密码学中信息理论安全的研究
|
摘要
目前的密钥系统无论是单钥体制还是公钥体制都建立在计算安全的模型上。原
则上讲,利用穷举密钥法总可以将上述的密码系统逐个攻破。本文的研究工作针对
信息理论安全即无条件安全展开。假定敌手拥有无限的时间、设备和资金,对敌手
的计算能力不做任何限制,那么即使敌手能在很短的时间内将所有的密钥都遍历一
遍的话,基于信息理论安全模型的密码系统也不会被攻破。随着科技的迅猛发展,
具有无限计算能力的量子计算机及DNA计算机的实现也不是梦想,故无条件安全
模型的建立有着非常现实的意义。
通过适当地修改Shannon的完善保密模型,可以使之成为一个更加接近于实际
而且是可证明安全的无条件安全密码体制。第一个修改就是放松Shannon对明文和
密文毫不相关的限制,使明文和密文有任意小的相关性;第二个修改是去除敌手能
够接受与合法用户一样的信息这一假设。目前所提出的最典型的两个实现就是量子
信道和有扰信道。
无论是量子信道还是有扰信道,都可以抽象为这样一个模型:通信双方Alice和
Bob及敌手Eve分别得到概率分布为P_(XYZ)的X,Y,Z三个随机变量,之后他们在公共
信道上进行无条件安全的秘密钥协商。一般可以分优先提取,信息协商和保密增强
三个阶段来进行。
在这一研究领域,作者的主要研究成果如下:
1.在认证信道上的协商中,研究了Alice和Bob间的信息协调所产生的边信息
对Eve的Renyi的熵影响,揭示了信息协调与保密增强间的联系。
2.在无条件安全密钥协商中,假定通信双方通过相互独立的无记忆二元对称
信道来接收二元对称信源所传送的信息作为初始信息,在这种条件下,本
文提出了一种利用他们之间的初始相关信息对公共信道上的消息进行认证
的具体方案,从而使得无条件安全密钥协商具有抗主动攻击的能力。
3.根据一种基于纠错码的无条件认证码的构造原理,有效地解决了通信双方
间有认证密钥的条件下保密增强中防主动攻击的问题。
4.对S.Wolf在文献[Wol98]中所提出的强保密增强协议进行了改进,只要敌手
所知的有关于通信双方的共享串S的二阶Renyi熵超过串长n的一半而不
是2/3,则当n充分大时,就有可能在不安全且非认证信道上实现保密增强。
5.提出了一种在没有认证密钥的情况下利用通信双方间的部分保密的共享信
息对公共信道上的消息进行认证的方法。该方法下的保密增强能以一定的
概率抗击主动攻击。
Both the symmetric key systems and public key systems currently used are based on the model of computational security. In principle, all of them can be broken by trying the possible keys in sequence. This thesis focuses on information-theoretic security, i.e. unconditional security. In information-theoretic security, we can assume that adversaries have the infinite computing power, and the cryptographic systems based on the model of information-theoretic security will not be broken down even if the adversaries can try all the possible keys in sequence in short time. With the development of science and technology, quantum computers and DNA computers with infinite computing power will be available. Therefore, it is significant for us to focus our attention on the research of information-theoretic security.
Shannon抯 model can be modified to make practical provably secure cryptosystems possible. The first modification is to relax the requirement that perfect security means complete independence between the plaintext and the adversary抯 knowledge and to allow an arbitrarily small correlation. The second, crucial modification removes the assumption that the adversary receives exactly the same information as the legitimate users. The most realistic mechanisms proposed so far for limiting the information available to the adversary are quantum channels and noisy channels.
Such a scenario can be abstracted from quantum channels and noisy channels: two communicants. Alice and Bob, and an adversary, Eve, receive three variables X, Y, Z which are distributed according to some probability distribution P~. Then Alice and Bob begin secret-key agreement over a public channel. Such a secret key agreement over a public channel usually consists of three phases, advantage distillation, information reconciliation and privacy amplification.
The main work in this thesis is as follows:
1. Demonstrate the effect of side information introduced by the communication over the public channel on Eve抯 Renyi entropy and show the relationship between information reconciliation and privacy amplification.
2. When two communicants and an adversary obtain correlated information through independent binary symmetric channels from a random source, and the adversary抯 channel is noisier than those of communicants, an authentication scheme which uses the correlated information between the two communicants is proposed based on the coding theory to make possible information theoretic secret key agreement against active attacks.
3 With the help of the unconditional secure authentication codes constructed from error-correcting codes, privacy amplification secure against active attacks is possible
if the two communicants share some authentication key.
4. An improvement is made to the strong protocol which is proposed by S.WolfJWol98] and implemented with help of interactive authentication. The improved strong protocol makes the privacy amplification by communication over an insecure and non-authentic channel possible for sufficiently large n ,the size of common string S shared by the two parties, when the adversary抯 R閚yi entropy about S exceeds only n12 rather than 2n13 which is required in [Wo198].
5. Another authentication scheme is proposed which uses the common string between the two communicants to authenticate the messages over the public channel. Such an authentication scheme can make privacy amplification secure against active attack with some probability under the condition that the two communicants have no authentication key.
则上讲,利用穷举密钥法总可以将上述的密码系统逐个攻破。本文的研究工作针对
信息理论安全即无条件安全展开。假定敌手拥有无限的时间、设备和资金,对敌手
的计算能力不做任何限制,那么即使敌手能在很短的时间内将所有的密钥都遍历一
遍的话,基于信息理论安全模型的密码系统也不会被攻破。随着科技的迅猛发展,
具有无限计算能力的量子计算机及DNA计算机的实现也不是梦想,故无条件安全
模型的建立有着非常现实的意义。
通过适当地修改Shannon的完善保密模型,可以使之成为一个更加接近于实际
而且是可证明安全的无条件安全密码体制。第一个修改就是放松Shannon对明文和
密文毫不相关的限制,使明文和密文有任意小的相关性;第二个修改是去除敌手能
够接受与合法用户一样的信息这一假设。目前所提出的最典型的两个实现就是量子
信道和有扰信道。
无论是量子信道还是有扰信道,都可以抽象为这样一个模型:通信双方Alice和
Bob及敌手Eve分别得到概率分布为P_(XYZ)的X,Y,Z三个随机变量,之后他们在公共
信道上进行无条件安全的秘密钥协商。一般可以分优先提取,信息协商和保密增强
三个阶段来进行。
在这一研究领域,作者的主要研究成果如下:
1.在认证信道上的协商中,研究了Alice和Bob间的信息协调所产生的边信息
对Eve的Renyi的熵影响,揭示了信息协调与保密增强间的联系。
2.在无条件安全密钥协商中,假定通信双方通过相互独立的无记忆二元对称
信道来接收二元对称信源所传送的信息作为初始信息,在这种条件下,本
文提出了一种利用他们之间的初始相关信息对公共信道上的消息进行认证
的具体方案,从而使得无条件安全密钥协商具有抗主动攻击的能力。
3.根据一种基于纠错码的无条件认证码的构造原理,有效地解决了通信双方
间有认证密钥的条件下保密增强中防主动攻击的问题。
4.对S.Wolf在文献[Wol98]中所提出的强保密增强协议进行了改进,只要敌手
所知的有关于通信双方的共享串S的二阶Renyi熵超过串长n的一半而不
是2/3,则当n充分大时,就有可能在不安全且非认证信道上实现保密增强。
5.提出了一种在没有认证密钥的情况下利用通信双方间的部分保密的共享信
息对公共信道上的消息进行认证的方法。该方法下的保密增强能以一定的
概率抗击主动攻击。
Both the symmetric key systems and public key systems currently used are based on the model of computational security. In principle, all of them can be broken by trying the possible keys in sequence. This thesis focuses on information-theoretic security, i.e. unconditional security. In information-theoretic security, we can assume that adversaries have the infinite computing power, and the cryptographic systems based on the model of information-theoretic security will not be broken down even if the adversaries can try all the possible keys in sequence in short time. With the development of science and technology, quantum computers and DNA computers with infinite computing power will be available. Therefore, it is significant for us to focus our attention on the research of information-theoretic security.
