Shamir showed that the full round DES can b e broken by dierential cryptanalysis using only encryptions which is the rst rep orted attack that nds the secretkey of DES with fewer encryptions than exhaustivekeysearch Besides DES dierential cryptanalysis has b een applied successfully to many other ciphers for example the blo ck ciphers FEAL Khafre REDOC LOKI and Lucifer Likeevery cipher designer who heard a new attack that can b e applied to his cipher we started to apply the dierential cryptanalysis to our own prop osal As I talked to Jim ab out the rst result of the analysis he noticed immediately that the use of the prop erties of a Markovchain is essential to dierential cryptanalysis This observation led to the concept of Markov Cipher whichwe presented in where it was shown that the dierential cryptanalysis of many if not all practical blo c k ciphers can b e formulated in terms of the theory of Markovchains For example the implication of the only Lemma in Biham and Shamirs pap er is that DES is a Markov cipher In particular a fairly tightlower b ound on the complexity of a dierential cryptanalysis attack on a cipher can b e derived in terms of parameters of the Markovchain Although dierential cryptanalysis requires far to o muchchosen plaintexts to b e a practical attack on a cipher the complexity of a dierential cryptanalysis attack is the b est measure of its cryptographic strength that is known to day In this pap er we consider a p ossible generalization of the original rstorder dif ferential cryptanalysis in terms of higherorder derivative which is dened in Section where some general prop erties of derivatives are studied In Section we consider some This work was carried out at the Signal and Information Pro cessing Lab oratory of the Swiss Federal Institute of TechnologyZurich Switzerland sp ecial prop erties of derivatives of binary functions Section discusses the applications of such higher order derivatives in cryptology In particular we consider the relation ship among derivatives dierential cryptanalysis and linear structure of cryptographic functions I I Higher order derivatives Denition Let S and T b e Ab elian groups For a function f S T the derivatives of the f at point a S is dened as f xf x a f x a Note that the derivativeof f is itself a function from S to T we can dene the ith i derivative of f at a a a as i i i f x f x a i a a a a i i i f x b eing the i th derivativeof f at a a a The th where i a a i derivativeof f x is dened to b e f x itself For example for i wehave f x f x a a a a f x a f x a f x a a f x a f x a f x f x a a f x a f x a f x It then follows that f x a a f x f x f xf x a a a a In general one can show the following result Prop osition n X X i f x f x a a a n a a j j i i j j n i Pro of For n it follows from the denition Supp ose holds for n Then n f x a a n n n f x a f x n a a a a n n n X X i A f x a f x a a a n n n a a j j i i j j n i n f x a a n n X X i f x a f x a a n n a a j j i i j j n i n n X X X X i i n A f x f x f x a a a a a a j j j j n i i i i j j n j j n i i n X X i f x a f x f x a a n n a a j j i i j j n i n X X i n A f x f x a a a a j j n i i j j n i n X X i f x a a f x n a n a a j j i i j j n i n X X i n A f x f x a a a a j j n i i j j n i n X X i f x a a f x n a a a n j j i i j j n i n X X i n A f x f x a a a a j j n i i j j n i n X X i A f x f x a a n a a a n j j i j j n i i Some basic prop erties of the derivative are as follows f g f g a a a f xg x f x a g x f xg x a a a Equation is rather obvious and Equation can b e obtained as follows f xg x f x ag x a f xg x a f x ag x a g x f x a f xg x f x a g x f xg x a a Prop osition Let deg f denote the nonlinear degree of a multivariable polynomial function f x Then deg f x deg f x a Pro of It follows from equation and from the facts that deg f g maxdeg f deg g and deg fg degf degg and that the derivativeofalinear function is a constant I I I Derivatives of binary functions In what follows we will consider only the binary functions and the group op eration is the bitwise XOR denoted by i Prop osition Let La a a be the list of al l possible linear combinations of i a a a Then i X i f x f x c a a i cLa a a i Weproveitby induction For i itisobvious Supp ose hold for i Pro of then by denition i i f x f x a i a a a a i i i i f x f x a i a a a a i i X X A A f x c a f x c i cLa a a cLa a a i i X f x c cLa a a i Corollary Derivatives of binary function is independent of the order in which the derivation is taken ie for any permutation pj of index j i i f x f x a a a a i p pi The ab ove results lead to the lower b ound on the probability of derivative function taking on a certain value This probability