Book Corrections

Last updated: October 5th, 2004

correction list

The following corrections were made on September 12, 2003

• Page 100, line 8: y = \ell n + 1 should be y-1y = \ell n + 1; also the right-hand side of the equation in line 10 should be y-1an.

• Page 142, Example 5.2.2: Delete "so is the set of odd numbers plus 0."

• Page 144, near the end of Example 5.5:

"Consider that nZ only contains zero modulo n, we can equate" is better replaced by "Considering that addition in Z/nZ works exactly the same way as addition modulo n in Zn does, we can equate (i.e., see no essential difference between) Z/nZ and Zn by denoting"

• Page 167:

D = ... should be D = -(4a3 + 27b2)

• Page 442, third paragraph of Section 13.3.4.1:

"Menezes, Okamoto and Vanstone [197] show that a 1-1 onto and operation preserving mapping (i.e., an isomorphism) is available between an order-a subgroup of E ( Fql ) and the ..." is better replaced by "... [197] show that an onto and operation preserving mapping is available from all pairs of order-a points of E ( Fql ) to the ..."

• Page 282, Ex 8.9, Hint: log2 should be log2 N

The following corrections were identified by Willy Susilo of University of Wollongong, September 23, 2003

• Page 437, Algorithm 13.1, Step 4 of "Setup of System Parameters": h : {0,1}* → Z\phi(N) should be h : {0,1}* → ZN

• Same page, in "Signature Generation":

rh(t||M) should be rh(t||M)

The following corrections were made on December 1, 2003

• Page 255, in equation (8.4.2) and in the texts immediately following the equation:

sub_exp(q) should be sub_exp(|q|) The same correction applies to sub_exp(q) in pages 172 and 281, and to sub_exp(q\ell) in pages 443 and 446. The following corrections were identified by Yuan Chen of Xidian University, Xi'An China, on January 15, 2004

• Page 472, the last paragraph, "message b" should be "message m"

• Page 478, the last line, pr should be ps (short for pseudo-random string)

• Page 518: In formule (15.2.12), (15.2.14) and (15.2.15), "Adv" should be "Adv/2"

• Page 519, the last paragraph, lines 2 and 3, (15.2.20) should be (15.2.19)

• Page 520, paragraph 5, the last line, T(t*) should be I(t*)

• Page 531, in step 3, 15.3.3.5 should be 15.3.3.4

• Page 570, in the two formulae, the both exponents dB should be eB

• Page 580, in Section 17.2.1.1, paragraph 3, "chosen-plaintext" should be "chosen-ciphertext", and "chosen-ciphertext" should be "adaptive chosen-ciphertext"

• Page 597, in the second paragraph above Section 17.3.4, in line 3, "g is a pseudo-random function" should be "g is a random function", and in line 4, "g is truly random" should be "g is pseudo-random"

The following corrections were identified by ZhengTao? Jiang et al. (they, with Ms Yuan Chen above, are the Chinese translators of this book) of Xidian University, Xi'An China, on March 12, 2004

• Page 148, line 13: "is of order m/d" should be "is of order d"

• Page 167, lines 14,15: "Fq" should be "Fp"

• Page 174, Exercise 5.7: delete "finite ring"

• Page 239, backward line 6: "CFB mode" should be "OFB mode"

• Page 398, backward line 15: "Example 12.1" should be "Attack 12.1"

• Page 656, backward line 14: "log2 p" should be "log2 log2 p"

The following correction was identified by Luca Vigano` of ETH Zentrum, Zurich, Switzerland, on May 25th, 2004

• Pages 588-589, in Protocols 17.4, 17.5 and in the text descriptions: all cases of [...]K should be [...]K-1.

The following correction was identified by Kil-Chan Ha of Sejong University, Seoul, Korea, on June 21st, 2004

• Page 150, paragraph 2: ordx(a) should be ordn(a).

• Page 160, line 1: F2[x]f should be F2[x]f.

• Page 171, line -6: EC_exp(P+P,7) should be EC_Multiply(P+P,7).

The following correction was identified in a discussion with Professor Shangping Wang of Xi'an University of Technology, Xi'an, China, on June 29th, 2004

• Page 556, Theorem 16.1: The expressions for t'(k) and Adv'(k) should be more precisely as follows:

t'(k) \approx 2(t(k) + qH t) + OB(qs k3)

Adv'(k) \approx Adv(k)/√qH (i.e., Adv'(k) \approx Adv(k)/\sqrt(qH) in case your web browser does not show the squre root symbol)

Similar changes should also be made to t' and Adv' in nearby pages 554-557.

The following correction was identified by Yunlei Zhao of HP Labs., Bristol, on July 14th, 2004

• Page 622, Theorem 18.1: IP = BPP No this is absolutely wrong! It should be the following: BPP is contained in IP This is because, in IP, an algorithm can be viewed as a verifier using a prover as an oracle subroutine and hence is more powerful in solving problems which is not known to be efficiently solvable without oracle access.

On 5th October 2004, Xiaofeng Chen and Fangguo Zhang of Sun Yat-Sen University, Guangzhou China, pointed out an incorrectness in Algorithm 4.8. Although gcd(N, \phi(N)) = 1 is indeed a sufficient witness for N being square free, when gcd(N, \phi(N)) > 1, \phi(N) does not witness whether or not N is square free.

Return to Wenbo Mao's home page