{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,7]],"date-time":"2026-03-07T10:20:18Z","timestamp":1772878818335,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":25,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540424567","type":"print"},{"value":"9783540446477","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2001]]},"DOI":"10.1007\/3-540-44647-8_12","type":"book-chapter","created":{"date-parts":[[2007,11,13]],"date-time":"2007-11-13T14:28:14Z","timestamp":1194964094000},"page":"201-212","source":"Crossref","is-referenced-by-count":36,"title":["On the Unpredictability of Bits of the Elliptic Curve Diffie-Hellman Scheme"],"prefix":"10.1007","author":[{"given":"Dan","family":"Boneh","sequence":"first","affiliation":[]},{"given":"Igor E.","family":"Shparlinski","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2001,8,2]]},"reference":[{"key":"12_CR1","doi-asserted-by":"crossref","first-page":"194","DOI":"10.1137\/0217013","volume":"17","author":"W. Alexi","year":"1988","unstructured":"W. Alexi, B. Chor, O. Goldreich, and C. Schnorr. \u2018RSA and Rabin functions: Certain parts are as hard as the whole\u2019, SIAM J. Computing, 17(1988), 194\u2013209, Nov. 1988.","journal-title":"SIAM J. Computing"},{"key":"12_CR2","doi-asserted-by":"crossref","unstructured":"I. Blake, G. Seroussi, and N. Smart, Elliptic Curves in Cryptography, London Mathematical Society, Lecture Notes Series, 265, Cambridge University Press, 1999.","DOI":"10.1017\/CBO9781107360211"},{"key":"12_CR3","series-title":"Lect. Notes in Comp. Sci.","doi-asserted-by":"publisher","first-page":"48","DOI":"10.1007\/BFb0054851","volume-title":"In Proc. 3rd Algorithmic Number Theory Symposium","author":"D. Boneh","year":"1998","unstructured":"D. Boneh, \u2018The decision Diffie-Hellman problem\u2019, In Proc. 3rd Algorithmic Number Theory Symposium, Lect. Notes in Comp. Sci., Springer-Verlag, Berlin, 1423 (1998), 48\u201363."},{"key":"12_CR4","doi-asserted-by":"crossref","unstructured":"D. Boneh, S. Halevi and N. A. Howgrave-Graham, \u2018The modular inversion hidden number problem\u2019, Preprint, 2001.","DOI":"10.1007\/3-540-45682-1_3"},{"key":"12_CR5","series-title":"Lect. Notes in Comp. Sci.","doi-asserted-by":"crossref","first-page":"129","DOI":"10.1007\/3-540-68697-5_11","volume-title":"In Proc. Crypto\u2019 96","author":"D. Boneh","year":"1996","unstructured":"D. Boneh and R. Venkatesan, \u2018Hardness of computing the most significant bits of secret keys in Diffie-Hellman and related schemes\u2019, In Proc. Crypto\u2019 96, Lect. Notes in Comp. Sci., Springer-Verlag, Berlin, 1109 (1996), 129\u2013142. Recent version available at http:\/\/crypto.stanford.edu\/dabo\/ ."},{"key":"12_CR6","doi-asserted-by":"crossref","unstructured":"E. El Mahassni, P. Q. Nguyen and I. E. Shparlinski, \u2018The insecurity of Nyberg-Rueppel and other DSA-like signature schemes with partially known nonces\u2019, Proc. Workshop on Lattices and Cryptography, Boston, MA, 2001 (to appear).","DOI":"10.1007\/3-540-44670-2_9"},{"key":"12_CR7","doi-asserted-by":"publisher","first-page":"221","DOI":"10.1007\/s001459910008","volume":"13","author":"R. Fischlin","year":"2000","unstructured":"R. Fischlin, C. Schnorr, \u2018Stronger security proofs for RSA and Rabin bits\u2019, J. Cryptology, 13 (2000), 221\u2013244.","journal-title":"J. Cryptology"},{"key":"12_CR8","doi-asserted-by":"crossref","unstructured":"O. Goldreich, L. Levin, \u2018A hard core predicate for any one way function\u2019, In Proc. 21st ACM Symp. on Theory of Comput., 1989, 25\u201332.","DOI":"10.1145\/73007.73010"},{"key":"12_CR9","doi-asserted-by":"crossref","unstructured":"M. I. Gonz\u00e1lez Vasco and M. N\u00e4slund, \u2018A survey of hard core functions\u2019, In Proc. Workshop on Cryptography and Computational Number Theory, Singapore 1999, Birkh\u00e4user, 2001, 227\u2013256.","DOI":"10.1007\/978-3-0348-8295-8_18"},{"key":"12_CR10","doi-asserted-by":"crossref","unstructured":"M. I. Gonz\u00e1lez Vasco and I. E. Shparlinski, \u2018On the security of Diffie-Hellman bits\u2019, Proc. Workshop on Cryptography and Computational Number Theory, Singapore 1999, Birkh\u00e4user, 2001, 257\u2013268.","DOI":"10.1007\/978-3-0348-8295-8_19"},{"key":"12_CR11","doi-asserted-by":"crossref","unstructured":"M. I. Gonz\u00e1lez Vasco and I. E. Shparlinski, \u2018Security of the most significant bits of the Shamir message passing scheme\u2019, Math. Comp. (to appear).","DOI":"10.1090\/S0025-5718-01-01358-8"},{"key":"12_CR12","series-title":"Lect. Notes in Comp. Sci.","doi-asserted-by":"crossref","first-page":"114","DOI":"10.1007\/3-540-68697-5_10","volume-title":"In Proc. Crypto\u2019 96","author":"M. Naslund","year":"1996","unstructured":"M. Naslund, \u2018All bits in ax + b mod p are hard\u2019, In Proc. Crypto\u2019 96, Lect. Notes in Comp. Sci., Springer-Verlag, Berlin, 1109 (1996), 114\u2013128."