is essential in cryptanalysis using such derivatives n n F and linearly independent a a a in Prop osition For function f F i in n n i f xb is either or at least if x is uniformly F and for any b F P a a i random Pro of From equation if at input x the derivativetakes on value b then at all i inputs x c c La a a the derivative will takeonvalue b i i f x Prop osition If a is linearly dependent of a a a then i i a a i Pro of If a is linearly dep endentof a a thena is contained in the list i i i La a a Thus in wehave i X X f x c a f x c i cLa a a cLa a a i i which implies that the derivative is zero The ab ove result shows that derivatives should b e computed at the p oints that are linearly indep endent Otherwise the higher order derivatives will b e trivially zero such cases are of no interest for our purp ose n m Prop osition For any function f F F the nth derivative of f is a constant n n If f F F is invertible then n th derivative of f isaconstant Pro of Each comp onent function of f can have a nonlinear degree at most n When f is invertible the nonlinear degree of its comp onent function is at most n The pro of then follows from Prop osition Example For f x x x x x x x x x x x x x we compute the nd derivative at f x x x x f x x x x f x x x x x x x x x x x x x x Thus f x x x x Note that and are linearly inde p endent and function f has a nonlinear degree IV Cryptographic signicance of derivatives Dierential cryptanalysis and derivatives The basic concept of dierential crypt analysis is the probability of dierentials An dierential is a couple a b where a is the dierence of a pair of distinct inputs x and x and where b is a p ossible dierence for the resulting outputs y f x and y f x The probability of an dierential a b is the conditional probabilitythat b is the dierence y of the outputs given that the input pair x x has dierence x a when the x is uniformly random We denote this dierential probabilityby P y bjx a If the dierence is dened by the group op eration ie if x x x then f b P y bjx a P f x a f x bP a Prop osition The probability of a dierential a b is the probability that the rst derivative of function f x at point a takes on value b when x is uniformly random The success of dierential cryptanalysis is based on the fact that many practical blo ck ciphers are obtained from iterating a cryptographically weak round function If the dierence of a pair of inputs to the last round can b e anticipated with a high probability then the secret key used in the last round can usually b e derived from the pair of outputs and from the dierence at the input By using highorder derivatives the basic idea of dierential cryptanalysis can b e generalized to the case when more than two inputs are used simultaneously for deriving the secret key if a nontrivial ith derivative of r round function takes on a value with high probability then it is i possible to derive the key for the last round from the known outputs and from the anticipated derivative value Although some
Load more

Recommended publications
  • Tuto Documentation Release 0.1.0
    Tuto Documentation Release 0.1.0 DevOps people 2020-05-09 09H16 CONTENTS 1 Documentation news 3 1.1 Documentation news 2020........................................3 1.1.1 New features of sphinx.ext.autodoc (typing) in sphinx 2.4.0 (2020-02-09)..........3 1.1.2 Hypermodern Python Chapter 5: Documentation (2020-01-29) by https://twitter.com/cjolowicz/..................................3 1.2 Documentation news 2018........................................4 1.2.1 Pratical sphinx (2018-05-12, pycon2018)...........................4 1.2.2 Markdown Descriptions on PyPI (2018-03-16)........................4 1.2.3 Bringing interactive examples to MDN.............................5 1.3 Documentation news 2017........................................5 1.3.1 Autodoc-style extraction into Sphinx for your JS project...................5 1.4 Documentation news 2016........................................5 1.4.1 La documentation linux utilise sphinx.............................5 2 Documentation Advices 7 2.1 You are what you document (Monday, May 5, 2014)..........................8 2.2 Rédaction technique...........................................8 2.2.1 Libérez vos informations de leurs silos.............................8 2.2.2 Intégrer la documentation aux processus de développement..................8 2.3 13 Things People Hate about Your Open Source Docs.........................9 2.4 Beautiful docs.............................................. 10 2.5 Designing Great API Docs (11 Jan 2012)................................ 10 2.6 Docness.................................................