Shannon抯 model can be modified to make practical provably secure cryptosystems possible. The first modification is to relax the requirement that perfect security means complete independence between the plaintext and the adversary抯 knowledge and to allow an arbitrarily small correlation. The second, crucial modification removes the assumption that the adversary receives exactly the same information as the legitimate users. The most realistic mechanisms proposed so far for limiting the information available to the adversary are quantum channels and noisy channels.
Such a scenario can be abstracted from quantum channels and noisy channels: two communicants. Alice and Bob, and an adversary, Eve, receive three variables X, Y, Z which are distributed according to some probability distribution P~. Then Alice and Bob begin secret-key agreement over a public channel. Such a secret key agreement over a public channel usually consists of three phases, advantage distillation, information reconciliation and privacy amplification.
The main work in this thesis is as follows:
1. Demonstrate the effect of side information introduced by the communication over the public channel on Eve抯 Renyi entropy and show the relationship between information reconciliation and privacy amplification.
2. When two communicants and an adversary obtain correlated information through independent binary symmetric channels from a random source, and the adversary抯 channel is noisier than those of communicants, an authentication scheme which uses the correlated information between the two communicants is proposed based on the coding theory to make possible information theoretic secret key agreement against active attacks.
3 With the help of the unconditional secure authentication codes constructed from error-correcting codes, privacy amplification secure against active attacks is possible
if the two communicants share some authentication key.
4. An improvement is made to the strong protocol which is proposed by S.WolfJWol98] and implemented with help of interactive authentication. The improved strong protocol makes the privacy amplification by communication over an insecure and non-authentic channel possible for sufficiently large n ,the size of common string S shared by the two parties, when the adversary抯 R閚yi entropy about S exceeds only n12 rather than 2n13 which is required in [Wo198].
5. Another authentication scheme is proposed which uses the common string between the two communicants to authenticate the messages over the public channel. Such an authentication scheme can make privacy amplification secure against active attack with some probability under the condition that the two communicants have no authentication key.
引文
1. [AD75] J. Aczel and Z. Daroczy, On measures of information and theiry characterizations, Mathematics in science and engineering, vol. 115, Academic Press, New York, 1975.
2. [AGHP92] Noga Alon, Oded Goldreich, Johan Histad, and Rene Peralta, Simple constructions of almost k-wise independent random variables, Random Structures and Algorithms 3 (1992) , no. 3, 289-304, Preliminary version presented at 31st FOCS (1990) .
3. [Ari77] S. Arimoto, Information measures and capacity of order a for discrete memoryless channels, Topics in Information Theory (I. Csiszar and P. Elias, eds.), North-Holland, 1977, pp. 41--52.
4. [Ari96] Erdal Arikan, An inequality on guessing and its application to sequential decoding, IEEE Transactions on Information Theory 42 (19%), no. 1,99-105.
5. [BBB + 92] Charles H. Bennett, Francois Bessette, Gilles Brassard, Louis Salvail, and John Smolin, Experimental quantum cryptography, Journal of Cryptology 5 (1992) , no. 1,3-28.
6. [BBCM95] Charles H. Bennett, Gilles Brassard, Claude Crepeau, and Ueli M. Maurer, Generalized privacy amplification, IEEE Transactions on Information Theory 41 (1995) , no. 6, 1915-1923.
7. [BBDGQ91] S. Bengio, G. Brassard, Y. Desmedt, C. Goutier and J.-J. Quisquater, Secure implementation of identification systems, Journal of Cryptoloty, Vol.4, no.3,1991.
8. [BBR86] Charles H. Bennett, Gilles Brassard, and Jean-Marc Robert, How to reduce your enemy's information, Advances in Cryptology--CRYPTO '85 (Hugh C. Williams, ed.), Lecture Notes in Computer Science, vol. 218, Springer-Verlag, 1986, pp. 468-476.
9. [BBR88] Charles H. Bennett, Gilles Brassard, and Jean-Marc Robert, Privacy amplification by public discussion, SIAM Journal on Computing 17 (1988) , no. 2,210-229.
10. [BC94] Amos Beimel and Benny Chor, Interaction in key distribution schemes, Advances in Cryptology--CRYPTO '93 (Douglas R. Stinson, ed.), Lecture Notes in Computer Science, vol. 773, Springer-Verlag, 1994.
11. [BC96] Gilles Brassard and Claude Crepeau, 25 years of quantum cryptography, SIGACT News 27 (1996) , no. 3, 13-24.
12. [BC97] Gilles Brassard and Claude Cr'epeau, Oblivious transfers and privacy amplification, Advances in Cryptology--EUROCRYPT '97 (Walter Fumy, ed.), Lecture Notes in Computer Science, vol. 1233, Springer Verlag, 1997, pp. 334-347.
13. [BCJL93] Gilles Brassard, Claude Crepeau, Richard Jozsa, and Denis Langlois, A quantum bit commitment scheme provably un-breakable by both parties, Proc. 34th IEEE Symposium on Foundations of Computer Science (FOCS), 1993.
14. [Bil95] Patrick Billingsley, Probability and measure, third ed., Wiley, New York, 1995.
