1. M. Bellare, U. Feige, J. Kilian, M. Naor and P. Rogaway, “The security of cipher block chaining,” manuscript (1993).

2. M. Bellare and P. Rogaway, “Random oracles are practical: a paradigm for designing efficient protocols,” Proceedings of 1st ACM Conference on Computer and Communications Security, November 1993.

3. R. Bird, I. Gopal, A. Herzberg, P. Janson, S. Kutten, R. Molva and M. Yung, “Systematic design of two-party authentication protocols,” Advances in Cryptology — Proceedings of CRYPTO 91, Springer-Verlag, 1991.

4. M. Blum and S. Micali, “How to generate cryptographically strong sequences of pseudo-random bits,” SIAM Journal on Computing 13(4), 850–864 (November 1984).

5. M. Burrows, M. Abadi and R. Needham, “A logic for authentication,” DEC Systems Research Center Technical Report 39, February 1990. Earlier versions in Proceedings of the Second Conference on Theoretical Aspects of Reasoning about Knowledge, 1988, and Proceedings of the Twelfth ACM Symposium on Operating Systems Principles, 1989.