    [Show full text]
  • Cryptanalysis of Substitution-Permutation Networks Using Key-Dependent Degeneracy*
    Cryptanalysis of Substitution-Permutation Networks Using Key-Dependent Degeneracy* Howard M. Heys Electrical Engineering, Faculty of Engineering and Applied Science Memorial University of Newfoundland St. John’s, Newfoundland, Canada A1B 3X5 Stafford E.Tavares Department of Electrical and Computer Engineering Queen’s University Kingston, Ontario, Canada K7L 3N6 * This research was supported by the Natural Sciences and Engineering Research Council of Canada and the Telecommunications Research Institute of Ontario and was completed during the first author’s doctoral studies at Queen’s University. Cryptanalysis of Substitution-Permutation Networks Using Key-Dependent Degeneracy Keywords Ð Cryptanalysis, Substitution-Permutation Network, S-box Abstract Ð This paper presents a novel cryptanalysis of Substitution- Permutation Networks using a chosen plaintext approach. The attack is based on the highly probable occurrence of key-dependent degeneracies within the network and is applicable regardless of the method of S-box keying. It is shown that a large number of rounds are required before a network is re- sistant to the attack. Experimental results have found 64-bit networks to be cryptanalyzable for as many as 8 to 12 rounds depending on the S-box properties. ¡ . Introduction The concept of Substitution-Permutation Networks (SPNs) for use in block cryp- tosystem design originates from the “confusion” and “diffusion” principles in- troduced by Shannon [1]. The SPN architecture considered in this paper was first suggested by Feistel [2] and consists of rounds of non-linear substitutions (S-boxes) connected by bit permutations. Such a cryptosystem structure, referred 1 to as LUCIFER1 by Feistel, is a simple, efficient implementation of Shannon’s concepts.
    [Show full text]
  • An Introduction to Cryptography Copyright © 1990-1999 Network Associates, Inc
    An Introduction to Cryptography Copyright © 1990-1999 Network Associates, Inc. and its Affiliated Companies. All Rights Reserved. PGP*, Version 6.5.1 6-99. Printed in the United States of America. PGP, Pretty Good, and Pretty Good Privacy are registered trademarks of Network Associates, Inc. and/or its Affiliated Companies in the US and other countries. All other registered and unregistered trademarks in this document are the sole property of their respective owners. Portions of this software may use public key algorithms described in U.S. Patent numbers 4,200,770, 4,218,582, 4,405,829, and 4,424,414, licensed exclusively by Public Key Partners; the IDEA(tm) cryptographic cipher described in U.S. patent number 5,214,703, licensed from Ascom Tech AG; and the Northern Telecom Ltd., CAST Encryption Algorithm, licensed from Northern Telecom, Ltd. IDEA is a trademark of Ascom Tech AG. Network Associates Inc. may have patents and/or pending patent applications covering subject matter in this software or its documentation; the furnishing of this software or documentation does not give you any license to these patents. The compression code in PGP is by Mark Adler and Jean-Loup Gailly, used with permission from the free Info-ZIP implementation. LDAP software provided courtesy University of Michigan at Ann Arbor, Copyright © 1992-1996 Regents of the University of Michigan. All rights reserved. This product includes software developed by the Apache Group for use in the Apache HTTP server project (http://www.apache.org/). Copyright © 1995-1999 The Apache Group. All rights reserved. See text files included with the software or the PGP web site for further information.
