Coppersmith, Don
Overview
Works:  48 works in 133 publications in 2 languages and 701 library holdings 

Genres:  Conference papers and proceedings 
Roles:  Author, Editor, Contributor, Other, htt 
Classifications:  QA76.9.A25, 005.82 
Publication Timeline
.
Most widely held works by
Don Coppersmith
Advances in cryptology, CRYPTO '95 : 15th Annual International Cryptology Conference, Santa Barbara, California, USA, August
2731, 1995 : proceedings by CRYPTO '95(
Book
)
21 editions published between 1995 and 2001 in English and Undetermined and held by 345 WorldCat member libraries worldwide
"This book presents the proceedings of the 15th Annual International Cryptology Conference, CRYPTO '95, held in Santa Barbara, California in August 1995. This proceedings contain revised full versions of 36 papers selected during a highly competitive refereeing process from a total of 151 submissions. All current topics in cryptology research and advanced applications are addressed; The papers are organized in sections on MAC and hash, number theory, oblivious transfer, cryptanalysis, key escrow, protocols, zero knowledge and interactive protocols, secret sharing, and everything else."PUBLISHER'S WEBSITE
21 editions published between 1995 and 2001 in English and Undetermined and held by 345 WorldCat member libraries worldwide
"This book presents the proceedings of the 15th Annual International Cryptology Conference, CRYPTO '95, held in Santa Barbara, California in August 1995. This proceedings contain revised full versions of 36 papers selected during a highly competitive refereeing process from a total of 151 submissions. All current topics in cryptology research and advanced applications are addressed; The papers are organized in sections on MAC and hash, number theory, oblivious transfer, cryptanalysis, key escrow, protocols, zero knowledge and interactive protocols, secret sharing, and everything else."PUBLISHER'S WEBSITE
Advances in Cryptology  CRYPT0' 95 : 15th Annual International Cryptology Conference Santa Barbara, California, USA, August
2731, 1995 Proceedings by
Don Coppersmith(
)
3 editions published in 1995 in English and held by 106 WorldCat member libraries worldwide
This book presents the proceedings of the 15th Annual International Cryptology Conference, CRYPTO '95, held in Santa Barbara, California in August 1995. This proceedings contain revised full versions of 36 papers selected during a highly competitive refereeing process from a total of 151 submissions. All current topics in cryptology research and advanced applications are addressed; The papers are organized in sections on MAC and hash, number theory, oblivious transfer, cryptanalysis, key escrow, protocols, zero knowledge and interactive protocols, secret sharing, and everything else
3 editions published in 1995 in English and held by 106 WorldCat member libraries worldwide
This book presents the proceedings of the 15th Annual International Cryptology Conference, CRYPTO '95, held in Santa Barbara, California in August 1995. This proceedings contain revised full versions of 36 papers selected during a highly competitive refereeing process from a total of 151 submissions. All current topics in cryptology research and advanced applications are addressed; The papers are organized in sections on MAC and hash, number theory, oblivious transfer, cryptanalysis, key escrow, protocols, zero knowledge and interactive protocols, secret sharing, and everything else
Advances in cryptology proceedings by CRYPTO'95(
Book
)
5 editions published between 1995 and 2001 in English and German and held by 47 WorldCat member libraries worldwide
5 editions published between 1995 and 2001 in English and German and held by 47 WorldCat member libraries worldwide
Indivisibility and divisibility polytopes by
Don Coppersmith(
Book
)
8 editions published in 2000 in English and held by 12 WorldCat member libraries worldwide
Abstract: "We study the the [sic] polytopes of binary nstrings that encode (positive) integers that are not divisible by a particular positive integer p  the indivisibility polytopes, as well as the more general 'clipped cubes'. Also, we discuss a potential application to factoring. Finally, we present some results concerning divisibility polytopes."
8 editions published in 2000 in English and held by 12 WorldCat member libraries worldwide
Abstract: "We study the the [sic] polytopes of binary nstrings that encode (positive) integers that are not divisible by a particular positive integer p  the indivisibility polytopes, as well as the more general 'clipped cubes'. Also, we discuss a potential application to factoring. Finally, we present some results concerning divisibility polytopes."