15. [BL90] Josh Benaloh and Jerry Leichter, Generalized secret sharing and monotone functions, Advances in Cryptology--CRYPTO '88 (Shafi Goldwasser, ed.), Lecture Notes in Computer Science, vol. 403, Springer-Verlag, 1990, pp. 27-35.
16. [Bla83] Richard E. Blahut, Theory and practice of error control codes, Addison-Wesley, Reading, 1983.
17. [Bla87] Richard E. Blahut, Principles and practice of information theory, Addison-Wesley, Reading, 1987.
18. [Blo85] Rolf Blom, An optimal class of symmetric key generation systems, Advances in Cryptology: Proceedings of EUROCRYPT'84 (Thomas Beth, Norbert Cot, and Ingemar Ingemarsson, eds.), Lecture Notes in Computer Science, vol. 209, Springer-Verlag, 1985, pp. 335-338.
19. [BS94] Gilles Brassard and Louis Salvail, Secret-key reconciliation by public discussion, Advances in Cryptology--EUROCRYPT '93 (Tor Helleseth, ed.), Lecture Notes in Computer Science, vol. 765, Springer-Verlag, 1994, pp. 410--423.
20. [BSH + 93] Carlo Blundo, Alfredo De Santis, Amir Herzberg, Shay Kutten, Uga Vaccaro, and Moti Yung, Perfectly-secure key distribution for dynamic conferences, Advances in Cryptology--CRYPTO '92 (Ernest F. Brickell, ed.), Lecture Notes in Computer Science, vol. 740, Springer-Verlag, 1993, pp. 471-486.
21. [Cac97] Christian Cachin, Smooth entropy and Renyi entropy, Advances in Cryptology--EUROCRYPT '97 (Walter Fumy, ed.), Lecture Notes in Computer Science, vol. 1233, Springer-Verlag, 1997, pp. 193-208.
22. [CG85] Benny Chor and Oded Goldreich, Unbiased bits from sources of weak randomness and probabilistic communication complexity, Proc. 26th IEEE Symposium on Foundations of Computer Science (FOCS), 1985, pp. 429-442.
23. [CHK + 96] R. Cruz, G. Hill, A. Kellner, R. Ramaswami, G. Sasaki, and Y. Yamabashi, Eds., Special issue on optical networks, IEEE Journal on Selected Areas in Communications 14 (1996) , no. 5, 761-1052.
24. [CK81] Imre Csiszar and Janos Korner, Information theory: Coding theorems for discrete memory less systems, Academic Press, New York, 1981.
25. [CK.89] Claude Crepeau and Joe Kilian, Achieving oblivious transfer using weakened security assumptions, Proc. 29th IEEE Symposium on Foundations of Computer Science (FOCS), 1989.
26. [CM95] Christian Cachin and Ueli Maurer, Linking information reconciliation and privacy amplification, Advances in Cryptology--EUROCRYPT '94 (Alfredo De Santis, ed.), Lecture Notes in Computer Science, vol. 950, Springer, 1995, pp. 266-274. 132 Bibliography
27. [CM97a] Christian Cachin and Ueli Maurer, Linking information reconciliation and privacy amplification, Journal of Cryptology 10 (1997) , no. 2, 97-110.
28. [CM97b] Christian Cachin and Ueli Maurer, Smoothing probability distributions and smooth entropy, Preprint (Abstract in Proc. 1997 IEEE International Symposium on Information Theory, Ulm), 1997.
29. [CM97c] Christian Cachin and Ueli Maurer, Unconditional security against memory-bounded adversaries, Advances in Cryptology--CRYPTO '97 (Burt Kaliski, ed.), Lecture Notes in
Computer Science, Springer-Verlag, 1997.
30. [Cre96] Claude Crepeau, What is going on with quantum bit commitment?, Proceedings of Pragocrypt '96, Czech Technical University Publishing House, 1996.
31. [Cre97] Claude Crepeau, Efficient cryptographic protocols based on noisy channels, Advances in Cryptology--EUROCRYPT '97 (Walter Fumy, ed.), Lecture Notes in Computer Science, vol. 1233, Springer-Verlag, 1997, pp. 306-317.
32. [CSGV92] R. M. Capocelli, A. De Santis, L. Gargano, and U. Vaccaro, On the size of shares for secret sharing schemes, Advances in Cryptology--CRYPTO '91 (Joan Feigenbaum, ed.), Lecture Notes in Computer Science, vol. 576, Springer-Verlag, 1992, pp. 101--113.
33. [Csi95a] Laszlo Csirmaz, The size of a share must be large, Advances in Cryptology--EUROCRYPT '94 (Alfredo De Santis, ed.), Lecture Notes in Computer Science, vol. 950, Springer-Verlag, 1995, pp. 13-22.
34. [Csi95b] Imre Csiszar, Generalized cutoff rates and Renyi's information measures, IEEE Transactions on Information Theory 41 (1995) , no. 1,26-34.
35. [CT91] Thomas M. Cover and Joy A. Thomas, Elements of information theory, Wiley, 1991.
36. [CW79] J. Lawrence Carter and Mark N. Wegman, Universal classes of hash Junctions, Journal of Computer and System Sciences 18 (1979) , 143-154.
37. [DH76] Whitfield Diffie and Martin E. Hellman, New directions in cryptography, IEEE Transactions on Information Theory 22 (1976) , no. 6,644-654.
38. [Fel68] William Feller, An introduction to probability theory, 3rd ed., Wiley, 1968.
39. [GM84] Shafi Goldwasser and Silvio Micali, Probabilistic encryption, Journal of Computer and System Sciences 28 (1984) , 270-299.
40. [GM94] Martin J. Gander and Ueli M. Maurer, On the secret-key rate of binary random variables, Proc. 1994 IEEE International Symposium on Information Theory, 1994, p. 351.
41. [GNS75] Robert M. Gray, David L. Neuhoff, and Paul C. Shields, A generalization of Ornstein's d distance with applications to information theory, The Annals of Probability 3 (1975) , no. 2, 315--328.
42. [Gol95] Oded Goldreich, Foundations of cryptography (fragments of a book), Electronic Colloquium on Computational Complexity (ECCC), http://www.eccc.uni-trier.de/eccc/, 1995.
43. [GW96] Oded Goldreich and Avi Wigderson, Tiny families of Junctions with random properties: A quality-size trade-off for hashing, Preprint available from the authors, preliminary version presented at 26th STOC (1994) , January 19%.
44. [HILL91] Johan Hastad, Russell Impagliazzo, Leonid A. Levin, and Michael Luby, Construction of a pseudo-random generator from any one-way Junction, Tech. Report 91-068, International Computer Science Institute (ICSI), Berkeley, 1991.