    [Show full text]
  • Differential Cryptanalysis of the Data Encryption Standard
    Differential Cryptanalysis of the Data Encryption Standard Eli Biham1 Adi Shamir2 December 7, 2009 1Computer Science Department, Technion – Israel Institute of Technology, Haifa 32000, Israel. Email: [email protected], WWW: http://www.cs.technion.ac.il/˜biham/. 2Department of Applied Mathematics and Computer Science, The Weizmann Institute of Science, Rehovot 76100, Israel. Email: [email protected]. This versionofthebookisprocessedfromtheauthor’soriginalLaTeXfiles,andmaybe differentlypaginatedthantheprintedbookbySpringer(1993). Copyright:EliBihamandAdiShamir. Preface The security of iterated cryptosystems and hash functions has been an active research area for many years. The best known and most widely used function of this type is the Data Encryption Standard (DES). It was developed at IBM and adopted by the National Bureau of Standards in the mid 70’s, and has successfully withstood all the attacks published so far in the open literature. Since the introduction of DES, many other iterated cryptosystems were developed, but their design and analysis were based on ad-hoc heuristic arguments, with no theoretical justification. In this book, we develop a new type of cryptanalytic attack which can be successfully applied to many iterated cryptosystems and hash functions. It is primarily a chosen plaintext attack but under certain circumstances, it can also be applied as a known plaintext attack. We call it “differen- tial cryptanalysis”, since it analyzes the evolution of differences when two related plaintexts are encrypted under the same key. Differential cryptanalysis is the first published attack which is capable of breaking the full 16-round DES in less than 255 complexity. The data analysis phase computes the key by analyzing about 236 ciphertexts in 237 time.
    [Show full text]
  • Differential Cryptanalysis of the Data Encryption Standard Eli Biham Adi Shamir
    Differential Cryptanalysis of the Data Encryption Standard Eli Biham Adi Shamir Differential Cryptanalysis of the Data Encryption Standard With 56 Illustrations Springer-Verlag New York Berlin Heidelberg London Paris Tokyo Hong Kong Barcelona Budapest Eli Biham Computer Science Department Technion-Israel Institute of Technology Haifa 32000 Israel Adi Shamir Department of Applied Mathematics and Computer Science The Weizmann Institute of Science Rehovot 76100 Israel Library of Congress Cataloging-in-Publication Data Biham,Eli. Differential cryptanalysis of the Data Encryption Standard / Eli Biham, Adi Shamir. p.cm. Includes bibliographical references and index. ISBN-13 :978-1-4613-9316-0 e- ISBN-13: 978-1-4613-9314-6 DOl: 10.1007/978-1-4613-9314-6 1. Computer - Access control. 2. Cryptography. I. Shamir, Adi. II. Title. QA76.9.A25B54 1993 005.8'2 - dc20 92-44581 Printed on acid-free paper. © 1993 by Springer-Verlag New York, Inc. Softcover reprint of the hardcover 1st edition 1993 All rights reserved. This work may not be translated or copied in whole or in part without the writ­ ten permission of the publisher (Springer-Verlag New York, Inc., 175 Fifth Avenue, New York, NY 10010, USA), except for brief excerpts in connection with reviews or scholarly analysis. Use in con­ nection with any form of information storage and retrieval, electronic adaptation, computer soft­ ware, or by similar or dissimilar methodology now known or hereafter developed is forbidden. The use of general descriptive names, trade names, trademarks, etc., in this publication, even if the former are not especially identified, is not to be taken as a sign that such names, as understood by the Trade Marks and Merchandise Marks Act, may accordingly be used freely by anyone.