On the expected incremental cost of a minimum assignment by
Don Coppersmith(
Book
)
5 editions published between 1998 and 1999 in English and held by 10 WorldCat member libraries worldwide
Abstract: "The random assignment problem is to choose a minimumcost matching in a complete bipartite graph, whose edge weights are chosen randomly from some distribution such as the exponential distribution with parameter 1. When choosing a perfect matching in the complete n x n bipartite graph, it has been conjectured that the expected cost is [formula], tending to [pi]²/6 in the limit. A subsequent, stronger conjecture is that the expectation of a minimumcost matching of size k in a complete m x n bipartite graph is [formula]. In this note we show that, under certain hypotheses, the cost of augmenting a minimum (m1)assignment in an (m1) x n bipartite graph, to a minimum massignment in an m x n bipartite graph, is equal to F(m, m, n)F(m1, m1, n). However, the required hypotheses are such that the result is merely suggestive, and does not provide a proof of either conjecture."
5 editions published between 1998 and 1999 in English and held by 10 WorldCat member libraries worldwide
Abstract: "The random assignment problem is to choose a minimumcost matching in a complete bipartite graph, whose edge weights are chosen randomly from some distribution such as the exponential distribution with parameter 1. When choosing a perfect matching in the complete n x n bipartite graph, it has been conjectured that the expected cost is [formula], tending to [pi]²/6 in the limit. A subsequent, stronger conjecture is that the expectation of a minimumcost matching of size k in a complete m x n bipartite graph is [formula]. In this note we show that, under certain hypotheses, the cost of augmenting a minimum (m1)assignment in an (m1) x n bipartite graph, to a minimum massignment in an m x n bipartite graph, is equal to F(m, m, n)F(m1, m1, n). However, the required hypotheses are such that the result is merely suggestive, and does not provide a proof of either conjecture."
Advances in Cryptology {u2014} CRYPT0{u2019} 95 : 15th Annual International Cryptology Conference Santa Barbara, California,
USA, August 27{u2013}31, 1995 Proceedings by
Don Coppersmith(
)
1 edition published in 1995 in English and held by 10 WorldCat member libraries worldwide
1 edition published in 1995 in English and held by 10 WorldCat member libraries worldwide
Finding a small root of a univariate modular equation by
Don Coppersmith(
Book
)
3 editions published in 1995 in English and held by 8 WorldCat member libraries worldwide
Abstract: "We show how to solve a polynomial equation (mod N) of degree k in a single variable x, as long as there is a solution less than about N[superscript 1/k]. We give an application to an RSA encryption protocol: if messages are padded with truly random padding and then encrypted with an exponent 3, then two encryptions of the same message (with different padding) will reveal the message, as long as the padding is less than 1/9 of the length of N. With several encryptions, another technique can (heuristically) tolerate padding up to about 1/6 of the length of N."
3 editions published in 1995 in English and held by 8 WorldCat member libraries worldwide
Abstract: "We show how to solve a polynomial equation (mod N) of degree k in a single variable x, as long as there is a solution less than about N[superscript 1/k]. We give an application to an RSA encryption protocol: if messages are padded with truly random padding and then encrypted with an exponent 3, then two encryptions of the same message (with different padding) will reveal the message, as long as the padding is less than 1/9 of the length of N. With several encryptions, another technique can (heuristically) tolerate padding up to about 1/6 of the length of N."
An analysis of TWOPRIME by
Don Coppersmith(
Book
)
3 editions published in 1997 in English and held by 7 WorldCat member libraries worldwide
Abstract: "Ding et al [1] propose a stream generator based on several layers. We present two attacks. The first, based on non surjectivity [sic] of a linear combination step, allow us to recover half the key with minimal effort. For the second, we show that the various bytes are insufficiently mixed by these layers, enabling an attack similar to those on twoloop Vigenere ciphers. This attack requires the stream to produce 2³⁵ blocks (2³⁸ bytes), or 19 hours worth of output, of which we examine about one million blocks (2²³ bytes). The computational requirements are reasonable. We recover the key with high probability. We also propose attacks against two variants."
3 editions published in 1997 in English and held by 7 WorldCat member libraries worldwide
Abstract: "Ding et al [1] propose a stream generator based on several layers. We present two attacks. The first, based on non surjectivity [sic] of a linear combination step, allow us to recover half the key with minimal effort. For the second, we show that the various bytes are insufficiently mixed by these layers, enabling an attack similar to those on twoloop Vigenere ciphers. This attack requires the stream to produce 2³⁵ blocks (2³⁸ bytes), or 19 hours worth of output, of which we examine about one million blocks (2²³ bytes). The computational requirements are reasonable. We recover the key with high probability. We also propose attacks against two variants."