45. [HV93] Te Sun Han and Sergio Verdu, Approximation theory of out-put statistics, IEEE Transactions on Information Theory 39 (1993) , no. 3,752-772.
46. [IEE95] Proc. 14th IEEE symposium on mass storage systems, IEEE Computer Society Press,
1995.
47. [ILL89] Russell Impagliazzo, Leonid A. Levin, and Michael Luby, Pseudo-random generation from one-way functions, Proc. 21st Annual ACM Symposium on Theory of Computing (STOC), 1989, pp. 12-24.
48. [ISN93] Mitsuru Ito, Akira Saito, and Takao Nishizeki, Multiple assignment scheme for secret sharing, Journal of Cryptology 6 (1993) , 115-20.
49. [Kah67] David Kahn, The codebreakers: The story of secret writing, Macmillan, New York, 1967.
50. [KDD + 96] I. P. Kaminow, C. R. Doerr, C. Dragone, T. Koch, U. Koren, A. A. M. Saleh, et al., A wideband all-optical WDM network, IEEE Journal on Selected Areas in Communications 14 (1996) , no. 5, 780-799.
51. [Kha93] M. Kharitonov, Cryptographic hardness of distribution-specific learning, Proc. 25th Annual ACM Symposium on Theory of Computing (STOC), 1993, pp. 372-381.
52. [KV94] Michael J. Kearns and Umesh V. Vazirani, An introduction to computational learning theory, MIT Press, 1994.
53. [Lub96] Michael Luby, Pseudorandomness and cryptographic applications, Princeton University Press, 1996.
54. [LW95] Michael Luby and Avi Wigderson, Pairwise independence and derandomization, Tech. Report 95-035, International Computer Science Institute (ICSI), Berkeley, 1995.
55. [Mas91] James L. Massey, Contemporary cryptography: An introduction, Contemporary Cryptology: The Science of Information Integrity (Gustavus J. Simmons, ed.), IEEE Press, 1991, pp. 1-39.
56. [Mas93] James L. Massey, Lecture notes for "Applied Digital Information Theory I", Abteilung fur Elektrotechnik, ETH Zurich, 1993.
57. [Mas94] James L. Massey, Guessing and entropy, Proc. 1994 IEEE International Symposium on Information Theory, 1994, p. 204.
58. [Mau92] Ueli M. Maurer, Conditionally-perfect secrecy and a provably-secure randomized cipher, Journal of Cryptology 5 (1992) , 53-66.
59. [Mau93] Ueli M. Maurer, Secret key agreement by public discussion from common information, IEEE Transactions on Information Theory 39 (1993) , no. 3, 733-742.
60. [Mau94] Ueli M. Maurer, The strong secret key rate of discrete random triples, Communications and Cryptography: Two Sides of One Tapestry (Richard E. Blahut et al., eds.), Kluwer, 1994.
61. [Mau95] Ueli Maurer, Lecture notes for "Theoretische Informatik II', Abteilung fur Informatik, ETH Zurich, 1995.
62. [Mau96] Ueli M. Maurer, A unified and generalized treatment of authentication theory, Proc. 13th Annual Symposium on Theoretical Aspects of Computer Science (STACS) (Ruediger Reischuk Claude Puech, ed.), Lecture Notes in Computer Science, vol. 1046, Springer-Verlag, 1996, pp. 190-198.
63. [Mau97] Ueli Maurer, Information-theoretically secure secret-key agreement by NOT
authenticated public discussion, Advances in Cryptology--EUROCRYPT '97 (Walter Fumy, ed.), Lecture Notes in Computer Science, Springer-Verlag, 1997.
64. [May96] Dominic Mayers, The trouble with quantum bit commitment, Manuscript, available from Los Alamos reprint archive quant-ph, March 1996.
65. [MI85] James L. Massey and Ingemar Ingemarsson, The Rip van Winkle cipher: A simple and provably computationally secure cipher with a finite key, Proc. 1985 IEEE International Symposium on Information Theory, 1985, p. 146.
66. [Mit95] C. J. Mitchell, A storage complexity based analogue of Maurer key establishment using public channels, Cryptography and Coding: 5th IMA Conference, Cirencester, UK (Colin Boyd, ed.), Lecture Notes in Computer Science, vol. 1025, Springer, 1995, pp. 84-93.
67. [MR95] Rajeev Morwani and Prabhakar Raghavan, Randomized algorithms, Cambridge University Press, 1995.
68. [MW97] U.M.Maurer and S.Wolf, Privacy amplification secure against active adversaries, advances in Cryptology-CRYPTO'91, Lecture Notes in Computer Science, Vol. 1294, pp.307-321, Springer-Verlag, 1996
69. [MvOV97] Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone, Handbook of applied cryptography, CRC Press, Boca Raton, FL, 1997.
70. [MW97] Ueli Maurer and Stefan Wolf, The intrinsic conditional mutual information and perfect secrecy, Tech. Report 268, Department of Computer Science, ETH Zurich, 1997.
71. [MY95] Robert J. McEliece and Zhong Yu, An inequality on entropy, Proc. 1995 IEEE International Symposium on Information Theory, 1995, p. 329.
72. [MZG95] A. Muller, H. Zbinden, and N. Gisin, Underwater quantum coding, Nature 378 (1995) , 449.
73. [Nis96] Noam Nisan, Extracting randomness: How and why--a survey, Proc. 11th Annual IEEE Conference on Computational Complexity, 1996.
74. [Nun92] Thomas S. Nunnikhoven, A birthday solution for nonuniform birth frequencies, American Statistician 46 (1992) , no. 4, 270-274.
75. [NZ95] Noam Nisan and David Zuckerman, Randomness is linear in space, Preprint available from the authors, preliminary version presented at 25th STOC (1993) , 1995.
76. [Pap94] Christos H. Papadimitriou, Computational complexity, Addison-Wesley, Reading, 1994.
77. [Pom90] Carl Pomerance, Factoring, Cryptology and Computational Number Theory (Carl Pomerance, ed.), Proceedings of Symposia in applied Mathematics, vol. 42, American Mathematical Society, 1990, pp. 27-47.
78. [Rab97] Michael Rabin, Personal Communication, 1997.
79. [Ren61] Alfred Renyi, On measures of entropy and information, Proc. 4th Berkeley Symposium on Mathematical Statistics and Probability (Berkeley), vol. 1, Univ. of Calif. Press, 1961, pp. 547-561.
80. [Ren65] Alfred Renyi, On the foundations of information theory, Rev. Inst. Internal. Stat. 33
(1965) , 1--14, reprinted in [Tur76] .
81. [Ren70] Alfred Renyi, Probability theory, North-Holland, Amsterdam, 1970.