    [Show full text]
  • Cryptanalysis of White-Box DES Implementations with Arbitrary External Encodings
    Cryptanalysis of White-Box DES Implementations with Arbitrary External Encodings Brecht Wyseur1, Wil Michiels2, Paul Gorissen2, and Bart Preneel1 1 Katholieke Universiteit Leuven Dept. Elect. Eng.-ESAT/SCD-COSIC, Kasteelpark Arenberg 10, 3001 Heverlee, Belgium fbrecht.wyseur,[email protected] 2 Philips Research Laboratories Prof. Holstlaan 4, 5656 AA, Eindhoven, The Netherlands fwil.michiels,[email protected] Abstract. At DRM 2002, Chow et al. [4] presented a method for im- plementing the DES block cipher such that it becomes hard to extract the embedded secret key in a white-box attack context. In such a con- text, an attacker has full access to the implementation and its execution environment. In order to provide an extra level of security, an implemen- tation shielded with external encodings was introduced by Chow et al. and improved by Link and Neumann [10]. In this paper, we present an algorithm to extract the secret key from such white-box DES implemen- tations. The cryptanalysis is a di®erential attack on obfuscated rounds, and works regardless of the shielding external encodings that are applied. The cryptanalysis has a average time complexity of 214 and a negligible space complexity. Keywords. White-Box Cryptography, Obfuscation, DES, Data Encryp- tion Standard, Cryptanalysis 1 Introduction White-box cryptography aims to protect secret keys by embedding them into a software implementation of a block cipher. The attack model for these implementations is de¯ned as the white-box attack model. In this model, an attacker has full control over the implementation and its ex- ecution environment. This includes static and dynamic analysis of the implementation, altering of computation, and modi¯cation of internal variables.
    [Show full text]
  • Cryptanalysis of S-DES
    Cryptanalysis of S-DES Dr. K. S. Ooi Brain Chin Vito ([email protected]) ([email protected]) University of Sheffield Centre, Taylor’s College 1st April 2002 Abstract This paper describes an effort to attack S-DES using differential cryptanalysis and linear cryptanalysis. S-DES is a reduced version of the Data Encryption Standard (DES). It also includes a discussion on the subject of cryptology and a literature survey of useful papers regarding cryptography and cryptanalysis. This paper is meant as a tutorial on the fundamentals of differential cryptanalysis and linear cryptanalysis of a Feistel cipher. Contents 1. Background 2. Literature Survey 3. S-DES 4. Brute Force Attack of S-DES 5. Differential Cryptanalysis of S-DES 6. Linear Cryptanalysis of S-DES 7. Reference 8. Appendix 8.1 S-DES Source Code 8.2 Automated Brute Force Attack of S-DES Source Code 8.3 Automated Differential Cryptanalysis of S-DES Source Code 8.4 Automated Linear Cryptanalysis of S-DES Source Code 8.5 Brute Force Attack of S-DES Results 8.6 Differential Cryptanalysis of S-DES Results 8.7 Linear Cryptanalysis of S-DES Results 8.8 Difference Pair Table of S0 8.9 Difference Pair Table of S1 8.10 Difference Distribution Table of S0 8.11 Difference Distribution Table of S1 8.12 Differential Characteristic of S-DES 8.13 I/0 Table for S0 8.14 Visualisation of Linear Approximation of S0 8.15 Distribution Table for S0 8.16 Notation Table 1 1. Background 1.1 Security in the Information Age 1.2 Importance of Cipher Efficiency 1.3 Cryptology 1.4 Why Cryptanalysis? 1.1 Security in the Information Age The beginning of the Information Age heralded a new kind of threat to governments, corporations and individuals.
