## 1 Prehistory of Cryptography

**p. 8, Solution 1.** In question 4, diagrams (a) and (c)

*do* represent a surjective function.

## 2 Conventional Cryptography

**p. 37, Solution 5.** In question 1(a), one should read

and

for the
worst-case and the average case repspectively.

**p. 38, Solution 6.** In the second question, the
probability that a given
plaintext

is mapped on a given
ciphertext

through the
uniformly distributed random permutation

should be
expanded as follows:

**p. 41, Solution 7.**
The errata for this exercise is long and only available in the
postscript and pdf errata files (see on the top of this page).

## 3 Dedicated Conventional Primitives

**p. 71, Solution 4.** In the third question, one should
read “Clearly, they all produce [...]” instead of “Clearly, the all
produce [...]”.

**p. 73, Solution 4.** In the eighth question, one
should read “with a probability

*e*^{−λ}” instead of “with a
probability

*e*^{λ}”.

## 4 Conventional Security Analysis

**p. 86, Exercise 7.** The second of the three boolean
functions is not used in

It is actually part of

which also uses a fourth function.

**p. 109, Solution 8.** On Figure 4.9, ω

^{−1} is
wrong: the inputs should be swapped before the xor.

## 5 Security Protocols with Conventional Cryptography

Nothing yet.

## 6 Algorithmic Algebra

**p. 147, Solution 5.** In solution 3, one should read
“the kernel is trivial, i.e., is equal to {1}”.

## 7 Algorithmic Number Theory

**p. 170, Solution 5.** The number of prime numbers
smaller than some integer

*n* is Ω(

*n*/log

*n*)
and not Ω(log

*n*/

*n*) as written in the solution.

## 8 Elements of Complexity Theory

Nothing yet.

## 9 Public Key Cryptography

Nothing yet.

## 10 Digital Signatures

Nothing yet.

## 11 Cryptographic Protocols

Nothing yet.

## 12 From Cryptography to Communication Security

**p. 246, Solution 5.** In the answer of the second question one
should read

*P*' =

*M*' ∥

*Q*' instead of

*P*' =

*M*' ∥

*Q*.

## References

**p. 250, Reference [17].** There is a typo in the name of the
first author. The correct name is P. Flajolet.