82. [Riv90] Ronald L. Rivest, Cryptography, Handbook of Theoretical Computer Science (J. van Leeuwen, ed.), Elsevier, 1990, pp. 717--755.
83. [RSA78] Ronald L. Rivest, Adi Shamir, and Leonard Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM 21 (1978) , no. 2,120-126.
84. [Sar80] Dilip V. Sarwate, A note on universal hash functions, Information Processing Letters 10 (1980) ,41--45.
85. [Sei96] Lawrence P. Seidman, Satellites for wideband access, IEEE Communications Magazine (1996) , 108-111.
86. [Sha48] Claude E. Shannon, A mathematical theory of communication, Bell System Technical Journal 27 (1948) , 379-423,623-656.
87. [Sha49] Claude E. Shannon, Communication theory of secrecy systems, Bell System Technical Journal 28 (1949) , 656-715.
88. [Sha79] Adi Shamir, How to share a secret, Communications of the ACM 22 (1979) , no. 11, 612-613.
89. [Sho94] Peter W. Shor, Algorithms for quantum computation: Discrete log and factoring, Proc. 35th IEEE Symposium on Foundations of Computer Science (FOCS), 1994, pp. 124-134.
90. [Sim91] Gustavus J. Simmons (ed.), Contemporary cryptology: The science of information integrity, IEEE Press, 1991.
91. [Spi96] Timothy P. Spiller, Quantum information processing: Cryptography, computation, and teleportation, Proceedings of the IEEE 84 (1996) , no. 12,1719-1746.
92. [SSS95] Jeanette P. Schmidt, Alan Siegel, and Aravind Srinivasan, Chernoff-Hoeffding bounds for applications with limited independence, SIAM Journal on Discrete Mathematics 8 (1995) , no. 2, 223-250.
93. [Sti91] D.R.Stinson, Universal hashing and authentication codes, advances in Cryptology-CRYPTO'91, Lecture Notes in Computer Science, Vol.576, pp.74-85, Springer-Verlag, 1992.
94. [Sti92] D. R. Stinson, An explication of secret sharing schemes, Designs, Codes and Cryptography 2 (1992) , 357-390.
95. [Sti95] Douglas R. Stinson, Cryptography: Theory and practice, CRC Press, 1995.
96. [Sti96] Douglas R. Stinson, On some methods for unconditionally secure key distribution and broadcast encryption, Preprint, 1996.
97. [SZ94] Aravind Srinivasan and David Zuckerman, Computing with very weak random sources, Preprint available from the authors, preliminary version presented at 35th FOCS (1994) , 1994.
98. [TS96] Amnon Ta-Shma, On extracting randomness from weak random sources, Proc. 28th Annual ACM Symposiumon Theory of Computing (STOC), 1996, pp. 276-285.
99. [Tur76] Paul Turan (ed.), Alfred Renyi: Selected papers, Akademiai Kiado, Budapest, 1976, 3 volumes.
100. [Va184] L. G. Valiant, A theory of the learnable, Communications of the ACM 27 (1984), no. 11, 1134--1142.
101. [VV95] Sridhar Vembu and Sergio Verdu, Generating random bits from an arbitrary source: Fundamental limits, IEEE Transactions on Information Theory 41 (1995), no. 5, 1322-1332.
102. [WC81] Mark N. Wegman and J. Lawrence Carter, New hash functions and their use in authentication and set equality, Journal of Computer and System Sciences 22 (1981), 265-279.
103. [Wo198] S.Wolf, Strong security against active attacks in information-theoretic secret-key agreement, Advances in Cryptology-ACIACRYPT'98, Lecture Notes in Computer Science, Vol.1514, pp.405-419, Springer-Verlag, 1998.
104. [Wyn75] A. D. Wyner, The wire-tap channel, Bell System Technical Journal 54(1975), no. 8, 1355-1387.
105. [WZ95] Avi Wigderson and David Zuckerman, Expanders that beat the eigenvalue bound: Explicit construction and applications, Preprint available from the authors, preliminary version presented at 25th STOC (1993), 1995.
106. [Zuc91] David Zuckerman, Simulating BPP using a general weak random source, Proc. 32nd IEEE Symposium on Foundations of Computer Science (FOCS), 1991, pp. 79-89.
107. [Zuc96a] David Zuckerman, Randomness-optimal sampling, extractors, and constructive leader election, Proc. 28th Annual ACM Symposium on Theory of Computing (STOC), 1996, pp. 286-295.
108. [Zuc96b] David Zuckerman, Simulating BPP using a general weak random source, Algorithmica 16(1996), 367-391, Preliminary version presented at 32nd FOCS(1991).
109.王育民,何大可,保密学——基础与应用,西安电子科技大学出版社,1990.
110.王育民,刘建伟,通信网的安全——理论与技术,西安电子科技大学出版社,1999。
111.王新梅,肖国镇,纠错码——原理与方法,西安电子科技大学出版社,1996.
112.王育民,梁伟甲,信息与编码理论,王育民,西北电讯工程学院出版社,1986.
113.王育民,量子密码原理与应用前景,通信保密,No.1,1998。
114.马文平,王新梅,基于纠错码的Cartesian认证码的构造,电子学报,Vol.27,No.6,1999。
2. [AGHP92] Noga Alon, Oded Goldreich, Johan Histad, and Rene Peralta, Simple constructions of almost k-wise independent random variables, Random Structures and Algorithms 3 (1992) , no. 3, 289-304, Preliminary version presented at 31st FOCS (1990) .
3. [Ari77] S. Arimoto, Information measures and capacity of order a for discrete memoryless channels, Topics in Information Theory (I. Csiszar and P. Elias, eds.), North-Holland, 1977, pp. 41--52.
4. [Ari96] Erdal Arikan, An inequality on guessing and its application to sequential decoding, IEEE Transactions on Information Theory 42 (19%), no. 1,99-105.
5. [BBB + 92] Charles H. Bennett, Francois Bessette, Gilles Brassard, Louis Salvail, and John Smolin, Experimental quantum cryptography, Journal of Cryptology 5 (1992) , no. 1,3-28.
6. [BBCM95] Charles H. Bennett, Gilles Brassard, Claude Crepeau, and Ueli M. Maurer, Generalized privacy amplification, IEEE Transactions on Information Theory 41 (1995) , no. 6, 1915-1923.
7. [BBDGQ91] S. Bengio, G. Brassard, Y. Desmedt, C. Goutier and J.-J. Quisquater, Secure implementation of identification systems, Journal of Cryptoloty, Vol.4, no.3,1991.
8. [BBR86] Charles H. Bennett, Gilles Brassard, and Jean-Marc Robert, How to reduce your enemy's information, Advances in Cryptology--CRYPTO '85 (Hugh C. Williams, ed.), Lecture Notes in Computer Science, vol. 218, Springer-Verlag, 1986, pp. 468-476.