    [Show full text]
  • Cryptanalysis of the Keeloq Block Cipher
    Cryptanalysis of the KeeLoq block cipher Andrey Bogdanov Chair for Communication Security Ruhr University Bochum, Germany Abstract. KeeLoq is a block cipher used in numerous widespread pas- sive entry and remote keyless entry systems as well as in various compo- nent identification applications. The KeeLoq algorithm has a 64-bit key and operates on 32-bit blocks. It is based on an NLFSR with a nonlinear feedback function of 5 variables. In this paper a key recovery attack with complexity of about 252 steps is proposed (one step is equivalent to a single KeeLoq encryption opera- tion). In our attack we use the techniques of guess-and-determine, slide, and distinguishing attacks. Several real-world applications are vulnerable to the attack. To our best knowledge this is the first paper to describe and cryptanalyze the KeeLoq block cipher. Key words: KeeLoq block cipher, cryptanalysis, slide attacks, guess- and-determine attacks, distinguishing attacks 1 Introduction A large proportion of modern block ciphers are built upon Feistel networks. Such cryptographic algorithms as DES [22], Blowfish [26], KASUMI [6], GOST [32] or RC5 [25] are based on balanced Feistel networks. Other block ciphers use source-heavy or target-heavy unbalanced Feistel networks (e.g. REDOC III [27], Skipjack [23], etc.). The most extreme case of a source-heavy unbalanced Feistel network [28] is a nonlinear feedback shift register (NLFSR), which can be applied in both stream cipher and block cipher designs. A number of NLFSR-based stream ciphers have been recently proposed (e.g. Achterbahn [8] and [7], Grain [9]) and successfully cryptanalyzed using linear [2] and nonlinear [11], [24] approximations of nonlinear feedback functions.
    [Show full text]
  • Attacks on Hash Functions and Applications Attacks on Hash Functions and Applications Marc Stevens Printed by Ipskamp Drukkers AMS 2000 Subj
    Attacks on Hash Functions and Applications PROEFSCHRIFT ter verkrijging van de graad van Doctor aan de Universiteit Leiden, op gezag van Rector Magnificus prof. mr. P.F. van der Heijden, volgens besluit van het College voor Promoties te verdedigen op dinsdag 19 juni 2012 klokke 15.00 uur door Marc Martinus Jacobus Stevens, geboren te Hellevoetsluis in 1981 Samenstelling van de promotiecommissie: Promotores: Prof. dr. R. Cramer (CWI & Universiteit Leiden) Prof. dr. A.K. Lenstra (École Polytechnique Fédérale de Lausanne) Copromotor: Dr. B.M.M. de Weger (Technische Universiteit Eindhoven) Overige leden: Prof. dr. E. Biham (Technion) Dr. B. Schoenmakers (Technische Universiteit Eindhoven) Prof. dr. P. Stevenhagen (Universiteit Leiden) Prof. dr. X. Wang (Tsinghua University) The research in this thesis has been carried out at the Centrum Wiskunde & Informatica in the Netherlands and has been funded by the NWO VICI grant of Prof. dr. R. Cramer. Attacks on Hash Functions and Applications Attacks on Hash Functions and Applications Marc Stevens Printed by Ipskamp Drukkers AMS 2000 Subj. class. code: 94A60 NUR: 919 ISBN: 978-94-6191-317-3 Copyright © M. Stevens, Amsterdam 2012. All rights reserved. Cover design by Ankita Sonone. CONTENTS i Contents I Introduction 1 1 Hash functions 3 1.1 Authenticity and confidentiality . 3 1.2 Rise of a digital world . 4 1.3 Security frameworks . 5 1.4 Cryptographic hash functions . 8 1.5 Differential cryptanalysis . 15 2 MD5 collision attack by Wang et al. 17 2.1 Preliminaries . 17 2.2 Description of MD5 . 19 2.3 Collision attack overview . 21 2.4 Two message block collision .
    [Show full text]
  • An Introduction to Cryptography Version Information an Introduction to Cryptography, Version 8.0
    An Introduction to Cryptography Version Information An Introduction to Cryptography, version 8.0. Released Oct. 2002. Copyright Information Copyright © 1991-2002 by PGP Corporation. All Rights Reserved. No part of this document can be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of PGP Corporation. Trademark Information PGP and Pretty Good Privacy are registered trademarks of PGP Corporation in the U.S. and other countries. IDEA is a trademark of Ascom Tech AG. All other registered and unregistered trademarks in this document are the sole property of their respective owners. Licensing and Patent Information The IDEA cryptographic cipher described in U.S. patent number 5,214,703 is licensed from Ascom Tech AG. The CAST encryption algorithm is licensed from Northern Telecom, Ltd. PGP Corporation may have patents and/or pending patent applications covering subject matter in this software or its documentation; the furnishing of this software or documentation does not give you any license to these patents. Acknowledgments The compression code in PGP is by Mark Adler and Jean-Loup Gailly, used with permission from the free Info-ZIP implementation. Export Information Export of this software and documentation may be subject to compliance with the rules and regulations promulgated from time to time by the Bureau of Export Administration, United States Department of Commerce, which restrict the export and re-export of certain products and technical data. Limitations The software provided with this documentation is licensed to you for your individual use under the terms of the End User License Agreement provided with the software.