},{"key":"12_CR13","unstructured":"N. A. Howgrave-Graham and N. P. Smart, \u2018Lattice attacks on digital signature schemes\u2019, Designs, Codes and Cryptography (to appear)."},{"key":"12_CR14","unstructured":"N. A. Howgrave-Graham, P. Q. Nguyen and I. E. Shparlinski, \u2018Hidden number problem with hidden multipliers, timed-release crypto and noisy exponentiation\u2019, Preprint, 2000, 1\u201326."},{"key":"12_CR15","doi-asserted-by":"crossref","DOI":"10.1201\/9781439821916","volume-title":"Handbook of applied cryptography","author":"A. J. Menezes","year":"1996","unstructured":"A. J. Menezes, P. C. van Oorrschot and S. A. Vanstone, Handbook of applied cryptography, CRC Press, Boca Raton, FL, 1996."},{"key":"12_CR16","doi-asserted-by":"crossref","unstructured":"P. Q. Nguyen, \u2018The dark side of the hidden number problem: Lattice attacks on DSA\u2019, Proc. Workshop on Cryptography and Computational Number Theory, Singapore 1999, Birkh\u00e4user, 2001, 321\u2013330.","DOI":"10.1007\/978-3-0348-8295-8_23"},{"key":"12_CR17","unstructured":"P. Q. Nguyen and I. E. Shparlinski, \u2018The insecurity of the Digital Signature Algorithm with partially known nonces\u2019, Preprint, 2000, 1\u201326."},{"key":"12_CR18","unstructured":"P. Q. Nguyen and I. E. Shparlinski, \u2018The insecurity of the elliptic curve Digital Signature Algorithm with partially known nonces\u2019, Preprint, 2000, 1\u201324."},{"key":"12_CR19","series-title":"Lect. Notes in Comp. Sci.","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1007\/10722028_4","volume-title":"In Proc. 4th Algorithmic Number Theory Symposium","author":"P. Q. Nguyen","year":"2000","unstructured":"P. Q. Nguyen and J. Stern, \u2018Lattice reduction in cryptology: An update\u2019, In Proc. 4th Algorithmic Number Theory Symposium, Lect. Notes in Comp. Sci., Springer-Verlag, Berlin, 1838 (2000), 85\u2013112."},{"key":"12_CR20","doi-asserted-by":"crossref","DOI":"10.1137\/1.9781611970081","volume-title":"Random number generation and quasi-Monte Carlo methods","author":"H. Niederreiter","year":"1992","unstructured":"H. Niederreiter, Random number generation and quasi-Monte Carlo methods, SIAM, Philadelphia, 1992."},{"key":"12_CR21","series-title":"Lect. Notes in Comp. Sci.","doi-asserted-by":"crossref","first-page":"256","DOI":"10.1007\/3-540-69053-0_18","volume-title":"In Proc. Eurocrypt\u2019 97","author":"V. Shoup","year":"1997","unstructured":"V. Shoup, \u2018Lower bounds for discrete logarithms and related problems\u2019, In Proc. Eurocrypt\u2019 97, Lect. Notes in Comp. Sci., Springer-Verlag, Berlin, 1233 (1997), 256\u2013266."},{"key":"12_CR22","doi-asserted-by":"crossref","unstructured":"I. E. Shparlinski, \u2018Sparse polynomial approximation in finite fields\u2019, Proc. 33rd ACM Symp. on Theory of Comput., Crete, Greece, July 6\u20138, 2001 (to appear).","DOI":"10.1145\/380752.380803"},{"key":"12_CR23","unstructured":"I. E. Shparlinski, \u2018On the generalized hidden number problem and bit security of XTR\u2019, In Proc. the 14th Symp. on Appl. Algebra, Algebraic Algorithms, and Error-Correcting Codes, Lect. Notes in Comp. Sci., Springer-Verlag, Berlin (to appear)."},{"key":"12_CR24","volume-title":"The arithmetic of elliptic curves","author":"J. H. Silverman","year":"1995","unstructured":"J. H. Silverman, The arithmetic of elliptic curves, Springer-Verlag, Berlin, 1995."},{"key":"12_CR25","volume-title":"Cryptography: Theory and practice","author":"D. R. Stinson","year":"1995","unstructured":"D. R. Stinson, Cryptography: Theory and practice, CRC Press, Boca Raton, FL, 1995."}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2014 CRYPTO 2001"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/3-540-44647-8_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,4]],"date-time":"2019-05-04T06:22:25Z","timestamp":1556950945000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/3-540-44647-8_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2001]]},"ISBN":["9783540424567","9783540446477"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/3-540-44647-8_12","relation":{},"ISSN":["0302-9743"],"issn-type":[{"value":"0302-9743","type":"print"}],"subject":[],"published":{"date-parts":[[2001]]}}}