9. [BBR88] Charles H. Bennett, Gilles Brassard, and Jean-Marc Robert, Privacy amplification by public discussion, SIAM Journal on Computing 17 (1988) , no. 2,210-229.
10. [BC94] Amos Beimel and Benny Chor, Interaction in key distribution schemes, Advances in Cryptology--CRYPTO '93 (Douglas R. Stinson, ed.), Lecture Notes in Computer Science, vol. 773, Springer-Verlag, 1994.
11. [BC96] Gilles Brassard and Claude Crepeau, 25 years of quantum cryptography, SIGACT News 27 (1996) , no. 3, 13-24.
12. [BC97] Gilles Brassard and Claude Cr'epeau, Oblivious transfers and privacy amplification, Advances in Cryptology--EUROCRYPT '97 (Walter Fumy, ed.), Lecture Notes in Computer Science, vol. 1233, Springer Verlag, 1997, pp. 334-347.
13. [BCJL93] Gilles Brassard, Claude Crepeau, Richard Jozsa, and Denis Langlois, A quantum bit commitment scheme provably un-breakable by both parties, Proc. 34th IEEE Symposium on Foundations of Computer Science (FOCS), 1993.
14. [Bil95] Patrick Billingsley, Probability and measure, third ed., Wiley, New York, 1995.
15. [BL90] Josh Benaloh and Jerry Leichter, Generalized secret sharing and monotone functions, Advances in Cryptology--CRYPTO '88 (Shafi Goldwasser, ed.), Lecture Notes in Computer Science, vol. 403, Springer-Verlag, 1990, pp. 27-35.
16. [Bla83] Richard E. Blahut, Theory and practice of error control codes, Addison-Wesley, Reading, 1983.
17. [Bla87] Richard E. Blahut, Principles and practice of information theory, Addison-Wesley, Reading, 1987.
18. [Blo85] Rolf Blom, An optimal class of symmetric key generation systems, Advances in Cryptology: Proceedings of EUROCRYPT'84 (Thomas Beth, Norbert Cot, and Ingemar Ingemarsson, eds.), Lecture Notes in Computer Science, vol. 209, Springer-Verlag, 1985, pp. 335-338.
19. [BS94] Gilles Brassard and Louis Salvail, Secret-key reconciliation by public discussion, Advances in Cryptology--EUROCRYPT '93 (Tor Helleseth, ed.), Lecture Notes in Computer Science, vol. 765, Springer-Verlag, 1994, pp. 410--423.
20. [BSH + 93] Carlo Blundo, Alfredo De Santis, Amir Herzberg, Shay Kutten, Uga Vaccaro, and Moti Yung, Perfectly-secure key distribution for dynamic conferences, Advances in Cryptology--CRYPTO '92 (Ernest F. Brickell, ed.), Lecture Notes in Computer Science, vol. 740, Springer-Verlag, 1993, pp. 471-486.
21. [Cac97] Christian Cachin, Smooth entropy and Renyi entropy, Advances in Cryptology--EUROCRYPT '97 (Walter Fumy, ed.), Lecture Notes in Computer Science, vol. 1233, Springer-Verlag, 1997, pp. 193-208.
22. [CG85] Benny Chor and Oded Goldreich, Unbiased bits from sources of weak randomness and probabilistic communication complexity, Proc. 26th IEEE Symposium on Foundations of Computer Science (FOCS), 1985, pp. 429-442.
23. [CHK + 96] R. Cruz, G. Hill, A. Kellner, R. Ramaswami, G. Sasaki, and Y. Yamabashi, Eds., Special issue on optical networks, IEEE Journal on Selected Areas in Communications 14 (1996) , no. 5, 761-1052.
24. [CK81] Imre Csiszar and Janos Korner, Information theory: Coding theorems for discrete memory less systems, Academic Press, New York, 1981.
25. [CK.89] Claude Crepeau and Joe Kilian, Achieving oblivious transfer using weakened security assumptions, Proc. 29th IEEE Symposium on Foundations of Computer Science (FOCS), 1989.
26. [CM95] Christian Cachin and Ueli Maurer, Linking information reconciliation and privacy amplification, Advances in Cryptology--EUROCRYPT '94 (Alfredo De Santis, ed.), Lecture Notes in Computer Science, vol. 950, Springer, 1995, pp. 266-274. 132 Bibliography
27. [CM97a] Christian Cachin and Ueli Maurer, Linking information reconciliation and privacy amplification, Journal of Cryptology 10 (1997) , no. 2, 97-110.
28. [CM97b] Christian Cachin and Ueli Maurer, Smoothing probability distributions and smooth entropy, Preprint (Abstract in Proc. 1997 IEEE International Symposium on Information Theory, Ulm), 1997.
29. [CM97c] Christian Cachin and Ueli Maurer, Unconditional security against memory-bounded adversaries, Advances in Cryptology--CRYPTO '97 (Burt Kaliski, ed.), Lecture Notes in
Computer Science, Springer-Verlag, 1997.
30. [Cre96] Claude Crepeau, What is going on with quantum bit commitment?, Proceedings of Pragocrypt '96, Czech Technical University Publishing House, 1996.
31. [Cre97] Claude Crepeau, Efficient cryptographic protocols based on noisy channels, Advances in Cryptology--EUROCRYPT '97 (Walter Fumy, ed.), Lecture Notes in Computer Science, vol. 1233, Springer-Verlag, 1997, pp. 306-317.
32. [CSGV92] R. M. Capocelli, A. De Santis, L. Gargano, and U. Vaccaro, On the size of shares for secret sharing schemes, Advances in Cryptology--CRYPTO '91 (Joan Feigenbaum, ed.), Lecture Notes in Computer Science, vol. 576, Springer-Verlag, 1992, pp. 101--113.
33. [Csi95a] Laszlo Csirmaz, The size of a share must be large, Advances in Cryptology--EUROCRYPT '94 (Alfredo De Santis, ed.), Lecture Notes in Computer Science, vol. 950, Springer-Verlag, 1995, pp. 13-22.
34. [Csi95b] Imre Csiszar, Generalized cutoff rates and Renyi's information measures, IEEE Transactions on Information Theory 41 (1995) , no. 1,26-34.
35. [CT91] Thomas M. Cover and Joy A. Thomas, Elements of information theory, Wiley, 1991.
36. [CW79] J. Lawrence Carter and Mark N. Wegman, Universal classes of hash Junctions, Journal of Computer and System Sciences 18 (1979) , 143-154.
