{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,9]],"date-time":"2026-04-09T22:33:50Z","timestamp":1775774030336,"version":"3.50.1"},"publisher-location":"Cham","reference-count":20,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030255091","type":"print"},{"value":"9783030255107","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-25510-7_17","type":"book-chapter","created":{"date-parts":[[2019,7,13]],"date-time":"2019-07-13T11:02:33Z","timestamp":1563015753000},"page":"307-325","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":38,"title":["On Lions and Elligators: An Efficient Constant-Time Implementation of CSIDH"],"prefix":"10.1007","author":[{"given":"Michael","family":"Meyer","sequence":"first","affiliation":[]},{"given":"Fabio","family":"Campos","sequence":"additional","affiliation":[]},{"given":"Steffen","family":"Reith","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,7,14]]},"reference":[{"issue":"2","key":"17_CR1","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1007\/s13389-012-0027-1","volume":"2","author":"DJ Bernstein","year":"2012","unstructured":"Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.Y.: High-speed high-security signatures. J. Cryptogr. Eng. 2(2), 77\u201389 (2012)","journal-title":"J. Cryptogr. Eng."},{"key":"17_CR2","doi-asserted-by":"crossref","unstructured":"Bernstein, D.J., Hamburg, M., Krasnova, A., Lange, T.: Elligator: elliptic-curve points indistinguishable from uniform random strings. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 967\u2013980. ACM (2013)","DOI":"10.1145\/2508859.2516734"},{"key":"17_CR3","unstructured":"Bernstein, D.J., Lange, T., Martindale, C., Panny, L.: Quantum circuits for the CSIDH: optimizing quantum evaluation of isogenies. Cryptology ePrint Archive, Report 2018\/1059 (2018). https:\/\/eprint.iacr.org\/2018\/1059"},{"key":"17_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"153","DOI":"10.1007\/978-3-030-05378-9_9","volume-title":"Progress in Cryptology \u2013 INDOCRYPT 2018","author":"J-F Biasse","year":"2018","unstructured":"Biasse, J.-F., Iezzi, A., Jacobson, M.J.: A note on the security of CSIDH. In: Chakraborty, D., Iwata, T. (eds.) INDOCRYPT 2018. LNCS, vol. 11356, pp. 153\u2013168. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-05378-9_9"},{"key":"17_CR5","unstructured":"Bonnetain, X., Schrottenloher, A.: Quantum security analysis of CSIDH and ordinary isogeny-based schemes. Cryptology ePrint Archive, Report 2018\/537 (2018). https:\/\/eprint.iacr.org\/2018\/537"},{"key":"17_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"395","DOI":"10.1007\/978-3-030-03332-3_15","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2018","author":"W Castryck","year":"2018","unstructured":"Castryck, W., Lange, T., Martindale, C., Panny, L., Renes, J.: CSIDH: an efficient post-quantum commutative group action. In: Peyrin, T., Galbraith, S. (eds.) ASIACRYPT 2018. LNCS, vol. 11274, pp. 395\u2013427. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-03332-3_15"},{"issue":"1","key":"17_CR7","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1515\/jmc-2012-0016","volume":"8","author":"A Childs","year":"2014","unstructured":"Childs, A., Jao, D., Soukharev, V.: Constructing elliptic curve isogenies in quantum subexponential time. J. Math. Cryptol. 8(1), 1\u201329 (2014)","journal-title":"J. Math. Cryptol."},{"key":"17_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"303","DOI":"10.1007\/978-3-319-70697-9_11","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2017","author":"C Costello","year":"2017","unstructured":"Costello, C., Hisil, H.: A simple and compact algorithm for SIDH with arbitrary degree isogenies. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10625, pp. 303\u2013329. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70697-9_11"},{"key":"17_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"572","DOI":"10.1007\/978-3-662-53018-4_21","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"C Costello","year":"2016","unstructured":"Costello, C., Longa, P., Naehrig, M.: Efficient algorithms for supersingular isogeny Diffie-Hellman. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 572\u2013601. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53018-4_21"},{"key":"17_CR10","unstructured":"Couveignes, J.M.: Hard homogeneous spaces. Cryptology ePrint Archive, Report 2006\/291 (2006). https:\/\/eprint.iacr.org\/2006\/291"},{"key":"17_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"365","DOI":"10.1007\/978-3-030-03332-3_14","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2018","author":"L De Feo","year":"2018","unstructured":"De Feo, L., Kieffer, J., Smith, B.: Towards practical key exchange from ordinary isogeny graphs. In: Peyrin, T., Galbraith, S. (eds.) ASIACRYPT 2018. LNCS, vol. 11274, pp. 365\u2013394. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-03332-3_14"},{"key":"17_CR12","doi-asserted-by":"crossref","unstructured":"Jao, D., et al.: Supersingular isogeny key encapsulation. Round 1 submission, NIST Post-Quantum Cryptography Standardization (2017)","DOI":"10.1007\/978-3-642-27739-9_1572-1"},{"issue":"3","key":"17_CR13","doi-asserted-by":"crossref","first-page":"209","DOI":"10.1515\/jmc-2012-0015","volume":"8","author":"D Jao","year":"2014","unstructured":"Jao, D., De Feo, L., Pl\u00fbt, J.: Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. J. Math. Cryptol. 8(3), 209\u2013247 (2014)","journal-title":"J. Math. Cryptol."},{"key":"17_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"137","DOI":"10.1007\/978-3-030-05378-9_8","volume-title":"Progress in Cryptology \u2013 INDOCRYPT 2018","author":"M Meyer","year":"2018","unstructured":"Meyer, M., Reith, S.: A faster way to the CSIDH. In: Chakraborty, D., Iwata, T. (eds.) INDOCRYPT 2018. LNCS, vol. 11356, pp. 137\u2013152. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-05378-9_8"},{"issue":"177","key":"17_CR15","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1090\/S0025-5718-1987-0866113-7","volume":"48","author":"PL Montgomery","year":"1987","unstructured":"Montgomery, P.L.: Speeding the Pollard and elliptic curve methods of factorization. Math. Comput. 48(177), 243\u2013264 (1987)","journal-title":"Math. Comput."},{"issue":"300","key":"17_CR16","doi-asserted-by":"publisher","first-page":"1929","DOI":"10.1090\/mcom\/3036","volume":"85","author":"D Moody","year":"2016","unstructured":"Moody, D., Shumow, D.: Analogues of V\u00e9lu\u2019s formulas for isogenies on alternate models of elliptic curves. Math. Comput. 85(300), 1929\u20131951 (2016)","journal-title":"Math. Comput."},{"key":"17_CR17","unstructured":"National Institute of Standards and Technology (NIST): Submission requirements and evaluation criteria for the post-quantum cryptography standardization process (2016)"},{"key":"17_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"229","DOI":"10.1007\/978-3-319-79063-3_11","volume-title":"Post-Quantum Cryptography","author":"J Renes","year":"2018","unstructured":"Renes, J.: Computing isogenies between montgomery curves using the action of (0, 0). In: Lange, T., Steinwandt, R. (eds.) PQCrypto 2018. LNCS, vol. 10786, pp. 229\u2013247. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-79063-3_11"},{"key":"17_CR19","unstructured":"Rostovtsev, A., Stolbunov, A.: Public-key cryptosystem based on isogenies. Cryptology ePrint Archive, Report 2006\/145 (2006). http:\/\/eprint.iacr.org\/2006\/145"},{"key":"17_CR20","first-page":"238","volume":"271","author":"J V\u00e9lu","year":"1971","unstructured":"V\u00e9lu, J.: Isog\u00e9nies entre courbes elliptiques. C.R. Acad. Sci. Paris S\u00e9rie A 271, 238\u2013241 (1971)","journal-title":"C.R. Acad. Sci. Paris S\u00e9rie A"}],"container-title":["Lecture Notes in Computer Science","Post-Quantum Cryptography"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-25510-7_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,9,18]],"date-time":"2023-09-18T07:20:52Z","timestamp":1695021652000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-25510-7_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030255091","9783030255107"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-25510-7_17","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"14 July 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"PQCrypto","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Post-Quantum Cryptography","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Chongquin","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 May 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 May 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"pqcrypto0","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"66","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"22","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"33% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3-5","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3-5","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}