New attacks on the MacDES MAC algorithm by
Don Coppersmith(
Book
)
3 editions published in 1999 in English and held by 7 WorldCat member libraries worldwide
Abstract: "Two new attacks are given on a CBCMAC algorithm due to Knudsen and Preneel, [2], which is in the final stages of being standardized as MAC Algorithm 4 in ISO/IEC FDIS 97971. The attacks are significantly more efficient than previously known attacks, which means that the inclusion of this scheme in the standard will need to be reconsidered."
3 editions published in 1999 in English and held by 7 WorldCat member libraries worldwide
Abstract: "Two new attacks are given on a CBCMAC algorithm due to Knudsen and Preneel, [2], which is in the final stages of being standardized as MAC Algorithm 4 in ISO/IEC FDIS 97971. The attacks are significantly more efficient than previously known attacks, which means that the inclusion of this scheme in the standard will need to be reconsidered."
Attacking noncommutative NTRU by
Don Coppersmith(
Book
)
3 editions published in 1997 in English and held by 7 WorldCat member libraries worldwide
Abstract: "We describe an attack on a noncommutative version of the NTRU publickey cryptosystem, recently described in a manuscript by Hoffstein and Silverman."
3 editions published in 1997 in English and held by 7 WorldCat member libraries worldwide
Abstract: "We describe an attack on a noncommutative version of the NTRU publickey cryptosystem, recently described in a manuscript by Hoffstein and Silverman."
On polynomial approximation and the parallel complexity of the discrete logarithm and breaking the DiffieHellman cryptosystem by
Don Coppersmith(
Book
)
3 editions published in 1997 in English and held by 7 WorldCat member libraries worldwide
3 editions published in 1997 in English and held by 7 WorldCat member libraries worldwide
Ratios of zerofree balanced ternary integers by
Don Coppersmith(
Book
)
3 editions published in 1998 in English and held by 7 WorldCat member libraries worldwide
Abstract: "The integer k = 247 is not the ratio of two integers whose balanced ternary representations contain no nonleading zeroes."
3 editions published in 1998 in English and held by 7 WorldCat member libraries worldwide
Abstract: "The integer k = 247 is not the ratio of two integers whose balanced ternary representations contain no nonleading zeroes."
Triple DES cipher block chaining with output feedback masking by
Don Coppersmith(
Book
)
3 editions published in 1996 in English and held by 7 WorldCat member libraries worldwide
Abstract: "We propose a new mode of multiple encryption, namely 'Triple DES cipher block chaining with output feedback masking.' The aim is to provide strong protection against certain attacks ('dictionary attacks' and 'matching ciphertext attacks') which exploit the DES blocksize of 64 bits. The new mode obtains this protection through the introduction of secret masking values that are ExclusiveORed with the intermediate outputs of each tripleDES encryption operation. The secret mask value is derived from a fourth encryption operation per message block, in addition to the three used in previous modes. The new mode is part of a suite of encryption modes proposed in the ANSI X9.F.1 TripleDES draft standard (X9.52)."
3 editions published in 1996 in English and held by 7 WorldCat member libraries worldwide
Abstract: "We propose a new mode of multiple encryption, namely 'Triple DES cipher block chaining with output feedback masking.' The aim is to provide strong protection against certain attacks ('dictionary attacks' and 'matching ciphertext attacks') which exploit the DES blocksize of 64 bits. The new mode obtains this protection through the introduction of secret masking values that are ExclusiveORed with the intermediate outputs of each tripleDES encryption operation. The secret mask value is derived from a fourth encryption operation per message block, in addition to the three used in previous modes. The new mode is part of a suite of encryption modes proposed in the ANSI X9.F.1 TripleDES draft standard (X9.52)."
Constructive bounds and exact expectations for the random assignment problem by
Don Coppersmith(
Book
)
3 editions published in 1998 in English and held by 7 WorldCat member libraries worldwide
Abstract: "The random assignment problem is to choose a minimumcost perfect matching in a complete n x n bipartite graph, whose edge weights are chosen randomly from some distribution such as the exponential distribution with mean 1. In this case it is known that the expectation does not grow unboundedly with n, but approaches some limiting value c* between 1.51 and 2. The limit is conjectured to be [pi]²/6, while a recent conjecture has it that for finite n, the expected cost is [formula]. This paper contains two principal results. First, by defining and analyzing a constructive algorithm, we show that the limiting expectation is c* <1.94. Second, we extend the finiten conjecture to partial assignments on complete m x n bipartite graphs, and prove it in some limited cases."