37. [DH76] Whitfield Diffie and Martin E. Hellman, New directions in cryptography, IEEE Transactions on Information Theory 22 (1976) , no. 6,644-654.
38. [Fel68] William Feller, An introduction to probability theory, 3rd ed., Wiley, 1968.
39. [GM84] Shafi Goldwasser and Silvio Micali, Probabilistic encryption, Journal of Computer and System Sciences 28 (1984) , 270-299.
40. [GM94] Martin J. Gander and Ueli M. Maurer, On the secret-key rate of binary random variables, Proc. 1994 IEEE International Symposium on Information Theory, 1994, p. 351.
41. [GNS75] Robert M. Gray, David L. Neuhoff, and Paul C. Shields, A generalization of Ornstein's d distance with applications to information theory, The Annals of Probability 3 (1975) , no. 2, 315--328.
42. [Gol95] Oded Goldreich, Foundations of cryptography (fragments of a book), Electronic Colloquium on Computational Complexity (ECCC), http://www.eccc.uni-trier.de/eccc/, 1995.
43. [GW96] Oded Goldreich and Avi Wigderson, Tiny families of Junctions with random properties: A quality-size trade-off for hashing, Preprint available from the authors, preliminary version presented at 26th STOC (1994) , January 19%.
44. [HILL91] Johan Hastad, Russell Impagliazzo, Leonid A. Levin, and Michael Luby, Construction of a pseudo-random generator from any one-way Junction, Tech. Report 91-068, International Computer Science Institute (ICSI), Berkeley, 1991.
45. [HV93] Te Sun Han and Sergio Verdu, Approximation theory of out-put statistics, IEEE Transactions on Information Theory 39 (1993) , no. 3,752-772.
46. [IEE95] Proc. 14th IEEE symposium on mass storage systems, IEEE Computer Society Press,
1995.
47. [ILL89] Russell Impagliazzo, Leonid A. Levin, and Michael Luby, Pseudo-random generation from one-way functions, Proc. 21st Annual ACM Symposium on Theory of Computing (STOC), 1989, pp. 12-24.
48. [ISN93] Mitsuru Ito, Akira Saito, and Takao Nishizeki, Multiple assignment scheme for secret sharing, Journal of Cryptology 6 (1993) , 115-20.
49. [Kah67] David Kahn, The codebreakers: The story of secret writing, Macmillan, New York, 1967.
50. [KDD + 96] I. P. Kaminow, C. R. Doerr, C. Dragone, T. Koch, U. Koren, A. A. M. Saleh, et al., A wideband all-optical WDM network, IEEE Journal on Selected Areas in Communications 14 (1996) , no. 5, 780-799.
51. [Kha93] M. Kharitonov, Cryptographic hardness of distribution-specific learning, Proc. 25th Annual ACM Symposium on Theory of Computing (STOC), 1993, pp. 372-381.
52. [KV94] Michael J. Kearns and Umesh V. Vazirani, An introduction to computational learning theory, MIT Press, 1994.
53. [Lub96] Michael Luby, Pseudorandomness and cryptographic applications, Princeton University Press, 1996.
54. [LW95] Michael Luby and Avi Wigderson, Pairwise independence and derandomization, Tech. Report 95-035, International Computer Science Institute (ICSI), Berkeley, 1995.
55. [Mas91] James L. Massey, Contemporary cryptography: An introduction, Contemporary Cryptology: The Science of Information Integrity (Gustavus J. Simmons, ed.), IEEE Press, 1991, pp. 1-39.
56. [Mas93] James L. Massey, Lecture notes for "Applied Digital Information Theory I", Abteilung fur Elektrotechnik, ETH Zurich, 1993.
57. [Mas94] James L. Massey, Guessing and entropy, Proc. 1994 IEEE International Symposium on Information Theory, 1994, p. 204.
58. [Mau92] Ueli M. Maurer, Conditionally-perfect secrecy and a provably-secure randomized cipher, Journal of Cryptology 5 (1992) , 53-66.
59. [Mau93] Ueli M. Maurer, Secret key agreement by public discussion from common information, IEEE Transactions on Information Theory 39 (1993) , no. 3, 733-742.
60. [Mau94] Ueli M. Maurer, The strong secret key rate of discrete random triples, Communications and Cryptography: Two Sides of One Tapestry (Richard E. Blahut et al., eds.), Kluwer, 1994.
61. [Mau95] Ueli Maurer, Lecture notes for "Theoretische Informatik II', Abteilung fur Informatik, ETH Zurich, 1995.
62. [Mau96] Ueli M. Maurer, A unified and generalized treatment of authentication theory, Proc. 13th Annual Symposium on Theoretical Aspects of Computer Science (STACS) (Ruediger Reischuk Claude Puech, ed.), Lecture Notes in Computer Science, vol. 1046, Springer-Verlag, 1996, pp. 190-198.
63. [Mau97] Ueli Maurer, Information-theoretically secure secret-key agreement by NOT
authenticated public discussion, Advances in Cryptology--EUROCRYPT '97 (Walter Fumy, ed.), Lecture Notes in Computer Science, Springer-Verlag, 1997.
64. [May96] Dominic Mayers, The trouble with quantum bit commitment, Manuscript, available from Los Alamos reprint archive quant-ph, March 1996.
65. [MI85] James L. Massey and Ingemar Ingemarsson, The Rip van Winkle cipher: A simple and provably computationally secure cipher with a finite key, Proc. 1985 IEEE International Symposium on Information Theory, 1985, p. 146.
66. [Mit95] C. J. Mitchell, A storage complexity based analogue of Maurer key establishment using public channels, Cryptography and Coding: 5th IMA Conference, Cirencester, UK (Colin Boyd, ed.), Lecture Notes in Computer Science, vol. 1025, Springer, 1995, pp. 84-93.
67. [MR95] Rajeev Morwani and Prabhakar Raghavan, Randomized algorithms, Cambridge University Press, 1995.
68. [MW97] U.M.Maurer and S.Wolf, Privacy amplification secure against active adversaries, advances in Cryptology-CRYPTO'91, Lecture Notes in Computer Science, Vol. 1294, pp.307-321, Springer-Verlag, 1996
69. [MvOV97] Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone, Handbook of applied cryptography, CRC Press, Boca Raton, FL, 1997.
70. [MW97] Ueli Maurer and Stefan Wolf, The intrinsic conditional mutual information and perfect secrecy, Tech. Report 268, Department of Computer Science, ETH Zurich, 1997.
71. [MY95] Robert J. McEliece and Zhong Yu, An inequality on entropy, Proc. 1995 IEEE International Symposium on Information Theory, 1995, p. 329.
72. [MZG95] A. Muller, H. Zbinden, and N. Gisin, Underwater quantum coding, Nature 378 (1995) , 449.