    [Show full text]
  • United States Patent (10) Patent No.: US 8,200,775 B2 M00re (45) Date of Patent: Jun
    US008200775B2 (12) United States Patent (10) Patent No.: US 8,200,775 B2 M00re (45) Date of Patent: Jun. 12, 2012 (54) ENHANCED SYNDICATION FOREIGN PATENT DOCUMENTS WO 2003077558 A2 9, 2003 (75) Inventor: James F. Moore, Lincoln, MA (US) (Continued) (73) Assignee: Nils Media Group, Inc, Lincoln, OTHER PUBLICATIONS (US) Wood, Charlie “Introducing Spanning Feed Builder for (*) Notice: Subject to any disclaimer, the term of this AppExchange", http://www.spanningpartners.com/2006/07/intro patent is extended or adjusted under 35 ducing spa.html, (Jul. 2, 2006). U.S.C. 154(b) by 1278 days. (Continued) (21) Appl. No.: 11/223,826 Primary Examiner — Wing Chan Assistant Examiner — Alicia Baturay (22) Filed: Sep. 10, 2005 (74) Attorney, Agent, or Firm — GTC Law Group LLP & (65) Prior Publication Data Affiliates US 2006/O173985 A1 Aug. 3, 2006 (57) ABSTRACT Related U.S. Application Data A variety of tools and techniques a disclosed for managing, viewing, publishing, searching, clustering, and otherwise (60) Provisional application No. 60/594,478, filed on Apr. manipulating data streams. Data streams such as RSS data 12, 2005, provisional application No. 60/594,456, feeds may be searched, aggregated, and filtered into a pro filed on Apr. 10, 2005, provisional application No. cessed feed. The processed feed, along with rules used to 60/649.311, filed on Feb. 1, 2005, provisional process the feed may be shared in a number of ways. A data application No. 60/649.312, filed on Feb. 1, 2005, feed management system may provide an integrated user provisional application No. 60/649,504, filed on Feb.
    [Show full text]
  • Ongoing Research Areas in Symmetric Cryptography Anne Canteaut, Daniel Augot, Carlos Cid, H
    D.STVL.9 - Ongoing Research Areas in Symmetric Cryptography Anne Canteaut, Daniel Augot, Carlos Cid, H. Englund, Henri Gilbert, Martin Hell, Thomas Johansson, Matthew Parker, Thomas Pornin, Bart Preneel, et al. To cite this version: Anne Canteaut, Daniel Augot, Carlos Cid, H. Englund, Henri Gilbert, et al.. D.STVL.9 - Ongoing Research Areas in Symmetric Cryptography. 2008. hal-00328622 HAL Id: hal-00328622 https://hal.archives-ouvertes.fr/hal-00328622 Preprint submitted on 10 Oct 2008 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. IST-2002-507932 ECRYPT European Network of Excellence in Cryptology Network of Excellence Information Society Technologies D.STVL.9 Ongoing Research Areas in Symmetric Cryptography Due date of deliverable: 31. July 2008 Revised: 17. July 2008 Start date of project: 1 February 2004 Duration: 4 years Lead contractor: Institut National de Recherche en Informatique et en Automatique (INRIA) Revision 1.2 Project co-funded by the European Commission within the 6th Framework Programme Dissemination Level PU Public X PP Restricted
    [Show full text]