3 editions published in 1998 in English and held by 7 WorldCat member libraries worldwide
Abstract: "The random assignment problem is to choose a minimumcost perfect matching in a complete n x n bipartite graph, whose edge weights are chosen randomly from some distribution such as the exponential distribution with mean 1. In this case it is known that the expectation does not grow unboundedly with n, but approaches some limiting value c* between 1.51 and 2. The limit is conjectured to be [pi]²/6, while a recent conjecture has it that for finite n, the expected cost is [formula]. This paper contains two principal results. First, by defining and analyzing a constructive algorithm, we show that the limiting expectation is c* <1.94. Second, we extend the finiten conjecture to partial assignments on complete m x n bipartite graphs, and prove it in some limited cases."
Weaknesses in quaternion signatures by
Don Coppersmith(
Book
)
3 editions published in 1998 in English and held by 7 WorldCat member libraries worldwide
3 editions published in 1998 in English and held by 7 WorldCat member libraries worldwide
Optimal partitioning of nominal attributes in decision trees by
Don Coppersmith(
Book
)
3 editions published in 1998 in English and held by 6 WorldCat member libraries worldwide
Abstract: "To find the optimal branching of a nominal attribute at a node in an Lary decision tree, one is often forced to search over all possible Lary partitions for the one that yields the minimum impurity measure. For binary trees (L=2) when there are just two classes a shortcut search is possible that is linear in n, the number of distinct values of the attribute. For the general case in which the number of classes, k, may be greater than two, Burshtein et al. have shown that the optimal partition satisfies a condition that involves the existence of (L₂) hyperplanes in the class probability space. We derive a property of the optimal partition for the Gini and entropy impurity measures in terms of the existence of L vectors in the dual of the class probability space, which implies the earlier condition. Unfortunately, these insights still do not offer a practical search method when n and k are large, even for binary trees. We therefore present a new heuristic search algorithm to find a nearly optimal partition. It is based on ordering the attribute's values according to their principal component scores in the class probability space, and is linear in n. We demonstrate the effectiveness of the new method through Monte Carlo simulation experiments and compare its performance against other heuristic methods."
3 editions published in 1998 in English and held by 6 WorldCat member libraries worldwide
Abstract: "To find the optimal branching of a nominal attribute at a node in an Lary decision tree, one is often forced to search over all possible Lary partitions for the one that yields the minimum impurity measure. For binary trees (L=2) when there are just two classes a shortcut search is possible that is linear in n, the number of distinct values of the attribute. For the general case in which the number of classes, k, may be greater than two, Burshtein et al. have shown that the optimal partition satisfies a condition that involves the existence of (L₂) hyperplanes in the class probability space. We derive a property of the optimal partition for the Gini and entropy impurity measures in terms of the existence of L vectors in the dual of the class probability space, which implies the earlier condition. Unfortunately, these insights still do not offer a practical search method when n and k are large, even for binary trees. We therefore present a new heuristic search algorithm to find a nearly optimal partition. It is based on ordering the attribute's values according to their principal component scores in the class probability space, and is linear in n. We demonstrate the effectiveness of the new method through Monte Carlo simulation experiments and compare its performance against other heuristic methods."
Rectangular matrix multiplication revisited by
Don Coppersmith(
Book
)
3 editions published in 1996 in English and held by 6 WorldCat member libraries worldwide
Abstract: "We give a constant [alpha]> 0.294 and, for any [epsilon]> 0, an algorithm for multiplying an N x N matrix by an N x N [superscript alpha] matrix with complexity O(N [superscript 2 + epsilon])."
3 editions published in 1996 in English and held by 6 WorldCat member libraries worldwide
Abstract: "We give a constant [alpha]> 0.294 and, for any [epsilon]> 0, an algorithm for multiplying an N x N matrix by an N x N [superscript alpha] matrix with complexity O(N [superscript 2 + epsilon])."