73. [Nis96] Noam Nisan, Extracting randomness: How and why--a survey, Proc. 11th Annual IEEE Conference on Computational Complexity, 1996.
74. [Nun92] Thomas S. Nunnikhoven, A birthday solution for nonuniform birth frequencies, American Statistician 46 (1992) , no. 4, 270-274.
75. [NZ95] Noam Nisan and David Zuckerman, Randomness is linear in space, Preprint available from the authors, preliminary version presented at 25th STOC (1993) , 1995.
76. [Pap94] Christos H. Papadimitriou, Computational complexity, Addison-Wesley, Reading, 1994.
77. [Pom90] Carl Pomerance, Factoring, Cryptology and Computational Number Theory (Carl Pomerance, ed.), Proceedings of Symposia in applied Mathematics, vol. 42, American Mathematical Society, 1990, pp. 27-47.
78. [Rab97] Michael Rabin, Personal Communication, 1997.
79. [Ren61] Alfred Renyi, On measures of entropy and information, Proc. 4th Berkeley Symposium on Mathematical Statistics and Probability (Berkeley), vol. 1, Univ. of Calif. Press, 1961, pp. 547-561.
80. [Ren65] Alfred Renyi, On the foundations of information theory, Rev. Inst. Internal. Stat. 33
(1965) , 1--14, reprinted in [Tur76] .
81. [Ren70] Alfred Renyi, Probability theory, North-Holland, Amsterdam, 1970.
82. [Riv90] Ronald L. Rivest, Cryptography, Handbook of Theoretical Computer Science (J. van Leeuwen, ed.), Elsevier, 1990, pp. 717--755.
83. [RSA78] Ronald L. Rivest, Adi Shamir, and Leonard Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM 21 (1978) , no. 2,120-126.
84. [Sar80] Dilip V. Sarwate, A note on universal hash functions, Information Processing Letters 10 (1980) ,41--45.
85. [Sei96] Lawrence P. Seidman, Satellites for wideband access, IEEE Communications Magazine (1996) , 108-111.
86. [Sha48] Claude E. Shannon, A mathematical theory of communication, Bell System Technical Journal 27 (1948) , 379-423,623-656.
87. [Sha49] Claude E. Shannon, Communication theory of secrecy systems, Bell System Technical Journal 28 (1949) , 656-715.
88. [Sha79] Adi Shamir, How to share a secret, Communications of the ACM 22 (1979) , no. 11, 612-613.
89. [Sho94] Peter W. Shor, Algorithms for quantum computation: Discrete log and factoring, Proc. 35th IEEE Symposium on Foundations of Computer Science (FOCS), 1994, pp. 124-134.
90. [Sim91] Gustavus J. Simmons (ed.), Contemporary cryptology: The science of information integrity, IEEE Press, 1991.
91. [Spi96] Timothy P. Spiller, Quantum information processing: Cryptography, computation, and teleportation, Proceedings of the IEEE 84 (1996) , no. 12,1719-1746.
92. [SSS95] Jeanette P. Schmidt, Alan Siegel, and Aravind Srinivasan, Chernoff-Hoeffding bounds for applications with limited independence, SIAM Journal on Discrete Mathematics 8 (1995) , no. 2, 223-250.
93. [Sti91] D.R.Stinson, Universal hashing and authentication codes, advances in Cryptology-CRYPTO'91, Lecture Notes in Computer Science, Vol.576, pp.74-85, Springer-Verlag, 1992.
94. [Sti92] D. R. Stinson, An explication of secret sharing schemes, Designs, Codes and Cryptography 2 (1992) , 357-390.
95. [Sti95] Douglas R. Stinson, Cryptography: Theory and practice, CRC Press, 1995.
96. [Sti96] Douglas R. Stinson, On some methods for unconditionally secure key distribution and broadcast encryption, Preprint, 1996.
97. [SZ94] Aravind Srinivasan and David Zuckerman, Computing with very weak random sources, Preprint available from the authors, preliminary version presented at 35th FOCS (1994) , 1994.
98. [TS96] Amnon Ta-Shma, On extracting randomness from weak random sources, Proc. 28th Annual ACM Symposiumon Theory of Computing (STOC), 1996, pp. 276-285.
99. [Tur76] Paul Turan (ed.), Alfred Renyi: Selected papers, Akademiai Kiado, Budapest, 1976, 3 volumes.
100. [Va184] L. G. Valiant, A theory of the learnable, Communications of the ACM 27 (1984), no. 11, 1134--1142.
101. [VV95] Sridhar Vembu and Sergio Verdu, Generating random bits from an arbitrary source: Fundamental limits, IEEE Transactions on Information Theory 41 (1995), no. 5, 1322-1332.
102. [WC81] Mark N. Wegman and J. Lawrence Carter, New hash functions and their use in authentication and set equality, Journal of Computer and System Sciences 22 (1981), 265-279.
103. [Wo198] S.Wolf, Strong security against active attacks in information-theoretic secret-key agreement, Advances in Cryptology-ACIACRYPT'98, Lecture Notes in Computer Science, Vol.1514, pp.405-419, Springer-Verlag, 1998.
104. [Wyn75] A. D. Wyner, The wire-tap channel, Bell System Technical Journal 54(1975), no. 8, 1355-1387.
105. [WZ95] Avi Wigderson and David Zuckerman, Expanders that beat the eigenvalue bound: Explicit construction and applications, Preprint available from the authors, preliminary version presented at 25th STOC (1993), 1995.
106. [Zuc91] David Zuckerman, Simulating BPP using a general weak random source, Proc. 32nd IEEE Symposium on Foundations of Computer Science (FOCS), 1991, pp. 79-89.
107. [Zuc96a] David Zuckerman, Randomness-optimal sampling, extractors, and constructive leader election, Proc. 28th Annual ACM Symposium on Theory of Computing (STOC), 1996, pp. 286-295.
108. [Zuc96b] David Zuckerman, Simulating BPP using a general weak random source, Algorithmica 16(1996), 367-391, Preliminary version presented at 32nd FOCS(1991).
109.王育民,何大可,保密学——基础与应用,西安电子科技大学出版社,1990.
110.王育民,刘建伟,通信网的安全——理论与技术,西安电子科技大学出版社,1999。
111.王新梅,肖国镇,纠错码——原理与方法,西安电子科技大学出版社,1996.
112.王育民,梁伟甲,信息与编码理论,王育民,西北电讯工程学院出版社,1986.
113.王育民,量子密码原理与应用前景,通信保密,No.1,1998。
114.马文平,王新梅,基于纠错码的Cartesian认证码的构造,电子学报,Vol.27,No.6,1999。