Rationale for bit fixing in the MDC2 algorithm by
Don Coppersmith(
Book
)
3 editions published in 1999 in English and held by 6 WorldCat member libraries worldwide
Abstract: "The MDC2 algorithm is a hash function for computing a hash value on input data whose length L is a multiple of 64 bits and where L [> or =] 128. With the MDC2 algorithm, outputs computed in each step of the algorithm are used, after being modified slightly, as key values in the next step of the algorithm. More particularly, the modification consists of fixing certain bits in these values before they are used as keys. This technical report provides the rationale for the bitfixing operation used within the MDC2 algorithm."
3 editions published in 1999 in English and held by 6 WorldCat member libraries worldwide
Abstract: "The MDC2 algorithm is a hash function for computing a hash value on input data whose length L is a multiple of 64 bits and where L [> or =] 128. With the MDC2 algorithm, outputs computed in each step of the algorithm are used, after being modified slightly, as key values in the next step of the algorithm. More particularly, the modification consists of fixing certain bits in these values before they are used as keys. This technical report provides the rationale for the bitfixing operation used within the MDC2 algorithm."
Lower bounds on the depth of monotone arithmetic computations by
Don Coppersmith(
Book
)
3 editions published in 1998 in English and held by 6 WorldCat member libraries worldwide
Abstract: "Consider an arithmetic expression of length n involving only the operations [+, x] and nonnegative constants. We prove lower bounds on the depth of any binary computation tree over the same sets of operations and constants that computes such an expression. We exhibit a family of arithmetic expressions that requires computation trees of depth at least 1.5 log₂nO(1); thus proving a conjecture of Kosaraju [Proc 18th STOC, 231239]. In contrast, Kosaraju showed how to compute such expressions with computation trees of depth 2log₂n+O(1)."
3 editions published in 1998 in English and held by 6 WorldCat member libraries worldwide
Abstract: "Consider an arithmetic expression of length n involving only the operations [+, x] and nonnegative constants. We prove lower bounds on the depth of any binary computation tree over the same sets of operations and constants that computes such an expression. We exhibit a family of arithmetic expressions that requires computation trees of depth at least 1.5 log₂nO(1); thus proving a conjecture of Kosaraju [Proc 18th STOC, 231239]. In contrast, Kosaraju showed how to compute such expressions with computation trees of depth 2log₂n+O(1)."
Finding a small root of a bivariate integer equation : factoring with high bits known by
Don Coppersmith(
Book
)
2 editions published in 1995 in English and held by 6 WorldCat member libraries worldwide
Abstract: "We present a method to solve integer polynomial equations in two variables, provided that the solution is suitably bounded. As an application, we show how to find the factors of N = PQ if we are given the high order (1/4+[epsilon])(log N) bits of P. This compares with Rivest and Shamir's factor 1/3."
2 editions published in 1995 in English and held by 6 WorldCat member libraries worldwide
Abstract: "We present a method to solve integer polynomial equations in two variables, provided that the solution is suitably bounded. As an application, we show how to find the factors of N = PQ if we are given the high order (1/4+[epsilon])(log N) bits of P. This compares with Rivest and Shamir's factor 1/3."
more
fewer
Audience Level
0 

1  
General  Special 
Related Identities
 International Association for Cryptologic Research
 IEEE Computer Society Technical Committee on Security and Privacy
 Lee, Jon
 Sorkin, Gregory B.
 Matyas, Stephen M.
 Thomas J. Watson IBM Research Center Research Division
 Schieber, Baruch
 Johnson, Don B.
 Shparlinski, Igor E.
 Hosking, J. R. M. (Jonathan Richard Morley) 1955
Useful Links
Associated Subjects
Approximation theory Binary control systems Coding theory Combinatorial analysis Combinatorial optimization Computational complexity Computer arithmetic ComputersAccess control Computer science Computer security Computer software Cryptography Data encryption (Computer science) Data mining Decision trees Factorization (Mathematics) Generators (Computer programs) Graph theory Hashing (Computer science) Integer programming Linear programming Matrices Number theory Operating systems (Computers) Operations research Polynomials Polytopes Quaternions Signatures (Writing)Data processing Splitting extrapolation method
Covers
Alternative Names
Don Coppersmith Amerikaans wiskundige
Don Coppersmith crittografo e matematico statunitense
Don Coppersmith cryptographe et mathématicien
Don Coppersmith Cryptographer and mathematician
Don Coppersmith USamerikanischer Mathematiker und Kryptologe
Дон Копперсміт
Копперсмит, Дон
דון קופרשמידט
دون كوپيرسميث
ドン・コッパースミス
唐·库帕史密斯
唐·科普斯密思
Languages